diff --git a/hadoop-common-project/hadoop-common/pom.xml b/hadoop-common-project/hadoop-common/pom.xml index 10417eb910..73b4c18b15 100644 --- a/hadoop-common-project/hadoop-common/pom.xml +++ b/hadoop-common-project/hadoop-common/pom.xml @@ -30,7 +30,6 @@ jar - src/test/resources/kdc common true true @@ -462,8 +461,6 @@ maven-surefire-plugin - ${startKdc} - ${kdc.resource.dir} ${runningWithNative} @@ -544,7 +541,6 @@ src/main/native/m4/* src/test/empty-file src/test/all-tests - src/test/resources/kdc/ldif/users.ldif src/main/native/src/org/apache/hadoop/io/compress/lz4/lz4.h src/main/native/src/org/apache/hadoop/io/compress/lz4/lz4.c src/main/native/src/org/apache/hadoop/io/compress/lz4/lz4hc.h @@ -862,87 +858,6 @@ - - - - startKdc - - - startKdc - true - - - - - - org.apache.maven.plugins - maven-enforcer-plugin - - - enforce-os - - enforce - - - - - - mac - unix - - - true - - - - - - org.apache.maven.plugins - maven-antrun-plugin - - - kdc - compile - - run - - - - - - - - - - - - - - - - - - - - - - killKdc - test - - run - - - - - - - - - - - - - parallel-tests diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUGIWithSecurityOn.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUGIWithSecurityOn.java deleted file mode 100644 index 028cc38f1b..0000000000 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestUGIWithSecurityOn.java +++ /dev/null @@ -1,117 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with this - * work for additional information regarding copyright ownership. The ASF - * licenses this file to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - */ -package org.apache.hadoop.security; - -import java.io.IOException; -import java.security.PrivilegedAction; -import java.util.Set; - -import javax.security.auth.kerberos.KerberosPrincipal; - -import org.junit.Assert; -import static org.junit.Assert.*; - - -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod; -import org.junit.Assume; -import org.junit.Before; -import org.junit.Test; - -public class TestUGIWithSecurityOn { - - public static boolean isKdcRunning() { - String startKdc = System.getProperty("startKdc"); - if(startKdc == null || !startKdc.equals("true")) { - return false; - } - return true; - } - - @Before - public void testKdcRunning() { - //Tests are skipped if KDC is not running - Assume.assumeTrue(isKdcRunning()); - } - @Test - public void testLogin() throws IOException { - String nn1keyTabFilepath = System.getProperty("kdc.resource.dir") - + "/keytabs/nn1.keytab"; - String user1keyTabFilepath = System.getProperty("kdc.resource.dir") - + "/keytabs/user1.keytab"; - Configuration conf = new Configuration(); - SecurityUtil.setAuthenticationMethod(AuthenticationMethod.KERBEROS, conf); - UserGroupInformation.setConfiguration(conf); - - UserGroupInformation ugiNn = UserGroupInformation - .loginUserFromKeytabAndReturnUGI("nn1/localhost@EXAMPLE.COM", - nn1keyTabFilepath); - UserGroupInformation ugiDn = UserGroupInformation - .loginUserFromKeytabAndReturnUGI("user1@EXAMPLE.COM", - user1keyTabFilepath); - - Assert.assertEquals(AuthenticationMethod.KERBEROS, - ugiNn.getAuthenticationMethod()); - Assert.assertEquals(AuthenticationMethod.KERBEROS, - ugiDn.getAuthenticationMethod()); - - try { - UserGroupInformation - .loginUserFromKeytabAndReturnUGI("bogus@EXAMPLE.COM", - nn1keyTabFilepath); - Assert.fail("Login should have failed"); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - - @Test - public void testGetUGIFromKerberosSubject() throws IOException { - String user1keyTabFilepath = System.getProperty("kdc.resource.dir") - + "/keytabs/user1.keytab"; - - UserGroupInformation ugi = UserGroupInformation - .loginUserFromKeytabAndReturnUGI("user1@EXAMPLE.COM", - user1keyTabFilepath); - Set principals = ugi.getSubject().getPrincipals( - KerberosPrincipal.class); - if (principals.isEmpty()) { - Assert.fail("There should be a kerberos principal in the subject."); - } - else { - UserGroupInformation ugi2 = UserGroupInformation.getUGIFromSubject( - ugi.getSubject()); - if (ugi2 != null) { - ugi2.doAs(new PrivilegedAction() { - - @Override - public Object run() { - try { - UserGroupInformation ugi3 = UserGroupInformation.getCurrentUser(); - String doAsUserName = ugi3.getUserName(); - assertEquals(doAsUserName, "user1@EXAMPLE.COM"); - System.out.println("DO AS USERNAME: " + doAsUserName); - } catch (IOException e) { - e.printStackTrace(); - } - return null; - } - }); - } - } - } -} diff --git a/hadoop-common-project/hadoop-common/src/test/resources/kdc/killKdc.sh b/hadoop-common-project/hadoop-common/src/test/resources/kdc/killKdc.sh deleted file mode 100644 index a6a3d77a3e..0000000000 --- a/hadoop-common-project/hadoop-common/src/test/resources/kdc/killKdc.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -ps -ef | grep apacheds | grep -v grep | awk '{printf $2"\n"}' | xargs -t --no-run-if-empty kill -9 - diff --git a/hadoop-common-project/hadoop-common/src/test/resources/kdc/ldif/users.ldif b/hadoop-common-project/hadoop-common/src/test/resources/kdc/ldif/users.ldif deleted file mode 100644 index a3d2704949..0000000000 --- a/hadoop-common-project/hadoop-common/src/test/resources/kdc/ldif/users.ldif +++ /dev/null @@ -1,78 +0,0 @@ -dn: dc=example,dc=com -objectClass: dcObject -objectClass: organization -objectClass: top -dc: example -o: example.com - -dn: ou=Users,dc=example,dc=com -objectClass: organizationalUnit -objectClass: top -ou: Users - -dn: uid=user1,ou=Users,dc=example,dc=com -objectClass: top -objectClass: person -objectClass: inetOrgPerson -objectClass: krb5principal -objectClass: krb5kdcentry -cn: user1 Service -sn: Service -uid: user1 -userPassword: secret -krb5PrincipalName: user1@EXAMPLE.COM -krb5KeyVersionNumber: 0 - -dn: uid=krbtgt,ou=Users,dc=example,dc=com -objectClass: top -objectClass: person -objectClass: inetOrgPerson -objectClass: krb5principal -objectClass: krb5kdcentry -cn: KDC Service -sn: Service -uid: krbtgt -userPassword: secret -krb5PrincipalName: krbtgt/EXAMPLE.COM@EXAMPLE.COM -krb5KeyVersionNumber: 0 - -dn: uid=ldap,ou=Users,dc=example,dc=com -objectClass: top -objectClass: person -objectClass: inetOrgPerson -objectClass: krb5principal -objectClass: krb5kdcentry -cn: LDAP -sn: Service -uid: ldap -userPassword: randall -krb5PrincipalName: ldap/localhost@EXAMPLE.COM -krb5KeyVersionNumber: 0 - -dn: uid=nn1,ou=Users,dc=example,dc=com -objectClass: top -objectClass: person -objectClass: inetOrgPerson -objectClass: krb5principal -objectClass: krb5kdcentry -cn: NameNode Service -sn: Service -uid: nn1 -userPassword: secret -krb5PrincipalName: nn1/localhost@EXAMPLE.COM -krb5KeyVersionNumber: 0 - -dn: uid=dn1,ou=Users,dc=example,dc=com -objectClass: top -objectClass: person -objectClass: inetOrgPerson -objectClass: krb5principal -objectClass: krb5kdcentry -cn: DataNode Service -sn: Service -uid: dn1 -userPassword: secret -krb5PrincipalName: dn1/localhost@EXAMPLE.COM -krb5KeyVersionNumber: 0 - - diff --git a/hadoop-common-project/hadoop-common/src/test/resources/kdc/server.xml b/hadoop-common-project/hadoop-common/src/test/resources/kdc/server.xml deleted file mode 100644 index bb8c52a997..0000000000 --- a/hadoop-common-project/hadoop-common/src/test/resources/kdc/server.xml +++ /dev/null @@ -1,258 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #directoryService - - - - - - - - - - - - - - - - - - #directoryService - - - - - - - - - - - - - - example.com - apache.org - - - - - - - - - - - - - - #ldapServer - - - - -