Apache
/
hbase
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HBASE-9706 Improve detection of secure ZooKeeper 

git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1531178 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Zhihong Yu 2013-10-11 03:13:15 +00:00
parent 190313a6ac
commit 8c47f89932
2 changed files with 31 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
hbase-client/src/main/java/org/apache/hadoop/hbase/zookeeper/ZKUtil.java
View File

@ -937,11 +937,17 @@ public class ZKUtil {
* <code>kerberos</code>. * <code>kerberos</code>.
*/ */
public static boolean isSecureZooKeeper(Configuration conf) { public static boolean isSecureZooKeeper(Configuration conf) {
// hbase shell need to use: // Detection for embedded HBase client with jaas configuration
// -Djava.security.auth.login.config=user-jaas.conf // defined for third party programs.
// since each user has a different jaas.conf try {
if (System.getProperty("java.security.auth.login.config") != null) javax.security.auth.login.Configuration testConfig = javax.security.auth.login.Configuration.getConfiguration();
return true; if(testConfig.getAppConfigurationEntry("Client") == null) {
return false;
}
} catch(Exception e) {
// No Jaas configuration defined.
return false;
}
// Master & RSs uses hbase.zookeeper.client.* // Master & RSs uses hbase.zookeeper.client.*
return("kerberos".equalsIgnoreCase(conf.get("hbase.security.authentication")) && return("kerberos".equalsIgnoreCase(conf.get("hbase.security.authentication")) &&

20
hbase-server/src/test/java/org/apache/hadoop/hbase/zookeeper/TestZooKeeperACL.java
View File

@ -264,5 +264,25 @@ public class TestZooKeeperACL {
assertEquals(acls.get(0).getPerms(), ZooDefs.Perms.ALL); assertEquals(acls.get(0).getPerms(), ZooDefs.Perms.ALL);
} }
/**
* Check if ZooKeeper JaasConfiguration is valid.
*/
@Test
public void testIsZooKeeperSecure() throws Exception {
boolean testJaasConfig = ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()));
assertEquals(testJaasConfig, secureZKAvailable);
// Define Jaas configuration without ZooKeeper Jaas config
File saslConfFile = File.createTempFile("tmp", "fakeJaas.conf");
FileWriter fwriter = new FileWriter(saslConfFile);
fwriter.write("");
fwriter.close();
System.setProperty("java.security.auth.login.config",
saslConfFile.getAbsolutePath());
testJaasConfig = ZKUtil.isSecureZooKeeper(new Configuration(TEST_UTIL.getConfiguration()));
assertEquals(testJaasConfig, false);
saslConfFile.delete();
}
} }