hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From apurt...@apache.org
Subject svn commit: r1552949 - /hbase/branches/0.96/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
Date Sat, 21 Dec 2013 21:30:17 GMT
Author: apurtell
Date: Sat Dec 21 21:30:17 2013
New Revision: 1552949

URL: http://svn.apache.org/r1552949
Log:
HBASE-10220. Put all test service principals into the superusers list

Modified:
    hbase/branches/0.96/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java

Modified: hbase/branches/0.96/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
URL: http://svn.apache.org/viewvc/hbase/branches/0.96/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java?rev=1552949&r1=1552948&r2=1552949&view=diff
==============================================================================
--- hbase/branches/0.96/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
(original)
+++ hbase/branches/0.96/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
Sat Dec 21 21:30:17 2013
@@ -47,9 +47,20 @@ public class SecureTestUtil {
     conf.set("hbase.coprocessor.master.classes", AccessController.class.getName());
     conf.set("hbase.coprocessor.region.classes", AccessController.class.getName()+
         ","+SecureBulkLoadEndpoint.class.getName());
-    // add the process running user to superusers
+    // The secure minicluster creates separate service principals based on the
+    // current user's name, one for each slave. We need to add all of these to
+    // the superuser list or security won't function properly. We expect the
+    // HBase service account(s) to have superuser privilege.
     String currentUser = User.getCurrent().getName();
-    conf.set("hbase.superuser", "admin,"+currentUser);
+    StringBuffer sb = new StringBuffer();
+    sb.append("admin,");
+    sb.append(currentUser);
+    // Assumes we won't ever have a minicluster with more than 5 slaves
+    for (int i = 0; i < 5; i++) {
+      sb.append(',');
+      sb.append(currentUser); sb.append(".hfs."); sb.append(i);
+    }
+    conf.set("hbase.superuser", sb.toString());
   }
   
   public void verifyAllowed(User user, PrivilegedExceptionAction... actions) throws Exception
{



Mime
View raw message