hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Chu (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-9004) Allow security unit tests to use external KDC
Date Fri, 02 Nov 2012 22:34:12 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-9004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Stephen Chu updated HADOOP-9004:
--------------------------------

    Attachment: HADOOP-9004.patch

I have attached a patch with two tests, TestUGIWithExternalKdc and TestSecureNameNodeWithExternalKdc.
These tests are based on TestUGIWithSecurityOn (HADOOP-8078) and TestSecureNameNode (HDFS-3016).


The difference is that the new tests make use of user-specified KDC, principals, and keytabs.

TestUGIWithExternalKdc verifies keytab login.
TestSecureNameNodeWithExternalKdc brings up a MiniDFSCluster with kerberos authentication
enabled.

In future JIRAs, I plan to add more security-related unit tests to cover pain points and stuff
that's broken in the past (e.g. hdfs fsck and groups have once been broken with security enabled).
                
> Allow security unit tests to use external KDC
> ---------------------------------------------
>
>                 Key: HADOOP-9004
>                 URL: https://issues.apache.org/jira/browse/HADOOP-9004
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security, test
>    Affects Versions: 2.0.0-alpha
>            Reporter: Stephen Chu
>            Assignee: Stephen Chu
>             Fix For: 3.0.0
>
>         Attachments: HADOOP-9004.patch
>
>
> I want to add the option of allowing security-related unit tests to use an external KDC.
> In HADOOP-8078, we add the ability to start and use an ApacheDS KDC for security-related
unit tests. It would be good to allow users to validate the use of their own KDC, keytabs,
and principals and to test different KDCs and not rely on the ApacheDS KDC.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message