You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by el...@apache.org on 2015/04/02 00:07:40 UTC
[1/2] accumulo git commit: ACCUMULO-3703 Support keytab in module
setup
Repository: accumulo
Updated Branches:
refs/heads/master 24c5dd1fb -> 91c297fa3
ACCUMULO-3703 Support keytab in module setup
Gets most of the randomwalk modules working, the
edge case being Security.xml as it does a bunch of
custom authentication based on passwords.
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/579a3fae
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/579a3fae
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/579a3fae
Branch: refs/heads/master
Commit: 579a3fae9fbba2dec5e865320f37a6160ee195b8
Parents: 24c5dd1
Author: Josh Elser <el...@apache.org>
Authored: Wed Apr 1 15:51:03 2015 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Wed Apr 1 15:51:03 2015 -0400
----------------------------------------------------------------------
.../accumulo/test/randomwalk/Environment.java | 36 ++++++++++++++++++--
.../randomwalk/security/SecurityFixture.java | 8 +++++
2 files changed, 42 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/579a3fae/test/src/main/java/org/apache/accumulo/test/randomwalk/Environment.java
----------------------------------------------------------------------
diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/Environment.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/Environment.java
index 7122b4e..992c08a 100644
--- a/test/src/main/java/org/apache/accumulo/test/randomwalk/Environment.java
+++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/Environment.java
@@ -18,6 +18,8 @@ package org.apache.accumulo.test.randomwalk;
import static com.google.common.base.Preconditions.checkNotNull;
+import java.io.File;
+import java.io.IOException;
import java.lang.management.ManagementFactory;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
@@ -31,6 +33,7 @@ import org.apache.accumulo.core.client.Instance;
import org.apache.accumulo.core.client.MultiTableBatchWriter;
import org.apache.accumulo.core.client.ZooKeeperInstance;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.KerberosToken;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -49,6 +52,10 @@ public class Environment {
*/
public static final String KEY_PASSWORD = "PASSWORD";
/**
+ * The configuration property key for a keytab
+ */
+ public static final String KEY_KEYTAB = "KEYTAB";
+ /**
* The configuration property key for the instance name.
*/
public static final String KEY_INSTANCE = "INSTANCE";
@@ -128,6 +135,15 @@ public class Environment {
}
/**
+ * Gets the configured keytab.
+ *
+ * @return path to keytab
+ */
+ public String getKeytab() {
+ return p.getProperty(KEY_KEYTAB);
+ }
+
+ /**
* Gets this process's ID.
*
* @return pid
@@ -142,7 +158,23 @@ public class Environment {
* @return authentication token
*/
public AuthenticationToken getToken() {
- return new PasswordToken(getPassword());
+ String password = getPassword();
+ if (null != password) {
+ return new PasswordToken(getPassword());
+ }
+ String keytab = getKeytab();
+ if (null != keytab) {
+ File keytabFile = new File(keytab);
+ if (!keytabFile.exists() || !keytabFile.isFile()) {
+ throw new IllegalArgumentException("Provided keytab is not a normal file: "+ keytab);
+ }
+ try {
+ return new KerberosToken(getUserName(), keytabFile);
+ } catch (IOException e) {
+ throw new RuntimeException("Failed to login", e);
+ }
+ }
+ throw new IllegalArgumentException("Must provide password or keytab in configuration");
}
/**
@@ -154,7 +186,7 @@ public class Environment {
if (instance == null) {
String instance = p.getProperty(KEY_INSTANCE);
String zookeepers = p.getProperty(KEY_ZOOKEEPERS);
- this.instance = new ZooKeeperInstance(new ClientConfiguration().withInstance(instance).withZkHosts(zookeepers));
+ this.instance = new ZooKeeperInstance(ClientConfiguration.loadDefault().withInstance(instance).withZkHosts(zookeepers));
}
return instance;
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/579a3fae/test/src/main/java/org/apache/accumulo/test/randomwalk/security/SecurityFixture.java
----------------------------------------------------------------------
diff --git a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/SecurityFixture.java b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/SecurityFixture.java
index 915eca0..4dced96 100644
--- a/test/src/main/java/org/apache/accumulo/test/randomwalk/security/SecurityFixture.java
+++ b/test/src/main/java/org/apache/accumulo/test/randomwalk/security/SecurityFixture.java
@@ -19,6 +19,8 @@ package org.apache.accumulo.test.randomwalk.security;
import java.net.InetAddress;
import java.util.Set;
+import org.apache.accumulo.core.client.ClientConfiguration;
+import org.apache.accumulo.core.client.ClientConfiguration.ClientProperty;
import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.apache.accumulo.core.security.Authorizations;
@@ -33,6 +35,12 @@ public class SecurityFixture extends Fixture {
@Override
public void setUp(State state, Environment env) throws Exception {
String secTableName, systemUserName, tableUserName, secNamespaceName;
+ // A best-effort sanity check to guard against not password-based auth
+ ClientConfiguration clientConf = ClientConfiguration.loadDefault();
+ if (clientConf.getBoolean(ClientProperty.INSTANCE_RPC_SASL_ENABLED.getKey(), false)) {
+ throw new IllegalStateException("Security module currently cannot support Kerberos/SASL instances");
+ }
+
Connector conn = env.getConnector();
String hostname = InetAddress.getLocalHost().getHostName().replaceAll("[-.]", "_");
[2/2] accumulo git commit: ACCUMULO-3704 Provide the correct client
conf to the TabletLocator
Posted by el...@apache.org.
ACCUMULO-3704 Provide the correct client conf to the TabletLocator
TabletLocator doesn't use the client conf from the client context
presently, but this should help to ensure that we don't run into
a regression in the future if that changes.
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/91c297fa
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/91c297fa
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/91c297fa
Branch: refs/heads/master
Commit: 91c297fa34827ec7a3fd6bd7cf8383f1af3dfb26
Parents: 579a3fa
Author: Josh Elser <el...@apache.org>
Authored: Wed Apr 1 16:26:20 2015 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Wed Apr 1 16:26:20 2015 -0400
----------------------------------------------------------------------
.../core/client/mapreduce/lib/impl/InputConfigurator.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/91c297fa/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
index e7af1ae..b0360fa 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
@@ -612,8 +612,9 @@ public class InputConfigurator extends ConfiguratorBase {
if ("MockInstance".equals(instanceType))
return new MockTabletLocator();
Instance instance = getInstance(implementingClass, conf);
+ ClientConfiguration clientConf = getClientConfiguration(implementingClass, conf);
ClientContext context = new ClientContext(instance,
- new Credentials(getPrincipal(implementingClass, conf), getAuthenticationToken(implementingClass, conf)), ClientConfiguration.loadDefault());
+ new Credentials(getPrincipal(implementingClass, conf), getAuthenticationToken(implementingClass, conf)), clientConf);
return TabletLocator.getLocator(context, new Text(tableId));
}