HADOOP-11686. MiniKDC cannot change ORG_NAME or ORG_DOMAIN. Contributed by Duo Zhang.

This commit is contained in:
Haohui Mai 2015-03-09 11:07:40 -07:00
parent 28f4e6b222
commit bbaa1344a1
3 changed files with 45 additions and 7 deletions

View File

@ -644,6 +644,9 @@ Release 2.7.0 - UNRELEASED
HADOOP-11602. Fix toUpperCase/toLowerCase to use Locale.ENGLISH. (ozawa) HADOOP-11602. Fix toUpperCase/toLowerCase to use Locale.ENGLISH. (ozawa)
HADOOP-11686. MiniKDC cannot change ORG_NAME or ORG_DOMAIN.
(Duo Zhang via wheat9)
Release 2.6.1 - UNRELEASED Release 2.6.1 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES

View File

@ -36,6 +36,7 @@ import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmIndex; import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmIndex;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition; import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
import org.apache.directory.server.core.partition.ldif.LdifPartition; import org.apache.directory.server.core.partition.ldif.LdifPartition;
import org.apache.directory.server.kerberos.KerberosConfig;
import org.apache.directory.server.kerberos.kdc.KdcServer; import org.apache.directory.server.kerberos.kdc.KdcServer;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory; import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
import org.apache.directory.server.kerberos.shared.keytab.Keytab; import org.apache.directory.server.kerberos.shared.keytab.Keytab;
@ -418,7 +419,15 @@ public class MiniKdc {
IOUtils.closeQuietly(is1); IOUtils.closeQuietly(is1);
} }
kdc = new KdcServer(); KerberosConfig kerberosConfig = new KerberosConfig();
kerberosConfig.setMaximumRenewableLifetime(Long.parseLong(conf
.getProperty(MAX_RENEWABLE_LIFETIME)));
kerberosConfig.setMaximumTicketLifetime(Long.parseLong(conf
.getProperty(MAX_TICKET_LIFETIME)));
kerberosConfig.setSearchBaseDn(String.format("dc=%s,dc=%s", orgName,
orgDomain));
kerberosConfig.setPaEncTimestampRequired(false);
kdc = new KdcServer(kerberosConfig);
kdc.setDirectoryService(ds); kdc.setDirectoryService(ds);
// transport // transport
@ -431,12 +440,6 @@ public class MiniKdc {
throw new IllegalArgumentException("Invalid transport: " + transport); throw new IllegalArgumentException("Invalid transport: " + transport);
} }
kdc.setServiceName(conf.getProperty(INSTANCE)); kdc.setServiceName(conf.getProperty(INSTANCE));
kdc.getConfig().setMaximumRenewableLifetime(
Long.parseLong(conf.getProperty(MAX_RENEWABLE_LIFETIME)));
kdc.getConfig().setMaximumTicketLifetime(
Long.parseLong(conf.getProperty(MAX_TICKET_LIFETIME)));
kdc.getConfig().setPaEncTimestampRequired(false);
kdc.start(); kdc.start();
StringBuilder sb = new StringBuilder(); StringBuilder sb = new StringBuilder();

View File

@ -0,0 +1,32 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.minikdc;
import java.util.Properties;
public class TestChangeOrgNameAndDomain extends TestMiniKdc {
@Override
public void createMiniKdcConf() {
super.createMiniKdcConf();
Properties properties = getConf();
properties.setProperty(MiniKdc.ORG_NAME, "APACHE");
properties.setProperty(MiniKdc.ORG_DOMAIN, "COM");
}
}