Apache9 commented on code in PR #5434:
URL: https://github.com/apache/hbase/pull/5434#discussion_r1367709663
##########
hbase-examples/src/test/java/org/apache/hadoop/hbase/security/provider/example/TestShadeSaslAuthenticationProvider.java:
##########
@@ -219,28 +233,79 @@ public Void run() throws Exception {
@Test
public void testNegativeAuthentication() throws Exception {
- // Validate that we can read that record back out as the user with our
custom auth'n
- final Configuration clientConf = new Configuration(CONF);
- clientConf.setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 3);
- try (Connection conn = ConnectionFactory.createConnection(clientConf)) {
- UserGroupInformation user1 =
- UserGroupInformation.createUserForTesting("user1", new String[0]);
- user1.addToken(
- ShadeClientTokenUtil.obtainToken(conn, "user1", "not a real
password".toCharArray()));
- // Server will close the connection directly once auth failed, so at
client side, we do not
- // know what is the real problem so we will keep retrying, until reached
the max retry times
- // limitation
- assertThrows("Should not successfully authenticate with HBase",
- RetriesExhaustedException.class, () -> user1.doAs(new
PrivilegedExceptionAction<Void>() {
+ List<Pair<String, Class<? extends Exception>>> params = new ArrayList<>();
+ // ZK based connection will fail on the master RPC
+ params.add(new Pair<String, Class<? extends Exception>>(
+ // ZKConnectionRegistry is package-private
+ HConstants.ZK_CONNECTION_REGISTRY_CLASS,
RetriesExhaustedException.class));
+
+ params.forEach((pair) -> {
+ LOG.info("Running negative authentication test for client registry {},
expecting {}",
+ pair.getFirst(), pair.getSecond().getName());
+ // Validate that we can read that record back out as the user with our
custom auth'n
+ final Configuration clientConf = new Configuration(CONF);
+ clientConf.setInt(HConstants.HBASE_CLIENT_RETRIES_NUMBER, 3);
+ clientConf.set(HConstants.CLIENT_CONNECTION_REGISTRY_IMPL_CONF_KEY,
pair.getFirst());
+ try (Connection conn = ConnectionFactory.createConnection(clientConf)) {
+ UserGroupInformation user1 =
+ UserGroupInformation.createUserForTesting("user1", new String[0]);
+ user1.addToken(
+ ShadeClientTokenUtil.obtainToken(conn, "user1", "not a real
password".toCharArray()));
+
+ LOG.info("Executing request to HBase Master which should fail");
+ user1.doAs(new PrivilegedExceptionAction<Void>() {
+ @Override
+ public Void run() throws Exception {
+ try (Connection conn =
ConnectionFactory.createConnection(clientConf);) {
+ conn.getAdmin().listTableDescriptors();
+ fail("Should not successfully authenticate with HBase");
Review Comment:
OK. For assertThrows, I think we can file another issue to fix it. Just
aligning the tests for all branches first is fine for me.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
