@Override public AuthenticationToken getAdminToken() { if (clientConf.hasSasl()) { File keytab = getAdminKeytab(); try { UserGroupInformation.loginUserFromKeytab(getAdminPrincipal(), keytab.getAbsolutePath()); return new KerberosToken(); } catch (IOException e) { // The user isn't logged in throw new RuntimeException("Failed to create KerberosToken", e); } } else { return new PasswordToken(getPassword()); } }
@Override public void run() { try { VerifyIngest.Opts opts = new VerifyIngest.Opts(); opts.startRow = finalI; opts.rows = span; opts.random = 56; opts.dataSize = 50; opts.cols = 1; opts.setTableName(tableName); if (clientConf.hasSasl()) { opts.updateKerberosCredentials(clientConf); } else { opts.setPrincipal(getAdminPrincipal()); PasswordToken passwordToken = (PasswordToken) getAdminToken(); opts.setPassword(new Password(new String(passwordToken.getPassword(), UTF_8))); } VerifyIngest.verifyIngest(c, opts, new ScannerOpts()); } catch (Exception ex) { log.warn("Got exception verifying data", ex); fail.set(true); } } };
@Override public Integer call() { try { ClientConfiguration clientConf = cluster.getClientConfig(); // Invocation is different for SASL. We're only logged in via this processes memory (not // via some credentials cache on disk) // Need to pass along the keytab because of that. if (clientConf.hasSasl()) { String principal = getAdminPrincipal(); AuthenticationToken token = getAdminToken(); assertTrue("Expected KerberosToken, but was " + token.getClass(), token instanceof KerberosToken); KerberosToken kt = (KerberosToken) token; assertNotNull("Expected keytab in token", kt.getKeytab()); return control.exec(TestMultiTableIngest.class, args("--count", Integer.toString(ROWS), "-i", instance, "-z", keepers, "--tablePrefix", prefix, "--keytab", kt.getKeytab().getAbsolutePath(), "-u", principal)); } return control.exec(TestMultiTableIngest.class, args("--count", Integer.toString(ROWS), "-u", getAdminPrincipal(), "-i", instance, "-z", keepers, "-p", new String(((PasswordToken) getAdminToken()).getPassword(), UTF_8), "--tablePrefix", prefix)); } catch (IOException e) { log.error("Error running MultiTableIngest", e); return -1; } } });
@Override public Integer call() { try { ClientConfiguration clientConf = cluster.getClientConfig(); // Invocation is different for SASL. We're only logged in via this processes memory (not // via some credentials cache on disk) // Need to pass along the keytab because of that. if (clientConf.hasSasl()) { String principal = getAdminPrincipal(); AuthenticationToken token = getAdminToken(); assertTrue("Expected KerberosToken, but was " + token.getClass(), token instanceof KerberosToken); KerberosToken kt = (KerberosToken) token; assertNotNull("Expected keytab in token", kt.getKeytab()); return control.exec(TestMultiTableIngest.class, args("--count", Integer.toString(ROWS), "--readonly", "-i", instance, "-z", keepers, "--tablePrefix", prefix, "--keytab", kt.getKeytab().getAbsolutePath(), "-u", principal)); } return control.exec(TestMultiTableIngest.class, args("--count", Integer.toString(ROWS), "--readonly", "-u", getAdminPrincipal(), "-i", instance, "-z", keepers, "-p", new String(((PasswordToken) getAdminToken()).getPassword(), UTF_8), "--tablePrefix", prefix)); } catch (IOException e) { log.error("Error running MultiTableIngest", e); return -1; } } });
public static void ingest(Connector connector, ClientConfiguration clientConfig, String principal, int rows, int cols, int width, int offset, String colf, String tableName) throws Exception { TestIngest.Opts opts = new TestIngest.Opts(); opts.rows = rows; opts.cols = cols; opts.dataSize = width; opts.startRow = offset; opts.columnFamily = colf; opts.createTable = true; opts.setTableName(tableName); if (clientConfig.hasSasl()) { opts.updateKerberosCredentials(clientConfig); } else { opts.setPrincipal(principal); } TestIngest.ingest(connector, opts, new BatchWriterOpts()); }
private static void verify(Connector connector, ClientConfiguration clientConfig, String principal, int rows, int cols, int width, int offset, String colf, String tableName) throws Exception { ScannerOpts scannerOpts = new ScannerOpts(); VerifyIngest.Opts opts = new VerifyIngest.Opts(); opts.rows = rows; opts.cols = cols; opts.dataSize = width; opts.startRow = offset; opts.columnFamily = colf; opts.setTableName(tableName); if (clientConfig.hasSasl()) { opts.updateKerberosCredentials(clientConfig); } else { opts.setPrincipal(principal); } VerifyIngest.verifyIngest(connector, opts, scannerOpts); }
@Override public void run() { try { TestIngest.Opts opts = new TestIngest.Opts(); opts.startRow = index * 10000; opts.rows = 10000; opts.setTableName(tableName); if (clientConfig.hasSasl()) { opts.updateKerberosCredentials(clientConfig); } else { opts.setPrincipal(getAdminPrincipal()); } BatchWriterOpts bwOpts = new BatchWriterOpts(); bwOpts.batchMemory = 1024L * 1024; bwOpts.batchThreads = 2; TestIngest.ingest(c, opts, new BatchWriterOpts()); } catch (Exception ex) { ref.set(ex); } } };
TestShell(String user, String rootPass, String instanceName, String zookeepers, File configFile) throws IOException { ClientConfiguration clientConf; clientConf = ClientConfiguration.fromFile(configFile); // start the shell output = new TestOutputStream(); input = new StringInputStream(); shell = new Shell(new ConsoleReader(input, output)); shell.setLogErrorsToConsole(); if (clientConf.hasSasl()) { // Pull the kerberos principal out when we're using SASL shell.config("-u", user, "-z", instanceName, zookeepers, "--config-file", configFile.getAbsolutePath()); } else { shell.config("-u", user, "-p", rootPass, "-z", instanceName, zookeepers, "--config-file", configFile.getAbsolutePath()); } exec("quit", true); shell.start(); shell.setExit(false); }
opts.setTableName(tableName); ClientConfiguration clientConf = cluster.getClientConfig(); if (clientConf.hasSasl()) { opts.updateKerberosCredentials(clientConf); } else {
@Override public SaslConnectionParams get() { // Use the clientConf if we have it if (null != clientConf) { if (!clientConf.hasSasl()) { return null; } return new SaslConnectionParams(clientConf, getCredentials().getToken()); } AccumuloConfiguration conf = getConfiguration(); if (!conf.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)) { return null; } return new SaslConnectionParams(conf, getCredentials().getToken()); } };
@Before public void createLocalUser() throws AccumuloException, AccumuloSecurityException { Connector conn = getConnector(); inst = conn.getInstance(); ClientConfiguration clientConf = cluster.getClientConfig(); ClusterUser user = getUser(0); username = user.getPrincipal(); saslEnabled = clientConf.hasSasl(); // Create the user if it doesn't exist Set<String> users = conn.securityOperations().listLocalUsers(); if (!users.contains(username)) { PasswordToken passwdToken = null; if (!saslEnabled) { password = user.getPassword(); passwdToken = new PasswordToken(password); } conn.securityOperations().createLocalUser(username, passwdToken); } }
@Test public void deleteSplit() throws Exception { Connector c = getConnector(); String tableName = getUniqueNames(1)[0]; c.tableOperations().create(tableName); c.tableOperations().setProperty(tableName, Property.TABLE_SPLIT_THRESHOLD.getKey(), "10K"); ClientConfiguration clientConfig = getCluster().getClientConfig(); String password = null, keytab = null; if (clientConfig.hasSasl()) { keytab = getAdminUser().getKeytab().getAbsolutePath(); } else { password = new String(((PasswordToken) getAdminToken()).getPassword(), UTF_8); } DeleteIT.deleteTest(c, getCluster(), getAdminPrincipal(), password, tableName, keytab); c.tableOperations().flush(tableName, null, null, true); for (int i = 0; i < 5; i++) { sleepUninterruptibly(10, TimeUnit.SECONDS); if (c.tableOperations().listSplits(tableName).size() > 20) break; } assertTrue(c.tableOperations().listSplits(tableName).size() > 20); }
@Test public void test() throws Exception { Connector c = getConnector(); String[] names = getUniqueNames(2); String tableName = names[0], unused = names[1]; c.tableOperations().create(tableName); c.tableOperations().setProperty(tableName, Property.TABLE_SPLIT_THRESHOLD.getKey(), "10K"); SortedSet<Text> splits = new TreeSet<>(); for (int i = 0; i < 100; i++) { splits.add(new Text(String.format("%03d", i))); } c.tableOperations().create(unused); c.tableOperations().addSplits(unused, splits); TestIngest.Opts opts = new TestIngest.Opts(); VerifyIngest.Opts vopts = new VerifyIngest.Opts(); vopts.rows = opts.rows = 20000; opts.setTableName(tableName); vopts.setTableName(tableName); ClientConfiguration clientConfig = getCluster().getClientConfig(); if (clientConfig.hasSasl()) { opts.updateKerberosCredentials(clientConfig); vopts.updateKerberosCredentials(clientConfig); } else { opts.setPrincipal(getAdminPrincipal()); vopts.setPrincipal(getAdminPrincipal()); } TestIngest.ingest(c, opts, new BatchWriterOpts()); c.tableOperations().flush(tableName, null, null, true); VerifyIngest.verifyIngest(c, vopts, new ScannerOpts()); }
@Before public void setup() throws Exception { connector = getConnector(); tableName = getUniqueNames(1)[0]; connector.tableOperations().create(tableName); ClientConfiguration clientConfig = cluster.getClientConfig(); ClusterUser clusterUser = getUser(0); user = clusterUser.getPrincipal(); PasswordToken userToken; if (clientConfig.hasSasl()) { userToken = null; saslEnabled = true; } else { userToken = new PasswordToken(clusterUser.getPassword()); saslEnabled = false; } if (connector.securityOperations().listLocalUsers().contains(user)) { log.info("Dropping {}", user); connector.securityOperations().dropLocalUser(user); } connector.securityOperations().createLocalUser(user, userToken); connector.securityOperations().grantTablePermission(user, tableName, TablePermission.READ); connector.securityOperations().grantTablePermission(user, tableName, TablePermission.WRITE); connector.securityOperations().changeUserAuthorizations(user, AuthsIterator.AUTHS); }
@Test public void testCreateExistingUser() throws Exception { ClusterUser user0 = getUser(0); Connector conn = getConnector(); Set<String> currentUsers = conn.securityOperations().listLocalUsers(); // Ensure that the user exists if (!currentUsers.contains(user0.getPrincipal())) { PasswordToken token = null; if (!getCluster().getClientConfig().hasSasl()) { token = new PasswordToken(user0.getPassword()); } conn.securityOperations().createLocalUser(user0.getPrincipal(), token); } try { conn.securityOperations().createLocalUser(user0.getPrincipal(), new PasswordToken("better_fail")); fail("Creating a user that already exists should throw an exception"); } catch (AccumuloSecurityException e) { assertTrue("Expected USER_EXISTS error", SecurityErrorCode.USER_EXISTS == e.getSecurityErrorCode()); String msg = e.getMessage(); assertTrue("Error message didn't contain principal: '" + msg + "'", msg.contains(user0.getPrincipal())); } }
opts.setTableName(names[0]); ClientConfiguration clientConf = cluster.getClientConfig(); if (clientConf.hasSasl()) { opts.updateKerberosCredentials(clientConf); } else { VerifyIngest.Opts vopts = new VerifyIngest.Opts(); vopts.setTableName(names[1]); if (clientConf.hasSasl()) { vopts.updateKerberosCredentials(clientConf); } else {
@Test public void killedTabletServerDuringShutdown() throws Exception { Connector c = getConnector(); String tableName = getUniqueNames(1)[0]; c.tableOperations().create(tableName); OPTS.setTableName(tableName); ClientConfiguration clientConfig = cluster.getClientConfig(); if (clientConfig.hasSasl()) { OPTS.updateKerberosCredentials(clientConfig); } else { OPTS.setPrincipal(getAdminPrincipal()); } TestIngest.ingest(c, OPTS, BWOPTS); try { getCluster().getClusterControl().stopAllServers(ServerType.TABLET_SERVER); getCluster().getClusterControl().adminStopAll(); } finally { getCluster().start(); } }
@Test public void killedTabletServer() throws Exception { Connector c = getConnector(); String tableName = getUniqueNames(1)[0]; c.tableOperations().create(tableName); OPTS.setTableName(tableName); VOPTS.setTableName(tableName); ClientConfiguration clientConfig = cluster.getClientConfig(); if (clientConfig.hasSasl()) { OPTS.updateKerberosCredentials(clientConfig); VOPTS.updateKerberosCredentials(clientConfig); } else { OPTS.setPrincipal(getAdminPrincipal()); VOPTS.setPrincipal(getAdminPrincipal()); } TestIngest.ingest(c, OPTS, BWOPTS); VerifyIngest.verifyIngest(c, VOPTS, SOPTS); cluster.getClusterControl().stopAllServers(ServerType.TABLET_SERVER); cluster.start(); VerifyIngest.verifyIngest(c, VOPTS, SOPTS); }
@Test public void test() throws Exception { Connector c = getConnector(); String tableName = getUniqueNames(1)[0]; c.tableOperations().create(tableName); c.tableOperations().setProperty(tableName, Property.TABLE_SPLIT_THRESHOLD.getKey(), "750K"); TestIngest.Opts opts = new TestIngest.Opts(); VerifyIngest.Opts vopts = new VerifyIngest.Opts(); opts.setTableName(tableName); ClientConfiguration clientConfig = cluster.getClientConfig(); if (clientConfig.hasSasl()) { opts.updateKerberosCredentials(clientConfig); vopts.updateKerberosCredentials(clientConfig); } else { opts.setPrincipal(getAdminPrincipal()); vopts.setPrincipal(getAdminPrincipal()); } TestIngest.ingest(c, opts, new BatchWriterOpts()); vopts.setTableName(tableName); VerifyIngest.verifyIngest(c, vopts, new ScannerOpts()); getCluster().getClusterControl().stopAllServers(ServerType.TABLET_SERVER); getCluster().getClusterControl().startAllServers(ServerType.TABLET_SERVER); VerifyIngest.verifyIngest(c, vopts, new ScannerOpts()); }