joshelser commented on a change in pull request #1260: HBASE-23881 Ensure Netty
client receives at least one response before…
URL: https://github.com/apache/hbase/pull/1260#discussion_r397331715
##########
File path:
hbase-examples/src/test/java/org/apache/hadoop/hbase/security/provider/example/TestShadeSaslAuthenticationProvider.java
##########
@@ -220,26 +235,114 @@ public void testPositiveAuthentication() throws
Exception {
}
}
- @Test(expected = DoNotRetryIOException.class)
- public void testNegativeAuthentication() throws Exception {
- // Validate that we can read that record back out as the user with our
custom auth'n
- final Configuration clientConf = new Configuration(CONF);
- clientConf.setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 3);
- try (Connection conn = ConnectionFactory.createConnection(clientConf)) {
- UserGroupInformation user1 = UserGroupInformation.createUserForTesting(
- "user1", new String[0]);
- user1.addToken(
- ShadeClientTokenUtil.obtainToken(conn, "user1", "not a real
password".toCharArray()));
- user1.doAs(new PrivilegedExceptionAction<Void>() {
- @Override public Void run() throws Exception {
- try (Connection conn =
ConnectionFactory.createConnection(clientConf);
- Table t = conn.getTable(tableName)) {
- t.get(new Get(Bytes.toBytes("r1")));
- fail("Should not successfully authenticate with HBase");
+ @Test
+ public void testNegativeMasterAuthentication() throws Exception {
+ List<Pair<String, Class<? extends Exception>>> params = new ArrayList<>();
+ // Master-based connection will fail to ask the master its cluster ID
+ // as a part of creating the Connection.
+ params.add(new Pair<String, Class<? extends Exception>>(
+ MasterRegistry.class.getName(), MasterRegistryFetchException.class));
+ // ZK based connection will fail on the master RPC
+ params.add(new Pair<String, Class<? extends Exception>>(
+ // ZKConnectionRegistry is package-private
+ "org.apache.hadoop.hbase.client.ZKConnectionRegistry",
RetriesExhaustedException.class));
+
+ params.forEach((pair) -> {
+ LOG.info("Running negative master authentication test for client
registry {}, expecting {}",
+ pair.getFirst(), pair.getSecond().getName());
+ // Validate that we can read that record back out as the user with our
custom auth'n
+ final Configuration clientConf = new Configuration(CONF);
+ clientConf.setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 3);
+ clientConf.set(HConstants.CLIENT_CONNECTION_REGISTRY_IMPL_CONF_KEY,
pair.getFirst());
+ try (Connection conn = ConnectionFactory.createConnection(clientConf)) {
+ UserGroupInformation user1 = UserGroupInformation.createUserForTesting(
+ "user1", new String[0]);
+ user1.addToken(
+ ShadeClientTokenUtil.obtainToken(conn, "user1", "not a real
password".toCharArray()));
+ user1.doAs(new PrivilegedExceptionAction<Void>() {
+ @Override public Void run() throws Exception {
+ try (Connection conn =
ConnectionFactory.createConnection(clientConf);) {
+ conn.getAdmin().listTableDescriptors();
+ fail("Should not successfully authenticate with HBase");
+ } catch (Exception e) {
+ LOG.info("Caught exception in negative Master connectivity
test", e);
+ assertEquals("Found unexpected exception", pair.getSecond(),
e.getClass());
+ validateRootCause(Throwables.getRootCause(e));
+ }
return null;
}
- }
- });
+ });
+ } catch (InterruptedException e) {
+ LOG.error("Caught interrupted exception", e);
+ Thread.currentThread().interrupt();
+ return;
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ });
+ }
+
+ @Test
+ public void testNegativeRegionServerAuthentication() throws Exception {
+ List<Pair<String, Class<? extends Exception>>> params = new ArrayList<>();
+ // Master-based connection will fail to ask the master its cluster ID
+ // as a part of creating the Connection.
+ params.add(new Pair<String, Class<? extends Exception>>(
+ MasterRegistry.class.getName(), MasterRegistryFetchException.class));
+ // ZK based connection will fail on the master RPC
+ params.add(new Pair<String, Class<? extends Exception>>(
+ // ZKConnectionRegistry is package-private
+ "org.apache.hadoop.hbase.client.ZKConnectionRegistry",
RetriesExhaustedException.class));
+
+ params.forEach((pair) -> {
+ LOG.info("Running negative master authentication test for client
registry {}, expecting {}",
+ pair.getFirst(), pair.getSecond().getName());
+ // Validate that we can read that record back out as the user with our
custom auth'n
+ final Configuration clientConf = new Configuration(CONF);
+ clientConf.setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 3);
+ clientConf.set(HConstants.CLIENT_CONNECTION_REGISTRY_IMPL_CONF_KEY,
pair.getFirst());
+ try (Connection conn = ConnectionFactory.createConnection(clientConf)) {
+ UserGroupInformation user1 = UserGroupInformation.createUserForTesting(
+ "user1", new String[0]);
+ user1.addToken(
+ ShadeClientTokenUtil.obtainToken(conn, "user1", "not a real
password".toCharArray()));
+ user1.doAs(new PrivilegedExceptionAction<Void>() {
+ @Override public Void run() throws Exception {
+ // A little contrived because, with MasterRegistry, we'll still
fail on talking
+ // to the HBase master before trying to talk to a RegionServer.
+ try (Connection conn =
ConnectionFactory.createConnection(clientConf);
+ Table t = conn.getTable(tableName)) {
+ t.get(new Get(Bytes.toBytes("r1")));
Review comment:
Good catch! Let me do that :)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
