Example 96 with DrillConfig
use of org.apache.drill.common.config.DrillConfig in project drill by apache.
the class TestUserBitSaslCompatibility method testDisableDrillbitEncryption_EnableClientEncryption.
/**
* Test showing failure before SASL handshake when Drillbit is not configured for encryption whereas client explicitly
* requested for encrypted connection.
* @throws Exception
*/
@Test
public void testDisableDrillbitEncryption_EnableClientEncryption() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain"))).withValue(ExecConstants.USER_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(false)));
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.USER, "anonymous");
connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
connectionProps.setProperty(DrillProperties.SASL_ENCRYPT, "true");
try {
updateTestCluster(1, newConfig, connectionProps);
fail();
} catch (Exception ex) {
assertTrue(ex.getCause() instanceof NonTransientRpcException);
assertTrue(!(ex.getCause().getCause() instanceof SaslException));
}
}
Also used :
DrillConfig(org.apache.drill.common.config.DrillConfig)
NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException)
Properties(java.util.Properties)
DrillProperties(org.apache.drill.common.config.DrillProperties)
SaslException(javax.security.sasl.SaslException)
SaslException(javax.security.sasl.SaslException)
NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException)
Test(org.junit.Test)
SecurityTest(org.apache.drill.categories.SecurityTest)
Example 97 with DrillConfig
use of org.apache.drill.common.config.DrillConfig in project drill by apache.
the class TestUserBitSaslCompatibility method testDisableDrillbitAuth_EnableClientAuthPlain.
/**
* Test showing when Drillbit is not configured for authentication whereas client explicitly requested for PLAIN
* authentication then connection succeeds without authentication.
* @throws Exception
*/
@Test
public void testDisableDrillbitAuth_EnableClientAuthPlain() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(false)));
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.USER, "anonymous");
connectionProps.setProperty(DrillProperties.PASSWORD, "anything works!");
try {
updateTestCluster(1, newConfig, connectionProps);
} catch (Exception ex) {
fail();
}
}
Also used :
DrillConfig(org.apache.drill.common.config.DrillConfig)
Properties(java.util.Properties)
DrillProperties(org.apache.drill.common.config.DrillProperties)
SaslException(javax.security.sasl.SaslException)
NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException)
Test(org.junit.Test)
SecurityTest(org.apache.drill.categories.SecurityTest)
Example 98 with DrillConfig
use of org.apache.drill.common.config.DrillConfig in project drill by apache.
the class TestUserBitSaslCompatibility method testDisableDrillbitAuth_EnableClientAuthKerberos.
/**
* Test showing when Drillbit is not configured for authentication whereas client explicitly requested for Kerberos
* authentication then connection fails due to new check before SASL Handshake.
* @throws Exception
*/
@Test
public void testDisableDrillbitAuth_EnableClientAuthKerberos() throws Exception {
final DrillConfig newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(false)));
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.AUTH_MECHANISM, "kerberos");
try {
updateTestCluster(1, newConfig, connectionProps);
fail();
} catch (Exception ex) {
assertTrue(ex.getCause() instanceof NonTransientRpcException);
assertTrue(!(ex.getCause().getCause() instanceof SaslException));
}
}
Also used :
DrillConfig(org.apache.drill.common.config.DrillConfig)
NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException)
Properties(java.util.Properties)
DrillProperties(org.apache.drill.common.config.DrillProperties)
SaslException(javax.security.sasl.SaslException)
SaslException(javax.security.sasl.SaslException)
NonTransientRpcException(org.apache.drill.exec.rpc.NonTransientRpcException)
Test(org.junit.Test)
SecurityTest(org.apache.drill.categories.SecurityTest)
Example 99 with DrillConfig
use of org.apache.drill.common.config.DrillConfig in project drill by apache.
the class TestBitBitKerberos method queryFailureWithWrongBitAuthConfig.
/**
* Test to validate that query setup fails while scheduling remote fragments when multiple Drillbits are running with
* wrong Bit-to-Bit Authentication configuration.
*
* This test starts up 2 Drillbit so that there are combination of local and remote fragments for query
* execution. Note: When test runs with wrong config then for control connection Drillbit's uses wrong
* service principal to talk to another Drillbit, and due to this Kerby server also fails with NullPointerException.
* But for unit testing this should be fine.
* @throws Exception
*/
@Test
public void queryFailureWithWrongBitAuthConfig() throws Exception {
try {
final Properties connectionProps = new Properties();
connectionProps.setProperty(DrillProperties.SERVICE_PRINCIPAL, krbHelper.SERVER_PRINCIPAL);
connectionProps.setProperty(DrillProperties.USER, krbHelper.CLIENT_PRINCIPAL);
connectionProps.setProperty(DrillProperties.KEYTAB, krbHelper.clientKeytab.getAbsolutePath());
newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.USER_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USER_AUTHENTICATOR_IMPL, ConfigValueFactory.fromAnyRef(UserAuthenticatorTestImpl.TYPE)).withValue(ExecConstants.SERVICE_PRINCIPAL, ConfigValueFactory.fromAnyRef(krbHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.SERVICE_KEYTAB_LOCATION, ConfigValueFactory.fromAnyRef(krbHelper.serverKeytab.toString())).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("plain", "kerberos"))).withValue(ExecConstants.BIT_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.BIT_AUTHENTICATION_MECHANISM, ConfigValueFactory.fromAnyRef("kerberos")).withValue(ExecConstants.USE_LOGIN_PRINCIPAL, ConfigValueFactory.fromAnyRef(false)));
updateTestCluster(2, newConfig, connectionProps);
test("alter session set `planner.slice_target` = 10");
final String query = getFile("queries/tpch/01.sql");
test(query);
fail();
} catch (Exception ex) {
assertTrue(ex instanceof UserRemoteException);
assertTrue(((UserRemoteException) ex).getErrorType() == UserBitShared.DrillPBError.ErrorType.CONNECTION);
}
}
Also used :
DrillConfig(org.apache.drill.common.config.DrillConfig)
UserRemoteException(org.apache.drill.common.exceptions.UserRemoteException)
DrillProperties(org.apache.drill.common.config.DrillProperties)
Properties(java.util.Properties)
RpcException(org.apache.drill.exec.rpc.RpcException)
FragmentSetupException(org.apache.drill.exec.exception.FragmentSetupException)
DrillbitStartupException(org.apache.drill.exec.exception.DrillbitStartupException)
UserRemoteException(org.apache.drill.common.exceptions.UserRemoteException)
IOException(java.io.IOException)
SecurityTest(org.apache.drill.categories.SecurityTest)
Test(org.junit.Test)
Example 100 with DrillConfig
use of org.apache.drill.common.config.DrillConfig in project drill by apache.
the class TestBitBitKerberos method successEncryption.
@Test
public void successEncryption() throws Exception {
final WorkerBee bee = mock(WorkerBee.class);
final WorkEventBus workBus = mock(WorkEventBus.class);
newConfig = new DrillConfig(DrillConfig.create(cloneDefaultTestConfigProperties()).withValue(ExecConstants.AUTHENTICATION_MECHANISMS, ConfigValueFactory.fromIterable(Lists.newArrayList("kerberos"))).withValue(ExecConstants.BIT_AUTHENTICATION_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.BIT_AUTHENTICATION_MECHANISM, ConfigValueFactory.fromAnyRef("kerberos")).withValue(ExecConstants.BIT_ENCRYPTION_SASL_ENABLED, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.USE_LOGIN_PRINCIPAL, ConfigValueFactory.fromAnyRef(true)).withValue(ExecConstants.SERVICE_PRINCIPAL, ConfigValueFactory.fromAnyRef(krbHelper.SERVER_PRINCIPAL)).withValue(ExecConstants.SERVICE_KEYTAB_LOCATION, ConfigValueFactory.fromAnyRef(krbHelper.serverKeytab.toString())));
final ScanResult result = ClassPathScanner.fromPrescan(newConfig);
final BootStrapContext c2 = new BootStrapContext(newConfig, SystemOptionManager.createDefaultOptionDefinitions(), result);
final FragmentManager manager = setupFragmentContextAndManager(c2.getAllocator());
when(workBus.getFragmentManager(Mockito.<FragmentHandle>any())).thenReturn(manager);
final DataConnectionConfig config = new DataConnectionConfig(c2.getAllocator(), c2, new DataServerRequestHandler(workBus, bee));
final DataServer server = new DataServer(config);
port = server.bind(port, true);
DrillbitEndpoint ep = DrillbitEndpoint.newBuilder().setAddress("localhost").setDataPort(port).build();
final DataConnectionManager connectionManager = new DataConnectionManager(ep, config);
final DataTunnel tunnel = new DataTunnel(connectionManager);
AtomicLong max = new AtomicLong(0);
try {
for (int i = 0; i < 40; i++) {
long t1 = System.currentTimeMillis();
tunnel.sendRecordBatch(new TimingOutcome(max), new FragmentWritableBatch(false, QueryId.getDefaultInstance(), 1, 1, 1, 1, getRandomBatch(c2.getAllocator(), 5000)));
}
assertTrue(max.get() > 2700);
Thread.sleep(5000);
} finally {
server.close();
connectionManager.close();
c2.close();
}
}
Also used :
WorkerBee(org.apache.drill.exec.work.WorkManager.WorkerBee)
ScanResult(org.apache.drill.common.scanner.persistence.ScanResult)
FragmentWritableBatch(org.apache.drill.exec.record.FragmentWritableBatch)
DrillbitEndpoint(org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint)
FragmentManager(org.apache.drill.exec.work.fragment.FragmentManager)
WorkEventBus(org.apache.drill.exec.rpc.control.WorkEventBus)
AtomicLong(java.util.concurrent.atomic.AtomicLong)
DrillbitEndpoint(org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint)
DrillConfig(org.apache.drill.common.config.DrillConfig)
BootStrapContext(org.apache.drill.exec.server.BootStrapContext)
SecurityTest(org.apache.drill.categories.SecurityTest)
Test(org.junit.Test)
Aggregations
DrillConfig (org.apache.drill.common.config.DrillConfig)249
Test (org.junit.Test)165
Properties (java.util.Properties)89
SecurityTest (org.apache.drill.categories.SecurityTest)88
DrillProperties (org.apache.drill.common.config.DrillProperties)77
NonTransientRpcException (org.apache.drill.exec.rpc.NonTransientRpcException)32
ScanResult (org.apache.drill.common.scanner.persistence.ScanResult)29
DrillbitContext (org.apache.drill.exec.server.DrillbitContext)28
BeforeClass (org.junit.BeforeClass)25
DrillbitEndpoint (org.apache.drill.exec.proto.CoordinationProtos.DrillbitEndpoint)23
SaslException (javax.security.sasl.SaslException)20
RpcException (org.apache.drill.exec.rpc.RpcException)20
Drillbit (org.apache.drill.exec.server.Drillbit)20
DrillbitStartupException (org.apache.drill.exec.exception.DrillbitStartupException)18
RemoteServiceSet (org.apache.drill.exec.server.RemoteServiceSet)17
BaseTest (org.apache.drill.test.BaseTest)17
ExecTest (org.apache.drill.exec.ExecTest)14
IOException (java.io.IOException)12
IcebergMetastore (org.apache.drill.metastore.iceberg.IcebergMetastore)12
File (java.io.File)10
