Skip to content

Commit 9cd27ea

Browse files
cgivrecgivre
committed
WIP
1 parent f73aacd commit 9cd27ea

File tree

2 files changed

+40
-17
lines changed

2 files changed

+40
-17
lines changed

contrib/storage-phoenix/pom.xml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,6 @@
3939
</properties>
4040

4141
<dependencies>
42-
<!-- Drill -->
4342
<dependency>
4443
<groupId>org.apache.drill.exec</groupId>
4544
<artifactId>drill-java-exec</artifactId>
@@ -231,6 +230,8 @@
231230
-Xms2048m -Xmx2048m
232231
--add-opens=java.base/java.lang=ALL-UNNAMED
233232
--add-opens=java.base/java.util=ALL-UNNAMED
233+
-Dhbase.security.authentication=simple
234+
-Dhadoop.security.authentication=simple
234235
</argLine>
235236
</configuration>
236237
</plugin>

contrib/storage-phoenix/src/test/java/org/apache/drill/exec/store/phoenix/secured/PhoenixEnvironment.java

Lines changed: 38 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -17,29 +17,18 @@
1717
*/
1818
package org.apache.drill.exec.store.phoenix.secured;
1919

20-
import static org.apache.hadoop.hbase.HConstants.HBASE_DIR;
21-
import static org.junit.Assert.assertNotNull;
22-
import static org.junit.Assert.assertTrue;
23-
24-
import java.io.File;
25-
import java.io.IOException;
26-
import java.lang.reflect.Field;
27-
import java.net.InetAddress;
28-
import java.util.AbstractMap;
29-
import java.util.ArrayList;
30-
import java.util.List;
31-
import java.util.Map;
32-
import java.util.UUID;
33-
3420
import org.apache.commons.io.FileUtils;
3521
import org.apache.hadoop.conf.Configuration;
3622
import org.apache.hadoop.fs.Path;
3723
import org.apache.hadoop.hbase.HBaseConfiguration;
3824
import org.apache.hadoop.hbase.HBaseTestingUtility;
3925
import org.apache.hadoop.hbase.HConstants;
4026
import org.apache.hadoop.hbase.LocalHBaseCluster;
27+
import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
4128
import org.apache.hadoop.hbase.security.HBaseKerberosUtils;
4229
import org.apache.hadoop.hbase.security.User;
30+
import org.apache.hadoop.hbase.security.access.AccessController;
31+
import org.apache.hadoop.hbase.security.token.TokenProvider;
4332
import org.apache.hadoop.hdfs.DFSConfigKeys;
4433
import org.apache.hadoop.http.HttpConfig;
4534
import org.apache.hadoop.minikdc.MiniKdc;
@@ -49,6 +38,20 @@
4938
import org.apache.phoenix.util.InstanceResolver;
5039
import org.apache.phoenix.util.PhoenixRuntime;
5140

41+
import java.io.File;
42+
import java.io.IOException;
43+
import java.lang.reflect.Field;
44+
import java.net.InetAddress;
45+
import java.util.AbstractMap;
46+
import java.util.ArrayList;
47+
import java.util.List;
48+
import java.util.Map;
49+
import java.util.UUID;
50+
51+
import static org.apache.hadoop.hbase.HConstants.HBASE_DIR;
52+
import static org.junit.Assert.assertNotNull;
53+
import static org.junit.Assert.assertTrue;
54+
5255
/**
5356
* This is a copy of class from `org.apache.phoenix:phoenix-queryserver-it`,
5457
* see original javadoc in {@code org.apache.phoenix.end2end.QueryServerEnvironment}.
@@ -195,8 +198,7 @@ private static void ensureIsEmptyDirectory(File f) throws IOException {
195198
/**
196199
* Setup and start kerberosed, hbase
197200
*/
198-
public PhoenixEnvironment(final Configuration confIn, int numberOfUsers, boolean tls)
199-
throws Exception {
201+
public PhoenixEnvironment(final Configuration confIn, int numberOfUsers, boolean tls) throws Exception {
200202

201203
Configuration conf = util.getConfiguration();
202204
conf.addResource(confIn);
@@ -228,6 +230,26 @@ public PhoenixEnvironment(final Configuration confIn, int numberOfUsers, boolean
228230
conf.setInt(HConstants.REGIONSERVER_PORT, 0);
229231
conf.setInt(HConstants.REGIONSERVER_INFO_PORT, 0);
230232

233+
conf.set("hadoop.security.authentication", "kerberos");
234+
conf.set("hbase.security.authentication", "kerberos");
235+
236+
File serviceKeytab = getServiceKeytab(); // already generated by your MiniKdc setup
237+
String servicePrincipal = HBaseKerberosUtils.getPrincipalForTesting();
238+
if (serviceKeytab == null || servicePrincipal == null) {
239+
throw new IllegalStateException("MiniKdc did not provide service keytab/principal");
240+
}
241+
242+
conf.set("hbase.master.keytab.file", serviceKeytab.getAbsolutePath());
243+
conf.set("hbase.regionserver.keytab.file", serviceKeytab.getAbsolutePath());
244+
conf.set("hbase.master.kerberos.principal", servicePrincipal);
245+
conf.set("hbase.regionserver.kerberos.principal", servicePrincipal);
246+
247+
// Coprocessors, proxy user configs, etc. (whatever you already have)
248+
conf.setStrings(CoprocessorHost.MASTER_COPROCESSOR_CONF_KEY, AccessController.class.getName());
249+
conf.setStrings(CoprocessorHost.REGIONSERVER_COPROCESSOR_CONF_KEY, AccessController.class.getName());
250+
conf.setStrings(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY,
251+
AccessController.class.getName(), TokenProvider.class.getName());
252+
231253
// Clear the cached singletons so we can inject our own.
232254
InstanceResolver.clearSingletons();
233255
// Make sure the ConnectionInfo doesn't try to pull a default Configuration

0 commit comments

Comments
 (0)