HBASE-10220. Put all test service principals into the superusers list

git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1552947 13f79535-47bb-0310-9956-ffa450edef68
2013-12-21 21:29:40 +00:00 · 2013-12-21 21:29:40 +00:00 · eebdd8061f
parent a2c4d73395
commit eebdd8061f
2 changed files with 14 additions and 4 deletions
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
@ -47,13 +47,24 @@ public class SecureTestUtil {
    conf.set("hbase.coprocessor.master.classes", AccessController.class.getName());
    conf.set("hbase.coprocessor.region.classes", AccessController.class.getName()+
        ","+SecureBulkLoadEndpoint.class.getName());
-    // add the process running user to superusers
+    // The secure minicluster creates separate service principals based on the
+    // current user's name, one for each slave. We need to add all of these to
+    // the superuser list or security won't function properly. We expect the
+    // HBase service account(s) to have superuser privilege.
    String currentUser = User.getCurrent().getName();
-    conf.set("hbase.superuser", "admin,"+currentUser);
+    StringBuffer sb = new StringBuffer();
+    sb.append("admin,");
+    sb.append(currentUser);
+    // Assumes we won't ever have a minicluster with more than 5 slaves
+    for (int i = 0; i < 5; i++) {
+      sb.append(',');
+      sb.append(currentUser); sb.append(".hfs."); sb.append(i);
+    }
+    conf.set("hbase.superuser", sb.toString());
    // Need HFile V3 for tags for security features
    conf.setInt("hfile.format.version", 3);
  }
-  
+
  public void verifyAllowed(User user, PrivilegedExceptionAction... actions) throws Exception {
    for (PrivilegedExceptionAction action : actions) {
      try {
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java
@ -76,7 +76,6 @@ public class TestVisibilityLabelsWithACL {
  public static void setupBeforeClass() throws Exception {
    // setup configuration
    conf = TEST_UTIL.getConfiguration();
-    conf.setInt("hfile.format.version", 3);
    SecureTestUtil.enableSecurity(conf);
    conf.set("hbase.coprocessor.master.classes", AccessController.class.getName() + ","
        + VisibilityController.class.getName());