public static void Init() { baseDir = new FilePath(Runtime.GetProperty("test.build.dir", "target/test-dir"), typeof(TestSecureNNWithQJM).Name); FileUtil.FullyDelete(baseDir); NUnit.Framework.Assert.IsTrue(baseDir.Mkdirs()); Properties kdcConf = MiniKdc.CreateConf(); kdc = new MiniKdc(kdcConf, baseDir); kdc.Start(); baseConf = new HdfsConfiguration(); SecurityUtil.SetAuthenticationMethod(UserGroupInformation.AuthenticationMethod.Kerberos , baseConf); UserGroupInformation.SetConfiguration(baseConf); NUnit.Framework.Assert.IsTrue("Expected configuration to enable security", UserGroupInformation .IsSecurityEnabled()); string userName = UserGroupInformation.GetLoginUser().GetShortUserName(); FilePath keytabFile = new FilePath(baseDir, userName + ".keytab"); string keytab = keytabFile.GetAbsolutePath(); // Windows will not reverse name lookup "127.0.0.1" to "localhost". string krbInstance = Path.Windows ? "127.0.0.1" : "localhost"; kdc.CreatePrincipal(keytabFile, userName + "/" + krbInstance, "HTTP/" + krbInstance ); string hdfsPrincipal = userName + "/" + krbInstance + "@" + kdc.GetRealm(); string spnegoPrincipal = "HTTP/" + krbInstance + "@" + kdc.GetRealm(); baseConf.Set(DFSConfigKeys.DfsNamenodeKerberosPrincipalKey, hdfsPrincipal); baseConf.Set(DFSConfigKeys.DfsNamenodeKeytabFileKey, keytab); baseConf.Set(DFSConfigKeys.DfsDatanodeKerberosPrincipalKey, hdfsPrincipal); baseConf.Set(DFSConfigKeys.DfsDatanodeKeytabFileKey, keytab); baseConf.Set(DFSConfigKeys.DfsWebAuthenticationKerberosPrincipalKey, spnegoPrincipal ); baseConf.Set(DFSConfigKeys.DfsJournalnodeKeytabFileKey, keytab); baseConf.Set(DFSConfigKeys.DfsJournalnodeKerberosPrincipalKey, hdfsPrincipal); baseConf.Set(DFSConfigKeys.DfsJournalnodeKerberosInternalSpnegoPrincipalKey, spnegoPrincipal ); baseConf.SetBoolean(DFSConfigKeys.DfsBlockAccessTokenEnableKey, true); baseConf.Set(DFSConfigKeys.DfsDataTransferProtectionKey, "authentication"); baseConf.Set(DFSConfigKeys.DfsHttpPolicyKey, HttpConfig.Policy.HttpsOnly.ToString ()); baseConf.Set(DFSConfigKeys.DfsNamenodeHttpsAddressKey, "localhost:0"); baseConf.Set(DFSConfigKeys.DfsDatanodeHttpsAddressKey, "localhost:0"); baseConf.Set(DFSConfigKeys.DfsJournalnodeHttpsAddressKey, "localhost:0"); baseConf.SetInt(CommonConfigurationKeys.IpcClientConnectMaxRetriesOnSaslKey, 10); string keystoresDir = baseDir.GetAbsolutePath(); string sslConfDir = KeyStoreTestUtil.GetClasspathDir(typeof(TestSecureNNWithQJM)); KeyStoreTestUtil.SetupSSLConfig(keystoresDir, sslConfDir, baseConf, false); }
public static void InitKdc() { baseDir = new FilePath(Runtime.GetProperty("test.build.dir", "target/test-dir"), typeof(SaslDataTransferTestCase).Name); FileUtil.FullyDelete(baseDir); NUnit.Framework.Assert.IsTrue(baseDir.Mkdirs()); Properties kdcConf = MiniKdc.CreateConf(); kdc = new MiniKdc(kdcConf, baseDir); kdc.Start(); string userName = UserGroupInformation.GetLoginUser().GetShortUserName(); FilePath keytabFile = new FilePath(baseDir, userName + ".keytab"); keytab = keytabFile.GetAbsolutePath(); kdc.CreatePrincipal(keytabFile, userName + "/localhost", "HTTP/localhost"); hdfsPrincipal = userName + "/localhost@" + kdc.GetRealm(); spnegoPrincipal = "HTTP/localhost@" + kdc.GetRealm(); }
protected internal static string GetRealm() { return(kdc.GetRealm()); }