001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.apache.hadoop.hbase.tool; 019 020import org.apache.hadoop.hbase.HConstants; 021import org.apache.hadoop.hbase.codec.KeyValueCodecWithTags; 022import org.apache.hadoop.hbase.security.HadoopSecurityEnabledUserProviderForTesting; 023import org.apache.hadoop.hbase.security.UserProvider; 024import org.apache.hadoop.hbase.security.access.PermissionStorage; 025import org.apache.hadoop.hbase.security.access.SecureTestUtil; 026import org.apache.hadoop.hbase.testclassification.LargeTests; 027import org.apache.hadoop.hbase.testclassification.MiscTests; 028import org.junit.jupiter.api.BeforeAll; 029import org.junit.jupiter.api.Tag; 030 031/** 032 * Reruns TestBulkLoadHFiles using BulkLoadHFiles in secure mode. This suite is unable to verify the 033 * security handoff/turnover as miniCluster is running as system user thus has root privileges and 034 * delegation tokens don't seem to work on miniDFS. 035 * <p/> 036 * Thus SecureBulkload can only be completely verified by running integration tests against a secure 037 * cluster. This suite is still invaluable as it verifies the other mechanisms that need to be 038 * supported as part of a LoadIncrementalFiles call. 039 */ 040@Tag(MiscTests.TAG) 041@Tag(LargeTests.TAG) 042public class TestSecureBulkLoadHFiles extends BulkLoadHFilesTestBase { 043 044 @BeforeAll 045 public static void setUpBeforeClass() throws Exception { 046 // set the always on security provider 047 UserProvider.setUserProviderForTesting(util.getConfiguration(), 048 HadoopSecurityEnabledUserProviderForTesting.class); 049 // setup configuration 050 SecureTestUtil.enableSecurity(util.getConfiguration()); 051 util.getConfiguration().setInt(BulkLoadHFiles.MAX_FILES_PER_REGION_PER_FAMILY, 052 MAX_FILES_PER_REGION_PER_FAMILY); 053 // change default behavior so that tag values are returned with normal rpcs 054 util.getConfiguration().set(HConstants.RPC_CODEC_CONF_KEY, 055 KeyValueCodecWithTags.class.getCanonicalName()); 056 057 util.startMiniCluster(); 058 059 // Wait for the ACL table to become available 060 util.waitTableEnabled(PermissionStorage.ACL_TABLE_NAME); 061 062 setupNamespace(); 063 } 064}