HDFS-9888. Allow reseting KerberosName in unit tests. Contributed by Xiao Chen.
This commit is contained in:
parent
cbd31328a6
commit
3e8099a45a
|
@ -25,6 +25,7 @@ import java.util.Locale;
|
||||||
import java.util.regex.Matcher;
|
import java.util.regex.Matcher;
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
|
import com.google.common.annotations.VisibleForTesting;
|
||||||
import org.apache.hadoop.classification.InterfaceAudience;
|
import org.apache.hadoop.classification.InterfaceAudience;
|
||||||
import org.apache.hadoop.classification.InterfaceStability;
|
import org.apache.hadoop.classification.InterfaceStability;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
|
@ -90,6 +91,16 @@ public class KerberosName {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@VisibleForTesting
|
||||||
|
public static void resetDefaultRealm() {
|
||||||
|
try {
|
||||||
|
defaultRealm = KerberosUtil.getDefaultRealm();
|
||||||
|
} catch (Exception ke) {
|
||||||
|
LOG.debug("resetting default realm failed, "
|
||||||
|
+ "current default realm will still be used.", ke);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create a name from the full Kerberos principal name.
|
* Create a name from the full Kerberos principal name.
|
||||||
* @param name full Kerberos principal name.
|
* @param name full Kerberos principal name.
|
||||||
|
|
|
@ -108,6 +108,7 @@ import org.apache.hadoop.hdfs.server.datanode.fsdataset.impl.LazyPersistTestCase
|
||||||
import org.apache.hadoop.http.HttpConfig;
|
import org.apache.hadoop.http.HttpConfig;
|
||||||
import org.apache.hadoop.io.IOUtils;
|
import org.apache.hadoop.io.IOUtils;
|
||||||
import org.apache.hadoop.minikdc.MiniKdc;
|
import org.apache.hadoop.minikdc.MiniKdc;
|
||||||
|
import org.apache.hadoop.security.authentication.util.KerberosName;
|
||||||
import org.apache.hadoop.security.SecurityUtil;
|
import org.apache.hadoop.security.SecurityUtil;
|
||||||
import org.apache.hadoop.security.UserGroupInformation;
|
import org.apache.hadoop.security.UserGroupInformation;
|
||||||
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
|
import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
|
||||||
|
@ -222,6 +223,7 @@ public class TestBalancer {
|
||||||
SecurityUtil.setAuthenticationMethod(
|
SecurityUtil.setAuthenticationMethod(
|
||||||
UserGroupInformation.AuthenticationMethod.KERBEROS, conf);
|
UserGroupInformation.AuthenticationMethod.KERBEROS, conf);
|
||||||
UserGroupInformation.setConfiguration(conf);
|
UserGroupInformation.setConfiguration(conf);
|
||||||
|
KerberosName.resetDefaultRealm();
|
||||||
assertTrue("Expected configuration to enable security",
|
assertTrue("Expected configuration to enable security",
|
||||||
UserGroupInformation.isSecurityEnabled());
|
UserGroupInformation.isSecurityEnabled());
|
||||||
|
|
||||||
|
@ -1939,10 +1941,10 @@ public class TestBalancer {
|
||||||
@Test(timeout = 300000)
|
@Test(timeout = 300000)
|
||||||
public void testBalancerWithKeytabs() throws Exception {
|
public void testBalancerWithKeytabs() throws Exception {
|
||||||
final Configuration conf = new HdfsConfiguration();
|
final Configuration conf = new HdfsConfiguration();
|
||||||
|
try {
|
||||||
initSecureConf(conf);
|
initSecureConf(conf);
|
||||||
final UserGroupInformation ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(
|
final UserGroupInformation ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(
|
||||||
principal, keytabFile.getAbsolutePath());
|
principal, keytabFile.getAbsolutePath());
|
||||||
try {
|
|
||||||
ugi.doAs(new PrivilegedExceptionAction<Void>() {
|
ugi.doAs(new PrivilegedExceptionAction<Void>() {
|
||||||
@Override
|
@Override
|
||||||
public Void run() throws Exception {
|
public Void run() throws Exception {
|
||||||
|
|
Loading…
Reference in New Issue