diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/TestUsersOperationsWithSecureHadoop.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/TestUsersOperationsWithSecureHadoop.java
index a66c1249bb4..008955602fe 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/TestUsersOperationsWithSecureHadoop.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/TestUsersOperationsWithSecureHadoop.java
@@ -22,46 +22,78 @@ import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getConfigurati
import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getKeytabFileForTesting;
import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getPrincipalForTesting;
import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.getSecuredConfiguration;
-import static org.apache.hadoop.hbase.security.HBaseKerberosUtils.isKerberosPropertySetted;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
-import static org.junit.Assume.assumeTrue;
+import java.io.File;
import java.io.IOException;
+import java.net.InetAddress;
+import java.util.Properties;
import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hbase.HBaseTestingUtility;
import org.apache.hadoop.hbase.testclassification.SecurityTests;
import org.apache.hadoop.hbase.testclassification.SmallTests;
+import org.apache.hadoop.minikdc.MiniKdc;
import org.apache.hadoop.security.UserGroupInformation;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;
-@Category({SecurityTests.class, SmallTests.class})
+@Category({ SecurityTests.class, SmallTests.class })
public class TestUsersOperationsWithSecureHadoop {
+
+ private static final HBaseTestingUtility TEST_UTIL = new HBaseTestingUtility();
+ private static final File KEYTAB_FILE = new File(TEST_UTIL.getDataTestDir("keytab").toUri()
+ .getPath());
+
+ private static MiniKdc KDC;
+
+ private static String HOST;
+
+ private static String PRINCIPAL;
+
+ @BeforeClass
+ public static void setUp() throws Exception {
+ Properties conf = MiniKdc.createConf();
+ conf.put(MiniKdc.DEBUG, true);
+ KDC = new MiniKdc(conf, new File(TEST_UTIL.getDataTestDir("kdc").toUri().getPath()));
+ KDC.start();
+ HOST = InetAddress.getLocalHost().getHostName();
+ PRINCIPAL = "hbase/" + HOST;
+ KDC.createPrincipal(KEYTAB_FILE, PRINCIPAL);
+ HBaseKerberosUtils.setKeytabFileForTesting(KEYTAB_FILE.getAbsolutePath());
+ HBaseKerberosUtils.setPrincipalForTesting(PRINCIPAL + "@" + KDC.getRealm());
+ }
+
+ @AfterClass
+ public static void tearDown() throws IOException {
+ if (KDC != null) {
+ KDC.stop();
+ }
+ TEST_UTIL.cleanupTestDir();
+ }
+
/**
- * test login with security enabled configuration
- *
- * To run this test, we must specify the following system properties:
+ * test login with security enabled configuration To run this test, we must specify the following
+ * system properties:
*
* hbase.regionserver.kerberos.principal
*
* hbase.regionserver.keytab.file
- *
* @throws IOException
*/
@Test
public void testUserLoginInSecureHadoop() throws Exception {
UserGroupInformation defaultLogin = UserGroupInformation.getLoginUser();
Configuration conf = getConfigurationWoPrincipal();
- User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE,
- HBaseKerberosUtils.KRB_PRINCIPAL, "localhost");
+ User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE, HBaseKerberosUtils.KRB_PRINCIPAL,
+ "localhost");
UserGroupInformation failLogin = UserGroupInformation.getLoginUser();
- assertTrue("ugi should be the same in case fail login",
- defaultLogin.equals(failLogin));
-
- assumeTrue(isKerberosPropertySetted());
+ assertTrue("ugi should be the same in case fail login", defaultLogin.equals(failLogin));
String nnKeyTab = getKeytabFileForTesting();
String dnPrincipal = getPrincipalForTesting();
@@ -72,10 +104,10 @@ public class TestUsersOperationsWithSecureHadoop {
conf = getSecuredConfiguration();
UserGroupInformation.setConfiguration(conf);
- User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE,
- HBaseKerberosUtils.KRB_PRINCIPAL, "localhost");
+ User.login(conf, HBaseKerberosUtils.KRB_KEYTAB_FILE, HBaseKerberosUtils.KRB_PRINCIPAL,
+ "localhost");
UserGroupInformation successLogin = UserGroupInformation.getLoginUser();
assertFalse("ugi should be different in in case success login",
- defaultLogin.equals(successLogin));
+ defaultLogin.equals(successLogin));
}
}