List of usage examples for org.apache.hadoop.minikdc MiniKdc createConf
public static Properties createConf()
From source file:blazingcache.client.JAASKerberosTest.java
License:Apache License
/** * * /** * Create a Kdc configuration */ public void createMiniKdcConf() { conf = MiniKdc.createConf(); }
From source file:co.cask.cdap.security.impersonation.UGIProviderTest.java
License:Apache License
@BeforeClass public static void init() throws Exception { cConf = CConfiguration.create();//w w w . j a va2 s.c o m cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath()); // Start KDC miniKdc = new MiniKdc(MiniKdc.createConf(), TEMP_FOLDER.newFolder()); miniKdc.start(); System.setProperty("java.security.krb5.conf", miniKdc.getKrb5conf().getAbsolutePath()); // Generate keytab keytabFile = TEMP_FOLDER.newFile(); miniKdc.createPrincipal(keytabFile, "hdfs", "alice", "bob"); // Start mini DFS cluster Configuration hConf = new Configuration(); hConf.set(MiniDFSCluster.HDFS_MINIDFS_BASEDIR, TEMP_FOLDER.newFolder().getAbsolutePath()); hConf.setBoolean("ipc.client.fallback-to-simple-auth-allowed", true); miniDFSCluster = new MiniDFSCluster.Builder(hConf).numDataNodes(1).build(); miniDFSCluster.waitClusterUp(); locationFactory = new FileContextLocationFactory(miniDFSCluster.getFileSystem().getConf()); hConf = new Configuration(); hConf.set("hadoop.security.authentication", "kerberos"); UserGroupInformation.setConfiguration(hConf); }
From source file:com.cloudera.llama.am.TestSecureLlamaAMThriftServer.java
License:Apache License
@Before public void startKdc() throws Exception { miniKdc = new MiniKdc(MiniKdc.createConf(), new File(TestAbstractMain.createTestDir())); miniKdc.start();//from ww w.j a va2 s .c om }
From source file:com.streamsets.datacollector.security.TestSecurityContext.java
License:Apache License
@BeforeClass public static void startKdc() throws Exception { testDir = new File("target", UUID.randomUUID().toString()).getAbsoluteFile(); Assert.assertTrue(testDir.mkdirs()); File kdcDir = new File(testDir, "kdc"); Assert.assertTrue(kdcDir.mkdirs());/*from w w w . jav a2 s . co m*/ keytabFile = new File(testDir, "test.keytab"); miniKdc = new MiniKdc(MiniKdc.createConf(), testDir); miniKdc.start(); miniKdc.createPrincipal(keytabFile, "foo", "bar/localhost"); }
From source file:com.streamsets.pipeline.kafka.impl.TestSaslEnabledKafka.java
License:Apache License
@BeforeClass public static void beforeClass() throws Exception { testDir = new File("target", UUID.randomUUID().toString()).getAbsoluteFile(); Assert.assertTrue(testDir.mkdirs()); File kdcDir = new File(testDir, KDC); Assert.assertTrue(kdcDir.mkdirs());/* www .j a v a 2 s . co m*/ keytabFile = new File(testDir, TEST_KEYTAB); miniKdc = new MiniKdc(MiniKdc.createConf(), kdcDir); miniKdc.start(); miniKdc.createPrincipal(keytabFile, KAFKA_BROKER_PRINCIPAL, KAFKA_CLIENT_PRINCIPAL); jaasConfigFile = new File(testDir, KAFKA_JAAS_CONF); jaasConfigFile.createNewFile(); jaasConfigFile.setReadable(true); String jaasConf = JAAS_CONF.replaceAll("keyTabFile", keytabFile.getAbsolutePath()); FileOutputStream outputStream = new FileOutputStream(jaasConfigFile); IOUtils.write(jaasConf, outputStream); outputStream.close(); plainTextPort = TestUtil.getFreePort(); securePort = TestUtil.getFreePort(); // reload configuration when getConfiguration is called next Configuration.setConfiguration(null); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, jaasConfigFile.getAbsolutePath()); TestSecureKafkaBase.beforeClass(); }
From source file:herddb.server.JAASKerberosTest.java
License:Apache License
@Before public void startMiniKdc() throws Exception { conf = MiniKdc.createConf(); kdc = new MiniKdc(conf, kdcDir.getRoot()); kdc.start();/* w w w.jav a 2 s . com*/ String localhostName = "localhost.localdomain"; String principalServerNoRealm = "herddb/" + localhostName; String principalServer = "herddb/" + localhostName + "@" + kdc.getRealm(); String principalClientNoRealm = "herddbclient/" + localhostName; String principalClient = principalClientNoRealm + "@" + kdc.getRealm(); System.out.println("adding principal: " + principalServerNoRealm); System.out.println("adding principal: " + principalClientNoRealm); File keytabClient = new File(workDir.getRoot(), "herddbclient.keytab"); kdc.createPrincipal(keytabClient, principalClientNoRealm); File keytabServer = new File(workDir.getRoot(), "herddbserver.keytab"); kdc.createPrincipal(keytabServer, principalServerNoRealm); File jaas_file = new File(workDir.getRoot(), "jaas.conf"); try (FileWriter writer = new FileWriter(jaas_file)) { writer.write("\n" + "HerdDBServer {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabServer.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalServer + "\";\n" + "};\n" + "\n" + "\n" + "\n" + "HerdDBClient {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabClient.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalClient + "\";\n" + "};\n"); } File krb5file = new File(workDir.getRoot(), "krb5.conf"); try (FileWriter writer = new FileWriter(krb5file)) { writer.write("[libdefaults]\n" + " default_realm = " + kdc.getRealm() + "\n" + "\n" + "\n" + "[realms]\n" + " " + kdc.getRealm() + " = {\n" + " kdc = " + kdc.getHost() + ":" + kdc.getPort() + "\n" + " }"); } System.setProperty("java.security.auth.login.config", jaas_file.getAbsolutePath()); System.setProperty("java.security.krb5.conf", krb5file.getAbsolutePath()); }
From source file:herddb.server.security.JAASKerberosTest.java
License:Apache License
@Before public void startMiniKdc() throws Exception { conf = MiniKdc.createConf(); kdc = new MiniKdc(conf, kdcDir.getRoot()); kdc.start();//from w w w. j a va 2 s .c o m String localhostName = "localhost"; String principalServerNoRealm = "herddb/" + localhostName; String principalServer = "herddb/" + localhostName + "@" + kdc.getRealm(); String principalClientNoRealm = "herddbclient/" + localhostName; String principalClient = principalClientNoRealm + "@" + kdc.getRealm(); System.out.println("adding principal: " + principalServerNoRealm); System.out.println("adding principal: " + principalClientNoRealm); File keytabClient = new File(workDir.getRoot(), "herddbclient.keytab"); kdc.createPrincipal(keytabClient, principalClientNoRealm); File keytabServer = new File(workDir.getRoot(), "herddbserver.keytab"); kdc.createPrincipal(keytabServer, principalServerNoRealm); File jaas_file = new File(workDir.getRoot(), "jaas.conf"); try (FileWriter writer = new FileWriter(jaas_file)) { writer.write("\n" + "HerdDBServer {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabServer.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalServer + "\";\n" + "};\n" + "\n" + "\n" + "\n" + "HerdDBClient {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabClient.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalClient + "\";\n" + "};\n"); } File krb5file = new File(workDir.getRoot(), "krb5.conf"); try (FileWriter writer = new FileWriter(krb5file)) { writer.write("[libdefaults]\n" + " default_realm = " + kdc.getRealm() + "\n" // disable UDP as Kerby will listen only on TCP by default + " udp_preference_limit=1\n" + "\n" + "[realms]\n" + " " + kdc.getRealm() + " = {\n" + " kdc = " + kdc.getHost() + ":" + kdc.getPort() + "\n" + " }"); } System.setProperty("java.security.auth.login.config", jaas_file.getAbsolutePath()); System.setProperty("java.security.krb5.conf", krb5file.getAbsolutePath()); }
From source file:io.confluent.connect.hdfs.TestWithSecureMiniDFSCluster.java
License:Apache License
@BeforeClass public static void initKdc() throws Exception { baseDir = new File(System.getProperty("test.build.dir", "target/test-dir")); FileUtil.fullyDelete(baseDir);/*from w w w.j a va2s .c om*/ assertTrue(baseDir.mkdirs()); Properties kdcConf = MiniKdc.createConf(); kdc = new MiniKdc(kdcConf, baseDir); kdc.start(); File keytabFile = new File(baseDir, "hdfs" + ".keytab"); keytab = keytabFile.getAbsolutePath(); kdc.createPrincipal(keytabFile, "hdfs" + "/localhost", "HTTP/localhost"); hdfsPrincipal = "hdfs" + "/localhost@" + kdc.getRealm(); spnegoPrincipal = "HTTP/localhost@" + kdc.getRealm(); keytabFile = new File(baseDir, "connect-hdfs" + ".keytab"); connectorKeytab = keytabFile.getAbsolutePath(); kdc.createPrincipal(keytabFile, "connect-hdfs/localhost"); connectorPrincipal = "connect-hdfs/localhost@" + kdc.getRealm(); }
From source file:org.apache.accumulo.harness.TestingKdc.java
License:Apache License
public TestingKdc(File kdcDir, File keytabDir, long maxTicketLifetime) throws Exception { requireNonNull(kdcDir, "KDC directory was null"); requireNonNull(keytabDir, "Keytab directory was null"); checkArgument(maxTicketLifetime > 0, "Ticket lifetime must be positive"); this.keytabDir = keytabDir; this.hostname = InetAddress.getLocalHost().getCanonicalHostName(); log.debug("Starting MiniKdc in {} with keytabs in {}", kdcDir, keytabDir); Properties kdcConf = MiniKdc.createConf(); kdcConf.setProperty(MiniKdc.ORG_NAME, ORG_NAME); kdcConf.setProperty(MiniKdc.ORG_DOMAIN, ORG_DOMAIN); kdcConf.setProperty(MiniKdc.MAX_TICKET_LIFETIME, Long.toString(maxTicketLifetime)); // kdcConf.setProperty(MiniKdc.DEBUG, "true"); kdc = new MiniKdc(kdcConf, kdcDir); }
From source file:org.apache.activemq.artemis.tests.integration.amqp.JMSSaslGssapiTest.java
License:Apache License
@Before public void setUpKerberos() throws Exception { kdc = new MiniKdc(MiniKdc.createConf(), temporaryFolder.newFolder("kdc")); kdc.start();//from ww w . ja v a 2s. com // hard coded match, default_keytab_name in minikdc-krb5.conf template File userKeyTab = new File("target/test.krb5.keytab"); kdc.createPrincipal(userKeyTab, "client", "amqp/localhost"); if (debug) { for (java.util.logging.Logger logger : new java.util.logging.Logger[] { java.util.logging.Logger.getLogger("javax.security.sasl"), java.util.logging.Logger.getLogger("org.apache.qpid.proton") }) { logger.setLevel(java.util.logging.Level.FINEST); logger.addHandler(new java.util.logging.ConsoleHandler()); for (java.util.logging.Handler handler : logger.getHandlers()) { handler.setLevel(java.util.logging.Level.FINEST); } } } }