Skip to content

Commit

Permalink
RANGER-1709:kms test case write logs to log file.
Browse files Browse the repository at this point in the history 
Signed-off-by: peng.jianhua <[email protected]>
  • Loading branch information
@pengjianhua
pengjianhua committed Jul 27, 2017
1 parent 96b0c48 commit 1685bac
Show file tree
Hide file tree
Showing 3 changed files with 65 additions and 12 deletions.
32 changes: 20 additions & 12 deletions ...src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
import org.apache.hadoop.crypto.key.kms.server.KMSWebApp;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AuthorizationException;
import org.apache.log4j.Logger;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
Expand All @@ -51,6 +52,8 @@
@RunWith(MockitoJUnitRunner.class)
public class RangerKmsAuthorizerTest {

private static final Logger LOG = Logger.getLogger(RangerKmsAuthorizerTest.class);

private static KMSWebApp kmsWebapp;
private static final boolean UNRESTRICTED_POLICIES_INSTALLED;
static {
Expand Down Expand Up @@ -81,7 +84,12 @@ public static void startServers() throws Exception {
DerbyTestUtils.startDerby();

Path configDir = Paths.get("src/test/resources/kms");
Path logDir = Paths.get("target");

System.setProperty(KMSConfiguration.KMS_CONFIG_DIR, configDir.toFile().getAbsolutePath());
System.setProperty("kms.log.dir", logDir.toFile().getAbsolutePath());
System.setProperty("hostname", "localhost");
System.setProperty("user", "autotest");

// Start KMSWebApp
ServletContextEvent servletContextEvent = Mockito.mock(ServletContextEvent.class);
Expand Down Expand Up @@ -122,7 +130,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.CREATE, ugi2, KMSOp.CREATE_KEY, "newkey2", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand All @@ -137,7 +145,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.CREATE, ugi3, KMSOp.CREATE_KEY, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down Expand Up @@ -169,7 +177,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.DELETE, ugi2, KMSOp.DELETE_KEY, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand All @@ -184,7 +192,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.DELETE, ugi3, KMSOp.DELETE_KEY, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down Expand Up @@ -217,7 +225,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.ROLLOVER, ugi2, KMSOp.ROLL_NEW_VERSION, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand All @@ -232,7 +240,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.ROLLOVER, ugi3, KMSOp.ROLL_NEW_VERSION, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down Expand Up @@ -265,7 +273,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.GET_KEYS, ugi2, KMSOp.GET_KEYS, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down Expand Up @@ -307,7 +315,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.GET_METADATA, ugi2, KMSOp.GET_METADATA, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down Expand Up @@ -350,7 +358,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.GENERATE_EEK, ugi2, KMSOp.GENERATE_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand All @@ -365,7 +373,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.GENERATE_EEK, ugi3, KMSOp.GENERATE_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down Expand Up @@ -398,7 +406,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.DECRYPT_EEK, ugi2, KMSOp.DECRYPT_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand All @@ -413,7 +421,7 @@ public Void run() throws Exception {
KMSWebApp.getACLs().assertAccess(Type.DECRYPT_EEK, ugi3, KMSOp.DECRYPT_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
// expected
LOG.error(ex);
}
return null;
}
Expand Down
40 changes: 40 additions & 0 deletions plugin-kms/src/test/resources/kms/kms-log4j.properties
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License. See accompanying LICENSE file.
#

# If the Java System property 'kms.log.dir' is not defined at KMS start up time
# Setup sets its value to '${kms.home}/logs'

log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms.DatePattern='.'yyyy-MM-dd
log4j.appender.kms.File=${kms.log.dir}/ranger-kms-${hostname}-${user}.log
log4j.appender.kms.Append=true
log4j.appender.kms.layout=org.apache.log4j.PatternLayout
log4j.appender.kms.layout.ConversionPattern=%d{ISO8601} %-5p %c{1} - %m%n

log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender
log4j.appender.kms-audit.DatePattern='.'yyyy-MM-dd
log4j.appender.kms-audit.File=${kms.log.dir}/kms-audit-${hostname}-${user}.log
log4j.appender.kms-audit.Append=true
log4j.appender.kms-audit.layout=org.apache.log4j.PatternLayout
log4j.appender.kms-audit.layout.ConversionPattern=%d{ISO8601} %m%n

log4j.logger.kms-audit=INFO, kms-audit
log4j.additivity.kms-audit=false

log4j.logger=INFO, kms
log4j.rootLogger=WARN, kms
log4j.logger.org.apache.hadoop.conf=INFO
log4j.logger.org.apache.hadoop=INFO
log4j.logger.org.apache.ranger=INFO
log4j.logger.com.sun.jersey.server.wadl.generators.WadlGeneratorJAXBGrammarGenerator=OFF
5 changes: 5 additions & 0 deletions plugin-kms/src/test/resources/kms/kms-site.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,4 +189,9 @@
<name>hadoop.kms.proxyuser.ranger.users</name>
<value>*</value>
</property>

<property>
<name>hadoop.kms.key.authorization.enable</name>
<value>true</value>
</property>
</configuration>

0 comments on commit 1685bac

Please sign in to comment.