org.apache.flink.runtime.security.SecurityConfiguration Java Examples

public static void main(final String[] args) {
	final String configurationDirectory = CliFrontend.getConfigurationDirectoryFromEnv();

	final Configuration flinkConfiguration = GlobalConfiguration.loadConfiguration();

	int retCode;

	try {
		final FlinkYarnSessionCli cli = new FlinkYarnSessionCli(
			flinkConfiguration,
			configurationDirectory,
			"",
			""); // no prefix for the YARN session

		SecurityUtils.install(new SecurityConfiguration(flinkConfiguration));

		retCode = SecurityUtils.getInstalledContext().runSecured(() -> cli.run(args));
	} catch (CliArgsException e) {
		retCode = handleCliArgsException(e, LOG);
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		retCode = handleError(strippedThrowable, LOG);
	}

	System.exit(retCode);
}
 

public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) {
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
 

/**
 * Test that the jaas config file is created in the working directory.
 */
@Test
public void testJaasModuleFilePath() throws IOException {
	File file = folder.newFolder();
	String workingDir = file.toPath().toString();

	Configuration configuration = new Configuration();
	// set the string for CoreOptions.TMP_DIRS to mock the working directory.
	configuration.setString(CoreOptions.TMP_DIRS, workingDir);
	SecurityConfiguration sc = new SecurityConfiguration(configuration);
	JaasModule module = new JaasModule(sc);

	module.install();

	assertJaasFileLocateInRightDirectory(workingDir);
}
 

public static void main(final String[] args) {
	final String configurationDirectory = CliFrontend.getConfigurationDirectoryFromEnv();

	final Configuration flinkConfiguration = GlobalConfiguration.loadConfiguration();

	int retCode;

	try {
		final FlinkYarnSessionCli cli = new FlinkYarnSessionCli(
			flinkConfiguration,
			configurationDirectory,
			"",
			""); // no prefix for the YARN session

		SecurityUtils.install(new SecurityConfiguration(flinkConfiguration));

		retCode = SecurityUtils.getInstalledContext().runSecured(() -> cli.run(args));
	} catch (CliArgsException e) {
		retCode = handleCliArgsException(e);
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		retCode = handleError(strippedThrowable);
	}

	System.exit(retCode);
}
 

public static void runTaskManagerSecurely(String[] args) {
	try {
		final Configuration configuration = loadConfiguration(args);
		final PluginManager pluginManager = PluginUtils.createPluginManagerFromRootFolder(configuration);
		FileSystem.initialize(configuration, pluginManager);

		SecurityUtils.install(new SecurityConfiguration(configuration));

		SecurityUtils.getInstalledContext().runSecured(() -> {
			runTaskManager(configuration, pluginManager);
			return null;
		});
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("TaskManager initialization failed.", strippedThrowable);
		System.exit(STARTUP_FAILURE_RETURN_CODE);
	}
}
 

private static AppConfigurationEntry[] getAppConfigurationEntries(SecurityConfiguration securityConfig) {

		AppConfigurationEntry userKerberosAce = null;
		if (securityConfig.useTicketCache()) {
			userKerberosAce = KerberosUtils.ticketCacheEntry();
		}
		AppConfigurationEntry keytabKerberosAce = null;
		if (securityConfig.getKeytab() != null) {
			keytabKerberosAce = KerberosUtils.keytabEntry(securityConfig.getKeytab(), securityConfig.getPrincipal());
		}

		AppConfigurationEntry[] appConfigurationEntry;
		if (userKerberosAce != null && keytabKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce, userKerberosAce};
		} else if (keytabKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce};
		} else if (userKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{userKerberosAce};
		} else {
			return null;
		}

		return appConfigurationEntry;
	}
 

@Override
public boolean isCompatibleWith(SecurityConfiguration securityConfig) {
	// not compatible if no hadoop module factory configured.
	if (!securityConfig.getSecurityModuleFactories().contains(HadoopModuleFactory.class.getCanonicalName())) {
		return false;
	}
	// not compatible if Hadoop binary not in classpath.
	try {
		Class.forName(
			"org.apache.hadoop.security.UserGroupInformation",
			false,
			HadoopSecurityContextFactory.class.getClassLoader());
		return true;
	} catch (ClassNotFoundException e) {
		LOG.info("Cannot install HadoopSecurityContext because Hadoop cannot be found in the Classpath.");
		return false;
	}
}
 

private static AppConfigurationEntry[] getAppConfigurationEntries(SecurityConfiguration securityConfig) {

		AppConfigurationEntry userKerberosAce = null;
		if (securityConfig.useTicketCache()) {
			userKerberosAce = KerberosUtils.ticketCacheEntry();
		}
		AppConfigurationEntry keytabKerberosAce = null;
		if (securityConfig.getKeytab() != null) {
			keytabKerberosAce = KerberosUtils.keytabEntry(securityConfig.getKeytab(), securityConfig.getPrincipal());
		}

		AppConfigurationEntry[] appConfigurationEntry;
		if (userKerberosAce != null && keytabKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce, userKerberosAce};
		} else if (keytabKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce};
		} else if (userKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{userKerberosAce};
		} else {
			return null;
		}

		return appConfigurationEntry;
	}
 

private static AppConfigurationEntry[] getAppConfigurationEntries(SecurityConfiguration securityConfig) {

		AppConfigurationEntry userKerberosAce = null;
		if (securityConfig.useTicketCache()) {
			userKerberosAce = KerberosUtils.ticketCacheEntry();
		}
		AppConfigurationEntry keytabKerberosAce = null;
		if (securityConfig.getKeytab() != null) {
			keytabKerberosAce = KerberosUtils.keytabEntry(securityConfig.getKeytab(), securityConfig.getPrincipal());
		}

		AppConfigurationEntry[] appConfigurationEntry;
		if (userKerberosAce != null && keytabKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce, userKerberosAce};
		} else if (keytabKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{keytabKerberosAce};
		} else if (userKerberosAce != null) {
			appConfigurationEntry = new AppConfigurationEntry[]{userKerberosAce};
		} else {
			return null;
		}

		return appConfigurationEntry;
	}
 

public static void main(final String[] args) {
	final String configurationDirectory = CliFrontend.getConfigurationDirectoryFromEnv();

	final Configuration flinkConfiguration = GlobalConfiguration.loadConfiguration();

	int retCode;

	try {
		final FlinkYarnSessionCli cli = new FlinkYarnSessionCli(
			flinkConfiguration,
			configurationDirectory,
			"",
			""); // no prefix for the YARN session

		SecurityUtils.install(new SecurityConfiguration(flinkConfiguration));

		retCode = SecurityUtils.getInstalledContext().runSecured(() -> cli.run(args));
	} catch (CliArgsException e) {
		retCode = handleCliArgsException(e);
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		retCode = handleError(strippedThrowable);
	}

	System.exit(retCode);
}
 

public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (String factoryClassName : config.getSecurityModuleFactories()) {
		SecurityModuleFactory factory = SecurityFactoryServiceLoader.findModuleFactory(factoryClassName);
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
 

public static void install(SecurityConfiguration config,
					Map<String, ClientSecurityConfiguration> clientSecurityConfigurationMap)
		throws Exception {

	SecurityUtils.install(config);

	// install dynamic JAAS entries
	for (SecurityModuleFactory factory : config.getSecurityModuleFactories()) {
		if (factory instanceof JaasModuleFactory) {
			DynamicConfiguration jaasConf = (DynamicConfiguration) javax.security.auth.login.Configuration.getConfiguration();
			for (Map.Entry<String, ClientSecurityConfiguration> e : clientSecurityConfigurationMap.entrySet()) {
				AppConfigurationEntry entry = KerberosUtils.keytabEntry(
					e.getValue().getKeytab(),
					e.getValue().getPrincipal());
				jaasConf.addAppConfigurationEntry(e.getKey(), entry);
			}
			break;
		}
	}
}
 

/**
 * Submits the job based on the arguments.
 */
public static void main(final String[] args) {
	EnvironmentInformation.logEnvironmentInfo(LOG, "Command Line Client", args);

	// 1. find the configuration directory
	final String configurationDirectory = getConfigurationDirectoryFromEnv();

	// 2. load the global configuration
	final Configuration configuration = GlobalConfiguration.loadConfiguration(configurationDirectory);

	// 3. load the custom command lines
	final List<CustomCommandLine<?>> customCommandLines = loadCustomCommandLines(
		configuration,
		configurationDirectory);

	try {
		final CliFrontend cli = new CliFrontend(
			configuration,
			customCommandLines);

		SecurityUtils.install(new SecurityConfiguration(cli.configuration));
		int retCode = SecurityUtils.getInstalledContext()
				.runSecured(() -> cli.parseParameters(args));
		System.exit(retCode);
	}
	catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("Fatal error while running command line interface.", strippedThrowable);
		strippedThrowable.printStackTrace();
		System.exit(31);
	}
}
 

/**
 * Submits the job based on the arguments.
 */
public static void main(final String[] args) {
	EnvironmentInformation.logEnvironmentInfo(LOG, "Command Line Client", args);

	// 1. find the configuration directory
	final String configurationDirectory = getConfigurationDirectoryFromEnv();

	// 2. load the global configuration
	final Configuration configuration = GlobalConfiguration.loadConfiguration(configurationDirectory);

	// 3. load the custom command lines
	final List<CustomCommandLine> customCommandLines = loadCustomCommandLines(
		configuration,
		configurationDirectory);

	try {
		final CliFrontend cli = new CliFrontend(
			configuration,
			customCommandLines);

		SecurityUtils.install(new SecurityConfiguration(cli.configuration));
		int retCode = SecurityUtils.getInstalledContext()
				.runSecured(() -> cli.parseParameters(args));
		System.exit(retCode);
	}
	catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("Fatal error while running command line interface.", strippedThrowable);
		strippedThrowable.printStackTrace();
		System.exit(31);
	}
}
 

@Override
public SecurityContext createContext(SecurityConfiguration securityConfig) throws SecurityContextInitializeException {
	try {
		UserGroupInformation loginUser = UserGroupInformation.getLoginUser();
		return new HadoopSecurityContext(loginUser);
	} catch (Exception e) {
		throw new SecurityContextInitializeException("Cannot instantiate test security context", e);
	}
}
 

public static void main(String[] args) throws Exception {
	// startup checks and logging
	EnvironmentInformation.logEnvironmentInfo(LOG, "TaskManager", args);
	SignalHandler.register(LOG);
	JvmShutdownSafeguard.installAsShutdownHook(LOG);

	long maxOpenFileHandles = EnvironmentInformation.getOpenFileHandlesLimit();

	if (maxOpenFileHandles != -1L) {
		LOG.info("Maximum number of open file descriptors is {}.", maxOpenFileHandles);
	} else {
		LOG.info("Cannot determine the maximum number of open file descriptors");
	}

	final Configuration configuration = loadConfiguration(args);

	try {
		FileSystem.initialize(configuration);
	} catch (IOException e) {
		throw new IOException("Error while setting the default " +
			"filesystem scheme from configuration.", e);
	}

	SecurityUtils.install(new SecurityConfiguration(configuration));

	try {
		SecurityUtils.getInstalledContext().runSecured(new Callable<Void>() {
			@Override
			public Void call() throws Exception {
				runTaskManager(configuration, ResourceID.generate());
				return null;
			}
		});
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("TaskManager initialization failed.", strippedThrowable);
		System.exit(STARTUP_FAILURE_RETURN_CODE);
	}
}
 

public static void main(String[] args) throws Exception {
	ParameterTool pt = ParameterTool.fromArgs(args);
	String configDir = pt.getRequired("configDir");

	LOG.info("Loading configuration from {}", configDir);
	final Configuration flinkConfig = GlobalConfiguration.loadConfiguration(configDir);

	try {
		FileSystem.initialize(flinkConfig);
	} catch (IOException e) {
		throw new Exception("Error while setting the default filesystem scheme from configuration.", e);
	}

	// run the history server
	SecurityUtils.install(new SecurityConfiguration(flinkConfig));

	try {
		SecurityUtils.getInstalledContext().runSecured(new Callable<Integer>() {
			@Override
			public Integer call() throws Exception {
				HistoryServer hs = new HistoryServer(flinkConfig);
				hs.run();
				return 0;
			}
		});
		System.exit(0);
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("Failed to run HistoryServer.", strippedThrowable);
		strippedThrowable.printStackTrace();
		System.exit(1);
	}
}
 

/**
 * Submits the job based on the arguments.
 */
public static void main(final String[] args) {
	EnvironmentInformation.logEnvironmentInfo(LOG, "Command Line Client", args);

	// 1. find the configuration directory
	final String configurationDirectory = getConfigurationDirectoryFromEnv();

	// 2. load the global configuration
	final Configuration configuration = GlobalConfiguration.loadConfiguration(configurationDirectory);

	// 3. load the custom command lines
	final List<CustomCommandLine<?>> customCommandLines = loadCustomCommandLines(
		configuration,
		configurationDirectory);

	try {
		final CliFrontend cli = new CliFrontend(
			configuration,
			customCommandLines);

		SecurityUtils.install(new SecurityConfiguration(cli.configuration));
		int retCode = SecurityUtils.getInstalledContext()
				.runSecured(() -> cli.parseParameters(args));
		System.exit(retCode);
	}
	catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("Fatal error while running command line interface.", strippedThrowable);
		strippedThrowable.printStackTrace();
		System.exit(31);
	}
}
 

@Override
public SecurityModule createModule(SecurityConfiguration securityConfig) {
	if (hadoopConfiguration == null) {
		throw new IllegalStateException("Cannot instantiate test module, hadoop config not set!");
	}
	return new HadoopModule(securityConfig, hadoopConfiguration);
}
 

public static void main(String[] args) throws Exception {
	ParameterTool pt = ParameterTool.fromArgs(args);
	String configDir = pt.getRequired("configDir");

	LOG.info("Loading configuration from {}", configDir);
	final Configuration flinkConfig = GlobalConfiguration.loadConfiguration(configDir);

	FileSystem.initialize(flinkConfig, PluginUtils.createPluginManagerFromRootFolder(flinkConfig));

	// run the history server
	SecurityUtils.install(new SecurityConfiguration(flinkConfig));

	try {
		SecurityUtils.getInstalledContext().runSecured(new Callable<Integer>() {
			@Override
			public Integer call() throws Exception {
				HistoryServer hs = new HistoryServer(flinkConfig);
				hs.run();
				return 0;
			}
		});
		System.exit(0);
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("Failed to run HistoryServer.", strippedThrowable);
		strippedThrowable.printStackTrace();
		System.exit(1);
	}
}
 

/**
 * Test that the jaas file will be created in the directory specified by {@link CoreOptions#TMP_DIRS}'s default value
 * if we do not manually specify it.
 */
@Test
public void testCreateJaasModuleFileInTemporary() {
	Configuration configuration = new Configuration();
	SecurityConfiguration sc = new SecurityConfiguration(configuration);
	JaasModule module = new JaasModule(sc);

	module.install();

	assertJaasFileLocateInRightDirectory(CoreOptions.TMP_DIRS.defaultValue());
}
 

@VisibleForTesting
static void setupConfigurationAndInstallSecurityContext(Configuration configuration, String currDir, Map<String, String> variables) throws Exception {
	final String localDirs = variables.get(Environment.LOCAL_DIRS.key());
	LOG.info("Current working/local Directory: {}", localDirs);

	BootstrapTools.updateTmpDirectoriesInConfiguration(configuration, localDirs);

	setupConfigurationFromVariables(configuration, currDir, variables);

	SecurityUtils.install(new SecurityConfiguration(configuration));
}
 

public static void main(String[] args) throws Exception {
	EnvironmentInformation.logEnvironmentInfo(LOG, "HistoryServer", args);

	ParameterTool pt = ParameterTool.fromArgs(args);
	String configDir = pt.getRequired("configDir");

	LOG.info("Loading configuration from {}", configDir);
	final Configuration flinkConfig = GlobalConfiguration.loadConfiguration(configDir);

	FileSystem.initialize(flinkConfig, PluginUtils.createPluginManagerFromRootFolder(flinkConfig));

	// run the history server
	SecurityUtils.install(new SecurityConfiguration(flinkConfig));

	try {
		SecurityUtils.getInstalledContext().runSecured(new Callable<Integer>() {
			@Override
			public Integer call() throws Exception {
				HistoryServer hs = new HistoryServer(flinkConfig);
				hs.run();
				return 0;
			}
		});
		System.exit(0);
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("Failed to run HistoryServer.", strippedThrowable);
		strippedThrowable.printStackTrace();
		System.exit(1);
	}
}
 

@Override
public SecurityContext createContext(SecurityConfiguration securityConfig) throws SecurityContextInitializeException {
	try {
		UserGroupInformation loginUser = UserGroupInformation.getLoginUser();
		return new HadoopSecurityContext(loginUser);
	} catch (Exception e) {
		LOG.error("Cannot instantiate HadoopSecurityContext.", e);
		throw new SecurityContextInitializeException("Cannot instantiate HadoopSecurityContext.", e);
	}
}
 

public JaasModule(SecurityConfiguration securityConfig) {
	this.securityConfig = checkNotNull(securityConfig);
	String[] dirs = splitPaths(securityConfig.getFlinkConfig().getString(CoreOptions.TMP_DIRS));
	// should be at least one directory.
	checkState(dirs.length > 0);
	this.workingDir = dirs[0];
}
 

public static void main(String[] args) throws Exception {
	// startup checks and logging
	EnvironmentInformation.logEnvironmentInfo(LOG, "TaskManager", args);
	SignalHandler.register(LOG);
	JvmShutdownSafeguard.installAsShutdownHook(LOG);

	long maxOpenFileHandles = EnvironmentInformation.getOpenFileHandlesLimit();

	if (maxOpenFileHandles != -1L) {
		LOG.info("Maximum number of open file descriptors is {}.", maxOpenFileHandles);
	} else {
		LOG.info("Cannot determine the maximum number of open file descriptors");
	}

	final Configuration configuration = loadConfiguration(args);

	FileSystem.initialize(configuration, PluginUtils.createPluginManagerFromRootFolder(configuration));

	SecurityUtils.install(new SecurityConfiguration(configuration));

	try {
		SecurityUtils.getInstalledContext().runSecured(new Callable<Void>() {
			@Override
			public Void call() throws Exception {
				runTaskManager(configuration, ResourceID.generate());
				return null;
			}
		});
	} catch (Throwable t) {
		final Throwable strippedThrowable = ExceptionUtils.stripException(t, UndeclaredThrowableException.class);
		LOG.error("TaskManager initialization failed.", strippedThrowable);
		System.exit(STARTUP_FAILURE_RETURN_CODE);
	}
}
 

public ZooKeeperModule(SecurityConfiguration securityConfig) {
	this.securityConfig = checkNotNull(securityConfig);
}
 

@Override
public SecurityModule createModule(SecurityConfiguration securityConfig) {
	return new JaasModule(securityConfig);
}
 

@Override
public SecurityContext createContext(SecurityConfiguration securityConfig) throws SecurityContextInitializeException {
	return new TestSecurityContext();
}
 

public static void prepare(TemporaryFolder tempFolder) {

		try {
			File baseDirForSecureRun = tempFolder.newFolder();
			LOG.info("Base Directory for Secure Environment: {}", baseDirForSecureRun);

			String hostName = "localhost";
			Properties kdcConf = MiniKdc.createConf();
			if (LOG.isDebugEnabled()) {
				kdcConf.setProperty(MiniKdc.DEBUG, "true");
			}
			kdcConf.setProperty(MiniKdc.KDC_BIND_ADDRESS, hostName);
			kdc = new MiniKdc(kdcConf, baseDirForSecureRun);
			kdc.start();
			LOG.info("Started Mini KDC");

			File keytabFile = new File(baseDirForSecureRun, "test-users.keytab");
			testKeytab = keytabFile.getAbsolutePath();
			testZkServerPrincipal = "zookeeper/" + hostName;
			testZkClientPrincipal = "zk-client/" + hostName;
			testKafkaServerPrincipal = "kafka/" + hostName;
			hadoopServicePrincipal = "hadoop/" + hostName;
			testPrincipal = "client/" + hostName;

			kdc.createPrincipal(keytabFile, testPrincipal, testZkServerPrincipal,
					hadoopServicePrincipal,
					testZkClientPrincipal,
					testKafkaServerPrincipal);

			testPrincipal = testPrincipal + "@" + kdc.getRealm();
			testZkServerPrincipal = testZkServerPrincipal + "@" + kdc.getRealm();
			testZkClientPrincipal = testZkClientPrincipal + "@" + kdc.getRealm();
			testKafkaServerPrincipal = testKafkaServerPrincipal + "@" + kdc.getRealm();
			hadoopServicePrincipal = hadoopServicePrincipal + "@" + kdc.getRealm();

			LOG.info("-------------------------------------------------------------------");
			LOG.info("Test Principal: {}", testPrincipal);
			LOG.info("Test ZK Server Principal: {}", testZkServerPrincipal);
			LOG.info("Test ZK Client Principal: {}", testZkClientPrincipal);
			LOG.info("Test Kafka Server Principal: {}", testKafkaServerPrincipal);
			LOG.info("Test Hadoop Service Principal: {}", hadoopServicePrincipal);
			LOG.info("Test Keytab: {}", testKeytab);
			LOG.info("-------------------------------------------------------------------");

			//Security Context is established to allow non hadoop applications that requires JAAS
			//based SASL/Kerberos authentication to work. However, for Hadoop specific applications
			//the context can be reinitialized with Hadoop configuration by calling
			//ctx.setHadoopConfiguration() for the UGI implementation to work properly.
			//See Yarn test case module for reference
			Configuration flinkConfig = GlobalConfiguration.loadConfiguration();
			flinkConfig.setBoolean(SecurityOptions.ZOOKEEPER_SASL_DISABLE, false);
			flinkConfig.setString(SecurityOptions.KERBEROS_LOGIN_KEYTAB, testKeytab);
			flinkConfig.setBoolean(SecurityOptions.KERBEROS_LOGIN_USETICKETCACHE, false);
			flinkConfig.setString(SecurityOptions.KERBEROS_LOGIN_PRINCIPAL, testPrincipal);
			flinkConfig.setString(SecurityOptions.KERBEROS_LOGIN_CONTEXTS, "Client,KafkaClient");
			SecurityConfiguration ctx = new SecurityConfiguration(flinkConfig);
			TestingSecurityContext.install(ctx, getClientSecurityConfigurationMap());

			populateJavaPropertyVariables();

		} catch (Exception e) {
			throw new RuntimeException("Exception occured while preparing secure environment.", e);
		}

	}