accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vi...@apache.org
Subject svn commit: r1438354 [2/12] - in /accumulo/trunk: ./ assemble/ bin/ conf/examples/1GB/native-standalone/ conf/examples/1GB/standalone/ conf/examples/2GB/native-standalone/ conf/examples/2GB/standalone/ conf/examples/3GB/native-standalone/ conf/examples...
Date Fri, 25 Jan 2013 07:04:29 GMT
Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/Instance.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/Instance.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/Instance.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/Instance.java Fri Jan 25 07:04:25 2013
@@ -21,11 +21,14 @@ import java.util.List;
 
 import org.apache.accumulo.core.conf.AccumuloConfiguration;
 import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 
 /**
  * This class represents the information a client needs to know to connect to an instance of accumulo.
  * 
  */
+@SuppressWarnings("deprecation")
 public interface Instance {
   /**
    * Returns the location of the tablet server that is serving the root tablet.
@@ -94,12 +97,39 @@ public interface Instance {
    *           when a generic exception occurs
    * @throws AccumuloSecurityException
    *           when a user's credentials are invalid
+   * @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
    */
   public abstract Connector getConnector(AuthInfo auth) throws AccumuloException, AccumuloSecurityException;
   
   /**
    * Returns a connection to accumulo.
    * 
+   * @param token
+   *          An AccumuloToken implementing object.
+   * @return the accumulo Connector
+   * @throws AccumuloException
+   *           when a generic exception occurs
+   * @throws AccumuloSecurityException
+   *           when a user's credentials are invalid
+   */
+  public abstract Connector getConnector(AccumuloToken<?,?> token) throws AccumuloException, AccumuloSecurityException;
+  
+  /**
+   * Returns a connection to accumulo.
+   * 
+   * @param token
+   *          An InstanceTokenWrapper.
+   * @return the accumulo Connector
+   * @throws AccumuloException
+   *           when a generic exception occurs
+   * @throws AccumuloSecurityException
+   *           when a user's credentials are invalid
+   */
+  public abstract Connector getConnector(InstanceTokenWrapper token) throws AccumuloException, AccumuloSecurityException;
+  
+  /**
+   * Returns a connection to accumulo.
+   * 
    * @param user
    *          a valid accumulo user
    * @param pass
@@ -109,6 +139,7 @@ public interface Instance {
    *           when a generic exception occurs
    * @throws AccumuloSecurityException
    *           when a user's credentials are invalid
+   *           @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
    */
   public abstract Connector getConnector(String user, ByteBuffer pass) throws AccumuloException, AccumuloSecurityException;
   
@@ -124,6 +155,7 @@ public interface Instance {
    *           when a generic exception occurs
    * @throws AccumuloSecurityException
    *           when a user's credentials are invalid
+   *           @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
    */
   public abstract Connector getConnector(String user, CharSequence pass) throws AccumuloException, AccumuloSecurityException;
   
@@ -141,4 +173,10 @@ public interface Instance {
    *          accumulo configuration
    */
   public abstract void setConfiguration(AccumuloConfiguration conf);
+  
+  /**
+   * Returns the class name for the tokens Accumulo is expecting.
+   * @throws AccumuloException 
+   */
+  public abstract String getSecurityTokenClass() throws AccumuloException;
 }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java Fri Jan 25 07:04:25 2013
@@ -24,15 +24,21 @@ import java.util.UUID;
 
 import org.apache.accumulo.core.Constants;
 import org.apache.accumulo.core.client.impl.ConnectorImpl;
+import org.apache.accumulo.core.client.impl.MasterClient;
 import org.apache.accumulo.core.conf.AccumuloConfiguration;
 import org.apache.accumulo.core.conf.Property;
 import org.apache.accumulo.core.file.FileUtil;
+import org.apache.accumulo.core.master.thrift.MasterClientService.Client;
 import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
+import org.apache.accumulo.core.security.tokens.UserPassToken;
 import org.apache.accumulo.core.util.ArgumentChecker;
-import org.apache.accumulo.core.util.ByteBufferUtil;
 import org.apache.accumulo.core.util.CachedConfiguration;
 import org.apache.accumulo.core.util.OpTimer;
 import org.apache.accumulo.core.util.TextUtil;
+import org.apache.accumulo.core.util.ThriftUtil;
 import org.apache.accumulo.core.zookeeper.ZooUtil;
 import org.apache.accumulo.fate.zookeeper.ZooCache;
 import org.apache.hadoop.fs.FileStatus;
@@ -41,6 +47,8 @@ import org.apache.hadoop.fs.Path;
 import org.apache.hadoop.io.Text;
 import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
+import org.apache.thrift.TException;
+import org.apache.thrift.transport.TTransportException;
 
 /**
  * <p>
@@ -56,6 +64,7 @@ import org.apache.log4j.Logger;
  * 
  */
 
+@SuppressWarnings("deprecation")
 public class ZooKeeperInstance implements Instance {
   
   private static final Logger log = Logger.getLogger(ZooKeeperInstance.class);
@@ -201,21 +210,29 @@ public class ZooKeeperInstance implement
     return zooKeepersSessionTimeOut;
   }
   
+  /**
+   * @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
+   */
   @Override
   public Connector getConnector(String user, CharSequence pass) throws AccumuloException, AccumuloSecurityException {
     return getConnector(user, TextUtil.getBytes(new Text(pass.toString())));
   }
   
+  /**
+   * @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
+   */
   @Override
   public Connector getConnector(String user, ByteBuffer pass) throws AccumuloException, AccumuloSecurityException {
-    return getConnector(user, ByteBufferUtil.toBytes(pass));
+    return getConnector(new UserPassToken(user, pass));
   }
   
   // Suppress deprecation, ConnectorImpl is deprecated to warn clients against using.
-  @SuppressWarnings("deprecation")
+  /**
+   * @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
+   */
   @Override
   public Connector getConnector(String user, byte[] pass) throws AccumuloException, AccumuloSecurityException {
-    return new ConnectorImpl(this, user, pass);
+    return getConnector(user, ByteBuffer.wrap(pass));
   }
   
   private AccumuloConfiguration conf = null;
@@ -281,8 +298,42 @@ public class ZooKeeperInstance implement
     }
   }
   
+  /**
+   * @deprecated @since 1.5, use {@link #getConnector(AccumuloToken)}
+   */
   @Override
   public Connector getConnector(AuthInfo auth) throws AccumuloException, AccumuloSecurityException {
     return getConnector(auth.user, auth.password);
   }
+  
+  // Suppress deprecation, ConnectorImpl is deprecated to warn clients against using.
+  @Override
+  public Connector getConnector(AccumuloToken<?,?> token) throws AccumuloException, AccumuloSecurityException {
+    return new ConnectorImpl(this, token);
+  }
+  
+  // Suppress deprecation, ConnectorImpl is deprecated to warn clients against using.
+  @Override
+  public Connector getConnector(InstanceTokenWrapper token) throws AccumuloException, AccumuloSecurityException {
+    return getConnector(token.getToken());
+  }
+  
+  @Override
+  public String getSecurityTokenClass() throws AccumuloException {
+    Client client = null;
+    try {
+      client = MasterClient.getConnection(this);
+      return client.getSecurityTokenClass();
+    } catch (TTransportException e) {
+      throw new AccumuloException(e);
+    } catch (ThriftSecurityException e) {
+      throw new AccumuloException(e);
+    } catch (TException e) {
+      throw new AccumuloException(e);
+    } finally {
+      if (client != null) {
+        ThriftUtil.returnClient(client);
+      }
+    }
+  }
 }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/InstanceOperationsImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/InstanceOperationsImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/InstanceOperationsImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/InstanceOperationsImpl.java Fri Jan 25 07:04:25 2013
@@ -34,7 +34,7 @@ import org.apache.accumulo.core.client.i
 import org.apache.accumulo.core.client.impl.thrift.ClientService;
 import org.apache.accumulo.core.client.impl.thrift.ConfigurationType;
 import org.apache.accumulo.core.master.thrift.MasterClientService;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
 import org.apache.accumulo.core.tabletserver.thrift.TabletClientService.Client;
 import org.apache.accumulo.core.util.ArgumentChecker;
@@ -49,7 +49,7 @@ import org.apache.thrift.transport.TTran
  */
 public class InstanceOperationsImpl implements InstanceOperations {
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   
   /**
    * @param instance
@@ -57,43 +57,34 @@ public class InstanceOperationsImpl impl
    * @param credentials
    *          the username/password for this connection
    */
-  public InstanceOperationsImpl(Instance instance, AuthInfo credentials) {
+  public InstanceOperationsImpl(Instance instance, InstanceTokenWrapper credentials) {
     ArgumentChecker.notNull(instance, credentials);
     this.instance = instance;
     this.credentials = credentials;
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#setProperty(java.lang.String, java.lang.String)
-   */
   @Override
   public void setProperty(final String property, final String value) throws AccumuloException, AccumuloSecurityException {
     ArgumentChecker.notNull(property, value);
     MasterClient.execute(instance, new ClientExec<MasterClientService.Client>() {
       @Override
       public void execute(MasterClientService.Client client) throws Exception {
-        client.setSystemProperty(Tracer.traceInfo(), credentials, property, value);
+        client.setSystemProperty(Tracer.traceInfo(), credentials.toThrift(), property, value);
       }
     });
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#removeProperty(java.lang.String)
-   */
   @Override
   public void removeProperty(final String property) throws AccumuloException, AccumuloSecurityException {
     ArgumentChecker.notNull(property);
     MasterClient.execute(instance, new ClientExec<MasterClientService.Client>() {
       @Override
       public void execute(MasterClientService.Client client) throws Exception {
-        client.removeSystemProperty(Tracer.traceInfo(), credentials, property);
+        client.removeSystemProperty(Tracer.traceInfo(), credentials.toThrift(), property);
       }
     });
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#getSystemConfiguration()
-   */
   @Override
   public Map<String,String> getSystemConfiguration() throws AccumuloException, AccumuloSecurityException {
     return ServerClient.execute(instance, new ClientExecReturn<Map<String,String>,ClientService.Client>() {
@@ -104,9 +95,6 @@ public class InstanceOperationsImpl impl
     });
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#getSiteConfiguration()
-   */
   @Override
   public Map<String,String> getSiteConfiguration() throws AccumuloException, AccumuloSecurityException {
     return ServerClient.execute(instance, new ClientExecReturn<Map<String,String>,ClientService.Client>() {
@@ -117,10 +105,6 @@ public class InstanceOperationsImpl impl
     });
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#getTabletServers()
-   */
-  
   @Override
   public List<String> getTabletServers() {
     ZooCache cache = ZooCache.getInstance(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut());
@@ -140,10 +124,6 @@ public class InstanceOperationsImpl impl
     return results;
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#getActiveScans(java.lang.String)
-   */
-  
   @Override
   public List<ActiveScan> getActiveScans(String tserver) throws AccumuloException, AccumuloSecurityException {
     Client client = null;
@@ -151,7 +131,7 @@ public class InstanceOperationsImpl impl
       client = ThriftUtil.getTServerClient(tserver, instance.getConfiguration());
       
       List<ActiveScan> as = new ArrayList<ActiveScan>();
-      for (org.apache.accumulo.core.tabletserver.thrift.ActiveScan activeScan : client.getActiveScans(Tracer.traceInfo(), credentials)) {
+      for (org.apache.accumulo.core.tabletserver.thrift.ActiveScan activeScan : client.getActiveScans(Tracer.traceInfo(), credentials.toThrift())) {
         try {
           as.add(new ActiveScan(instance, activeScan));
         } catch (TableNotFoundException e) {
@@ -171,9 +151,6 @@ public class InstanceOperationsImpl impl
     }
   }
   
-  /* (non-Javadoc)
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#testClassLoad(java.lang.String, java.lang.String)
-   */
   @Override
   public boolean testClassLoad(final String className, final String asTypeName) throws AccumuloException, AccumuloSecurityException {
     return ServerClient.execute(instance, new ClientExecReturn<Boolean,ClientService.Client>() {
@@ -184,11 +161,6 @@ public class InstanceOperationsImpl impl
     });
   }
   
-  /*
-   * (non-Javadoc)
-   * 
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#getActiveCompactions(java.lang.String)
-   */
   @Override
   public List<ActiveCompaction> getActiveCompactions(String tserver) throws AccumuloException, AccumuloSecurityException {
     Client client = null;
@@ -196,7 +168,7 @@ public class InstanceOperationsImpl impl
       client = ThriftUtil.getTServerClient(tserver, instance.getConfiguration());
       
       List<ActiveCompaction> as = new ArrayList<ActiveCompaction>();
-      for (org.apache.accumulo.core.tabletserver.thrift.ActiveCompaction activeCompaction : client.getActiveCompactions(Tracer.traceInfo(), credentials)) {
+      for (org.apache.accumulo.core.tabletserver.thrift.ActiveCompaction activeCompaction : client.getActiveCompactions(Tracer.traceInfo(), credentials.toThrift())) {
         as.add(new ActiveCompaction(instance, activeCompaction));
       }
       return as;
@@ -212,17 +184,12 @@ public class InstanceOperationsImpl impl
     }
   }
   
-  /*
-   * (non-Javadoc)
-   * 
-   * @see org.apache.accumulo.core.client.admin.InstanceOperations#ping(java.lang.String)
-   */
   @Override
   public void ping(String tserver) throws AccumuloException {
     Client client = null;
     try {
       client = ThriftUtil.getTServerClient(tserver, instance.getConfiguration());
-      client.getTabletServerStatus(Tracer.traceInfo(), credentials);
+      client.getTabletServerStatus(Tracer.traceInfo(), credentials.toThrift());
     } catch (TTransportException e) {
       throw new AccumuloException(e);
     } catch (ThriftSecurityException e) {

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java Fri Jan 25 07:04:25 2013
@@ -23,6 +23,7 @@ import org.apache.accumulo.core.client.A
 import org.apache.accumulo.core.security.Authorizations;
 import org.apache.accumulo.core.security.SystemPermission;
 import org.apache.accumulo.core.security.TablePermission;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
 
 /**
  * Provides a class for managing users and permissions
@@ -61,7 +62,7 @@ public interface SecurityOperations {
    * @throws AccumuloSecurityException
    *           if the user does not have permission to create a user
    */
-  public void createUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException;
+  public void createUser(AccumuloToken<?,?> token) throws AccumuloException, AccumuloSecurityException;
   
   /**
    * Delete a user
@@ -87,8 +88,23 @@ public interface SecurityOperations {
    *           if a general error occurs
    * @throws AccumuloSecurityException
    *           if the user does not have permission to ask
+   * @deprecated @since 1.5, use {@link #authenticateUser(AccumuloToken)}
    */
   public boolean authenticateUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException;
+
+  /**
+   * Verify an AccumuloToken is valid
+   * 
+   * @param token
+   *          the AccumuloToken to authenticate
+   * @return true if the user asking is allowed to know and the specified user/password is valid, false otherwise
+   * @throws AccumuloException
+   *           if a general error occurs
+   * @throws AccumuloSecurityException
+   *           if the user does not have permission to ask
+   *  @since 1.5
+   */
+  public boolean authenticateUser(AccumuloToken<?,?> token) throws AccumuloException, AccumuloSecurityException;
   
   /**
    * Set the user's password
@@ -101,10 +117,25 @@ public interface SecurityOperations {
    *           if a general error occurs
    * @throws AccumuloSecurityException
    *           if the user does not have permission to modify a user
+   *           @deprecated @since 1.5, use {@link #changeUserPassword(AccumuloToken)}
    */
   public void changeUserPassword(String user, byte[] password) throws AccumuloException, AccumuloSecurityException;
   
   /**
+   * Set the user's password
+   * 
+   * @param user
+   *          the name of the user to modify
+   * @param password
+   *          the plaintext password for the user
+   * @throws AccumuloException
+   *           if a general error occurs
+   * @throws AccumuloSecurityException
+   *           if the user does not have permission to modify a user
+   */
+  public void changeUserPassword(AccumuloToken<?,?> newToken) throws AccumuloException, AccumuloSecurityException;
+  
+  /**
    * Set the user's record-level authorizations
    * 
    * @param user
@@ -233,5 +264,14 @@ public interface SecurityOperations {
    *           if the user does not have permission to query users
    */
   public Set<String> listUsers() throws AccumuloException, AccumuloSecurityException;
+
+  /**
+   * @deprecated @since 1.5, use {@link #createUser(AccumuloToken)}
+   * @param token
+   * @param authorization
+   * @throws AccumuloException
+   * @throws AccumuloSecurityException
+   */
+  void createUser(AccumuloToken<?,?> token, Authorizations authorization) throws AccumuloException, AccumuloSecurityException;
   
 }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java Fri Jan 25 07:04:25 2013
@@ -16,8 +16,6 @@
  */
 package org.apache.accumulo.core.client.admin;
 
-import java.nio.ByteBuffer;
-import java.util.Arrays;
 import java.util.Set;
 
 import org.apache.accumulo.cloudtrace.instrument.Tracer;
@@ -33,16 +31,20 @@ import org.apache.accumulo.core.client.i
 import org.apache.accumulo.core.security.Authorizations;
 import org.apache.accumulo.core.security.SystemPermission;
 import org.apache.accumulo.core.security.TablePermission;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
 import org.apache.accumulo.core.security.thrift.SecurityErrorCode;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
+import org.apache.accumulo.core.security.tokens.PasswordUpdatable;
+import org.apache.accumulo.core.security.tokens.TokenHelper;
+import org.apache.accumulo.core.security.tokens.UserPassToken;
 import org.apache.accumulo.core.util.ArgumentChecker;
 import org.apache.accumulo.core.util.ByteBufferUtil;
 
 public class SecurityOperationsImpl implements SecurityOperations {
   
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper token;
   
   private void execute(ClientExec<ClientService.Client> exec) throws AccumuloException, AccumuloSecurityException {
     try {
@@ -86,10 +88,10 @@ public class SecurityOperationsImpl impl
    * @param credentials
    *          the user credentials to use for security operations
    */
-  public SecurityOperationsImpl(Instance instance, AuthInfo credentials) {
+  public SecurityOperationsImpl(Instance instance, InstanceTokenWrapper credentials) {
     ArgumentChecker.notNull(instance, credentials);
     this.instance = instance;
-    this.credentials = credentials;
+    this.token = credentials;
   }
   
   /**
@@ -105,19 +107,40 @@ public class SecurityOperationsImpl impl
    *           if a general error occurs
    * @throws AccumuloSecurityException
    *           if the user does not have permission to create a user
-   * @deprecated Use {@link #createUser(String,byte[])} instead
+   * @deprecated Use {@link #createUser(AccumuloToken)} instead
    */
   @Deprecated
   public void createUser(final String user, final byte[] password, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
     ArgumentChecker.notNull(user, password, authorizations);
+    createUser(new UserPassToken(user, password), authorizations);
+  }
+  
+  /**
+   * Create a user
+   * 
+   * @param user
+   *          the name of the user to create
+   * @param password
+   *          the plaintext password for the user
+   * @param authorizations
+   *          the authorizations that the user has for scanning
+   * @throws AccumuloException
+   *           if a general error occurs
+   * @throws AccumuloSecurityException
+   *           if the user does not have permission to create a user
+   * @deprecated Use {@link #createUser(AccumuloToken)} instead
+   */
+  public void createUser(final AccumuloToken<?,?> newToken, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
+    ArgumentChecker.notNull(newToken, authorizations);
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.createUser(Tracer.traceInfo(), credentials, user, ByteBuffer.wrap(password), ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
+        client.createUser(Tracer.traceInfo(), token.toThrift(), TokenHelper.wrapper(newToken),
+            ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
       }
     });
   }
-
+  
   /**
    * Create a user
    * 
@@ -130,8 +153,8 @@ public class SecurityOperationsImpl impl
    * @throws AccumuloSecurityException
    *           if the user does not have permission to create a user
    */
-  public void createUser(final String user, final byte[] password) throws AccumuloException, AccumuloSecurityException {
-    createUser(user, password, new Authorizations());
+  public void createUser(final AccumuloToken<?,?> newToken) throws AccumuloException, AccumuloSecurityException {
+    createUser(newToken, new Authorizations());
   }
   
   /**
@@ -149,7 +172,7 @@ public class SecurityOperationsImpl impl
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.dropUser(Tracer.traceInfo(), credentials, user);
+        client.dropUser(Tracer.traceInfo(), token.toThrift(), user);
       }
     });
   }
@@ -166,13 +189,30 @@ public class SecurityOperationsImpl impl
    *           if a general error occurs
    * @throws AccumuloSecurityException
    *           if the user does not have permission to ask
+   * @deprecated since 1.5, use {@link #authenticateUser(AccumuloToken)}
    */
   public boolean authenticateUser(final String user, final byte[] password) throws AccumuloException, AccumuloSecurityException {
     ArgumentChecker.notNull(user, password);
+    return authenticateUser(new UserPassToken(user, password));
+  }
+  
+  /**
+   * Verify a username/password combination is valid
+   * 
+   * @param token
+   *          the AccumuloToken of the principal to authenticate
+   * @return true if the user asking is allowed to know and the specified AccumuloToken is valid, false otherwise
+   * @throws AccumuloException
+   *           if a general error occurs
+   * @throws AccumuloSecurityException
+   *           if the user does not have permission to ask
+   */
+  public boolean authenticateUser(final AccumuloToken<?,?> token2) throws AccumuloException, AccumuloSecurityException {
+    ArgumentChecker.notNull(token2);
     return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
       @Override
       public Boolean execute(ClientService.Client client) throws Exception {
-        return client.authenticateUser(Tracer.traceInfo(), credentials, user, ByteBuffer.wrap(password));
+        return client.authenticateUser(Tracer.traceInfo(), token.toThrift(), TokenHelper.wrapper(token2));
       }
     });
   }
@@ -189,20 +229,41 @@ public class SecurityOperationsImpl impl
    * @throws AccumuloSecurityException
    *           if the user does not have permission to modify a user
    */
-  public void changeUserPassword(final String user, final byte[] password) throws AccumuloException, AccumuloSecurityException {
-    ArgumentChecker.notNull(user, password);
+  public void changeUserPassword(final AccumuloToken<?,?> newToken) throws AccumuloException, AccumuloSecurityException {
+    ArgumentChecker.notNull(newToken);
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.changePassword(Tracer.traceInfo(), credentials, user, ByteBuffer.wrap(password));
+        client.changePassword(Tracer.traceInfo(), token.toThrift(), TokenHelper.wrapper(newToken));
       }
     });
-    if (this.credentials.user.equals(user)) {
-      this.credentials.password = ByteBuffer.wrap(Arrays.copyOf(password, password.length));
+    if (!(this.token.getToken() instanceof PasswordUpdatable) || !(newToken instanceof PasswordUpdatable))
+      throw new AccumuloException("The AccumuloToken type cannot be dynamically adjusted. Please create a new token and reconnect");
+    if (this.token.getPrincipal().equals(newToken.getPrincipal())) {
+      PasswordUpdatable upt = (PasswordUpdatable) this.token.getToken();
+      upt.updatePassword((PasswordUpdatable) newToken);
+      token.toThrift().token = TokenHelper.wrapper(this.token.getToken());
     }
   }
   
   /**
+   * Set the user's password
+   * 
+   * @param user
+   *          the name of the user to modify
+   * @param password
+   *          the plaintext password for the user
+   * @throws AccumuloException
+   *           if a general error occurs
+   * @throws AccumuloSecurityException
+   *           if the user does not have permission to modify a user
+   */
+  public void changeUserPassword(final String user, final byte[] password) throws AccumuloException, AccumuloSecurityException {
+    ArgumentChecker.notNull(user, password);
+    changeUserPassword(new UserPassToken(user, password));
+  }
+  
+  /**
    * Set the user's record-level authorizations
    * 
    * @param user
@@ -219,7 +280,7 @@ public class SecurityOperationsImpl impl
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.changeAuthorizations(Tracer.traceInfo(), credentials, user, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
+        client.changeAuthorizations(Tracer.traceInfo(), token.toThrift(), user, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
       }
     });
   }
@@ -240,7 +301,7 @@ public class SecurityOperationsImpl impl
     return execute(new ClientExecReturn<Authorizations,ClientService.Client>() {
       @Override
       public Authorizations execute(ClientService.Client client) throws Exception {
-        return new Authorizations(client.getUserAuthorizations(Tracer.traceInfo(), credentials, user));
+        return new Authorizations(client.getUserAuthorizations(Tracer.traceInfo(), token.toThrift(), user));
       }
     });
   }
@@ -263,7 +324,7 @@ public class SecurityOperationsImpl impl
     return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
       @Override
       public Boolean execute(ClientService.Client client) throws Exception {
-        return client.hasSystemPermission(Tracer.traceInfo(), credentials, user, perm.getId());
+        return client.hasSystemPermission(Tracer.traceInfo(), token.toThrift(), user, perm.getId());
       }
     });
   }
@@ -288,7 +349,7 @@ public class SecurityOperationsImpl impl
     return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
       @Override
       public Boolean execute(ClientService.Client client) throws Exception {
-        return client.hasTablePermission(Tracer.traceInfo(), credentials, user, table, perm.getId());
+        return client.hasTablePermission(Tracer.traceInfo(), token.toThrift(), user, table, perm.getId());
       }
     });
   }
@@ -310,7 +371,7 @@ public class SecurityOperationsImpl impl
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.grantSystemPermission(Tracer.traceInfo(), credentials, user, permission.getId());
+        client.grantSystemPermission(Tracer.traceInfo(), token.toThrift(), user, permission.getId());
       }
     });
   }
@@ -334,7 +395,7 @@ public class SecurityOperationsImpl impl
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.grantTablePermission(Tracer.traceInfo(), credentials, user, table, permission.getId());
+        client.grantTablePermission(Tracer.traceInfo(), token.toThrift(), user, table, permission.getId());
       }
     });
   }
@@ -356,7 +417,7 @@ public class SecurityOperationsImpl impl
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.revokeSystemPermission(Tracer.traceInfo(), credentials, user, permission.getId());
+        client.revokeSystemPermission(Tracer.traceInfo(), token.toThrift(), user, permission.getId());
       }
     });
   }
@@ -381,7 +442,7 @@ public class SecurityOperationsImpl impl
     execute(new ClientExec<ClientService.Client>() {
       @Override
       public void execute(ClientService.Client client) throws Exception {
-        client.revokeTablePermission(Tracer.traceInfo(), credentials, user, table, permission.getId());
+        client.revokeTablePermission(Tracer.traceInfo(), token.toThrift(), user, table, permission.getId());
       }
     });
   }
@@ -399,7 +460,7 @@ public class SecurityOperationsImpl impl
     return execute(new ClientExecReturn<Set<String>,ClientService.Client>() {
       @Override
       public Set<String> execute(ClientService.Client client) throws Exception {
-        return client.listUsers(Tracer.traceInfo(), credentials);
+        return client.listUsers(Tracer.traceInfo(), token.toThrift());
       }
     });
   }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/TableOperationsImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/TableOperationsImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/TableOperationsImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/admin/TableOperationsImpl.java Fri Jan 25 07:04:25 2013
@@ -75,8 +75,8 @@ import org.apache.accumulo.core.master.s
 import org.apache.accumulo.core.master.thrift.MasterClientService;
 import org.apache.accumulo.core.master.thrift.TableOperation;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
 import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
 import org.apache.accumulo.core.util.ArgumentChecker;
@@ -105,20 +105,21 @@ import org.apache.thrift.transport.TTran
  */
 public class TableOperationsImpl extends TableOperationsHelper {
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper token;
   
-  private static final Logger log = Logger.getLogger(TableOperations.class);
+  private static final Logger log = Logger.getLogger(TableOperationsImpl.class);
   
   /**
    * @param instance
    *          the connection information for this instance
    * @param credentials
    *          the username/password for this connection
+   * @param token.toThrift() 
    */
-  public TableOperationsImpl(Instance instance, AuthInfo credentials) {
+  public TableOperationsImpl(Instance instance, InstanceTokenWrapper credentials) {
     ArgumentChecker.notNull(instance, credentials);
     this.instance = instance;
-    this.credentials = credentials;
+    this.token = credentials;
   }
   
   /**
@@ -205,7 +206,7 @@ public class TableOperationsImpl extends
       MasterClientService.Iface client = null;
       try {
         client = MasterClient.getConnectionWithRetry(instance);
-        return client.beginTableOperation(Tracer.traceInfo(), credentials);
+        return client.beginTableOperation(Tracer.traceInfo(), token.toThrift());
       } catch (TTransportException tte) {
         log.debug("Failed to call beginTableOperation(), retrying ... ", tte);
         UtilWaitThread.sleep(100);
@@ -221,7 +222,7 @@ public class TableOperationsImpl extends
       MasterClientService.Iface client = null;
       try {
         client = MasterClient.getConnectionWithRetry(instance);
-        client.executeTableOperation(Tracer.traceInfo(), credentials, opid, op, args, opts, autoCleanUp);
+        client.executeTableOperation(Tracer.traceInfo(), token.toThrift(), opid, op, args, opts, autoCleanUp);
         break;
       } catch (TTransportException tte) {
         log.debug("Failed to call executeTableOperation(), retrying ... ", tte);
@@ -237,7 +238,7 @@ public class TableOperationsImpl extends
       MasterClientService.Iface client = null;
       try {
         client = MasterClient.getConnectionWithRetry(instance);
-        return client.waitForTableOperation(Tracer.traceInfo(), credentials, opid);
+        return client.waitForTableOperation(Tracer.traceInfo(), token.toThrift(), opid);
       } catch (TTransportException tte) {
         log.debug("Failed to call waitForTableOperation(), retrying ... ", tte);
         UtilWaitThread.sleep(100);
@@ -252,7 +253,7 @@ public class TableOperationsImpl extends
       MasterClientService.Iface client = null;
       try {
         client = MasterClient.getConnectionWithRetry(instance);
-        client.finishTableOperation(Tracer.traceInfo(), credentials, opid);
+        client.finishTableOperation(Tracer.traceInfo(), token.toThrift(), opid);
         break;
       } catch (TTransportException tte) {
         log.debug("Failed to call finishTableOperation(), retrying ... ", tte);
@@ -417,7 +418,7 @@ public class TableOperationsImpl extends
   
   private void addSplits(String tableName, SortedSet<Text> partitionKeys, String tableId) throws AccumuloException, AccumuloSecurityException,
       TableNotFoundException, AccumuloServerException {
-    TabletLocator tabLocator = TabletLocator.getInstance(instance, credentials, new Text(tableId));
+    TabletLocator tabLocator = TabletLocator.getInstance(instance, token, new Text(tableId));
     
     for (Text split : partitionKeys) {
       boolean successful = false;
@@ -447,7 +448,7 @@ public class TableOperationsImpl extends
             if (log.isTraceEnabled())
               opTimer = new OpTimer(log, Level.TRACE).start("Splitting tablet " + tl.tablet_extent + " on " + tl.tablet_location + " at " + split);
             
-            client.splitTablet(Tracer.traceInfo(), credentials, tl.tablet_extent.toThrift(), TextUtil.getByteBuffer(split));
+            client.splitTablet(Tracer.traceInfo(), token.toThrift(), tl.tablet_extent.toThrift(), TextUtil.getByteBuffer(split));
             
             // just split it, might as well invalidate it in the cache
             tabLocator.invalidateCache(tl.tablet_extent);
@@ -532,7 +533,7 @@ public class TableOperationsImpl extends
       try {
         tablets.clear();
         locations.clear();
-        MetadataTable.getEntries(instance, credentials, tableName, false, locations, tablets);
+        MetadataTable.getEntries(instance, token, tableName, false, locations, tablets);
         break;
       } catch (Throwable t) {
         log.info(t.getMessage() + " ... retrying ...");
@@ -731,7 +732,7 @@ public class TableOperationsImpl extends
         MasterClientService.Iface client = null;
         try {
           client = MasterClient.getConnectionWithRetry(instance);
-          flushID = client.initiateFlush(Tracer.traceInfo(), credentials, tableId);
+          flushID = client.initiateFlush(Tracer.traceInfo(), token.toThrift(), tableId);
           break;
         } catch (TTransportException tte) {
           log.debug("Failed to call initiateFlush, retrying ... ", tte);
@@ -745,7 +746,7 @@ public class TableOperationsImpl extends
         MasterClientService.Iface client = null;
         try {
           client = MasterClient.getConnectionWithRetry(instance);
-          client.waitForFlush(Tracer.traceInfo(), credentials, tableId, TextUtil.getByteBuffer(start), TextUtil.getByteBuffer(end), flushID, wait ? Long.MAX_VALUE : 1);
+          client.waitForFlush(Tracer.traceInfo(), token.toThrift(), tableId, TextUtil.getByteBuffer(start), TextUtil.getByteBuffer(end), flushID, wait ? Long.MAX_VALUE : 1);
           break;
         } catch (TTransportException tte) {
           log.debug("Failed to call initiateFlush, retrying ... ", tte);
@@ -789,7 +790,7 @@ public class TableOperationsImpl extends
     MasterClient.execute(instance, new ClientExec<MasterClientService.Client>() {
       @Override
       public void execute(MasterClientService.Client client) throws Exception {
-        client.setTableProperty(Tracer.traceInfo(), credentials, tableName, property, value);
+        client.setTableProperty(Tracer.traceInfo(), token.toThrift(), tableName, property, value);
       }
     });
   }
@@ -811,7 +812,7 @@ public class TableOperationsImpl extends
     MasterClient.execute(instance, new ClientExec<MasterClientService.Client>() {
       @Override
       public void execute(MasterClientService.Client client) throws Exception {
-        client.removeTableProperty(Tracer.traceInfo(), credentials, tableName, property);
+        client.removeTableProperty(Tracer.traceInfo(), token.toThrift(), tableName, property);
       }
     });
   }
@@ -957,7 +958,7 @@ public class TableOperationsImpl extends
     
     Map<String,Map<KeyExtent,List<Range>>> binnedRanges = new HashMap<String,Map<KeyExtent,List<Range>>>();
     String tableId = Tables.getTableId(instance, tableName);
-    TabletLocator tl = TabletLocator.getInstance(instance, credentials, new Text(tableId));
+    TabletLocator tl = TabletLocator.getInstance(instance, token, new Text(tableId));
     // its possible that the cache could contain complete, but old information about a tables tablets... so clear it
     tl.invalidateCache();
     while (!tl.binRanges(Collections.singletonList(range), binnedRanges).isEmpty()) {
@@ -1095,7 +1096,7 @@ public class TableOperationsImpl extends
    */
   public void clearLocatorCache(String tableName) throws TableNotFoundException {
     ArgumentChecker.notNull(tableName);
-    TabletLocator tabLocator = TabletLocator.getInstance(instance, credentials, new Text(Tables.getTableId(instance, tableName)));
+    TabletLocator tabLocator = TabletLocator.getInstance(instance, token, new Text(Tables.getTableId(instance, tableName)));
     tabLocator.invalidateCache();
   }
   
@@ -1112,7 +1113,7 @@ public class TableOperationsImpl extends
   public Text getMaxRow(String tableName, Authorizations auths, Text startRow, boolean startInclusive, Text endRow, boolean endInclusive)
       throws TableNotFoundException, AccumuloException, AccumuloSecurityException {
     ArgumentChecker.notNull(tableName, auths);
-    Scanner scanner = instance.getConnector(credentials).createScanner(tableName, auths);
+    Scanner scanner = instance.getConnector(token.getToken()).createScanner(tableName, auths);
     return FindMax.findMax(scanner, startRow, startInclusive, endRow, endInclusive);
   }
   

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/BatchWriterImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/BatchWriterImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/BatchWriterImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/BatchWriterImpl.java Fri Jan 25 07:04:25 2013
@@ -21,7 +21,7 @@ import org.apache.accumulo.core.client.B
 import org.apache.accumulo.core.client.Instance;
 import org.apache.accumulo.core.client.MutationsRejectedException;
 import org.apache.accumulo.core.data.Mutation;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.ArgumentChecker;
 
 public class BatchWriterImpl implements BatchWriter {
@@ -29,7 +29,7 @@ public class BatchWriterImpl implements 
   private String table;
   private TabletServerBatchWriter bw;
   
-  public BatchWriterImpl(Instance instance, AuthInfo credentials, String table, BatchWriterConfig config) {
+  public BatchWriterImpl(Instance instance, InstanceTokenWrapper credentials, String table, BatchWriterConfig config) {
     ArgumentChecker.notNull(instance, credentials, table, config);
     this.table = table;
     this.bw = new TabletServerBatchWriter(instance, credentials, config);

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java Fri Jan 25 07:04:25 2013
@@ -16,7 +16,6 @@
  */
 package org.apache.accumulo.core.client.impl;
 
-import java.nio.ByteBuffer;
 import java.util.concurrent.TimeUnit;
 
 import org.apache.accumulo.cloudtrace.instrument.Tracer;
@@ -41,13 +40,16 @@ import org.apache.accumulo.core.client.a
 import org.apache.accumulo.core.client.impl.thrift.ClientService;
 import org.apache.accumulo.core.master.state.tables.TableState;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
-import org.apache.accumulo.core.security.thrift.SecurityErrorCode;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.ArgumentChecker;
 
 public class ConnectorImpl extends Connector {
   private Instance instance;
-  private AuthInfo credentials;
+  
+  // There are places where we need information from the token. But we don't want to convert to a thrift object for every call.
+  // So we'll keep both on hand and pass them around.
+  private InstanceTokenWrapper token;
   private SecurityOperations secops = null;
   private TableOperations tableops = null;
   private InstanceOperations instanceops = null;
@@ -57,31 +59,28 @@ public class ConnectorImpl extends Conne
    * Use {@link Instance#getConnector(String, byte[])}
    * 
    * @param instance
-   * @param user
-   * @param password
+   * @param token
    * @throws AccumuloException
    * @throws AccumuloSecurityException
    * @see Instance#getConnector(String user, byte[] password)
    * @deprecated Not for client use
    */
   @Deprecated
-  public ConnectorImpl(Instance instance, String user, byte[] password) throws AccumuloException, AccumuloSecurityException {
-    ArgumentChecker.notNull(instance, user, password);
+  public ConnectorImpl(Instance instance, final AccumuloToken<?,?> token2) throws AccumuloException, AccumuloSecurityException {
+    ArgumentChecker.notNull(instance, token2);
     this.instance = instance;
     
     // copy password so that user can clear it.... in future versions we can clear it...
-    byte[] passCopy = new byte[password.length];
-    System.arraycopy(password, 0, passCopy, 0, password.length);
-    this.credentials = new AuthInfo(user, ByteBuffer.wrap(password), instance.getInstanceID());
+    
+    this.token = new InstanceTokenWrapper(token2, instance.getInstanceID());
     
     // hardcoded string for SYSTEM user since the definition is
     // in server code
-    if (!user.equals("!SYSTEM")) {
+    if (!token.getPrincipal().equals("!SYSTEM")) {
       ServerClient.execute(instance, new ClientExec<ClientService.Client>() {
         @Override
         public void execute(ClientService.Client iface) throws Exception {
-          if (!iface.authenticateUser(Tracer.traceInfo(), credentials, credentials.user, credentials.password))
-            throw new AccumuloSecurityException("Authentication failed, access denied", SecurityErrorCode.BAD_CREDENTIALS);
+          iface.authenticateUser(Tracer.traceInfo(), token.toThrift(), token.toThrift().token);
         }
       });
     }
@@ -102,7 +101,7 @@ public class ConnectorImpl extends Conne
   @Override
   public BatchScanner createBatchScanner(String tableName, Authorizations authorizations, int numQueryThreads) throws TableNotFoundException {
     ArgumentChecker.notNull(tableName, authorizations);
-    return new TabletServerBatchReader(instance, credentials, getTableId(tableName), authorizations, numQueryThreads);
+    return new TabletServerBatchReader(instance, token, getTableId(tableName), authorizations, numQueryThreads);
   }
   
   @Deprecated
@@ -110,7 +109,7 @@ public class ConnectorImpl extends Conne
   public BatchDeleter createBatchDeleter(String tableName, Authorizations authorizations, int numQueryThreads, long maxMemory, long maxLatency,
       int maxWriteThreads) throws TableNotFoundException {
     ArgumentChecker.notNull(tableName, authorizations);
-    return new TabletServerBatchDeleter(instance, credentials, getTableId(tableName), authorizations, numQueryThreads, new BatchWriterConfig()
+    return new TabletServerBatchDeleter(instance, token, getTableId(tableName), authorizations, numQueryThreads, new BatchWriterConfig()
         .setMaxMemory(maxMemory).setMaxLatency(maxLatency, TimeUnit.MILLISECONDS).setMaxWriteThreads(maxWriteThreads));
   }
   
@@ -118,39 +117,39 @@ public class ConnectorImpl extends Conne
   public BatchDeleter createBatchDeleter(String tableName, Authorizations authorizations, int numQueryThreads, BatchWriterConfig config)
       throws TableNotFoundException {
     ArgumentChecker.notNull(tableName, authorizations);
-    return new TabletServerBatchDeleter(instance, credentials, getTableId(tableName), authorizations, numQueryThreads, config);
+    return new TabletServerBatchDeleter(instance, token, getTableId(tableName), authorizations, numQueryThreads, config);
   }
   
   @Deprecated
   @Override
   public BatchWriter createBatchWriter(String tableName, long maxMemory, long maxLatency, int maxWriteThreads) throws TableNotFoundException {
     ArgumentChecker.notNull(tableName);
-    return new BatchWriterImpl(instance, credentials, getTableId(tableName), new BatchWriterConfig().setMaxMemory(maxMemory)
+    return new BatchWriterImpl(instance, token, getTableId(tableName), new BatchWriterConfig().setMaxMemory(maxMemory)
         .setMaxLatency(maxLatency, TimeUnit.MILLISECONDS).setMaxWriteThreads(maxWriteThreads));
   }
   
   @Override
   public BatchWriter createBatchWriter(String tableName, BatchWriterConfig config) throws TableNotFoundException {
     ArgumentChecker.notNull(tableName);
-    return new BatchWriterImpl(instance, credentials, getTableId(tableName), config);
+    return new BatchWriterImpl(instance, token, getTableId(tableName), config);
   }
   
   @Deprecated
   @Override
   public MultiTableBatchWriter createMultiTableBatchWriter(long maxMemory, long maxLatency, int maxWriteThreads) {
-    return new MultiTableBatchWriterImpl(instance, credentials, new BatchWriterConfig().setMaxMemory(maxMemory)
+    return new MultiTableBatchWriterImpl(instance, token, new BatchWriterConfig().setMaxMemory(maxMemory)
         .setMaxLatency(maxLatency, TimeUnit.MILLISECONDS).setMaxWriteThreads(maxWriteThreads));
   }
   
   @Override
   public MultiTableBatchWriter createMultiTableBatchWriter(BatchWriterConfig config) {
-    return new MultiTableBatchWriterImpl(instance, credentials, config);
+    return new MultiTableBatchWriterImpl(instance, token, config);
   }
   
   @Override
   public Scanner createScanner(String tableName, Authorizations authorizations) throws TableNotFoundException {
     ArgumentChecker.notNull(tableName, authorizations);
-    return new ScannerImpl(instance, credentials, getTableId(tableName), authorizations);
+    return new ScannerImpl(instance, token, getTableId(tableName), authorizations);
   }
   
   /*
@@ -160,7 +159,7 @@ public class ConnectorImpl extends Conne
    */
   @Override
   public String whoami() {
-    return credentials.user;
+    return token.getPrincipal();
   }
   
   /*
@@ -171,7 +170,7 @@ public class ConnectorImpl extends Conne
   @Override
   public synchronized TableOperations tableOperations() {
     if (tableops == null)
-      tableops = new TableOperationsImpl(instance, credentials);
+      tableops = new TableOperationsImpl(instance, token);
     return tableops;
   }
   
@@ -183,7 +182,7 @@ public class ConnectorImpl extends Conne
   @Override
   public synchronized SecurityOperations securityOperations() {
     if (secops == null)
-      secops = new SecurityOperationsImpl(instance, credentials);
+      secops = new SecurityOperationsImpl(instance, token);
     
     return secops;
   }
@@ -196,7 +195,7 @@ public class ConnectorImpl extends Conne
   @Override
   public synchronized InstanceOperations instanceOperations() {
     if (instanceops == null)
-      instanceops = new InstanceOperationsImpl(instance, credentials);
+      instanceops = new InstanceOperationsImpl(instance, token);
     
     return instanceops;
   }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MetadataLocationObtainer.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MetadataLocationObtainer.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MetadataLocationObtainer.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MetadataLocationObtainer.java Fri Jan 25 07:04:25 2013
@@ -41,7 +41,7 @@ import org.apache.accumulo.core.data.Key
 import org.apache.accumulo.core.data.PartialKey;
 import org.apache.accumulo.core.data.Range;
 import org.apache.accumulo.core.data.Value;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
 import org.apache.accumulo.core.util.MetadataTable;
 import org.apache.accumulo.core.util.OpTimer;
@@ -53,12 +53,12 @@ import org.apache.log4j.Logger;
 
 public class MetadataLocationObtainer implements TabletLocationObtainer {
   private static final Logger log = Logger.getLogger(MetadataLocationObtainer.class);
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   private SortedSet<Column> locCols;
   private ArrayList<Column> columns;
   private Instance instance;
   
-  MetadataLocationObtainer(AuthInfo credentials, Instance instance) {
+  MetadataLocationObtainer(InstanceTokenWrapper credentials, Instance instance) {
     
     this.instance = instance;
     this.credentials = credentials;

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MultiTableBatchWriterImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MultiTableBatchWriterImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MultiTableBatchWriterImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/MultiTableBatchWriterImpl.java Fri Jan 25 07:04:25 2013
@@ -29,7 +29,7 @@ import org.apache.accumulo.core.client.T
 import org.apache.accumulo.core.client.TableOfflineException;
 import org.apache.accumulo.core.data.Mutation;
 import org.apache.accumulo.core.master.state.tables.TableState;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.ArgumentChecker;
 import org.apache.log4j.Logger;
 
@@ -72,7 +72,7 @@ public class MultiTableBatchWriterImpl i
   private HashMap<String,BatchWriter> tableWriters;
   private Instance instance;
   
-  public MultiTableBatchWriterImpl(Instance instance, AuthInfo credentials, BatchWriterConfig config) {
+  public MultiTableBatchWriterImpl(Instance instance, InstanceTokenWrapper credentials, BatchWriterConfig config) {
     ArgumentChecker.notNull(instance, credentials);
     this.instance = instance;
     this.bw = new TabletServerBatchWriter(instance, credentials, config);

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/OfflineScanner.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/OfflineScanner.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/OfflineScanner.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/OfflineScanner.java Fri Jan 25 07:04:25 2013
@@ -55,7 +55,7 @@ import org.apache.accumulo.core.iterator
 import org.apache.accumulo.core.master.state.tables.TableState;
 import org.apache.accumulo.core.security.Authorizations;
 import org.apache.accumulo.core.security.ColumnVisibility;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
 import org.apache.accumulo.core.util.ArgumentChecker;
 import org.apache.accumulo.core.util.CachedConfiguration;
 import org.apache.accumulo.core.util.LocalityGroupUtil;
@@ -121,7 +121,7 @@ class OfflineIterator implements Iterato
    * @param authorizations
    * @param table
    */
-  public OfflineIterator(ScannerOptions options, Instance instance, AuthInfo credentials, Authorizations authorizations, Text table, Range range) {
+  public OfflineIterator(ScannerOptions options, Instance instance, AccumuloToken<?,?> credentials, Authorizations authorizations, Text table, Range range) {
     this.options = new ScannerOptions(options);
     this.instance = instance;
     this.range = range;
@@ -343,11 +343,11 @@ public class OfflineScanner extends Scan
   private Range range;
   
   private Instance instance;
-  private AuthInfo credentials;
+  private AccumuloToken<?,?> credentials;
   private Authorizations authorizations;
   private Text tableId;
   
-  public OfflineScanner(Instance instance, AuthInfo credentials, String tableId, Authorizations authorizations) {
+  public OfflineScanner(Instance instance, AccumuloToken<?,?> credentials, String tableId, Authorizations authorizations) {
     ArgumentChecker.notNull(instance, credentials, tableId, authorizations);
     this.instance = instance;
     this.credentials = credentials;

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerImpl.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerImpl.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerImpl.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerImpl.java Fri Jan 25 07:04:25 2013
@@ -38,7 +38,7 @@ import org.apache.accumulo.core.data.Key
 import org.apache.accumulo.core.data.Range;
 import org.apache.accumulo.core.data.Value;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.ArgumentChecker;
 import org.apache.hadoop.io.Text;
 
@@ -50,7 +50,7 @@ public class ScannerImpl extends Scanner
   // and just query for the next highest row from the tablet server
   
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   private Authorizations authorizations;
   private Text table;
   
@@ -59,7 +59,7 @@ public class ScannerImpl extends Scanner
   private Range range;
   private boolean isolated = false;
   
-  public ScannerImpl(Instance instance, AuthInfo credentials, String table, Authorizations authorizations) {
+  public ScannerImpl(Instance instance, InstanceTokenWrapper credentials, String table, Authorizations authorizations) {
     ArgumentChecker.notNull(instance, credentials, table, authorizations);
     this.instance = instance;
     this.credentials = credentials;

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerIterator.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerIterator.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerIterator.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ScannerIterator.java Fri Jan 25 07:04:25 2013
@@ -39,7 +39,7 @@ import org.apache.accumulo.core.data.Key
 import org.apache.accumulo.core.data.Range;
 import org.apache.accumulo.core.data.Value;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.NamingThreadFactory;
 import org.apache.hadoop.io.Text;
 import org.apache.log4j.Logger;
@@ -55,7 +55,7 @@ public class ScannerIterator implements 
   // scanner state
   private Iterator<KeyValue> iter;
   private ScanState scanState;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   private Instance instance;
   
   private ScannerOptions options;
@@ -121,7 +121,7 @@ public class ScannerIterator implements 
     
   }
   
-  ScannerIterator(Instance instance, AuthInfo credentials, Text table, Authorizations authorizations, Range range, int size, int timeOut,
+  ScannerIterator(Instance instance, InstanceTokenWrapper credentials, Text table, Authorizations authorizations, Range range, int size, int timeOut,
       ScannerOptions options, boolean isolated) {
     this.instance = instance;
     this.tableName = new Text(table);

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletLocator.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletLocator.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletLocator.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletLocator.java Fri Jan 25 07:04:25 2013
@@ -32,7 +32,8 @@ import org.apache.accumulo.core.client.T
 import org.apache.accumulo.core.data.KeyExtent;
 import org.apache.accumulo.core.data.Mutation;
 import org.apache.accumulo.core.data.Range;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.AccumuloToken;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.ArgumentChecker;
 import org.apache.hadoop.io.Text;
 
@@ -92,7 +93,11 @@ public abstract class TabletLocator {
   
   private static final Text ROOT_TABLET_MDE = KeyExtent.getMetadataEntry(new Text(Constants.METADATA_TABLE_ID), null);
   
-  public static synchronized TabletLocator getInstance(Instance instance, AuthInfo credentials, Text tableId) {
+  public static synchronized TabletLocator getInstance(Instance instance, AccumuloToken<?,?> credentials, Text tableId) {
+    return getInstance(instance, new InstanceTokenWrapper(credentials, instance.getInstanceID()), tableId);
+  }
+  
+  public static synchronized TabletLocator getInstance(Instance instance, InstanceTokenWrapper credentials, Text tableId) {
     LocatorKey key = new LocatorKey(instance.getInstanceID(), tableId);
     
     TabletLocator tl = locators.get(key);

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java Fri Jan 25 07:04:25 2013
@@ -32,16 +32,16 @@ import org.apache.accumulo.core.data.Val
 import org.apache.accumulo.core.iterators.SortedKeyIterator;
 import org.apache.accumulo.core.security.Authorizations;
 import org.apache.accumulo.core.security.ColumnVisibility;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 
 public class TabletServerBatchDeleter extends TabletServerBatchReader implements BatchDeleter {
   
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   private String tableId;
   private BatchWriterConfig bwConfig;
   
-  public TabletServerBatchDeleter(Instance instance, AuthInfo credentials, String tableId, Authorizations authorizations, int numQueryThreads,
+  public TabletServerBatchDeleter(Instance instance, InstanceTokenWrapper credentials, String tableId, Authorizations authorizations, int numQueryThreads,
       BatchWriterConfig bwConfig) throws TableNotFoundException {
     super(instance, credentials, tableId, authorizations, numQueryThreads);
     this.instance = instance;

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java Fri Jan 25 07:04:25 2013
@@ -29,7 +29,7 @@ import org.apache.accumulo.core.data.Key
 import org.apache.accumulo.core.data.Range;
 import org.apache.accumulo.core.data.Value;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.util.ArgumentChecker;
 import org.apache.accumulo.core.util.SimpleThreadPool;
 import org.apache.log4j.Logger;
@@ -44,7 +44,7 @@ public class TabletServerBatchReader ext
   private Instance instance;
   private ArrayList<Range> ranges;
   
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   private Authorizations authorizations = Constants.NO_AUTHS;
   
   private static int nextBatchReaderInstance = 1;
@@ -55,7 +55,7 @@ public class TabletServerBatchReader ext
   
   private final int batchReaderInstance = getNextBatchReaderInstance();
   
-  public TabletServerBatchReader(Instance instance, AuthInfo credentials, String table, Authorizations authorizations, int numQueryThreads) {
+  public TabletServerBatchReader(Instance instance, InstanceTokenWrapper credentials, String table, Authorizations authorizations, int numQueryThreads) {
     ArgumentChecker.notNull(instance, credentials, table, authorizations);
     this.instance = instance;
     this.credentials = credentials;

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java Fri Jan 25 07:04:25 2013
@@ -58,8 +58,8 @@ import org.apache.accumulo.core.data.thr
 import org.apache.accumulo.core.data.thrift.TRange;
 import org.apache.accumulo.core.master.state.tables.TableState;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException;
 import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
 import org.apache.accumulo.core.util.ByteBufferUtil;
@@ -79,7 +79,7 @@ public class TabletServerBatchReaderIter
   private static final Logger log = Logger.getLogger(TabletServerBatchReaderIterator.class);
   
   private final Instance instance;
-  private final AuthInfo credentials;
+  private final InstanceTokenWrapper credentials;
   private final String table;
   private Authorizations authorizations = Constants.NO_AUTHS;
   private final int numThreads;
@@ -133,7 +133,7 @@ public class TabletServerBatchReaderIter
     
   }
   
-  public TabletServerBatchReaderIterator(Instance instance, AuthInfo credentials, String table, Authorizations authorizations, ArrayList<Range> ranges,
+  public TabletServerBatchReaderIterator(Instance instance, InstanceTokenWrapper credentials, String table, Authorizations authorizations, ArrayList<Range> ranges,
       int numThreads, ExecutorService queryThreadPool, ScannerOptions scannerOptions, long timeout) {
     
     this.instance = instance;
@@ -600,13 +600,13 @@ public class TabletServerBatchReaderIter
   }
   
   static void doLookup(String server, Map<KeyExtent,List<Range>> requested, Map<KeyExtent,List<Range>> failures, Map<KeyExtent,List<Range>> unscanned,
-      ResultReceiver receiver, List<Column> columns, AuthInfo credentials, ScannerOptions options, Authorizations authorizations, AccumuloConfiguration conf)
+      ResultReceiver receiver, List<Column> columns, InstanceTokenWrapper credentials, ScannerOptions options, Authorizations authorizations, AccumuloConfiguration conf)
       throws IOException, AccumuloSecurityException, AccumuloServerException {
     doLookup(server, requested, failures, unscanned, receiver, columns, credentials, options, authorizations, conf, new TimeoutTracker(Long.MAX_VALUE));
   }
   
   static void doLookup(String server, Map<KeyExtent,List<Range>> requested, Map<KeyExtent,List<Range>> failures, Map<KeyExtent,List<Range>> unscanned,
-      ResultReceiver receiver, List<Column> columns, AuthInfo credentials, ScannerOptions options, Authorizations authorizations, AccumuloConfiguration conf,
+      ResultReceiver receiver, List<Column> columns, InstanceTokenWrapper credentials, ScannerOptions options, Authorizations authorizations, AccumuloConfiguration conf,
       TimeoutTracker timeoutTracker) throws IOException, AccumuloSecurityException, AccumuloServerException {
     
     if (requested.size() == 0) {
@@ -641,7 +641,7 @@ public class TabletServerBatchReaderIter
         
         Map<TKeyExtent,List<TRange>> thriftTabletRanges = Translator.translate(requested, Translator.KET, new Translator.ListTranslator<Range,TRange>(
             Translator.RT));
-        InitialMultiScan imsr = client.startMultiScan(Tracer.traceInfo(), credentials, thriftTabletRanges, Translator.translate(columns, Translator.CT),
+        InitialMultiScan imsr = client.startMultiScan(Tracer.traceInfo(), credentials.toThrift(), thriftTabletRanges, Translator.translate(columns, Translator.CT),
             options.serverSideIteratorList, options.serverSideIteratorOptions, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()), waitForWrites);
         if (waitForWrites)
           ThriftScanner.serversWaitedForWrites.get(ttype).add(server);

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java Fri Jan 25 07:04:25 2013
@@ -58,9 +58,9 @@ import org.apache.accumulo.core.data.Mut
 import org.apache.accumulo.core.data.thrift.TMutation;
 import org.apache.accumulo.core.data.thrift.UpdateErrors;
 import org.apache.accumulo.core.master.state.tables.TableState;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
 import org.apache.accumulo.core.security.thrift.SecurityErrorCode;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException;
 import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException;
 import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
@@ -111,7 +111,7 @@ public class TabletServerBatchWriter {
   private FailedMutations failedMutations;
   
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   
   private Violations violations;
   private Map<KeyExtent,Set<SecurityErrorCode>> authorizationFailures;
@@ -187,7 +187,7 @@ public class TabletServerBatchWriter {
     }
   }
   
-  public TabletServerBatchWriter(Instance instance, AuthInfo credentials, BatchWriterConfig config) {
+  public TabletServerBatchWriter(Instance instance, InstanceTokenWrapper credentials, BatchWriterConfig config) {
     this.instance = instance;
     this.maxMem = config.getMaxMemory();
     this.maxLatency = config.getMaxLatency(TimeUnit.MILLISECONDS) <= 0 ? Long.MAX_VALUE : config.getMaxLatency(TimeUnit.MILLISECONDS);
@@ -855,7 +855,7 @@ public class TabletServerBatchWriter {
             Entry<KeyExtent,List<Mutation>> entry = tabMuts.entrySet().iterator().next();
             
             try {
-              client.update(tinfo, credentials, entry.getKey().toThrift(), entry.getValue().get(0).toThrift());
+              client.update(tinfo, credentials.toThrift(), entry.getKey().toThrift(), entry.getValue().get(0).toThrift());
             } catch (NotServingTabletException e) {
               allFailures.addAll(entry.getKey().getTableId().toString(), entry.getValue());
               TabletLocator.getInstance(instance, credentials, new Text(entry.getKey().getTableId())).invalidateCache(entry.getKey());
@@ -865,7 +865,7 @@ public class TabletServerBatchWriter {
             timeoutTracker.madeProgress();
           } else {
             
-            long usid = client.startUpdate(tinfo, credentials);
+            long usid = client.startUpdate(tinfo, credentials.toThrift());
             
             List<TMutation> updates = new ArrayList<TMutation>();
             for (Entry<KeyExtent,List<Mutation>> entry : tabMuts.entrySet()) {

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java Fri Jan 25 07:04:25 2013
@@ -52,8 +52,8 @@ import org.apache.accumulo.core.data.thr
 import org.apache.accumulo.core.data.thrift.TKeyValue;
 import org.apache.accumulo.core.master.state.tables.TableState;
 import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException;
 import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
 import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
@@ -82,7 +82,7 @@ public class ThriftScanner {
     }
   }
   
-  public static boolean getBatchFromServer(AuthInfo credentials, Text startRow, KeyExtent extent, String server, SortedMap<Key,Value> results,
+  public static boolean getBatchFromServer(InstanceTokenWrapper credentials, Text startRow, KeyExtent extent, String server, SortedMap<Key,Value> results,
       SortedSet<Column> fetchedColumns, boolean skipStartKey, int size, Authorizations authorizations, boolean retry, AccumuloConfiguration conf)
       throws AccumuloException, AccumuloSecurityException, NotServingTabletException {
     Key startKey;
@@ -105,13 +105,13 @@ public class ThriftScanner {
     return getBatchFromServer(credentials, startKey, (Key) null, extent, server, results, fetchedColumns, size, authorizations, retry, conf);
   }
   
-  static boolean getBatchFromServer(AuthInfo credentials, Key key, Key endKey, KeyExtent extent, String server, SortedMap<Key,Value> results,
+  static boolean getBatchFromServer(InstanceTokenWrapper credentials, Key key, Key endKey, KeyExtent extent, String server, SortedMap<Key,Value> results,
       SortedSet<Column> fetchedColumns, int size, Authorizations authorizations, boolean retry, AccumuloConfiguration conf) throws AccumuloException,
       AccumuloSecurityException, NotServingTabletException {
     return getBatchFromServer(credentials, new Range(key, true, endKey, true), extent, server, results, fetchedColumns, size, authorizations, retry, conf);
   }
   
-  static boolean getBatchFromServer(AuthInfo credentials, Range range, KeyExtent extent, String server, SortedMap<Key,Value> results,
+  static boolean getBatchFromServer(InstanceTokenWrapper credentials, Range range, KeyExtent extent, String server, SortedMap<Key,Value> results,
       SortedSet<Column> fetchedColumns, int size, Authorizations authorizations, boolean retry, AccumuloConfiguration conf) throws AccumuloException,
       AccumuloSecurityException, NotServingTabletException {
     if (server == null)
@@ -128,7 +128,7 @@ public class ThriftScanner {
         
         TabletType ttype = TabletType.type(extent);
         boolean waitForWrites = !serversWaitedForWrites.get(ttype).contains(server);
-        InitialScan isr = client.startScan(tinfo, scanState.credentials, extent.toThrift(), scanState.range.toThrift(),
+        InitialScan isr = client.startScan(tinfo, scanState.credentials.toThrift(), extent.toThrift(), scanState.range.toThrift(),
             Translator.translate(scanState.columns, Translator.CT), scanState.size, scanState.serverSideIteratorList, scanState.serverSideIteratorOptions,
             scanState.authorizations.getAuthorizationsBB(), waitForWrites, scanState.isolated);
         if (waitForWrites)
@@ -170,7 +170,7 @@ public class ThriftScanner {
     
     int size;
     
-    AuthInfo credentials;
+    InstanceTokenWrapper credentials;
     Authorizations authorizations;
     List<Column> columns;
     
@@ -183,7 +183,7 @@ public class ThriftScanner {
     
     Map<String,Map<String,String>> serverSideIteratorOptions;
     
-    public ScanState(AuthInfo credentials, Text tableName, Authorizations authorizations, Range range, SortedSet<Column> fetchedColumns, int size,
+    public ScanState(InstanceTokenWrapper credentials, Text tableName, Authorizations authorizations, Range range, SortedSet<Column> fetchedColumns, int size,
         List<IterInfo> serverSideIteratorList, Map<String,Map<String,String>> serverSideIteratorOptions, boolean isolated) {
       this.credentials = credentials;
       this.authorizations = authorizations;
@@ -220,7 +220,7 @@ public class ThriftScanner {
     
   }
   
-  public static List<KeyValue> scan(Instance instance, AuthInfo credentials, ScanState scanState, int timeOut, AccumuloConfiguration conf)
+  public static List<KeyValue> scan(Instance instance, InstanceTokenWrapper credentials, ScanState scanState, int timeOut, AccumuloConfiguration conf)
       throws ScanTimedOutException, AccumuloException, AccumuloSecurityException, TableNotFoundException {
     TabletLocation loc = null;
     
@@ -416,7 +416,7 @@ public class ThriftScanner {
         
         TabletType ttype = TabletType.type(loc.tablet_extent);
         boolean waitForWrites = !serversWaitedForWrites.get(ttype).contains(loc.tablet_location);
-        InitialScan is = client.startScan(tinfo, scanState.credentials, loc.tablet_extent.toThrift(), scanState.range.toThrift(),
+        InitialScan is = client.startScan(tinfo, scanState.credentials.toThrift(), loc.tablet_extent.toThrift(), scanState.range.toThrift(),
             Translator.translate(scanState.columns, Translator.CT), scanState.size, scanState.serverSideIteratorList, scanState.serverSideIteratorOptions,
             scanState.authorizations.getAuthorizationsBB(), waitForWrites, scanState.isolated);
         if (waitForWrites)

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java?rev=1438354&r1=1438353&r2=1438354&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java (original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java Fri Jan 25 07:04:25 2013
@@ -25,8 +25,8 @@ import org.apache.accumulo.core.client.i
 import org.apache.accumulo.core.conf.AccumuloConfiguration;
 import org.apache.accumulo.core.data.KeyExtent;
 import org.apache.accumulo.core.data.Mutation;
-import org.apache.accumulo.core.security.thrift.AuthInfo;
 import org.apache.accumulo.core.security.thrift.ThriftSecurityException;
+import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper;
 import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException;
 import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
 import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
@@ -44,28 +44,28 @@ public class Writer {
   private static final Logger log = Logger.getLogger(Writer.class);
   
   private Instance instance;
-  private AuthInfo credentials;
+  private InstanceTokenWrapper credentials;
   private Text table;
   
-  public Writer(Instance instance, AuthInfo credentials, Text table) {
+  public Writer(Instance instance, InstanceTokenWrapper credentials, Text table) {
     ArgumentChecker.notNull(instance, credentials, table);
     this.instance = instance;
     this.credentials = credentials;
     this.table = table;
   }
   
-  public Writer(Instance instance, AuthInfo credentials, String table) {
+  public Writer(Instance instance, InstanceTokenWrapper credentials, String table) {
     this(instance, credentials, new Text(table));
   }
   
-  private static void updateServer(Mutation m, KeyExtent extent, String server, AuthInfo ai, AccumuloConfiguration configuration) throws TException,
+  private static void updateServer(Mutation m, KeyExtent extent, String server, InstanceTokenWrapper ai, AccumuloConfiguration configuration) throws TException,
       NotServingTabletException, ConstraintViolationException, AccumuloSecurityException {
     ArgumentChecker.notNull(m, extent, server, ai);
     
     TabletClientService.Iface client = null;
     try {
       client = ThriftUtil.getTServerClient(server, configuration);
-      client.update(Tracer.traceInfo(), ai, extent.toThrift(), m.toThrift());
+      client.update(Tracer.traceInfo(), ai.toThrift(), extent.toThrift(), m.toThrift());
       return;
     } catch (ThriftSecurityException e) {
       throw new AccumuloSecurityException(e.user, e.code);



Mime
View raw message