1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 package org.apache.hadoop.hbase.security; 19 20 import org.apache.hadoop.conf.Configuration; 21 import org.apache.hadoop.fs.CommonConfigurationKeys; 22 import org.apache.hadoop.hbase.HBaseConfiguration; 23 import org.apache.hadoop.hbase.classification.InterfaceAudience; 24 25 import com.google.common.base.Strings; 26 27 @InterfaceAudience.Private 28 public class HBaseKerberosUtils { 29 public static final String KRB_PRINCIPAL = "hbase.regionserver.kerberos.principal"; 30 public static final String MASTER_KRB_PRINCIPAL = "hbase.master.kerberos.principal"; 31 public static final String KRB_KEYTAB_FILE = "hbase.regionserver.keytab.file"; 32 isKerberosPropertySetted()33 public static boolean isKerberosPropertySetted() { 34 String krbPrincipal = System.getProperty(KRB_PRINCIPAL); 35 String krbKeytab = System.getProperty(KRB_KEYTAB_FILE); 36 if (Strings.isNullOrEmpty(krbPrincipal) || Strings.isNullOrEmpty(krbKeytab)) { 37 return false; 38 } 39 return true; 40 } 41 setPrincipalForTesting(String principal)42 public static void setPrincipalForTesting(String principal) { 43 setSystemProperty(KRB_PRINCIPAL, principal); 44 } 45 setKeytabFileForTesting(String keytabFile)46 public static void setKeytabFileForTesting(String keytabFile) { 47 setSystemProperty(KRB_KEYTAB_FILE, keytabFile); 48 } 49 setSystemProperty(String propertyName, String propertyValue)50 public static void setSystemProperty(String propertyName, String propertyValue) { 51 System.setProperty(propertyName, propertyValue); 52 } 53 getKeytabFileForTesting()54 public static String getKeytabFileForTesting() { 55 return System.getProperty(KRB_KEYTAB_FILE); 56 } 57 getPrincipalForTesting()58 public static String getPrincipalForTesting() { 59 return System.getProperty(KRB_PRINCIPAL); 60 } 61 getConfigurationWoPrincipal()62 public static Configuration getConfigurationWoPrincipal() { 63 Configuration conf = HBaseConfiguration.create(); 64 conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos"); 65 conf.set(User.HBASE_SECURITY_CONF_KEY, "kerberos"); 66 conf.setBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true); 67 return conf; 68 } 69 getSecuredConfiguration()70 public static Configuration getSecuredConfiguration() { 71 Configuration conf = HBaseConfiguration.create(); 72 setSecuredConfiguration(conf); 73 return conf; 74 } 75 setSecuredConfiguration(Configuration conf)76 public static void setSecuredConfiguration(Configuration conf) { 77 conf.set(CommonConfigurationKeys.HADOOP_SECURITY_AUTHENTICATION, "kerberos"); 78 conf.set(User.HBASE_SECURITY_CONF_KEY, "kerberos"); 79 conf.setBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true); 80 conf.set(KRB_KEYTAB_FILE, System.getProperty(KRB_KEYTAB_FILE)); 81 conf.set(KRB_PRINCIPAL, System.getProperty(KRB_PRINCIPAL)); 82 conf.set(MASTER_KRB_PRINCIPAL, System.getProperty(KRB_PRINCIPAL)); 83 } 84 } 85