public static void Init()
{
baseDir = new FilePath(Runtime.GetProperty("test.build.dir", "target/test-dir"),
typeof(TestSecureNNWithQJM).Name);
FileUtil.FullyDelete(baseDir);
NUnit.Framework.Assert.IsTrue(baseDir.Mkdirs());
Properties kdcConf = MiniKdc.CreateConf();
kdc = new MiniKdc(kdcConf, baseDir);
kdc.Start();
baseConf = new HdfsConfiguration();
SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Kerberos
, baseConf);
UserGroupInformation.SetConfiguration(baseConf);
NUnit.Framework.Assert.IsTrue("Expected configuration to enable security", UserGroupInformation
.IsSecurityEnabled());
string userName = UserGroupInformation.GetLoginUser().GetShortUserName();
FilePath keytabFile = new FilePath(baseDir, userName + ".keytab");
string keytab = keytabFile.GetAbsolutePath();
// Windows will not reverse name lookup "127.0.0.1" to "localhost".
string krbInstance = Path.Windows ? "127.0.0.1" : "localhost";
kdc.CreatePrincipal(keytabFile, userName + "/" + krbInstance, "HTTP/" + krbInstance
);
string hdfsPrincipal = userName + "/" + krbInstance + "@" + kdc.GetRealm();
string spnegoPrincipal = "HTTP/" + krbInstance + "@" + kdc.GetRealm();
baseConf.Set(DFSConfigKeys.DfsNamenodeKerberosPrincipalKey, hdfsPrincipal);
baseConf.Set(DFSConfigKeys.DfsNamenodeKeytabFileKey, keytab);
baseConf.Set(DFSConfigKeys.DfsDatanodeKerberosPrincipalKey, hdfsPrincipal);
baseConf.Set(DFSConfigKeys.DfsDatanodeKeytabFileKey, keytab);
baseConf.Set(DFSConfigKeys.DfsWebAuthenticationKerberosPrincipalKey, spnegoPrincipal
);
baseConf.Set(DFSConfigKeys.DfsJournalnodeKeytabFileKey, keytab);
baseConf.Set(DFSConfigKeys.DfsJournalnodeKerberosPrincipalKey, hdfsPrincipal);
baseConf.Set(DFSConfigKeys.DfsJournalnodeKerberosInternalSpnegoPrincipalKey, spnegoPrincipal
);
baseConf.SetBoolean(DFSConfigKeys.DfsBlockAccessTokenEnableKey, true);
baseConf.Set(DFSConfigKeys.DfsDataTransferProtectionKey, "authentication");
baseConf.Set(DFSConfigKeys.DfsHttpPolicyKey, HttpConfig.Policy.HttpsOnly.ToString
());
baseConf.Set(DFSConfigKeys.DfsNamenodeHttpsAddressKey, "localhost:0");
baseConf.Set(DFSConfigKeys.DfsDatanodeHttpsAddressKey, "localhost:0");
baseConf.Set(DFSConfigKeys.DfsJournalnodeHttpsAddressKey, "localhost:0");
baseConf.SetInt(CommonConfigurationKeys.IpcClientConnectMaxRetriesOnSaslKey, 10);
string keystoresDir = baseDir.GetAbsolutePath();
string sslConfDir = KeyStoreTestUtil.GetClasspathDir(typeof(TestSecureNNWithQJM));
KeyStoreTestUtil.SetupSSLConfig(keystoresDir, sslConfDir, baseConf, false);
}
public static void InitKdc()
{
baseDir = new FilePath(Runtime.GetProperty("test.build.dir", "target/test-dir"),
typeof(SaslDataTransferTestCase).Name);
FileUtil.FullyDelete(baseDir);
NUnit.Framework.Assert.IsTrue(baseDir.Mkdirs());
Properties kdcConf = MiniKdc.CreateConf();
kdc = new MiniKdc(kdcConf, baseDir);
kdc.Start();
string userName = UserGroupInformation.GetLoginUser().GetShortUserName();
FilePath keytabFile = new FilePath(baseDir, userName + ".keytab");
keytab = keytabFile.GetAbsolutePath();
kdc.CreatePrincipal(keytabFile, userName + "/localhost", "HTTP/localhost");
hdfsPrincipal = userName + "/localhost@" + kdc.GetRealm();
spnegoPrincipal = "HTTP/localhost@" + kdc.GetRealm();
}
protected internal static string GetRealm()
{
return(kdc.GetRealm());
}
