List of usage examples for org.apache.hadoop.security UserGroupInformation createUserForTesting
@InterfaceAudience.Public @InterfaceStability.Evolving public static UserGroupInformation createUserForTesting(String user, String[] userGroups)
From source file:org.apache.phoenix.queryserver.server.PhoenixDoAsCallbackTest.java
License:Apache License
@Test public void proxyingUsersAreCached() throws Exception { Configuration conf = new Configuration(false); // The user "server" can impersonate anyone conf.set("hadoop.proxyuser.server.groups", "*"); conf.set("hadoop.proxyuser.server.hosts", "*"); // Trigger ProxyUsers to refresh itself with the above configuration ProxyUsers.refreshSuperUserGroupsConfiguration(conf); UserGroupInformation serverUgi = UserGroupInformation.createUserForTesting("server", new String[0]); PhoenixDoAsCallback callback = new PhoenixDoAsCallback(serverUgi, conf); UserGroupInformation user1 = callback.doAsRemoteUser("user1", "localhost:1234", new Callable<UserGroupInformation>() { public UserGroupInformation call() throws Exception { return UserGroupInformation.getCurrentUser(); }// w ww. j ava2 s .c o m }); UserGroupInformation user2 = callback.doAsRemoteUser("user2", "localhost:1235", new Callable<UserGroupInformation>() { public UserGroupInformation call() throws Exception { return UserGroupInformation.getCurrentUser(); } }); UserGroupInformation user1Reference = callback.doAsRemoteUser("user1", "localhost:1234", new Callable<UserGroupInformation>() { public UserGroupInformation call() throws Exception { return UserGroupInformation.getCurrentUser(); } }); // The UserGroupInformation.getCurrentUser() actually returns a new UGI instance, but the internal // subject is the same. We can verify things will work as expected that way. assertNotEquals(user1.hashCode(), user2.hashCode()); assertEquals("These should be the same (cached) instance", user1.hashCode(), user1Reference.hashCode()); assertEquals("These should be the same (cached) instance", user1, user1Reference); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testReadTablesAsGroupIT() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "IT"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin(); HTableDescriptor[] tableDescriptors = admin.listTables(); for (HTableDescriptor desc : tableDescriptors) { LOG.info("Found table:[" + desc.getTableName().getNameAsString() + "]"); }//from w w w.j a va2 s. c o m Assert.assertEquals(0, tableDescriptors.length); conn.close(); return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testCreateAndDropTables() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin();/*www. j a va2s.c o m*/ // Create a new table as process owner HTableDescriptor tableDescriptor = new HTableDescriptor(TableName.valueOf("temp2")); // Adding column families to table descriptor tableDescriptor.addFamily(new HColumnDescriptor("colfam1")); tableDescriptor.addFamily(new HColumnDescriptor("colfam2")); admin.createTable(tableDescriptor); conn.close(); // Try to disable + delete the table as the "IT" group String user = "IT"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin(); try { admin.disableTable(TableName.valueOf("temp2")); admin.deleteTable(TableName.valueOf("temp2")); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); // Now disable and delete as process owner conn = ConnectionFactory.createConnection(conf); admin = conn.getAdmin(); admin.disableTable(TableName.valueOf("temp2")); admin.deleteTable(TableName.valueOf("temp2")); conn.close(); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testReadRowAsGroupIT() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "IT"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Read a row Get get = new Get(Bytes.toBytes("row1")); Result result = table.get(get); byte[] valResult = result.getValue(Bytes.toBytes("colfam1"), Bytes.toBytes("col1")); Assert.assertTrue(Arrays.equals(valResult, Bytes.toBytes("val1"))); conn.close();//from ww w .j a v a2 s . c om return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testReadRowAsGroupPublic() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "public"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "public" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Read a row try { Get get = new Get(Bytes.toBytes("row1")); table.get(get);//www.j a va 2 s. c o m Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testReadRowFromColFam2AsGroupIT() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "public"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Read a row Get get = new Get(Bytes.toBytes("row1")); Result result = table.get(get); byte[] valResult = result.getValue(Bytes.toBytes("colfam2"), Bytes.toBytes("col1")); Assert.assertNull(valResult); conn.close();/* w ww. ja va 2 s .c o m*/ return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testWriteRowAsGroupIT() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "IT"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Add a new row Put put = new Put(Bytes.toBytes("row3")); put.addColumn(Bytes.toBytes("colfam1"), Bytes.toBytes("col1"), Bytes.toBytes("val2")); table.put(put);/*w ww. j a va2 s . c om*/ conn.close(); return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testWriteRowAsGroupPublic() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "public"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "public" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Add a new row try { Put put = new Put(Bytes.toBytes("row3")); put.addColumn(Bytes.toBytes("colfam1"), Bytes.toBytes("col1"), Bytes.toBytes("val2")); table.put(put);/* w w w.j a va 2 s. com*/ Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testWriteRowInColFam2AsGroupIT() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); String user = "IT"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp")); // Add a new row try { Put put = new Put(Bytes.toBytes("row3")); put.addColumn(Bytes.toBytes("colfam2"), Bytes.toBytes("col1"), Bytes.toBytes("val2")); table.put(put);/* w ww. jav a 2 s. co m*/ Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); }
From source file:org.apache.ranger.authorization.hbase.HBaseRangerAuthorizationTest.java
License:Apache License
@Test public void testReadRowInAnotherTable() throws Exception { final Configuration conf = HBaseConfiguration.create(); conf.set("hbase.zookeeper.quorum", "localhost"); conf.set("hbase.zookeeper.property.clientPort", "" + port); conf.set("zookeeper.znode.parent", "/hbase-unsecure"); Connection conn = ConnectionFactory.createConnection(conf); Admin admin = conn.getAdmin();//from w ww . jav a 2 s. c o m // Create a new table as process owner HTableDescriptor tableDescriptor = new HTableDescriptor(TableName.valueOf("temp4")); // Adding column families to table descriptor tableDescriptor.addFamily(new HColumnDescriptor("colfam1")); tableDescriptor.addFamily(new HColumnDescriptor("colfam2")); admin.createTable(tableDescriptor); // Write a value Put put = new Put(Bytes.toBytes("row1")); put.addColumn(Bytes.toBytes("colfam1"), Bytes.toBytes("col1"), Bytes.toBytes("val1")); Table table = conn.getTable(TableName.valueOf("temp4")); table.put(put); // Read a row Get get = new Get(Bytes.toBytes("row1")); Result result = table.get(get); byte[] valResult = result.getValue(Bytes.toBytes("colfam2"), Bytes.toBytes("col1")); Assert.assertNull(valResult); conn.close(); // Now try to read the row as group "IT" - it should fail as "IT" can only read from table "temp" String user = "IT"; UserGroupInformation ugi = UserGroupInformation.createUserForTesting(user, new String[] { "IT" }); ugi.doAs(new PrivilegedExceptionAction<Void>() { public Void run() throws Exception { Connection conn = ConnectionFactory.createConnection(conf); Table table = conn.getTable(TableName.valueOf("temp4")); // Read a row try { Get get = new Get(Bytes.toBytes("row1")); table.get(get); Assert.fail("Failure expected on an unauthorized user"); } catch (IOException ex) { // expected } conn.close(); return null; } }); // Now disable and delete as process owner conn = ConnectionFactory.createConnection(conf); admin = conn.getAdmin(); admin.disableTable(TableName.valueOf("temp4")); admin.deleteTable(TableName.valueOf("temp4")); conn.close(); }