ACCESS-38: Create initial Tests for misconfiguration

Review Request #2791 — Created March 27, 2013 and submitted

brock
old-access
master
ACCESS-38
access
Creates initial tests for misconfiguration more to be added, but I'd like to get feedback on my approach. The real meat of the patch is EndToEndTestContext which is a class which can be shared amongst the e2e tests to reduce code duplication and make things easier.
Entire patch is tests.
  • 0
  • 0
  • 1
  • 0
  • 1
Description From Last Updated
brock
shreepadma
  1. Brock - Thanks for doing this! I've some comments on the EndToEndTestContext. 
  2. I'd split the test setup and getconnection into separate methods. The test setup can be shared across many tests, but each one of the tests needs to obtain a separate connection. There are also a sufficiently large number of tests that require multiple connections i.e., tests that exercise the privilege model across different users.
    
    1. I'll refactor the getConnection statement. However, there are two issues with this at present:
      
      1) Each connection appears to store it's state separately when in embedded mode via the client object in the HiveConnection constructor. As such, I wonder if multiple connections for different users will work?
      
      2) Sharing setup across tests creates nasty side affects (e.g table created but not dropped because cleanup fails). I think each test should be independent even if this requires additional setup time. Due to this we should avoid creating redundant tests.
      
  3. Most tests require more than one user to connect. Need a way to specify the username and password from the test.
    1. It's not clear how the username/password will be obtained. For example, in the kerberos case the user/pass on the connection is not used. I am not sure about the ldap case. I'll go back to getConnection().
    2. Yes, in the case of Kerberos/LDAP username/password will not be explicitly passed in as part of the connection string. Even if it is, HS2 will ignore it. But, when run in "no authentication" mode, HS2 uses the passed in username/password. I believe our integration tests will run in "no authentication" mode.
    3. OK, so it used in the no auth case. I wasn't sure since it's not implemented in the binding layer yet: https://github.com/cloudera/access/blob/master/access-binding/access-binding-hive/src/main/java/org/apache/access/binding/hive/HiveAuthzBindingHook.java#L105
    4. I believe there is a ACCESS jira to consume the username passed from Hive.
  4. 
      
brock
shreepadma
brock
Review request changed

Status: Closed (submitted)

Loading...