public static User toUserInfo(UserInformation userInfoProto) { if (userInfoProto.hasEffectiveUser()) { String effectiveUser = userInfoProto.getEffectiveUser(); if (userInfoProto.hasRealUser()) { String realUser = userInfoProto.getRealUser(); UserGroupInformation realUserUgi = UserGroupInformation.createRemoteUser(realUser); return User.create(UserGroupInformation.createProxyUser(effectiveUser, realUserUgi)); } return User.create(UserGroupInformation.createRemoteUser(effectiveUser)); } return null; }
return EXIT_FAILURE; userOwner = User.create(HBaseKerberosUtils.loginAndReturnUGI(conf, superUser)); } else { superUser = clazzAndArgs[1]; for (String userStr : users) { if (User.isHBaseSecurityEnabled(conf)) { user = User.create(HBaseKerberosUtils.loginAndReturnUGI(conf, userStr)); } else { user = User.createUserForTesting(conf, userStr, new String[0]);
User user = User.create(proxyUser);
private static User getUserByLogin(final String user) throws IOException { return User.create(UserGroupInformation.loginUserFromKeytabAndReturnUGI( getPrinciple(user), KEYTAB_FILE.getAbsolutePath())); }
/** * Test various combinations of Server and Client qops. * @throws Exception */ @Test public void testSaslWithCommonQop() throws Exception { setRpcProtection("privacy,authentication", "authentication"); callRpcService(User.create(ugi)); setRpcProtection("authentication", "privacy,authentication"); callRpcService(User.create(ugi)); setRpcProtection("integrity,authentication", "privacy,authentication"); callRpcService(User.create(ugi)); setRpcProtection("integrity,authentication", "integrity,authentication"); callRpcService(User.create(ugi)); setRpcProtection("privacy,authentication", "privacy,authentication"); callRpcService(User.create(ugi)); }
@Test public void testRpcCallWithEnabledKerberosSaslAuth() throws Exception { UserGroupInformation ugi2 = UserGroupInformation.getCurrentUser(); // check that the login user is okay: assertSame(ugi2, ugi); assertEquals(AuthenticationMethod.KERBEROS, ugi.getAuthenticationMethod()); assertEquals(krbPrincipal, ugi.getUserName()); callRpcService(User.create(ugi2)); }
@Test public void testRpcFallbackToSimpleAuth() throws Exception { String clientUsername = "testuser"; UserGroupInformation clientUgi = UserGroupInformation.createUserForTesting(clientUsername, new String[] { clientUsername }); // check that the client user is insecure assertNotSame(ugi, clientUgi); assertEquals(AuthenticationMethod.SIMPLE, clientUgi.getAuthenticationMethod()); assertEquals(clientUsername, clientUgi.getUserName()); clientConf.set(User.HBASE_SECURITY_CONF_KEY, "simple"); serverConf.setBoolean(RpcServer.FALLBACK_TO_INSECURE_CLIENT_AUTH, true); callRpcService(User.create(clientUgi)); }
realUserUgi = UserGroupInformation.createRemoteUser(userNames[mod]); user = User.create(realUserUgi); users.put(userNames[mod], user); } else {
/** * Test sasl encryption with Crypto AES. * @throws Exception */ @Test public void testSaslWithCryptoAES() throws Exception { setRpcProtection("privacy", "privacy"); setCryptoAES("true", "true"); callRpcService(User.create(ugi)); }
/** * Test various combinations of Server and Client configuration for Crypto AES. * @throws Exception */ @Test public void testDifferentConfWithCryptoAES() throws Exception { setRpcProtection("privacy", "privacy"); setCryptoAES("false", "true"); callRpcService(User.create(ugi)); setCryptoAES("true", "false"); try { callRpcService(User.create(ugi)); fail("The exception should be thrown out for the rpc timeout."); } catch (Exception e) { // ignore the expected exception } }
realUserUgi = UserGroupInformation.createRemoteUser(userNames[mod]); user = User.create(realUserUgi); users.put(userNames[mod], user); } else {
@Test public void testSaslNoCommonQop() throws Exception { exception.expect(SaslException.class); exception.expectMessage("No common protection layer between client and server"); setRpcProtection("integrity", "privacy"); callRpcService(User.create(ugi)); }
User user = filledForm.get(); List<Job> jobs = new ArrayList<Job>(); for (Job job : user.getJobs()) { jobs.add(Job.find.byId(job.getId())); } user.create();
private static User getUserByLogin(final String user) throws IOException { return User.create(UserGroupInformation.loginUserFromKeytabAndReturnUGI(getPrinciple(user), KEYTAB_FILE.getAbsolutePath())); } private static String getPrinciple(final String user) {
private static User getUserByLogin(final String user) throws IOException { return User.create(UserGroupInformation.loginUserFromKeytabAndReturnUGI( getPrinciple(user), KEYTAB_FILE.getAbsolutePath())); }
/** * Test various combinations of Server and Client qops. * @throws Exception */ @Test public void testSaslWithCommonQop() throws Exception { setRpcProtection("privacy,authentication", "authentication"); callRpcService(User.create(ugi)); setRpcProtection("authentication", "privacy,authentication"); callRpcService(User.create(ugi)); setRpcProtection("integrity,authentication", "privacy,authentication"); callRpcService(User.create(ugi)); setRpcProtection("integrity,authentication", "integrity,authentication"); callRpcService(User.create(ugi)); setRpcProtection("privacy,authentication", "privacy,authentication"); callRpcService(User.create(ugi)); }
@Test public void testRpcCallWithEnabledKerberosSaslAuth() throws Exception { UserGroupInformation ugi2 = UserGroupInformation.getCurrentUser(); // check that the login user is okay: assertSame(ugi2, ugi); assertEquals(AuthenticationMethod.KERBEROS, ugi.getAuthenticationMethod()); assertEquals(krbPrincipal, ugi.getUserName()); callRpcService(User.create(ugi2)); }
@Test public void testRpcFallbackToSimpleAuth() throws Exception { String clientUsername = "testuser"; UserGroupInformation clientUgi = UserGroupInformation.createUserForTesting(clientUsername, new String[] { clientUsername }); // check that the client user is insecure assertNotSame(ugi, clientUgi); assertEquals(AuthenticationMethod.SIMPLE, clientUgi.getAuthenticationMethod()); assertEquals(clientUsername, clientUgi.getUserName()); clientConf.set(User.HBASE_SECURITY_CONF_KEY, "simple"); serverConf.setBoolean(RpcServer.FALLBACK_TO_INSECURE_CLIENT_AUTH, true); callRpcService(User.create(clientUgi)); }
/** * Test sasl encryption with Crypto AES. * @throws Exception */ @Test public void testSaslWithCryptoAES() throws Exception { setRpcProtection("privacy", "privacy"); setCryptoAES("true", "true"); callRpcService(User.create(ugi)); }
@Test public void testSaslNoCommonQop() throws Exception { exception.expect(SaslException.class); exception.expectMessage("No common protection layer between client and server"); setRpcProtection("integrity", "privacy"); callRpcService(User.create(ugi)); }