HBASE-10220. Put all test service principals into the superusers list

git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1552947 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andrew Kyle Purtell 2013-12-21 21:29:40 +00:00
parent a2c4d73395
commit eebdd8061f
2 changed files with 14 additions and 4 deletions

View File

@ -47,13 +47,24 @@ public class SecureTestUtil {
conf.set("hbase.coprocessor.master.classes", AccessController.class.getName());
conf.set("hbase.coprocessor.region.classes", AccessController.class.getName()+
","+SecureBulkLoadEndpoint.class.getName());
// add the process running user to superusers
// The secure minicluster creates separate service principals based on the
// current user's name, one for each slave. We need to add all of these to
// the superuser list or security won't function properly. We expect the
// HBase service account(s) to have superuser privilege.
String currentUser = User.getCurrent().getName();
conf.set("hbase.superuser", "admin,"+currentUser);
StringBuffer sb = new StringBuffer();
sb.append("admin,");
sb.append(currentUser);
// Assumes we won't ever have a minicluster with more than 5 slaves
for (int i = 0; i < 5; i++) {
sb.append(',');
sb.append(currentUser); sb.append(".hfs."); sb.append(i);
}
conf.set("hbase.superuser", sb.toString());
// Need HFile V3 for tags for security features
conf.setInt("hfile.format.version", 3);
}
public void verifyAllowed(User user, PrivilegedExceptionAction... actions) throws Exception {
for (PrivilegedExceptionAction action : actions) {
try {

View File

@ -76,7 +76,6 @@ public class TestVisibilityLabelsWithACL {
public static void setupBeforeClass() throws Exception {
// setup configuration
conf = TEST_UTIL.getConfiguration();
conf.setInt("hfile.format.version", 3);
SecureTestUtil.enableSecurity(conf);
conf.set("hbase.coprocessor.master.classes", AccessController.class.getName() + ","
+ VisibilityController.class.getName());