List of usage examples for org.apache.hadoop.minikdc MiniKdc MiniKdc
public MiniKdc(Properties conf, File workDir) throws Exception
From source file:blazingcache.client.JAASKerberosTest.java
License:Apache License
@Before public void startMiniKdc() throws Exception { createMiniKdcConf();//from w w w . jav a2s .c om kdc = new MiniKdc(conf, kdcDir.getRoot()); kdc.start(); String localhostName = "localhost.localdomain"; String principalServerNoRealm = "blazingcache/" + localhostName; String principalServer = "blazingcache/" + localhostName + "@" + kdc.getRealm(); String principalClientNoRealm = "blazingcacheclient/" + localhostName; String principalClient = principalClientNoRealm + "@" + kdc.getRealm(); System.out.println("adding principal: " + principalServerNoRealm); System.out.println("adding principal: " + principalClientNoRealm); File keytabClient = new File(kerberosWorkDir.getRoot(), "blazingcacheclient.keytab"); kdc.createPrincipal(keytabClient, principalClientNoRealm); File keytabServer = new File(kerberosWorkDir.getRoot(), "blazingcacheserver.keytab"); kdc.createPrincipal(keytabServer, principalServerNoRealm); File jaas_file = new File(kerberosWorkDir.getRoot(), "jaas.conf"); try (FileWriter writer = new FileWriter(jaas_file)) { writer.write("\n" + "BlazingCacheServer {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabServer.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalServer + "\";\n" + "};\n" + "\n" + "\n" + "\n" + "BlazingCacheClient {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabClient.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalClient + "\";\n" + "};\n"); } File krb5file = new File(kerberosWorkDir.getRoot(), "krb5.conf"); try (FileWriter writer = new FileWriter(krb5file)) { writer.write("[libdefaults]\n" + " default_realm = " + kdc.getRealm() + "\n" + "\n" + "\n" + "[realms]\n" + " " + kdc.getRealm() + " = {\n" + " kdc = " + kdc.getHost() + ":" + kdc.getPort() + "\n" + " }"); } System.setProperty("java.security.auth.login.config", jaas_file.getAbsolutePath()); System.setProperty("java.security.krb5.conf", krb5file.getAbsolutePath()); javax.security.auth.login.Configuration.getConfiguration().refresh(); }
From source file:co.cask.cdap.security.impersonation.UGIProviderTest.java
License:Apache License
@BeforeClass public static void init() throws Exception { cConf = CConfiguration.create();//from w ww . j av a2 s. co m cConf.set(Constants.CFG_LOCAL_DATA_DIR, TEMP_FOLDER.newFolder().getAbsolutePath()); // Start KDC miniKdc = new MiniKdc(MiniKdc.createConf(), TEMP_FOLDER.newFolder()); miniKdc.start(); System.setProperty("java.security.krb5.conf", miniKdc.getKrb5conf().getAbsolutePath()); // Generate keytab keytabFile = TEMP_FOLDER.newFile(); miniKdc.createPrincipal(keytabFile, "hdfs", "alice", "bob"); // Start mini DFS cluster Configuration hConf = new Configuration(); hConf.set(MiniDFSCluster.HDFS_MINIDFS_BASEDIR, TEMP_FOLDER.newFolder().getAbsolutePath()); hConf.setBoolean("ipc.client.fallback-to-simple-auth-allowed", true); miniDFSCluster = new MiniDFSCluster.Builder(hConf).numDataNodes(1).build(); miniDFSCluster.waitClusterUp(); locationFactory = new FileContextLocationFactory(miniDFSCluster.getFileSystem().getConf()); hConf = new Configuration(); hConf.set("hadoop.security.authentication", "kerberos"); UserGroupInformation.setConfiguration(hConf); }
From source file:com.cloudera.llama.am.TestSecureLlamaAMThriftServer.java
License:Apache License
@Before public void startKdc() throws Exception { miniKdc = new MiniKdc(MiniKdc.createConf(), new File(TestAbstractMain.createTestDir())); miniKdc.start();/* w w w . jav a 2 s . c o m*/ }
From source file:com.github.sakserv.minicluster.impl.KdcLocalCluster.java
License:Apache License
@Override public void start() throws Exception { LOG.info("KDC: Starting MiniKdc"); configure();//from w ww .ja va 2 s. co m miniKdc = new MiniKdc(conf, new File(baseDir)); miniKdc.start(); UserGroupInformation ugi = UserGroupInformation.createRemoteUser("guest"); UserGroupInformation.setLoginUser(ugi); String username = UserGroupInformation.getLoginUser().getShortUserName(); List<String> temp = new ArrayList<>(principals); temp.add(username); this.principals = Collections.unmodifiableList(temp); principals.forEach(p -> { try { File keytab = new File(baseDir, p + ".keytab"); LOG.info("KDC: Creating keytab for {} in {}", p, keytab); miniKdc.createPrincipal(keytab, p, getKrbPrincipal(p), getKrbPrincipalWithRealm(p)); } catch (Exception e) { throw Throwables.propagate(e); } }); refreshDefaultRealm(); prepareSecureConfiguration(username); }
From source file:com.streamsets.datacollector.security.TestSecurityContext.java
License:Apache License
@BeforeClass public static void startKdc() throws Exception { testDir = new File("target", UUID.randomUUID().toString()).getAbsoluteFile(); Assert.assertTrue(testDir.mkdirs()); File kdcDir = new File(testDir, "kdc"); Assert.assertTrue(kdcDir.mkdirs());/*ww w . java 2 s .c om*/ keytabFile = new File(testDir, "test.keytab"); miniKdc = new MiniKdc(MiniKdc.createConf(), testDir); miniKdc.start(); miniKdc.createPrincipal(keytabFile, "foo", "bar/localhost"); }
From source file:com.streamsets.pipeline.kafka.impl.TestSaslEnabledKafka.java
License:Apache License
@BeforeClass public static void beforeClass() throws Exception { testDir = new File("target", UUID.randomUUID().toString()).getAbsoluteFile(); Assert.assertTrue(testDir.mkdirs()); File kdcDir = new File(testDir, KDC); Assert.assertTrue(kdcDir.mkdirs());//from w w w . jav a 2s . c om keytabFile = new File(testDir, TEST_KEYTAB); miniKdc = new MiniKdc(MiniKdc.createConf(), kdcDir); miniKdc.start(); miniKdc.createPrincipal(keytabFile, KAFKA_BROKER_PRINCIPAL, KAFKA_CLIENT_PRINCIPAL); jaasConfigFile = new File(testDir, KAFKA_JAAS_CONF); jaasConfigFile.createNewFile(); jaasConfigFile.setReadable(true); String jaasConf = JAAS_CONF.replaceAll("keyTabFile", keytabFile.getAbsolutePath()); FileOutputStream outputStream = new FileOutputStream(jaasConfigFile); IOUtils.write(jaasConf, outputStream); outputStream.close(); plainTextPort = TestUtil.getFreePort(); securePort = TestUtil.getFreePort(); // reload configuration when getConfiguration is called next Configuration.setConfiguration(null); System.setProperty(JAVA_SECURITY_AUTH_LOGIN_CONFIG, jaasConfigFile.getAbsolutePath()); TestSecureKafkaBase.beforeClass(); }
From source file:herddb.server.JAASKerberosTest.java
License:Apache License
@Before public void startMiniKdc() throws Exception { conf = MiniKdc.createConf();/*from ww w . j a v a 2 s . com*/ kdc = new MiniKdc(conf, kdcDir.getRoot()); kdc.start(); String localhostName = "localhost.localdomain"; String principalServerNoRealm = "herddb/" + localhostName; String principalServer = "herddb/" + localhostName + "@" + kdc.getRealm(); String principalClientNoRealm = "herddbclient/" + localhostName; String principalClient = principalClientNoRealm + "@" + kdc.getRealm(); System.out.println("adding principal: " + principalServerNoRealm); System.out.println("adding principal: " + principalClientNoRealm); File keytabClient = new File(workDir.getRoot(), "herddbclient.keytab"); kdc.createPrincipal(keytabClient, principalClientNoRealm); File keytabServer = new File(workDir.getRoot(), "herddbserver.keytab"); kdc.createPrincipal(keytabServer, principalServerNoRealm); File jaas_file = new File(workDir.getRoot(), "jaas.conf"); try (FileWriter writer = new FileWriter(jaas_file)) { writer.write("\n" + "HerdDBServer {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabServer.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalServer + "\";\n" + "};\n" + "\n" + "\n" + "\n" + "HerdDBClient {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabClient.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalClient + "\";\n" + "};\n"); } File krb5file = new File(workDir.getRoot(), "krb5.conf"); try (FileWriter writer = new FileWriter(krb5file)) { writer.write("[libdefaults]\n" + " default_realm = " + kdc.getRealm() + "\n" + "\n" + "\n" + "[realms]\n" + " " + kdc.getRealm() + " = {\n" + " kdc = " + kdc.getHost() + ":" + kdc.getPort() + "\n" + " }"); } System.setProperty("java.security.auth.login.config", jaas_file.getAbsolutePath()); System.setProperty("java.security.krb5.conf", krb5file.getAbsolutePath()); }
From source file:herddb.server.security.JAASKerberosTest.java
License:Apache License
@Before public void startMiniKdc() throws Exception { conf = MiniKdc.createConf();//from ww w.ja va 2s. co m kdc = new MiniKdc(conf, kdcDir.getRoot()); kdc.start(); String localhostName = "localhost"; String principalServerNoRealm = "herddb/" + localhostName; String principalServer = "herddb/" + localhostName + "@" + kdc.getRealm(); String principalClientNoRealm = "herddbclient/" + localhostName; String principalClient = principalClientNoRealm + "@" + kdc.getRealm(); System.out.println("adding principal: " + principalServerNoRealm); System.out.println("adding principal: " + principalClientNoRealm); File keytabClient = new File(workDir.getRoot(), "herddbclient.keytab"); kdc.createPrincipal(keytabClient, principalClientNoRealm); File keytabServer = new File(workDir.getRoot(), "herddbserver.keytab"); kdc.createPrincipal(keytabServer, principalServerNoRealm); File jaas_file = new File(workDir.getRoot(), "jaas.conf"); try (FileWriter writer = new FileWriter(jaas_file)) { writer.write("\n" + "HerdDBServer {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabServer.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalServer + "\";\n" + "};\n" + "\n" + "\n" + "\n" + "HerdDBClient {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabClient.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalClient + "\";\n" + "};\n"); } File krb5file = new File(workDir.getRoot(), "krb5.conf"); try (FileWriter writer = new FileWriter(krb5file)) { writer.write("[libdefaults]\n" + " default_realm = " + kdc.getRealm() + "\n" // disable UDP as Kerby will listen only on TCP by default + " udp_preference_limit=1\n" + "\n" + "[realms]\n" + " " + kdc.getRealm() + " = {\n" + " kdc = " + kdc.getHost() + ":" + kdc.getPort() + "\n" + " }"); } System.setProperty("java.security.auth.login.config", jaas_file.getAbsolutePath()); System.setProperty("java.security.krb5.conf", krb5file.getAbsolutePath()); }
From source file:io.confluent.connect.hdfs.TestWithSecureMiniDFSCluster.java
License:Apache License
@BeforeClass public static void initKdc() throws Exception { baseDir = new File(System.getProperty("test.build.dir", "target/test-dir")); FileUtil.fullyDelete(baseDir);/* w ww. j av a 2 s . co m*/ assertTrue(baseDir.mkdirs()); Properties kdcConf = MiniKdc.createConf(); kdc = new MiniKdc(kdcConf, baseDir); kdc.start(); File keytabFile = new File(baseDir, "hdfs" + ".keytab"); keytab = keytabFile.getAbsolutePath(); kdc.createPrincipal(keytabFile, "hdfs" + "/localhost", "HTTP/localhost"); hdfsPrincipal = "hdfs" + "/localhost@" + kdc.getRealm(); spnegoPrincipal = "HTTP/localhost@" + kdc.getRealm(); keytabFile = new File(baseDir, "connect-hdfs" + ".keytab"); connectorKeytab = keytabFile.getAbsolutePath(); kdc.createPrincipal(keytabFile, "connect-hdfs/localhost"); connectorPrincipal = "connect-hdfs/localhost@" + kdc.getRealm(); }
From source file:majordodo.replication.KerberosReplicatedEnvTest.java
License:Apache License
@Before public void startMiniKdc() throws Exception { createMiniKdcConf();/*w w w . ja v a 2 s . c o m*/ kdc = new MiniKdc(conf, kdcDir.getRoot()); kdc.start(); String localhostName = "localhost.localdomain"; String principalServerNoRealm = "majordodo/" + localhostName; String principalServer = "majordodo/" + localhostName + "@" + kdc.getRealm(); String principalClientNoRealm = "majordodoclient/" + localhostName; String principalClient = principalClientNoRealm + "@" + kdc.getRealm(); System.out.println("adding principal: " + principalServerNoRealm); System.out.println("adding principal: " + principalClientNoRealm); File keytabClient = new File(kerberosWorkDir.getRoot(), "majordodoclient.keytab"); kdc.createPrincipal(keytabClient, principalClientNoRealm); File keytabServer = new File(kerberosWorkDir.getRoot(), "majordodoserver.keytab"); kdc.createPrincipal(keytabServer, principalServerNoRealm); File jaas_file = new File(kerberosWorkDir.getRoot(), "jaas.conf"); try (FileWriter writer = new FileWriter(jaas_file)) { writer.write("\n" + "MajordodoServer {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabServer.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalServer + "\";\n" + "};\n" + "\n" + "\n" + "\n" + "MajordodoClient {\n" + " com.sun.security.auth.module.Krb5LoginModule required debug=true\n" + " useKeyTab=true\n" + " keyTab=\"" + keytabClient.getAbsolutePath() + "\n" + " storeKey=true\n" + " useTicketCache=false\n" + " principal=\"" + principalClient + "\";\n" + "};\n"); } File krb5file = new File(kerberosWorkDir.getRoot(), "krb5.conf"); try (FileWriter writer = new FileWriter(krb5file)) { writer.write("[libdefaults]\n" + " default_realm = " + kdc.getRealm() + "\n" + "\n" + "\n" + "[realms]\n" + " " + kdc.getRealm() + " = {\n" + " kdc = " + kdc.getHost() + ":" + kdc.getPort() + "\n" + " }"); } System.setProperty("java.security.auth.login.config", jaas_file.getAbsolutePath()); System.setProperty("java.security.krb5.conf", krb5file.getAbsolutePath()); javax.security.auth.login.Configuration.getConfiguration().refresh(); }