mirror of https://github.com/apache/lucene.git
SOLR-7974: Delete the ignored TestSolrCloudWithKerberos test
git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1697804 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
c018ffffea
commit
a4f4c3bd7a
|
@ -1,197 +0,0 @@
|
|||
package org.apache.solr.cloud;
|
||||
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
import javax.security.auth.login.Configuration;
|
||||
|
||||
import java.io.File;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Locale;
|
||||
|
||||
import org.apache.commons.io.Charsets;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.hadoop.minikdc.MiniKdc;
|
||||
import org.apache.lucene.util.LuceneTestCase;
|
||||
import org.apache.solr.SolrTestCaseJ4;
|
||||
import org.apache.solr.client.solrj.SolrQuery;
|
||||
import org.apache.solr.client.solrj.impl.CloudSolrClient;
|
||||
import org.apache.solr.client.solrj.impl.HttpClientUtil;
|
||||
import org.apache.solr.client.solrj.impl.Krb5HttpClientConfigurer;
|
||||
import org.apache.solr.client.solrj.request.CollectionAdminRequest;
|
||||
import org.apache.solr.client.solrj.response.CollectionAdminResponse;
|
||||
import org.apache.solr.client.solrj.response.QueryResponse;
|
||||
import org.apache.solr.common.cloud.ZkStateReader;
|
||||
import org.apache.zookeeper.CreateMode;
|
||||
import org.junit.Ignore;
|
||||
import org.junit.Test;
|
||||
|
||||
@Ignore
|
||||
@SolrTestCaseJ4.SuppressSSL
|
||||
@LuceneTestCase.Slow
|
||||
public class TestSolrCloudWithKerberos extends AbstractFullDistribZkTestBase {
|
||||
|
||||
static final int TIMEOUT = 10000;
|
||||
private MiniKdc kdc;
|
||||
|
||||
private Locale savedLocale; // in case locale is broken and we need to fill in a working locale
|
||||
|
||||
Configuration originalConfig = Configuration.getConfiguration();
|
||||
|
||||
@Override
|
||||
public void distribSetUp() throws Exception {
|
||||
//SSLTestConfig.setSSLSystemProperties();
|
||||
savedLocale = KerberosTestUtil.overrideLocaleIfNotSpportedByMiniKdc();
|
||||
// Use just one jetty
|
||||
this.sliceCount = 0;
|
||||
this.fixShardCount(1);
|
||||
|
||||
setupMiniKdc();
|
||||
//useExternalKdc();
|
||||
|
||||
super.distribSetUp();
|
||||
try (ZkStateReader zkStateReader = new ZkStateReader(zkServer.getZkAddress(), TIMEOUT, TIMEOUT)) {
|
||||
zkStateReader.getZkClient().create(ZkStateReader.SOLR_SECURITY_CONF_PATH,
|
||||
"{\"authentication\":{\"class\":\"org.apache.solr.security.KerberosPlugin\"}}".getBytes(Charsets.UTF_8),
|
||||
CreateMode.PERSISTENT, true);
|
||||
}
|
||||
}
|
||||
|
||||
private void setupMiniKdc() throws Exception {
|
||||
System.setProperty("solr.jaas.debug", "true");
|
||||
String kdcDir = createTempDir()+File.separator+"minikdc";
|
||||
kdc = KerberosTestUtil.getKdc(new File(kdcDir));
|
||||
File keytabFile = new File(kdcDir, "keytabs");
|
||||
String solrServerPrincipal = "HTTP/127.0.0.1";
|
||||
String solrClientPrincipal = "solr";
|
||||
kdc.start();
|
||||
kdc.createPrincipal(keytabFile, solrServerPrincipal, solrClientPrincipal);
|
||||
|
||||
String jaas = "SolrClient {\n"
|
||||
+ " com.sun.security.auth.module.Krb5LoginModule required\n"
|
||||
+ " useKeyTab=true\n"
|
||||
+ " keyTab=\"" + keytabFile.getAbsolutePath() + "\"\n"
|
||||
+ " storeKey=true\n"
|
||||
+ " useTicketCache=false\n"
|
||||
+ " doNotPrompt=true\n"
|
||||
+ " debug=true\n"
|
||||
+ " principal=\"" + solrClientPrincipal + "\";\n"
|
||||
+ "};";
|
||||
|
||||
Configuration conf = new KerberosTestUtil.JaasConfiguration(solrClientPrincipal, keytabFile, "SolrClient");
|
||||
Configuration.setConfiguration(conf);
|
||||
|
||||
String jaasFilePath = kdcDir+File.separator+"jaas-client.conf";
|
||||
FileUtils.write(new File(jaasFilePath), jaas);
|
||||
System.setProperty("java.security.auth.login.config", jaasFilePath);
|
||||
System.setProperty("solr.kerberos.jaas.appname", "SolrClient"); // Get this app name from the jaas file
|
||||
System.setProperty("solr.kerberos.cookie.domain", "127.0.0.1");
|
||||
System.setProperty("solr.kerberos.principal", solrServerPrincipal);
|
||||
System.setProperty("solr.kerberos.keytab", keytabFile.getAbsolutePath());
|
||||
// Extracts 127.0.0.1 from HTTP/127.0.0.1@EXAMPLE.COM
|
||||
System.setProperty("solr.kerberos.name.rules", "RULE:[1:$1@$0](.*EXAMPLE.COM)s/@.*//"
|
||||
+ "\nRULE:[2:$2@$0](.*EXAMPLE.COM)s/@.*//"
|
||||
+ "\nDEFAULT"
|
||||
);
|
||||
|
||||
// more debugging, if needed
|
||||
/*System.setProperty("sun.security.jgss.debug", "true");
|
||||
System.setProperty("sun.security.krb5.debug", "true");
|
||||
System.setProperty("sun.security.jgss.debug", "true");
|
||||
System.setProperty("java.security.debug", "logincontext,policy,scl,gssloginconfig");*/
|
||||
}
|
||||
|
||||
//This method can be used for debugging i.e. to use an external KDC for the test.
|
||||
public static void useExternalKdc() throws Exception {
|
||||
|
||||
String jaas = "SolrClient {\n"
|
||||
+" com.sun.security.auth.module.Krb5LoginModule required\n"
|
||||
+" useKeyTab=true\n"
|
||||
+" keyTab=\"/opt/keytabs/solr.keytab\"\n"
|
||||
+" storeKey=true\n"
|
||||
+ " doNotPrompt=true\n"
|
||||
+" useTicketCache=false\n"
|
||||
+" debug=true\n"
|
||||
+" principal=\"HTTP/127.0.0.1\";\n"
|
||||
+"};\n";
|
||||
|
||||
String tmpDir = createTempDir().toString();
|
||||
FileUtils.write(new File(tmpDir + File.separator + "jaas.conf"), jaas);
|
||||
|
||||
Configuration conf = new KerberosTestUtil.JaasConfiguration("solr", new File("/opt/keytabs/solr.keytab"), "SolrClient");
|
||||
Configuration.setConfiguration(conf);
|
||||
|
||||
System.setProperty("java.security.auth.login.config", tmpDir + File.separator + "jaas.conf");
|
||||
System.setProperty("solr.kerberos.jaas.appname", "SolrClient");
|
||||
System.setProperty("solr.kerberos.cookie.domain", "127.0.0.1");
|
||||
System.setProperty("solr.kerberos.principal", "HTTP/127.0.0.1@EXAMPLE.COM");
|
||||
System.setProperty("solr.kerberos.keytab", "/opt/keytabs/solr.keytab");
|
||||
System.setProperty("authenticationPlugin", "org.apache.solr.security.KerberosPlugin");
|
||||
// Extracts 127.0.0.1 from HTTP/127.0.0.1@EXAMPLE.COM
|
||||
//System.setProperty("solr.kerberos.name.rules", "RULE:[2:$2@$0](.*EXAMPLE.COM)s/@.*//");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testKerberizedSolr() throws Exception {
|
||||
CloudSolrClient testClient = null;
|
||||
try {
|
||||
HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
|
||||
testClient = createCloudClient("testcollection");
|
||||
|
||||
CollectionAdminRequest.Create create = new CollectionAdminRequest.Create();
|
||||
create.setCollectionName("testcollection");
|
||||
create.setConfigName("conf1");
|
||||
create.setNumShards(1);
|
||||
create.setReplicationFactor(1);
|
||||
create.process(testClient);
|
||||
|
||||
waitForCollection(testClient.getZkStateReader(), "testcollection", 1);
|
||||
CollectionAdminRequest.List list = new CollectionAdminRequest.List();
|
||||
|
||||
CollectionAdminResponse response = list.process(testClient);
|
||||
assertTrue("Expected to see testcollection but it doesn't exist",
|
||||
((ArrayList) response.getResponse().get("collections")).contains("testcollection"));
|
||||
|
||||
testClient.setDefaultCollection("testcollection");
|
||||
indexDoc(testClient, params("commit", "true"), getDoc("id", 1));
|
||||
|
||||
QueryResponse queryResponse = testClient.query(new SolrQuery("*:*"));
|
||||
assertEquals("Expected #docs and actual isn't the same", 1, queryResponse.getResults().size());
|
||||
} finally {
|
||||
if(testClient != null)
|
||||
testClient.close();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void distribTearDown() throws Exception {
|
||||
System.clearProperty("java.security.auth.login.config");
|
||||
System.clearProperty("solr.kerberos.jaas.appname");
|
||||
System.clearProperty("solr.cookie.domain");
|
||||
System.clearProperty("solr.kerberos.principal");
|
||||
System.clearProperty("solr.kerberos.keytab");
|
||||
System.clearProperty("solr.jaas.debug");
|
||||
System.clearProperty("solr.kerberos.name.rules");
|
||||
Configuration.setConfiguration(originalConfig);
|
||||
if (kdc != null) {
|
||||
kdc.stop();
|
||||
}
|
||||
//SSLTestConfig.clearSSLSystemProperties();
|
||||
Locale.setDefault(savedLocale);
|
||||
super.distribTearDown();
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue