private ConfigurationCopy createSystemConfig() { Map<String, String> conf = new HashMap<>(); conf.put(Property.INSTANCE_RPC_SASL_ENABLED.getKey(), "false"); conf.put(Property.GC_CYCLE_START.getKey(), "1"); conf.put(Property.GC_CYCLE_DELAY.getKey(), "20"); conf.put(Property.GC_DELETE_THREADS.getKey(), "2"); conf.put(Property.GC_TRASH_IGNORE.getKey(), "false"); conf.put(Property.GC_FILE_ARCHIVE.getKey(), "false"); return new ConfigurationCopy(conf); }
protected void configureForKerberos( MiniAccumuloConfigImpl cfg, File folder, Configuration coreSite, TestingKdc kdc) throws Exception { Map<String, String> siteConfig = cfg.getSiteConfig(); if (TRUE.equals(siteConfig.get(Property.INSTANCE_RPC_SSL_ENABLED.getKey()))) { throw new RuntimeException("Cannot use both SSL and SASL/Kerberos"); } if (TRUE.equals(siteConfig.get(Property.INSTANCE_RPC_SASL_ENABLED.getKey()))) { // already enabled return; } if (null == kdc) { throw new IllegalStateException("MiniClusterKdc was null"); } log.info("Enabling Kerberos/SASL for minicluster"); // Turn on SASL and set the keytab/principal information cfg.setProperty(Property.INSTANCE_RPC_SASL_ENABLED, "true"); ClusterUser serverUser = kdc.getAccumuloServerUser(); cfg.setProperty(Property.GENERAL_KERBEROS_KEYTAB, serverUser.getKeytab().getAbsolutePath()); cfg.setProperty(Property.GENERAL_KERBEROS_PRINCIPAL, serverUser.getPrincipal()); cfg.setProperty( Property.INSTANCE_SECURITY_AUTHENTICATOR, KerberosAuthenticator.class.getName()); cfg.setProperty(Property.INSTANCE_SECURITY_AUTHORIZOR, KerberosAuthorizor.class.getName()); cfg.setProperty( Property.INSTANCE_SECURITY_PERMISSION_HANDLER, KerberosPermissionHandler.class.getName()); // Piggy-back on the "system user" credential, but use it as a normal KerberosToken, not the // SystemToken. cfg.setProperty(Property.TRACE_USER, serverUser.getPrincipal()); cfg.setProperty(Property.TRACE_TOKEN_TYPE, KerberosToken.CLASS_NAME); // Pass down some KRB5 debug properties Map<String, String> systemProperties = cfg.getSystemProperties(); systemProperties.put(JAVA_SECURITY_KRB5_CONF, System.getProperty(JAVA_SECURITY_KRB5_CONF, "")); systemProperties.put( SUN_SECURITY_KRB5_DEBUG, System.getProperty(SUN_SECURITY_KRB5_DEBUG, "false")); cfg.setSystemProperties(systemProperties); // Make sure UserGroupInformation will do the correct login coreSite.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION, "kerberos"); cfg.setRootUserName(kdc.getRootUser().getPrincipal()); }