hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From apurt...@apache.org
Subject svn commit: r1552947 - in /hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security: access/SecureTestUtil.java visibility/TestVisibilityLabelsWithACL.java
Date Sat, 21 Dec 2013 21:29:40 GMT
Author: apurtell
Date: Sat Dec 21 21:29:40 2013
New Revision: 1552947

URL: http://svn.apache.org/r1552947
Log:
HBASE-10220. Put all test service principals into the superusers list

Modified:
    hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
    hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java

Modified: hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
URL: http://svn.apache.org/viewvc/hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java?rev=1552947&r1=1552946&r2=1552947&view=diff
==============================================================================
--- hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
(original)
+++ hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
Sat Dec 21 21:29:40 2013
@@ -47,13 +47,24 @@ public class SecureTestUtil {
     conf.set("hbase.coprocessor.master.classes", AccessController.class.getName());
     conf.set("hbase.coprocessor.region.classes", AccessController.class.getName()+
         ","+SecureBulkLoadEndpoint.class.getName());
-    // add the process running user to superusers
+    // The secure minicluster creates separate service principals based on the
+    // current user's name, one for each slave. We need to add all of these to
+    // the superuser list or security won't function properly. We expect the
+    // HBase service account(s) to have superuser privilege.
     String currentUser = User.getCurrent().getName();
-    conf.set("hbase.superuser", "admin,"+currentUser);
+    StringBuffer sb = new StringBuffer();
+    sb.append("admin,");
+    sb.append(currentUser);
+    // Assumes we won't ever have a minicluster with more than 5 slaves
+    for (int i = 0; i < 5; i++) {
+      sb.append(',');
+      sb.append(currentUser); sb.append(".hfs."); sb.append(i);
+    }
+    conf.set("hbase.superuser", sb.toString());
     // Need HFile V3 for tags for security features
     conf.setInt("hfile.format.version", 3);
   }
-  
+
   public void verifyAllowed(User user, PrivilegedExceptionAction... actions) throws Exception
{
     for (PrivilegedExceptionAction action : actions) {
       try {

Modified: hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java
URL: http://svn.apache.org/viewvc/hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java?rev=1552947&r1=1552946&r2=1552947&view=diff
==============================================================================
--- hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java
(original)
+++ hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLabelsWithACL.java
Sat Dec 21 21:29:40 2013
@@ -76,7 +76,6 @@ public class TestVisibilityLabelsWithACL
   public static void setupBeforeClass() throws Exception {
     // setup configuration
     conf = TEST_UTIL.getConfiguration();
-    conf.setInt("hfile.format.version", 3);
     SecureTestUtil.enableSecurity(conf);
     conf.set("hbase.coprocessor.master.classes", AccessController.class.getName() + ","
         + VisibilityController.class.getName());



Mime
View raw message