knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From su...@apache.org
Subject knox git commit: KNOX-651 made the secure tests multi module
Date Thu, 21 Jan 2016 20:19:03 GMT
Repository: knox
Updated Branches:
  refs/heads/master 48b92898c -> fd0d5197b


KNOX-651 made the secure tests multi module


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/fd0d5197
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/fd0d5197
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/fd0d5197

Branch: refs/heads/master
Commit: fd0d5197b3fd3440a598a75771d02f96c3691278
Parents: 48b9289
Author: Sumit Gupta <sumit@apache.org>
Authored: Thu Jan 21 15:18:23 2016 -0500
Committer: Sumit Gupta <sumit@apache.org>
Committed: Thu Jan 21 15:18:56 2016 -0500

----------------------------------------------------------------------
 gateway-test-release/pom.xml                    |   6 +-
 .../hadoop/gateway/GatewayTestConfig.java       | 297 -------------------
 .../hadoop/gateway/GatewayTestDriver.java       | 212 -------------
 .../hadoop/gateway/SecureClusterTest.java       | 291 ------------------
 .../hadoop/gateway/SecureClusterTest/users.ldif |  61 ----
 gateway-test-release/webhdfs-kerb-test/pom.xml  |  53 ++++
 .../hadoop/gateway/GatewayTestConfig.java       | 297 +++++++++++++++++++
 .../hadoop/gateway/GatewayTestDriver.java       | 183 ++++++++++++
 .../hadoop/gateway/SecureClusterTest.java       | 291 ++++++++++++++++++
 .../hadoop/gateway/SecureClusterTest/users.ldif |  61 ++++
 10 files changed, 890 insertions(+), 862 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-test-release/pom.xml b/gateway-test-release/pom.xml
index 8e3b660..f804a5c 100644
--- a/gateway-test-release/pom.xml
+++ b/gateway-test-release/pom.xml
@@ -27,7 +27,11 @@
 
     <artifactId>gateway-test-release</artifactId>
     <name>gateway-test-release</name>
-    <description>Gateway Integration tests parent pom</description>
+    <description>Gateway release tests parent pom</description>
+    <packaging>pom</packaging>
+    <modules>
+        <module>webhdfs-kerb-test</module>
+    </modules>
 
     <dependencies>
         <dependency>

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java b/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java
deleted file mode 100644
index 779eb2d..0000000
--- a/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java
+++ /dev/null
@@ -1,297 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.gateway.config.GatewayConfig;
-
-import java.net.InetSocketAddress;
-import java.net.UnknownHostException;
-import java.util.ArrayList;
-import java.util.List;
-
-public class GatewayTestConfig extends Configuration implements GatewayConfig {
-
-  private String gatewayHomeDir = "gateway-home";
-  private String hadoopConfDir = "hadoop";
-  private String gatewayHost = "localhost";
-  private int gatewayPort = 0;
-  private String gatewayPath = "gateway";
-  private boolean hadoopKerberosSecured = false;
-  private String kerberosConfig = "/etc/knox/conf/krb5.conf";
-  private boolean kerberosDebugEnabled = false;
-  private String kerberosLoginConfig = "/etc/knox/conf/krb5JAASLogin.conf";
-  private String frontendUrl = null;
-  private boolean xForwardedEnabled = true;
-
-  public void setGatewayHomeDir( String gatewayHomeDir ) {
-    this.gatewayHomeDir = gatewayHomeDir;
-  }
-
-  @Override
-  public String getGatewayConfDir() {
-    return gatewayHomeDir;
-  }
-
-  @Override
-  public String getGatewayDataDir() {
-    return gatewayHomeDir;
-  }
-
-  @Override
-  public String getGatewaySecurityDir() {
-    return gatewayHomeDir + "/security";
-  }
-
-  @Override
-  public String getGatewayTopologyDir() {
-    return gatewayHomeDir + "/topologies";
-  }
-
-  @Override
-  public String getGatewayDeploymentDir() {
-    return gatewayHomeDir + "/deployments";
-  }
-
-//  public void setDeploymentDir( String clusterConfDir ) {
-//    this.deployDir = clusterConfDir;
-//  }
-
-  @Override
-  public String getHadoopConfDir() {
-    return hadoopConfDir;
-  }
-
-//  public void setHadoopConfDir( String hadoopConfDir ) {
-//    this.hadoopConfDir = hadoopConfDir;
-//  }
-
-  @Override
-  public String getGatewayHost() {
-    return gatewayHost;
-  }
-
-//  public void setGatewayHost( String gatewayHost ) {
-//    this.gatewayHost = gatewayHost;
-//  }
-
-  @Override
-  public int getGatewayPort() {
-    return gatewayPort;
-  }
-
-//  public void setGatewayPort( int gatewayPort ) {
-//    this.gatewayPort = gatewayPort;
-//  }
-
-  @Override
-  public String getGatewayPath() {
-    return gatewayPath;
-  }
-
-  public void setGatewayPath( String gatewayPath ) {
-    this.gatewayPath = gatewayPath;
-  }
-
-  @Override
-  public InetSocketAddress getGatewayAddress() throws UnknownHostException {
-    return new InetSocketAddress( getGatewayHost(), getGatewayPort() );
-  }
-
-  @Override
-  public boolean isSSLEnabled() {
-    // TODO Auto-generated method stub
-    return false;
-  }
-
-  @Override
-  public boolean isHadoopKerberosSecured() {
-    return hadoopKerberosSecured;
-  }
-
-  public void setHadoopKerberosSecured(boolean hadoopKerberosSecured) {
-    this.hadoopKerberosSecured = hadoopKerberosSecured;
-  }
-  
-  @Override
-  public String getKerberosConfig() {
-    return kerberosConfig;
-  }
-  
-  public void setKerberosConfig(String kerberosConfig) {
-    this.kerberosConfig = kerberosConfig;
-  }
-
-
-  @Override
-  public boolean isKerberosDebugEnabled() {
-    return kerberosDebugEnabled;
-  }
-  
-//  public void setKerberosDebugEnabled(boolean kerberosConfigEnabled) {
-//    this.kerberosDebugEnabled = kerberosDebugEnabled;
-//  }
-  
-  @Override
-  public String getKerberosLoginConfig() {
-    return kerberosLoginConfig;
-  }
-
-  public void setKerberosLoginConfig(String kerberosLoginConfig) {
-    this.kerberosLoginConfig = kerberosLoginConfig;
-  }
-
-  /* (non-Javadoc)
-     * @see org.apache.hadoop.gateway.config.GatewayConfig#getDefaultTopologyName()
-     */
-  @Override
-  public String getDefaultTopologyName() {
-    return "default";
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getDefaultAppRedirectPath()
-   */
-  @Override
-  public String getDefaultAppRedirectPath() {
-    // TODO Auto-generated method stub
-    return "/gateway/sandbox";
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getFrontendUrl()
-   */
-  @Override
-  public String getFrontendUrl() { return frontendUrl; }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getExcludedSSLProtocols()
-   */
-  @Override
-  public List getExcludedSSLProtocols() {
-    List<String> protocols = new ArrayList<String>();
-    protocols.add("SSLv3");
-    return protocols;
-  }
-
-  public void setFrontendUrl( String frontendUrl ) {
-    this.frontendUrl = frontendUrl;
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#isClientAuthNeeded()
-   */
-  @Override
-  public boolean isClientAuthNeeded() {
-    // TODO Auto-generated method stub
-    return false;
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getTruststorePath()
-   */
-  @Override
-  public String getTruststorePath() {
-    // TODO Auto-generated method stub
-    return null;
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getTrustAllCerts()
-   */
-  @Override
-  public boolean getTrustAllCerts() {
-    // TODO Auto-generated method stub
-    return false;
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getTruststoreType()
-   */
-  @Override
-  public String getTruststoreType() {
-    // TODO Auto-generated method stub
-    return null;
-  }
-  
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getKeystoreType()
-   */
-  @Override
-  public String getKeystoreType() {
-    // TODO Auto-generated method stub
-    return null;
-  }
-
-//  public void setKerberosLoginConfig(String kerberosLoginConfig) {
-//   this.kerberosLoginConfig = kerberosLoginConfig;
-//  }
-
-   @Override
-   public String getGatewayServicesDir() {
-      return gatewayHomeDir + "/data/services";
-   }
-
-  @Override
-  public boolean isXForwardedEnabled() {
-    return xForwardedEnabled;
-  }
-
-  public void setXForwardedEnabled(boolean enabled) {
-    xForwardedEnabled = enabled;
-  }
-
-  /* (non-Javadoc)
-   * @see org.apache.hadoop.gateway.config.GatewayConfig#getEphemeralDHKeySize()
-   */
-  @Override
-  public String getEphemeralDHKeySize() {
-    return "2048";
-  }
-
-  @Override
-  public int getHttpClientMaxConnections() {
-    return 16;
-  }
-
-  @Override
-  public int getThreadPoolMax() {
-    return 16;
-  }
-
-  @Override
-  public int getHttpServerRequestBuffer() {
-    return 16*1024;
-  }
-
-  @Override
-  public int getHttpServerRequestHeaderBuffer() {
-    return 8*1024;
-  }
-
-  @Override
-  public int getHttpServerResponseBuffer() {
-    return 32*1024;
-  }
-
-  @Override
-  public int getHttpServerResponseHeaderBuffer() {
-    return 8*1024;
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java b/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java
deleted file mode 100644
index 6401584..0000000
--- a/gateway-test-release/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java
+++ /dev/null
@@ -1,212 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway;
-
-import com.mycila.xmltool.XMLTag;
-import org.apache.commons.io.FileUtils;
-import org.apache.directory.server.protocol.shared.transport.TcpTransport;
-import org.apache.hadoop.gateway.config.GatewayConfig;
-import org.apache.hadoop.gateway.security.ldap.SimpleLdapDirectoryServer;
-import org.apache.hadoop.gateway.services.DefaultGatewayServices;
-import org.apache.hadoop.gateway.services.ServiceLifecycleException;
-import org.hamcrest.MatcherAssert;
-import org.hamcrest.Matchers;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.InetAddress;
-import java.net.ServerSocket;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.net.URL;
-import java.net.UnknownHostException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.UUID;
-
-import static org.hamcrest.CoreMatchers.notNullValue;
-import static org.junit.Assert.assertThat;
-
-public class GatewayTestDriver {
-
-  private static Logger log = LoggerFactory.getLogger(GatewayTestDriver.class);
-
-  public Class<?> resourceBaseClass;
-  public SimpleLdapDirectoryServer ldap;
-  public TcpTransport ldapTransport;
-  public boolean useGateway;
-  public GatewayServer gateway;
-  public GatewayConfig config;
-  public String clusterName;
-
-  /**
-   * Sets the class from which relative test resource names should be resolved.
-   * @param resourceBaseClass The class from which relative test resource names should be resolved.
-   */
-  public void setResourceBase( Class<?> resourceBaseClass ) {
-    this.resourceBaseClass = resourceBaseClass;
-  }
-
-  /**
-   * Starts an embedded LDAP server of the specified port.
-   * @param port The desired port the LDAP server should listen on.
-   * @return The actual port the LDAP server is listening on.
-   * @throws Exception Thrown if a failure occurs.
-   */
-  public int setupLdap( int port ) throws Exception {
-    URL usersUrl = getResourceUrl( "users.ldif" );
-    ldapTransport = new TcpTransport( port );
-    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", new File( usersUrl.toURI() ), ldapTransport );
-    ldap.start();
-    log.info( "LDAP port = " + port );
-    return port;
-  }
-
-
-  /**
-   * Creates a GATEWAY_HOME, starts a gateway instance and deploys a test topology.
-   */
-  public void setupGateway( GatewayTestConfig config, String cluster, XMLTag topology, boolean use ) throws Exception {
-    this.useGateway = use;
-    this.config = config;
-    this.clusterName = cluster;
-
-    File targetDir = new File( System.getProperty( "user.dir" ), "target" );
-    File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
-    gatewayDir.mkdirs();
-
-    config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
-
-    File topoDir = new File( config.getGatewayTopologyDir() );
-    topoDir.mkdirs();
-
-    File deployDir = new File( config.getGatewayDeploymentDir() );
-    deployDir.mkdirs();
-
-    File descriptor = new File( topoDir, cluster + ".xml" );
-    FileOutputStream stream = new FileOutputStream( descriptor );
-    topology.toStream( stream );
-    stream.close();
-
-    DefaultGatewayServices srvcs = new DefaultGatewayServices();
-    Map<String,String> options = new HashMap<String,String>();
-    options.put("persist-master", "false");
-    options.put("master", "password");
-    try {
-      srvcs.init(config, options);
-    } catch (ServiceLifecycleException e) {
-      e.printStackTrace(); // I18N not required.
-    }
-    File stacksDir = new File( config.getGatewayServicesDir() );
-    stacksDir.mkdirs();
-    //TODO: [sumit] This is a hack for now, need to find a better way to locate the source resources for 'stacks' to be tested
-    String pathToStacksSource = "gateway-service-definitions/src/main/resources/services";
-    File stacksSourceDir = new File( targetDir.getParent(), pathToStacksSource);
-    if (!stacksSourceDir.exists()) {
-      stacksSourceDir = new File( targetDir.getParentFile().getParent(), pathToStacksSource);
-    }
-    if (stacksSourceDir.exists()) {
-      FileUtils.copyDirectoryToDirectory(stacksSourceDir, stacksDir);
-    }
-
-    gateway = GatewayServer.startGateway(config, srvcs);
-    MatcherAssert.assertThat("Failed to start gateway.", gateway, notNullValue());
-
-    log.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
-  }
-
-  public void cleanup() throws Exception {
-    gateway.stop();
-    FileUtils.deleteQuietly( new File( config.getGatewayTopologyDir() ) );
-    FileUtils.deleteQuietly( new File( config.getGatewayConfDir() ) );
-    FileUtils.deleteQuietly( new File( config.getGatewaySecurityDir() ) );
-    FileUtils.deleteQuietly( new File( config.getGatewayDeploymentDir() ) );
-    FileUtils.deleteQuietly( new File( config.getGatewayDataDir() ) );
-    FileUtils.deleteQuietly( new File( config.getGatewayServicesDir() ) );
-
-
-    ldap.stop( true );
-  }
-
-
-  public String getResourceBaseName() {
-    return resourceBaseClass.getName().replaceAll( "\\.", "/" ) + "/";
-  }
-
-  public String getResourceName( String resource ) {
-    return getResourceBaseName() + resource;
-  }
-
-  public URL getResourceUrl( String resource ) {
-    URL url = ClassLoader.getSystemResource( getResourceName( resource ) );
-    assertThat( "Failed to find test resource " + resource, url, Matchers.notNullValue() );
-    return url;
-  }
-
-  public InputStream getResourceStream( String resource ) throws IOException {
-    InputStream stream = null;
-    if( resource.startsWith( "file:/" ) ) {
-      try {
-        stream = FileUtils.openInputStream( new File( new URI( resource ) ) );
-      } catch( URISyntaxException e ) {
-        throw new IOException( e  );
-      }
-    } else {
-      stream = ClassLoader.getSystemResourceAsStream( getResourceName( resource ) );
-    }
-    assertThat( "Failed to find test resource " + resource, stream, Matchers.notNullValue() );
-    return stream;
-  }
-
-  public static int findFreePort() throws IOException {
-    ServerSocket socket = new ServerSocket(0);
-    int port = socket.getLocalPort();
-    socket.close();
-    return port;
-  }
-
-  public String getLdapUrl() {
-    return "ldap://localhost:" + ldapTransport.getPort();
-  }
-
-  public String getClusterUrl() {
-    String url;
-    String localHostName = getLocalHostName();
-    url = "http://" + localHostName + ":" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath() + "/" + clusterName;
-    return url;
-  }
-
-  public int getGatewayPort() {
-    return gateway.getAddresses()[0].getPort();
-  }
-
-  private String getLocalHostName() {
-    String hostName = "localhost";
-    try {
-      hostName = InetAddress.getByName("127.0.0.1").getHostName();
-    } catch( UnknownHostException e ) {
-      // Ignore and use the default.
-    }
-    return hostName;
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java b/gateway-test-release/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java
deleted file mode 100644
index 2638b1c..0000000
--- a/gateway-test-release/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java
+++ /dev/null
@@ -1,291 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway;
-
-import com.mycila.xmltool.XMLDoc;
-import com.mycila.xmltool.XMLTag;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.hdfs.HdfsConfiguration;
-import org.apache.hadoop.hdfs.MiniDFSCluster;
-import org.apache.hadoop.http.HttpConfig;
-import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
-import org.apache.hadoop.test.category.ReleaseTest;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpRequest;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.BasicUserPrincipal;
-import org.apache.http.auth.Credentials;
-import org.apache.http.client.CredentialsProvider;
-import org.apache.http.client.methods.CloseableHttpResponse;
-import org.apache.http.impl.client.BasicCredentialsProvider;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
-import org.apache.http.message.BasicHttpRequest;
-import org.apache.http.util.EntityUtils;
-import org.apache.log4j.PropertyConfigurator;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import java.io.File;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.net.ServerSocket;
-import java.security.Principal;
-import java.util.Properties;
-
-import static org.apache.hadoop.hdfs.DFSConfigKeys.*;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-
-@Category(ReleaseTest.class)
-public class SecureClusterTest {
-
-  private static MiniDFSCluster miniDFSCluster;
-  private static MiniKdc kdc;
-  private static HdfsConfiguration configuration;
-  private static int nameNodeHttpPort;
-  private static String userName;
-
-  private static GatewayTestDriver driver = new GatewayTestDriver();
-  private static File baseDir;
-
-  @BeforeClass
-  public static void setupSuite() throws Exception {
-    nameNodeHttpPort = findFreePort();
-    configuration = new HdfsConfiguration();
-    baseDir = new File(KeyStoreTestUtil.getClasspathDir(SecureClusterTest.class));
-    System.setProperty(MiniDFSCluster.PROP_TEST_BUILD_DATA, baseDir.getAbsolutePath());
-    initKdc();
-    miniDFSCluster = new MiniDFSCluster.Builder(configuration)
-        .nameNodePort(20112)
-        .nameNodeHttpPort(nameNodeHttpPort)
-        .numDataNodes(0)
-        .format(true)
-        .racks(null)
-        .build();
-  }
-
-  private static void initKdc() throws Exception {
-    Properties kdcConf = MiniKdc.createConf();
-    kdc = new MiniKdc(kdcConf, baseDir);
-    kdc.start();
-
-    configuration = new HdfsConfiguration();
-    SecurityUtil.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS, configuration);
-    UserGroupInformation.setConfiguration(configuration);
-    assertTrue("Expected configuration to enable security", UserGroupInformation.isSecurityEnabled());
-    userName = UserGroupInformation.createUserForTesting("guest", new String[] {"users"}).getUserName();
-    File keytabFile = new File(baseDir, userName + ".keytab");
-    String keytab = keytabFile.getAbsolutePath();
-    // Windows will not reverse name lookup "127.0.0.1" to "localhost".
-    String krbInstance = Path.WINDOWS ? "127.0.0.1" : "localhost";
-    kdc.createPrincipal(keytabFile, userName + "/" + krbInstance, "HTTP/" + krbInstance);
-    String hdfsPrincipal = userName + "/" + krbInstance + "@" + kdc.getRealm();
-    String spnegoPrincipal = "HTTP/" + krbInstance + "@" + kdc.getRealm();
-
-    configuration.set(DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
-    configuration.set(DFS_NAMENODE_KEYTAB_FILE_KEY, keytab);
-    configuration.set(DFS_DATANODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
-    configuration.set(DFS_DATANODE_KEYTAB_FILE_KEY, keytab);
-    configuration.set(DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY, spnegoPrincipal);
-    configuration.set(DFS_JOURNALNODE_KEYTAB_FILE_KEY, keytab);
-    configuration.set(DFS_JOURNALNODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
-    configuration.set(DFS_JOURNALNODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY, spnegoPrincipal);
-    configuration.setBoolean(DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY, true);
-    configuration.set(DFS_DATA_ENCRYPTION_ALGORITHM_KEY, "authentication");
-    configuration.set(DFS_HTTP_POLICY_KEY, HttpConfig.Policy.HTTP_AND_HTTPS.name());
-    configuration.set(DFS_NAMENODE_HTTPS_ADDRESS_KEY, "localhost:0");
-    configuration.set(DFS_DATANODE_HTTPS_ADDRESS_KEY, "localhost:0");
-    configuration.set(DFS_JOURNALNODE_HTTPS_ADDRESS_KEY, "localhost:0");
-    configuration.setInt(IPC_CLIENT_CONNECT_MAX_RETRIES_KEY, 10);
-    configuration.set("hadoop.proxyuser." + userName + ".hosts", "*");
-    configuration.set("hadoop.proxyuser." + userName + ".groups", "*");
-    configuration.setBoolean("dfs.permissions", true);
-
-    String keystoresDir = baseDir.getAbsolutePath();
-    File sslClientConfFile = new File(keystoresDir + "/ssl-client.xml");
-    File sslServerConfFile = new File(keystoresDir + "/ssl-server.xml");
-    KeyStoreTestUtil.setupSSLConfig(keystoresDir, keystoresDir, configuration, false);
-    configuration.set(DFS_CLIENT_HTTPS_KEYSTORE_RESOURCE_KEY,
-        sslClientConfFile.getName());
-    configuration.set(DFS_SERVER_HTTPS_KEYSTORE_RESOURCE_KEY,
-        sslServerConfFile.getName());
-
-    setupKnox(keytab, hdfsPrincipal);
-  }
-
-  private static void setupKnox(String keytab, String hdfsPrincipal) throws Exception {
-    //kerberos setup for http client
-    File jaasConf = setupJaasConf(baseDir, keytab, hdfsPrincipal);
-    System.setProperty("java.security.krb5.conf", kdc.getKrb5conf().getAbsolutePath());
-    System.setProperty("java.security.auth.login.config", jaasConf.getAbsolutePath());
-    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
-    System.setProperty("sun.security.krb5.debug", "true");
-
-    //knox setup
-    System.setProperty("gateway.hadoop.kerberos.secured", "true");
-    GatewayTestConfig config = new GatewayTestConfig();
-    config.setGatewayPath( "gateway" );
-    config.setHadoopKerberosSecured(true);
-    config.setKerberosConfig(kdc.getKrb5conf().getAbsolutePath());
-    config.setKerberosLoginConfig(jaasConf.getAbsolutePath());
-    driver.setResourceBase(SecureClusterTest.class);
-    driver.setupLdap(findFreePort());
-    driver.setupGateway(config, "cluster", createTopology(), true);
-  }
-
-  @AfterClass
-  public static void cleanupSuite() throws Exception {
-    kdc.stop();
-    miniDFSCluster.shutdown();
-    driver.cleanup();
-  }
-
-  @Test
-  public void basicGetUserHomeRequest() throws Exception {
-    setupLogging();
-    CloseableHttpClient client = getHttpClient();
-    String method = "GET";
-    String uri = driver.getClusterUrl() + "/webhdfs/v1?op=GETHOMEDIRECTORY";
-    HttpHost target = new HttpHost("localhost", driver.getGatewayPort(), "http");
-    HttpRequest request = new BasicHttpRequest(method, uri);
-    CloseableHttpResponse response = client.execute(target, request);
-    String json = EntityUtils.toString(response.getEntity());
-    response.close();
-    System.out.println(json);
-    assertEquals("{\"Path\":\"/user/" + userName + "\"}", json);
-  }
-
-  private CloseableHttpClient getHttpClient() {
-    CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
-    credentialsProvider.setCredentials(AuthScope.ANY, new Credentials() {
-      @Override
-      public Principal getUserPrincipal() {
-        return new BasicUserPrincipal("guest");
-      }
-
-      @Override
-      public String getPassword() {
-        return "guest-password";
-      }
-    });
-
-    return HttpClients.custom()
-        .setDefaultCredentialsProvider(credentialsProvider)
-        .build();
-  }
-
-  private static void setupLogging() {
-    PropertyConfigurator.configure(ClassLoader.getSystemResource("log4j.properties"));
-  }
-
-  private static File setupJaasConf(File baseDir, String keyTabFile, String principal) throws IOException {
-    File file = new File(baseDir, "jaas.conf");
-    if (!file.exists()) {
-      file.createNewFile();
-    } else {
-      file.delete();
-      file.createNewFile();
-    }
-    FileWriter writer = new FileWriter(file);
-    String content = String.format("com.sun.security.jgss.initiate {\n" +
-        "com.sun.security.auth.module.Krb5LoginModule required\n" +
-        "renewTGT=true\n" +
-        "doNotPrompt=true\n" +
-        "useKeyTab=true\n" +
-        "keyTab=\"%s\"\n" +
-        "principal=\"%s\"\n" +
-        "isInitiator=true\n" +
-        "storeKey=true\n" +
-        "useTicketCache=true\n" +
-        "client=true;\n" +
-        "};\n", keyTabFile, principal);
-    writer.write(content);
-    writer.close();
-    return file;
-  }
-
-  /**
-   * Creates a topology that is deployed to the gateway instance for the test suite.
-   * Note that this topology is shared by all of the test methods in this suite.
-   * @return A populated XML structure for a topology file.
-   */
-  private static XMLTag createTopology() {
-    XMLTag xml = XMLDoc.newDocument(true)
-        .addRoot("topology")
-        .addTag( "gateway" )
-        .addTag( "provider" )
-        .addTag("role").addText("webappsec")
-        .addTag("name").addText("WebAppSec")
-        .addTag("enabled").addText("true")
-        .addTag( "param" )
-        .addTag("name").addText("csrf.enabled")
-        .addTag("value").addText("true").gotoParent().gotoParent()
-        .addTag("provider")
-        .addTag("role").addText("authentication")
-        .addTag("name").addText("ShiroProvider")
-        .addTag("enabled").addText("true")
-        .addTag( "param" )
-        .addTag("name").addText("main.ldapRealm")
-        .addTag("value").addText("org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm").gotoParent()
-        .addTag( "param" )
-        .addTag("name").addText("main.ldapRealm.userDnTemplate")
-        .addTag( "value" ).addText("uid={0},ou=people,dc=hadoop,dc=apache,dc=org").gotoParent()
-        .addTag( "param" )
-        .addTag("name").addText("main.ldapRealm.contextFactory.url")
-        .addTag( "value" ).addText(driver.getLdapUrl()).gotoParent()
-        .addTag( "param" )
-        .addTag("name").addText("main.ldapRealm.contextFactory.authenticationMechanism")
-        .addTag( "value" ).addText("simple").gotoParent()
-        .addTag( "param" )
-        .addTag("name").addText("urls./**")
-        .addTag( "value" ).addText("authcBasic").gotoParent().gotoParent()
-        .addTag("provider")
-        .addTag("role").addText("identity-assertion")
-        .addTag("enabled").addText("true")
-        .addTag("name").addText("Default").gotoParent()
-        .addTag("provider")
-        .addTag( "role" ).addText( "authorization" )
-        .addTag( "enabled" ).addText( "true" )
-        .addTag("name").addText("AclsAuthz").gotoParent()
-        .addTag("param")
-        .addTag("name").addText( "webhdfs-acl" )
-        .addTag("value").addText("hdfs;*;*").gotoParent()
-        .gotoRoot()
-        .addTag("service")
-        .addTag("role").addText("WEBHDFS")
-        .addTag("url").addText("http://localhost:" + nameNodeHttpPort + "/webhdfs/").gotoParent()
-        .gotoRoot();
-//     System.out.println( "GATEWAY=" + xml.toString() );
-    return xml;
-  }
-
-  private static int findFreePort() throws IOException {
-    ServerSocket socket = new ServerSocket(0);
-    int port = socket.getLocalPort();
-    socket.close();
-    return port;
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-test-release/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif b/gateway-test-release/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif
deleted file mode 100644
index d82e99a..0000000
--- a/gateway-test-release/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif
+++ /dev/null
@@ -1,61 +0,0 @@
-##########################################################################
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-##########################################################################
-
-version: 1
-
-dn: dc=hadoop,dc=apache,dc=org
-objectclass: organization
-objectclass: dcObject
-o: Hadoop
-dc: hadoop
-
-dn: ou=people,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:organizationalUnit
-ou: people
-
-dn: ou=groups,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:organizationalUnit
-ou: groups
-
-dn: uid=hdfs,ou=people,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:person
-objectclass:organizationalPerson
-objectclass:inetOrgPerson
-cn: LarryWalls
-sn: Walls
-uid: hdfs
-userPassword:hdfs-password
-
-dn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:person
-objectclass:organizationalPerson
-objectclass:inetOrgPerson
-cn: Guest
-sn: Guest
-uid: guest
-userPassword:guest-password
-
-dn: cn=admin,ou=groups,dc=hadoop,dc=apache,dc=org
-objectclass:top
-objectclass:groupOfNames
-cn: admin
-member: uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/webhdfs-kerb-test/pom.xml
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/pom.xml b/gateway-test-release/webhdfs-kerb-test/pom.xml
new file mode 100644
index 0000000..6045e96
--- /dev/null
+++ b/gateway-test-release/webhdfs-kerb-test/pom.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <artifactId>gateway-test-release</artifactId>
+        <groupId>org.apache.knox</groupId>
+        <version>0.8.0-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>webhdfs-kerb-test</artifactId>
+    <name>webhdfs-kerb-test</name>
+    <description>Tests for WebHDFS integration with Knox and Kerberos enabled</description>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>${surefire-version}</version>
+                <configuration>
+                    <forkCount>1</forkCount>
+                    <reuseForks>false</reuseForks>
+                    <systemPropertyVariables>
+                        <gateway-version>${gateway-version}</gateway-version>
+                    </systemPropertyVariables>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-failsafe-plugin</artifactId>
+                <version>${failsafe-version}</version>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java
new file mode 100644
index 0000000..779eb2d
--- /dev/null
+++ b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestConfig.java
@@ -0,0 +1,297 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.gateway.config.GatewayConfig;
+
+import java.net.InetSocketAddress;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.List;
+
+public class GatewayTestConfig extends Configuration implements GatewayConfig {
+
+  private String gatewayHomeDir = "gateway-home";
+  private String hadoopConfDir = "hadoop";
+  private String gatewayHost = "localhost";
+  private int gatewayPort = 0;
+  private String gatewayPath = "gateway";
+  private boolean hadoopKerberosSecured = false;
+  private String kerberosConfig = "/etc/knox/conf/krb5.conf";
+  private boolean kerberosDebugEnabled = false;
+  private String kerberosLoginConfig = "/etc/knox/conf/krb5JAASLogin.conf";
+  private String frontendUrl = null;
+  private boolean xForwardedEnabled = true;
+
+  public void setGatewayHomeDir( String gatewayHomeDir ) {
+    this.gatewayHomeDir = gatewayHomeDir;
+  }
+
+  @Override
+  public String getGatewayConfDir() {
+    return gatewayHomeDir;
+  }
+
+  @Override
+  public String getGatewayDataDir() {
+    return gatewayHomeDir;
+  }
+
+  @Override
+  public String getGatewaySecurityDir() {
+    return gatewayHomeDir + "/security";
+  }
+
+  @Override
+  public String getGatewayTopologyDir() {
+    return gatewayHomeDir + "/topologies";
+  }
+
+  @Override
+  public String getGatewayDeploymentDir() {
+    return gatewayHomeDir + "/deployments";
+  }
+
+//  public void setDeploymentDir( String clusterConfDir ) {
+//    this.deployDir = clusterConfDir;
+//  }
+
+  @Override
+  public String getHadoopConfDir() {
+    return hadoopConfDir;
+  }
+
+//  public void setHadoopConfDir( String hadoopConfDir ) {
+//    this.hadoopConfDir = hadoopConfDir;
+//  }
+
+  @Override
+  public String getGatewayHost() {
+    return gatewayHost;
+  }
+
+//  public void setGatewayHost( String gatewayHost ) {
+//    this.gatewayHost = gatewayHost;
+//  }
+
+  @Override
+  public int getGatewayPort() {
+    return gatewayPort;
+  }
+
+//  public void setGatewayPort( int gatewayPort ) {
+//    this.gatewayPort = gatewayPort;
+//  }
+
+  @Override
+  public String getGatewayPath() {
+    return gatewayPath;
+  }
+
+  public void setGatewayPath( String gatewayPath ) {
+    this.gatewayPath = gatewayPath;
+  }
+
+  @Override
+  public InetSocketAddress getGatewayAddress() throws UnknownHostException {
+    return new InetSocketAddress( getGatewayHost(), getGatewayPort() );
+  }
+
+  @Override
+  public boolean isSSLEnabled() {
+    // TODO Auto-generated method stub
+    return false;
+  }
+
+  @Override
+  public boolean isHadoopKerberosSecured() {
+    return hadoopKerberosSecured;
+  }
+
+  public void setHadoopKerberosSecured(boolean hadoopKerberosSecured) {
+    this.hadoopKerberosSecured = hadoopKerberosSecured;
+  }
+  
+  @Override
+  public String getKerberosConfig() {
+    return kerberosConfig;
+  }
+  
+  public void setKerberosConfig(String kerberosConfig) {
+    this.kerberosConfig = kerberosConfig;
+  }
+
+
+  @Override
+  public boolean isKerberosDebugEnabled() {
+    return kerberosDebugEnabled;
+  }
+  
+//  public void setKerberosDebugEnabled(boolean kerberosConfigEnabled) {
+//    this.kerberosDebugEnabled = kerberosDebugEnabled;
+//  }
+  
+  @Override
+  public String getKerberosLoginConfig() {
+    return kerberosLoginConfig;
+  }
+
+  public void setKerberosLoginConfig(String kerberosLoginConfig) {
+    this.kerberosLoginConfig = kerberosLoginConfig;
+  }
+
+  /* (non-Javadoc)
+     * @see org.apache.hadoop.gateway.config.GatewayConfig#getDefaultTopologyName()
+     */
+  @Override
+  public String getDefaultTopologyName() {
+    return "default";
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getDefaultAppRedirectPath()
+   */
+  @Override
+  public String getDefaultAppRedirectPath() {
+    // TODO Auto-generated method stub
+    return "/gateway/sandbox";
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getFrontendUrl()
+   */
+  @Override
+  public String getFrontendUrl() { return frontendUrl; }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getExcludedSSLProtocols()
+   */
+  @Override
+  public List getExcludedSSLProtocols() {
+    List<String> protocols = new ArrayList<String>();
+    protocols.add("SSLv3");
+    return protocols;
+  }
+
+  public void setFrontendUrl( String frontendUrl ) {
+    this.frontendUrl = frontendUrl;
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#isClientAuthNeeded()
+   */
+  @Override
+  public boolean isClientAuthNeeded() {
+    // TODO Auto-generated method stub
+    return false;
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getTruststorePath()
+   */
+  @Override
+  public String getTruststorePath() {
+    // TODO Auto-generated method stub
+    return null;
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getTrustAllCerts()
+   */
+  @Override
+  public boolean getTrustAllCerts() {
+    // TODO Auto-generated method stub
+    return false;
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getTruststoreType()
+   */
+  @Override
+  public String getTruststoreType() {
+    // TODO Auto-generated method stub
+    return null;
+  }
+  
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getKeystoreType()
+   */
+  @Override
+  public String getKeystoreType() {
+    // TODO Auto-generated method stub
+    return null;
+  }
+
+//  public void setKerberosLoginConfig(String kerberosLoginConfig) {
+//   this.kerberosLoginConfig = kerberosLoginConfig;
+//  }
+
+   @Override
+   public String getGatewayServicesDir() {
+      return gatewayHomeDir + "/data/services";
+   }
+
+  @Override
+  public boolean isXForwardedEnabled() {
+    return xForwardedEnabled;
+  }
+
+  public void setXForwardedEnabled(boolean enabled) {
+    xForwardedEnabled = enabled;
+  }
+
+  /* (non-Javadoc)
+   * @see org.apache.hadoop.gateway.config.GatewayConfig#getEphemeralDHKeySize()
+   */
+  @Override
+  public String getEphemeralDHKeySize() {
+    return "2048";
+  }
+
+  @Override
+  public int getHttpClientMaxConnections() {
+    return 16;
+  }
+
+  @Override
+  public int getThreadPoolMax() {
+    return 16;
+  }
+
+  @Override
+  public int getHttpServerRequestBuffer() {
+    return 16*1024;
+  }
+
+  @Override
+  public int getHttpServerRequestHeaderBuffer() {
+    return 8*1024;
+  }
+
+  @Override
+  public int getHttpServerResponseBuffer() {
+    return 32*1024;
+  }
+
+  @Override
+  public int getHttpServerResponseHeaderBuffer() {
+    return 8*1024;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java
new file mode 100644
index 0000000..95a4964
--- /dev/null
+++ b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/GatewayTestDriver.java
@@ -0,0 +1,183 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway;
+
+import com.mycila.xmltool.XMLTag;
+import org.apache.commons.io.FileUtils;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.hadoop.gateway.config.GatewayConfig;
+import org.apache.hadoop.gateway.security.ldap.SimpleLdapDirectoryServer;
+import org.apache.hadoop.gateway.services.DefaultGatewayServices;
+import org.apache.hadoop.gateway.services.ServiceLifecycleException;
+import org.hamcrest.MatcherAssert;
+import org.hamcrest.Matchers;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.net.InetAddress;
+import java.net.URL;
+import java.net.UnknownHostException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.junit.Assert.assertThat;
+
+public class GatewayTestDriver {
+
+  private static Logger log = LoggerFactory.getLogger(GatewayTestDriver.class);
+
+  public Class<?> resourceBaseClass;
+  public SimpleLdapDirectoryServer ldap;
+  public TcpTransport ldapTransport;
+  public boolean useGateway;
+  public GatewayServer gateway;
+  public GatewayConfig config;
+  public String clusterName;
+
+  /**
+   * Sets the class from which relative test resource names should be resolved.
+   * @param resourceBaseClass The class from which relative test resource names should be resolved.
+   */
+  public void setResourceBase( Class<?> resourceBaseClass ) {
+    this.resourceBaseClass = resourceBaseClass;
+  }
+
+  /**
+   * Starts an embedded LDAP server of the specified port.
+   * @param port The desired port the LDAP server should listen on.
+   * @return The actual port the LDAP server is listening on.
+   * @throws Exception Thrown if a failure occurs.
+   */
+  public int setupLdap( int port ) throws Exception {
+    URL usersUrl = getResourceUrl("users.ldif");
+    ldapTransport = new TcpTransport( port );
+    ldap = new SimpleLdapDirectoryServer( "dc=hadoop,dc=apache,dc=org", new File( usersUrl.toURI() ), ldapTransport );
+    ldap.start();
+    log.info( "LDAP port = " + port );
+    return port;
+  }
+
+
+  /**
+   * Creates a GATEWAY_HOME, starts a gateway instance and deploys a test topology.
+   */
+  public void setupGateway( GatewayTestConfig config, String cluster, XMLTag topology, boolean use ) throws Exception {
+    this.useGateway = use;
+    this.config = config;
+    this.clusterName = cluster;
+
+    File targetDir = new File( System.getProperty( "user.dir" ), "target" );
+    File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
+    gatewayDir.mkdirs();
+
+    config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
+
+    File topoDir = new File( config.getGatewayTopologyDir() );
+    topoDir.mkdirs();
+
+    File deployDir = new File( config.getGatewayDeploymentDir() );
+    deployDir.mkdirs();
+
+    File descriptor = new File( topoDir, cluster + ".xml" );
+    FileOutputStream stream = new FileOutputStream( descriptor );
+    topology.toStream( stream );
+    stream.close();
+
+    DefaultGatewayServices srvcs = new DefaultGatewayServices();
+    Map<String,String> options = new HashMap<String,String>();
+    options.put("persist-master", "false");
+    options.put("master", "password");
+    try {
+      srvcs.init(config, options);
+    } catch (ServiceLifecycleException e) {
+      e.printStackTrace(); // I18N not required.
+    }
+    File stacksDir = new File( config.getGatewayServicesDir() );
+    stacksDir.mkdirs();
+    //TODO: [sumit] This is a hack for now, need to find a better way to locate the source resources for 'stacks' to be tested
+    String pathToStacksSource = "gateway-service-definitions/src/main/resources/services";
+    File stacksSourceDir = new File( targetDir.getParent(), pathToStacksSource);
+    if (!stacksSourceDir.exists()) {
+      stacksSourceDir = new File( targetDir.getParentFile().getParentFile().getParent(), pathToStacksSource);
+    }
+    if (stacksSourceDir.exists()) {
+      FileUtils.copyDirectoryToDirectory(stacksSourceDir, stacksDir);
+    }
+
+    gateway = GatewayServer.startGateway(config, srvcs);
+    MatcherAssert.assertThat("Failed to start gateway.", gateway, notNullValue());
+
+    log.info( "Gateway port = " + gateway.getAddresses()[ 0 ].getPort() );
+  }
+
+  public void cleanup() throws Exception {
+    gateway.stop();
+    FileUtils.deleteQuietly( new File( config.getGatewayTopologyDir() ) );
+    FileUtils.deleteQuietly( new File( config.getGatewayConfDir() ) );
+    FileUtils.deleteQuietly( new File( config.getGatewaySecurityDir() ) );
+    FileUtils.deleteQuietly( new File( config.getGatewayDeploymentDir() ) );
+    FileUtils.deleteQuietly( new File( config.getGatewayDataDir() ) );
+    FileUtils.deleteQuietly( new File( config.getGatewayServicesDir() ) );
+    ldap.stop( true );
+  }
+
+
+  public String getResourceBaseName() {
+    return resourceBaseClass.getName().replaceAll( "\\.", "/" ) + "/";
+  }
+
+  public String getResourceName( String resource ) {
+    return getResourceBaseName() + resource;
+  }
+
+  public URL getResourceUrl( String resource ) {
+    URL url = ClassLoader.getSystemResource( getResourceName( resource ) );
+    assertThat( "Failed to find test resource " + resource, url, Matchers.notNullValue() );
+    return url;
+  }
+
+  public String getLdapUrl() {
+    return "ldap://localhost:" + ldapTransport.getPort();
+  }
+
+  public String getClusterUrl() {
+    String url;
+    String localHostName = getLocalHostName();
+    url = "http://" + localHostName + ":" + gateway.getAddresses()[0].getPort() + "/" + config.getGatewayPath() + "/" + clusterName;
+    return url;
+  }
+
+  public int getGatewayPort() {
+    return gateway.getAddresses()[0].getPort();
+  }
+
+  private String getLocalHostName() {
+    String hostName = "localhost";
+    try {
+      hostName = InetAddress.getByName("127.0.0.1").getHostName();
+    } catch( UnknownHostException e ) {
+      // Ignore and use the default.
+    }
+    return hostName;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java
new file mode 100644
index 0000000..2638b1c
--- /dev/null
+++ b/gateway-test-release/webhdfs-kerb-test/src/test/java/org/apache/hadoop/gateway/SecureClusterTest.java
@@ -0,0 +1,291 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway;
+
+import com.mycila.xmltool.XMLDoc;
+import com.mycila.xmltool.XMLTag;
+import org.apache.hadoop.fs.Path;
+import org.apache.hadoop.hdfs.HdfsConfiguration;
+import org.apache.hadoop.hdfs.MiniDFSCluster;
+import org.apache.hadoop.http.HttpConfig;
+import org.apache.hadoop.minikdc.MiniKdc;
+import org.apache.hadoop.security.SecurityUtil;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.hadoop.security.ssl.KeyStoreTestUtil;
+import org.apache.hadoop.test.category.ReleaseTest;
+import org.apache.http.HttpHost;
+import org.apache.http.HttpRequest;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.BasicUserPrincipal;
+import org.apache.http.auth.Credentials;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicHttpRequest;
+import org.apache.http.util.EntityUtils;
+import org.apache.log4j.PropertyConfigurator;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.net.ServerSocket;
+import java.security.Principal;
+import java.util.Properties;
+
+import static org.apache.hadoop.hdfs.DFSConfigKeys.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+
+@Category(ReleaseTest.class)
+public class SecureClusterTest {
+
+  private static MiniDFSCluster miniDFSCluster;
+  private static MiniKdc kdc;
+  private static HdfsConfiguration configuration;
+  private static int nameNodeHttpPort;
+  private static String userName;
+
+  private static GatewayTestDriver driver = new GatewayTestDriver();
+  private static File baseDir;
+
+  @BeforeClass
+  public static void setupSuite() throws Exception {
+    nameNodeHttpPort = findFreePort();
+    configuration = new HdfsConfiguration();
+    baseDir = new File(KeyStoreTestUtil.getClasspathDir(SecureClusterTest.class));
+    System.setProperty(MiniDFSCluster.PROP_TEST_BUILD_DATA, baseDir.getAbsolutePath());
+    initKdc();
+    miniDFSCluster = new MiniDFSCluster.Builder(configuration)
+        .nameNodePort(20112)
+        .nameNodeHttpPort(nameNodeHttpPort)
+        .numDataNodes(0)
+        .format(true)
+        .racks(null)
+        .build();
+  }
+
+  private static void initKdc() throws Exception {
+    Properties kdcConf = MiniKdc.createConf();
+    kdc = new MiniKdc(kdcConf, baseDir);
+    kdc.start();
+
+    configuration = new HdfsConfiguration();
+    SecurityUtil.setAuthenticationMethod(UserGroupInformation.AuthenticationMethod.KERBEROS, configuration);
+    UserGroupInformation.setConfiguration(configuration);
+    assertTrue("Expected configuration to enable security", UserGroupInformation.isSecurityEnabled());
+    userName = UserGroupInformation.createUserForTesting("guest", new String[] {"users"}).getUserName();
+    File keytabFile = new File(baseDir, userName + ".keytab");
+    String keytab = keytabFile.getAbsolutePath();
+    // Windows will not reverse name lookup "127.0.0.1" to "localhost".
+    String krbInstance = Path.WINDOWS ? "127.0.0.1" : "localhost";
+    kdc.createPrincipal(keytabFile, userName + "/" + krbInstance, "HTTP/" + krbInstance);
+    String hdfsPrincipal = userName + "/" + krbInstance + "@" + kdc.getRealm();
+    String spnegoPrincipal = "HTTP/" + krbInstance + "@" + kdc.getRealm();
+
+    configuration.set(DFS_NAMENODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+    configuration.set(DFS_NAMENODE_KEYTAB_FILE_KEY, keytab);
+    configuration.set(DFS_DATANODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+    configuration.set(DFS_DATANODE_KEYTAB_FILE_KEY, keytab);
+    configuration.set(DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY, spnegoPrincipal);
+    configuration.set(DFS_JOURNALNODE_KEYTAB_FILE_KEY, keytab);
+    configuration.set(DFS_JOURNALNODE_KERBEROS_PRINCIPAL_KEY, hdfsPrincipal);
+    configuration.set(DFS_JOURNALNODE_KERBEROS_INTERNAL_SPNEGO_PRINCIPAL_KEY, spnegoPrincipal);
+    configuration.setBoolean(DFS_BLOCK_ACCESS_TOKEN_ENABLE_KEY, true);
+    configuration.set(DFS_DATA_ENCRYPTION_ALGORITHM_KEY, "authentication");
+    configuration.set(DFS_HTTP_POLICY_KEY, HttpConfig.Policy.HTTP_AND_HTTPS.name());
+    configuration.set(DFS_NAMENODE_HTTPS_ADDRESS_KEY, "localhost:0");
+    configuration.set(DFS_DATANODE_HTTPS_ADDRESS_KEY, "localhost:0");
+    configuration.set(DFS_JOURNALNODE_HTTPS_ADDRESS_KEY, "localhost:0");
+    configuration.setInt(IPC_CLIENT_CONNECT_MAX_RETRIES_KEY, 10);
+    configuration.set("hadoop.proxyuser." + userName + ".hosts", "*");
+    configuration.set("hadoop.proxyuser." + userName + ".groups", "*");
+    configuration.setBoolean("dfs.permissions", true);
+
+    String keystoresDir = baseDir.getAbsolutePath();
+    File sslClientConfFile = new File(keystoresDir + "/ssl-client.xml");
+    File sslServerConfFile = new File(keystoresDir + "/ssl-server.xml");
+    KeyStoreTestUtil.setupSSLConfig(keystoresDir, keystoresDir, configuration, false);
+    configuration.set(DFS_CLIENT_HTTPS_KEYSTORE_RESOURCE_KEY,
+        sslClientConfFile.getName());
+    configuration.set(DFS_SERVER_HTTPS_KEYSTORE_RESOURCE_KEY,
+        sslServerConfFile.getName());
+
+    setupKnox(keytab, hdfsPrincipal);
+  }
+
+  private static void setupKnox(String keytab, String hdfsPrincipal) throws Exception {
+    //kerberos setup for http client
+    File jaasConf = setupJaasConf(baseDir, keytab, hdfsPrincipal);
+    System.setProperty("java.security.krb5.conf", kdc.getKrb5conf().getAbsolutePath());
+    System.setProperty("java.security.auth.login.config", jaasConf.getAbsolutePath());
+    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
+    System.setProperty("sun.security.krb5.debug", "true");
+
+    //knox setup
+    System.setProperty("gateway.hadoop.kerberos.secured", "true");
+    GatewayTestConfig config = new GatewayTestConfig();
+    config.setGatewayPath( "gateway" );
+    config.setHadoopKerberosSecured(true);
+    config.setKerberosConfig(kdc.getKrb5conf().getAbsolutePath());
+    config.setKerberosLoginConfig(jaasConf.getAbsolutePath());
+    driver.setResourceBase(SecureClusterTest.class);
+    driver.setupLdap(findFreePort());
+    driver.setupGateway(config, "cluster", createTopology(), true);
+  }
+
+  @AfterClass
+  public static void cleanupSuite() throws Exception {
+    kdc.stop();
+    miniDFSCluster.shutdown();
+    driver.cleanup();
+  }
+
+  @Test
+  public void basicGetUserHomeRequest() throws Exception {
+    setupLogging();
+    CloseableHttpClient client = getHttpClient();
+    String method = "GET";
+    String uri = driver.getClusterUrl() + "/webhdfs/v1?op=GETHOMEDIRECTORY";
+    HttpHost target = new HttpHost("localhost", driver.getGatewayPort(), "http");
+    HttpRequest request = new BasicHttpRequest(method, uri);
+    CloseableHttpResponse response = client.execute(target, request);
+    String json = EntityUtils.toString(response.getEntity());
+    response.close();
+    System.out.println(json);
+    assertEquals("{\"Path\":\"/user/" + userName + "\"}", json);
+  }
+
+  private CloseableHttpClient getHttpClient() {
+    CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
+    credentialsProvider.setCredentials(AuthScope.ANY, new Credentials() {
+      @Override
+      public Principal getUserPrincipal() {
+        return new BasicUserPrincipal("guest");
+      }
+
+      @Override
+      public String getPassword() {
+        return "guest-password";
+      }
+    });
+
+    return HttpClients.custom()
+        .setDefaultCredentialsProvider(credentialsProvider)
+        .build();
+  }
+
+  private static void setupLogging() {
+    PropertyConfigurator.configure(ClassLoader.getSystemResource("log4j.properties"));
+  }
+
+  private static File setupJaasConf(File baseDir, String keyTabFile, String principal) throws IOException {
+    File file = new File(baseDir, "jaas.conf");
+    if (!file.exists()) {
+      file.createNewFile();
+    } else {
+      file.delete();
+      file.createNewFile();
+    }
+    FileWriter writer = new FileWriter(file);
+    String content = String.format("com.sun.security.jgss.initiate {\n" +
+        "com.sun.security.auth.module.Krb5LoginModule required\n" +
+        "renewTGT=true\n" +
+        "doNotPrompt=true\n" +
+        "useKeyTab=true\n" +
+        "keyTab=\"%s\"\n" +
+        "principal=\"%s\"\n" +
+        "isInitiator=true\n" +
+        "storeKey=true\n" +
+        "useTicketCache=true\n" +
+        "client=true;\n" +
+        "};\n", keyTabFile, principal);
+    writer.write(content);
+    writer.close();
+    return file;
+  }
+
+  /**
+   * Creates a topology that is deployed to the gateway instance for the test suite.
+   * Note that this topology is shared by all of the test methods in this suite.
+   * @return A populated XML structure for a topology file.
+   */
+  private static XMLTag createTopology() {
+    XMLTag xml = XMLDoc.newDocument(true)
+        .addRoot("topology")
+        .addTag( "gateway" )
+        .addTag( "provider" )
+        .addTag("role").addText("webappsec")
+        .addTag("name").addText("WebAppSec")
+        .addTag("enabled").addText("true")
+        .addTag( "param" )
+        .addTag("name").addText("csrf.enabled")
+        .addTag("value").addText("true").gotoParent().gotoParent()
+        .addTag("provider")
+        .addTag("role").addText("authentication")
+        .addTag("name").addText("ShiroProvider")
+        .addTag("enabled").addText("true")
+        .addTag( "param" )
+        .addTag("name").addText("main.ldapRealm")
+        .addTag("value").addText("org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm").gotoParent()
+        .addTag( "param" )
+        .addTag("name").addText("main.ldapRealm.userDnTemplate")
+        .addTag( "value" ).addText("uid={0},ou=people,dc=hadoop,dc=apache,dc=org").gotoParent()
+        .addTag( "param" )
+        .addTag("name").addText("main.ldapRealm.contextFactory.url")
+        .addTag( "value" ).addText(driver.getLdapUrl()).gotoParent()
+        .addTag( "param" )
+        .addTag("name").addText("main.ldapRealm.contextFactory.authenticationMechanism")
+        .addTag( "value" ).addText("simple").gotoParent()
+        .addTag( "param" )
+        .addTag("name").addText("urls./**")
+        .addTag( "value" ).addText("authcBasic").gotoParent().gotoParent()
+        .addTag("provider")
+        .addTag("role").addText("identity-assertion")
+        .addTag("enabled").addText("true")
+        .addTag("name").addText("Default").gotoParent()
+        .addTag("provider")
+        .addTag( "role" ).addText( "authorization" )
+        .addTag( "enabled" ).addText( "true" )
+        .addTag("name").addText("AclsAuthz").gotoParent()
+        .addTag("param")
+        .addTag("name").addText( "webhdfs-acl" )
+        .addTag("value").addText("hdfs;*;*").gotoParent()
+        .gotoRoot()
+        .addTag("service")
+        .addTag("role").addText("WEBHDFS")
+        .addTag("url").addText("http://localhost:" + nameNodeHttpPort + "/webhdfs/").gotoParent()
+        .gotoRoot();
+//     System.out.println( "GATEWAY=" + xml.toString() );
+    return xml;
+  }
+
+  private static int findFreePort() throws IOException {
+    ServerSocket socket = new ServerSocket(0);
+    int port = socket.getLocalPort();
+    socket.close();
+    return port;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/fd0d5197/gateway-test-release/webhdfs-kerb-test/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif
----------------------------------------------------------------------
diff --git a/gateway-test-release/webhdfs-kerb-test/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif b/gateway-test-release/webhdfs-kerb-test/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif
new file mode 100644
index 0000000..d82e99a
--- /dev/null
+++ b/gateway-test-release/webhdfs-kerb-test/src/test/resources/org/apache/hadoop/gateway/SecureClusterTest/users.ldif
@@ -0,0 +1,61 @@
+##########################################################################
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##########################################################################
+
+version: 1
+
+dn: dc=hadoop,dc=apache,dc=org
+objectclass: organization
+objectclass: dcObject
+o: Hadoop
+dc: hadoop
+
+dn: ou=people,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:organizationalUnit
+ou: people
+
+dn: ou=groups,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:organizationalUnit
+ou: groups
+
+dn: uid=hdfs,ou=people,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:person
+objectclass:organizationalPerson
+objectclass:inetOrgPerson
+cn: LarryWalls
+sn: Walls
+uid: hdfs
+userPassword:hdfs-password
+
+dn: uid=guest,ou=people,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:person
+objectclass:organizationalPerson
+objectclass:inetOrgPerson
+cn: Guest
+sn: Guest
+uid: guest
+userPassword:guest-password
+
+dn: cn=admin,ou=groups,dc=hadoop,dc=apache,dc=org
+objectclass:top
+objectclass:groupOfNames
+cn: admin
+member: uid=allowedUser,ou=people,dc=hadoop,dc=apache,dc=org


Mime
View raw message