Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.accumulo.server; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.DataInputStream; import java.io.DataOutputStream; import java.security.PrivilegedExceptionAction; import java.util.Iterator; import java.util.Map.Entry; import org.apache.accumulo.core.client.ClientConfiguration; import org.apache.accumulo.core.client.ClientConfiguration.ClientProperty; import org.apache.accumulo.core.client.Instance; import org.apache.accumulo.core.client.impl.ClientContext; import org.apache.accumulo.core.client.impl.Credentials; import org.apache.accumulo.core.client.security.tokens.PasswordToken; import org.apache.accumulo.core.conf.AccumuloConfiguration; import org.apache.accumulo.core.conf.Property; import org.apache.accumulo.core.conf.SiteConfiguration; import org.apache.accumulo.server.conf.ServerConfigurationFactory; import org.apache.accumulo.server.rpc.SaslServerConnectionParams; import org.apache.accumulo.server.rpc.ThriftServerType; import org.apache.accumulo.server.security.SystemCredentials.SystemToken; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.CommonConfigurationKeys; import org.apache.hadoop.security.UserGroupInformation; import org.easymock.EasyMock; import org.easymock.IAnswer; import org.junit.Assert; import org.junit.Before; import org.junit.Test; public class AccumuloServerContextTest { private UserGroupInformation testUser; private String username; @Before public void setup() throws Exception { System.setProperty("java.security.krb5.realm", "accumulo"); System.setProperty("java.security.krb5.kdc", "fake"); Configuration conf = new Configuration(false); conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos"); UserGroupInformation.setConfiguration(conf); testUser = UserGroupInformation.createUserForTesting("test_user", new String[0]); username = testUser.getUserName(); } @Test public void testSasl() throws Exception { testUser.doAs(new PrivilegedExceptionAction<Void>() { @Override public Void run() throws Exception { Instance instance = EasyMock.createMock(Instance.class); ClientConfiguration clientConf = ClientConfiguration.loadDefault(); clientConf.setProperty(ClientProperty.INSTANCE_RPC_SASL_ENABLED, "true"); clientConf.setProperty(ClientProperty.KERBEROS_SERVER_PRIMARY, "accumulo"); final AccumuloConfiguration conf = ClientContext.convertClientConfig(clientConf); SiteConfiguration siteConfig = EasyMock.createMock(SiteConfiguration.class); EasyMock.expect(siteConfig.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)).andReturn(true); // Deal with SystemToken being private PasswordToken pw = new PasswordToken("fake"); ByteArrayOutputStream baos = new ByteArrayOutputStream(); pw.write(new DataOutputStream(baos)); SystemToken token = new SystemToken(); token.readFields(new DataInputStream(new ByteArrayInputStream(baos.toByteArray()))); ServerConfigurationFactory factory = EasyMock.createMock(ServerConfigurationFactory.class); EasyMock.expect(factory.getConfiguration()).andReturn(conf).anyTimes(); EasyMock.expect(factory.getSiteConfiguration()).andReturn(siteConfig).anyTimes(); EasyMock.expect(factory.getInstance()).andReturn(instance).anyTimes(); AccumuloServerContext context = EasyMock.createMockBuilder(AccumuloServerContext.class) .addMockedMethod("enforceKerberosLogin").addMockedMethod("getConfiguration") .addMockedMethod("getServerConfigurationFactory").addMockedMethod("getCredentials") .createMock(); context.enforceKerberosLogin(); EasyMock.expectLastCall().anyTimes(); EasyMock.expect(context.getConfiguration()).andReturn(conf).anyTimes(); EasyMock.expect(context.getServerConfigurationFactory()).andReturn(factory).anyTimes(); EasyMock.expect(context.getCredentials()) .andReturn(new Credentials("accumulo/hostname@FAKE.COM", token)).once(); // Just make the SiteConfiguration delegate to our ClientConfiguration (by way of the AccumuloConfiguration) // Presently, we only need get(Property) and iterator(). EasyMock.expect(siteConfig.get(EasyMock.anyObject(Property.class))) .andAnswer(new IAnswer<String>() { @Override public String answer() { Object[] args = EasyMock.getCurrentArguments(); return conf.get((Property) args[0]); } }).anyTimes(); EasyMock.expect(siteConfig.iterator()).andAnswer(new IAnswer<Iterator<Entry<String, String>>>() { @Override public Iterator<Entry<String, String>> answer() { return conf.iterator(); } }).anyTimes(); EasyMock.replay(factory, context, siteConfig); Assert.assertEquals(ThriftServerType.SASL, context.getThriftServerType()); SaslServerConnectionParams saslParams = context.getSaslParams(); Assert.assertEquals(new SaslServerConnectionParams(conf, token), saslParams); Assert.assertEquals(username, saslParams.getPrincipal()); EasyMock.verify(factory, context, siteConfig); return null; } }); } }