1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.hadoop.hbase.security;
20
21 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getConfigurationWoPrincipal;
22 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getKeytabFileForTesting;
23 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getPrincipalForTesting;
24 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getSecuredConfiguration;
25 import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.isKerberosPropertySetted;
26 import static org.junit.Assert.assertFalse;
27 import static org.junit.Assert.assertNotNull;
28 import static org.junit.Assert.assertTrue;
29 import static org.junit.Assume.assumeTrue;
30
31 import java.io.IOException;
32
33 import org.apache.hadoop.conf.Configuration;
34 import org.apache.hadoop.hbase.SmallTests;
35 import org.apache.hadoop.security.UserGroupInformation;
36 import org.junit.Test;
37 import org.junit.experimental.categories.Category;
38
39 @Category(SmallTests.class)
40 public class TestUsersOperationsWithSecureHadoop {
41
42
43
44
45
46
47
48
49
50
51
52 @Test
53 public void testUserLoginInSecureHadoop() throws Exception {
54 UserGroupInformation defaultLogin = UserGroupInformation.getLoginUser();
55 Configuration conf = getConfigurationWoPrincipal();
56 User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE,
57 HBaseKerberosUtils.KRB_PRINCIPAL, "localhost");
58
59 UserGroupInformation failLogin = UserGroupInformation.getLoginUser();
60 assertTrue("ugi should be the same in case fail login",
61 defaultLogin.equals(failLogin));
62
63 assumeTrue(isKerberosPropertySetted());
64
65 String nnKeyTab = getKeytabFileForTesting();
66 String dnPrincipal = getPrincipalForTesting();
67
68 assertNotNull("KerberosKeytab was not specified", nnKeyTab);
69 assertNotNull("KerberosPrincipal was not specified", dnPrincipal);
70
71 conf = getSecuredConfiguration();
72 UserGroupInformation.setConfiguration(conf);
73
74 User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE,
75 HBaseKerberosUtils.KRB_PRINCIPAL, "localhost");
76 UserGroupInformation successLogin = UserGroupInformation.getLoginUser();
77 assertFalse("ugi should be different in in case success login",
78 defaultLogin.equals(successLogin));
79 }
80 }