/// <exception cref="System.IO.IOException"/> private void TryLoginAuthenticationMethod(UserGroupInformation.AuthenticationMethod method, bool expectSuccess) { SecurityUtil.SetAuthenticationMethod(method, conf); UserGroupInformation.SetConfiguration(conf); // pick up changed auth UserGroupInformation ugi = null; Exception ex = null; try { ugi = UserGroupInformation.GetLoginUser(); } catch (Exception e) { ex = e; } if (expectSuccess) { NUnit.Framework.Assert.IsNotNull(ugi); Assert.Equal(method, ugi.GetAuthenticationMethod()); } else { NUnit.Framework.Assert.IsNotNull(ex); Assert.Equal(typeof(NotSupportedException), ex.GetType()); Assert.Equal(method + " login authentication is not supported" , ex.Message); } }
/// <summary>test constructor</summary> /// <exception cref="System.Exception"/> public virtual void TestConstructorWithKerberos() { // security on, default is remove default realm SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Kerberos , conf); UserGroupInformation.SetConfiguration(conf); TestConstructorSuccess("user1", "user1"); TestConstructorSuccess("*****@*****.**", "user2"); TestConstructorSuccess("user3/[email protected]", "user3"); // failure test TestConstructorFailures("*****@*****.**"); TestConstructorFailures("user5/[email protected]"); TestConstructorFailures(null); TestConstructorFailures(string.Empty); }
/// <summary>test constructor</summary> /// <exception cref="System.Exception"/> public virtual void TestConstructorWithKerberosRules() { // security on, explicit rules SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Kerberos , conf); conf.Set(CommonConfigurationKeysPublic.HadoopSecurityAuthToLocal, "RULE:[2:$1@$0](.*@OTHER.REALM)s/(.*)@.*/other-$1/" + "RULE:[1:$1@$0](.*@OTHER.REALM)s/(.*)@.*/other-$1/" + "DEFAULT"); UserGroupInformation.SetConfiguration(conf); TestConstructorSuccess("user1", "user1"); TestConstructorSuccess("*****@*****.**", "user2"); TestConstructorSuccess("user3/[email protected]", "user3"); TestConstructorSuccess("*****@*****.**", "other-user4"); TestConstructorSuccess("user5/[email protected]", "other-user5"); // failure test TestConstructorFailures(null); TestConstructorFailures(string.Empty); }
public virtual void TestSetAuthenticationMethod() { Configuration conf = new Configuration(); // default SecurityUtil.SetAuthenticationMethod(null, conf); Assert.Equal("simple", conf.Get(CommonConfigurationKeysPublic. HadoopSecurityAuthentication)); // simple SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Simple , conf); Assert.Equal("simple", conf.Get(CommonConfigurationKeysPublic. HadoopSecurityAuthentication)); // kerberos SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Kerberos , conf); Assert.Equal("kerberos", conf.Get(CommonConfigurationKeysPublic .HadoopSecurityAuthentication)); }
public virtual void TestStartsWithIncorrectSettings() { Configuration conf = new Configuration(); SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Kerberos , conf); string keyTabKey = "key"; conf.Set(keyTabKey, string.Empty); UserGroupInformation.SetConfiguration(conf); bool gotException = false; try { SecurityUtil.Login(conf, keyTabKey, string.Empty, string.Empty); } catch (IOException) { // expected gotException = true; } Assert.True("Exception for empty keytabfile name was expected", gotException); }