Return-Path: X-Original-To: apmail-accumulo-commits-archive@www.apache.org Delivered-To: apmail-accumulo-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 10648EB0B for ; Wed, 23 Jan 2013 18:06:06 +0000 (UTC) Received: (qmail 97503 invoked by uid 500); 23 Jan 2013 18:06:06 -0000 Delivered-To: apmail-accumulo-commits-archive@accumulo.apache.org Received: (qmail 97486 invoked by uid 500); 23 Jan 2013 18:06:06 -0000 Mailing-List: contact commits-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@accumulo.apache.org Delivered-To: mailing list commits@accumulo.apache.org Received: (qmail 97479 invoked by uid 99); 23 Jan 2013 18:06:05 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Jan 2013 18:06:05 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 Jan 2013 18:06:02 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 118FB2388C06; Wed, 23 Jan 2013 18:05:19 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1437605 [10/12] - in /accumulo/branches/ACCUMULO-259: core/src/main/java/org/apache/accumulo/core/cli/ core/src/main/java/org/apache/accumulo/core/client/ core/src/main/java/org/apache/accumulo/core/client/admin/ core/src/main/java/org/apa... Date: Wed, 23 Jan 2013 18:05:13 -0000 To: commits@accumulo.apache.org From: vines@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130123180519.118FB2388C06@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java Wed Jan 23 18:05:10 2013 @@ -16,8 +16,6 @@ */ package org.apache.accumulo.server.security; -import java.nio.ByteBuffer; -import java.util.Arrays; import java.util.Set; import org.apache.accumulo.core.Constants; @@ -30,9 +28,10 @@ import org.apache.accumulo.core.conf.Pro import org.apache.accumulo.core.security.Authorizations; import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; -import org.apache.accumulo.core.security.thrift.AuthInfo; import org.apache.accumulo.core.security.thrift.SecurityErrorCode; import org.apache.accumulo.core.security.thrift.ThriftSecurityException; +import org.apache.accumulo.core.security.tokens.AccumuloToken; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; import org.apache.accumulo.server.client.HdfsZooInstance; import org.apache.accumulo.server.master.Master; import org.apache.accumulo.server.security.handler.Authenticator; @@ -56,6 +55,8 @@ public class SecurityOperation { private static String rootUserName = null; private final ZooCache zooCache; private final String ZKUserPath; + + private String instanceId; protected static SecurityOperation instance; @@ -100,11 +101,13 @@ public class SecurityOperation { * @Deprecated not for client use */ public SecurityOperation(String instanceId) { + this.instanceId = instanceId; ZKUserPath = Constants.ZROOT + "/" + instanceId + "/users"; zooCache = new ZooCache(); } public SecurityOperation(Authorizor author, Authenticator authent, PermissionHandler pm, String instanceId) { + this(instanceId); authorizor = author; authenticator = authent; permHandle = pm; @@ -113,22 +116,19 @@ public class SecurityOperation { || !permHandle.validSecurityHandlers(authent, author)) throw new RuntimeException(authorizor + ", " + authenticator + ", and " + pm + " do not play nice with eachother. Please choose authentication and authorization mechanisms that are compatible with one another."); - - ZKUserPath = Constants.ZROOT + "/" + instanceId + "/users"; - zooCache = new ZooCache(); } - public void initializeSecurity(AuthInfo credentials, String rootuser, byte[] rootpass) throws AccumuloSecurityException, ThriftSecurityException { + public void initializeSecurity(InstanceTokenWrapper credentials, AccumuloToken rootToken) throws AccumuloSecurityException, ThriftSecurityException { authenticate(credentials); - if (!credentials.user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new AccumuloSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + if (!credentials.getPrincipal().equals(SecurityConstants.SYSTEM_USERNAME)) + throw new AccumuloSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - authenticator.initializeSecurity(credentials, rootuser, rootpass); - authorizor.initializeSecurity(rootuser); - permHandle.initializeSecurity(rootuser); + authenticator.initializeSecurity(credentials, rootToken); + authorizor.initializeSecurity(credentials, rootToken.getPrincipal()); + permHandle.initializeSecurity(credentials, rootToken.getPrincipal()); try { - permHandle.grantTablePermission(rootuser, Constants.METADATA_TABLE_ID, TablePermission.ALTER_TABLE); + permHandle.grantTablePermission(rootToken.getPrincipal(), Constants.METADATA_TABLE_ID, TablePermission.ALTER_TABLE); } catch (TableNotFoundException e) { // Shouldn't happen throw new RuntimeException(e); @@ -141,31 +141,31 @@ public class SecurityOperation { return rootUserName; } - private void authenticate(String user, ByteBuffer password, String instance) throws ThriftSecurityException { - if (!instance.equals(HdfsZooInstance.getInstance().getInstanceID())) - throw new ThriftSecurityException(user, SecurityErrorCode.INVALID_INSTANCEID); - - if (user.equals(SecurityConstants.SYSTEM_USERNAME)) { - if (Arrays.equals(SecurityConstants.getSystemCredentials().password.array(), password.array()) - && instance.equals(SecurityConstants.getSystemCredentials().instanceId)) + private void authenticate(InstanceTokenWrapper credentials) throws ThriftSecurityException { + if (!credentials.getInstance().equals(HdfsZooInstance.getInstance().getInstanceID())) + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.INVALID_INSTANCEID); + + if (credentials.getPrincipal().equals(SecurityConstants.SYSTEM_USERNAME)) { + if (SecurityConstants.getSystemCredentials().getToken().equals(credentials.getToken()) + && instanceId.equals(SecurityConstants.getSystemCredentials().getInstance())) return; else - throw new ThriftSecurityException(user, SecurityErrorCode.BAD_CREDENTIALS); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS); } - if (!authenticator.authenticateUser(user, password, instance)) { - throw new ThriftSecurityException(user, SecurityErrorCode.BAD_CREDENTIALS); + try { + if (!authenticator.authenticateUser(credentials.getToken())) { + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS); + } + } catch (AccumuloSecurityException e) { + throw e.asThriftException(); } } - private void authenticate(AuthInfo credentials) throws ThriftSecurityException { - authenticate(credentials.user, credentials.password, credentials.instanceId); - } - - public boolean canAskAboutUser(AuthInfo credentials, String user) throws ThriftSecurityException { + public boolean canAskAboutUser(InstanceTokenWrapper credentials, String user) throws ThriftSecurityException { // Authentication done in canPerformSystemActions - if (!(canPerformSystemActions(credentials) || credentials.user.equals(user))) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + if (!(canPerformSystemActions(credentials) || credentials.getPrincipal().equals(user))) + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); return true; } @@ -176,10 +176,13 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean authenticateUser(AuthInfo credentials, String user, ByteBuffer password) throws ThriftSecurityException { - canAskAboutUser(credentials, user); - return authenticator.authenticateUser(user, password, credentials.instanceId); - + public boolean authenticateUser(InstanceTokenWrapper credentials, AccumuloToken token) throws ThriftSecurityException { + canAskAboutUser(credentials, token.getPrincipal()); + try { + return authenticator.authenticateUser(token); + } catch (AccumuloSecurityException e) { + throw e.asThriftException(); + } } /** @@ -188,13 +191,13 @@ public class SecurityOperation { * @return The given user's authorizations * @throws ThriftSecurityException */ - public Authorizations getUserAuthorizations(AuthInfo credentials, String user) throws ThriftSecurityException { + public Authorizations getUserAuthorizations(InstanceTokenWrapper credentials, String user) throws ThriftSecurityException { authenticate(credentials); targetUserExists(user); - if (!credentials.user.equals(user) && !hasSystemPermission(credentials.user, SystemPermission.SYSTEM, false)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials.getPrincipal(), SystemPermission.SYSTEM, false)) + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); // system user doesn't need record-level authorizations for the tables it reads (for now) if (user.equals(SecurityConstants.SYSTEM_USERNAME)) @@ -212,8 +215,8 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public Authorizations getUserAuthorizations(AuthInfo credentials) throws ThriftSecurityException { - return getUserAuthorizations(credentials, credentials.user); + public Authorizations getUserAuthorizations(InstanceTokenWrapper credentials) throws ThriftSecurityException { + return getUserAuthorizations(credentials, credentials.getPrincipal()); } /** @@ -263,12 +266,12 @@ public class SecurityOperation { } // some people just aren't allowed to ask about other users; here are those who can ask - private boolean canAskAboutOtherUsers(AuthInfo credentials, String user) throws ThriftSecurityException { + private boolean canAskAboutOtherUsers(InstanceTokenWrapper credentials, String user) throws ThriftSecurityException { authenticate(credentials); - return credentials.user.equals(user) || hasSystemPermission(credentials.user, SystemPermission.SYSTEM, false) - || hasSystemPermission(credentials, credentials.user, SystemPermission.CREATE_USER) - || hasSystemPermission(credentials, credentials.user, SystemPermission.ALTER_USER) - || hasSystemPermission(credentials, credentials.user, SystemPermission.DROP_USER); + return credentials.getPrincipal().equals(user) || hasSystemPermission(credentials.getPrincipal(), SystemPermission.SYSTEM, false) + || hasSystemPermission(credentials.getPrincipal(), SystemPermission.CREATE_USER, false) + || hasSystemPermission(credentials.getPrincipal(), SystemPermission.ALTER_USER, false) + || hasSystemPermission(credentials.getPrincipal(), SystemPermission.DROP_USER, false); } /** @@ -290,9 +293,9 @@ public class SecurityOperation { * @throws ThriftSecurityException * @throws TableNotFoundException */ - public boolean canScan(AuthInfo credentials, String table) throws ThriftSecurityException { + public boolean canScan(InstanceTokenWrapper credentials, String table) throws ThriftSecurityException { authenticate(credentials); - return hasTablePermission(credentials.user, table, TablePermission.READ, true); + return hasTablePermission(credentials.getPrincipal(), table, TablePermission.READ, true); } /** @@ -302,9 +305,9 @@ public class SecurityOperation { * @throws ThriftSecurityException * @throws TableNotFoundException */ - public boolean canWrite(AuthInfo credentials, String table) throws ThriftSecurityException { + public boolean canWrite(InstanceTokenWrapper credentials, String table) throws ThriftSecurityException { authenticate(credentials); - return hasTablePermission(credentials.user, table, TablePermission.WRITE, true); + return hasTablePermission(credentials.getPrincipal(), table, TablePermission.WRITE, true); } /** @@ -314,10 +317,11 @@ public class SecurityOperation { * @throws ThriftSecurityException * @throws TableNotFoundException */ - public boolean canSplitTablet(AuthInfo credentials, String table) throws ThriftSecurityException { + public boolean canSplitTablet(InstanceTokenWrapper credentials, String table) throws ThriftSecurityException { authenticate(credentials); - return hasSystemPermission(credentials.user, SystemPermission.ALTER_TABLE, false) || hasSystemPermission(credentials.user, SystemPermission.SYSTEM, false) - || hasTablePermission(credentials.user, table, TablePermission.ALTER_TABLE, false); + return hasSystemPermission(credentials.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasSystemPermission(credentials.getPrincipal(), SystemPermission.SYSTEM, false) + || hasTablePermission(credentials.getPrincipal(), table, TablePermission.ALTER_TABLE, false); } /** @@ -328,9 +332,9 @@ public class SecurityOperation { * This is the check to perform any system action. This includes tserver's loading of a tablet, shutting the system down, or altering system * properties. */ - public boolean canPerformSystemActions(AuthInfo credentials) throws ThriftSecurityException { + public boolean canPerformSystemActions(InstanceTokenWrapper credentials) throws ThriftSecurityException { authenticate(credentials); - return hasSystemPermission(credentials.user, SystemPermission.SYSTEM, false); + return hasSystemPermission(credentials.getPrincipal(), SystemPermission.SYSTEM, false); } /** @@ -339,9 +343,10 @@ public class SecurityOperation { * @throws ThriftSecurityException * @throws ThriftTableOperationException */ - public boolean canFlush(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canFlush(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasTablePermission(c.user, tableId, TablePermission.WRITE, false) || hasTablePermission(c.user, tableId, TablePermission.ALTER_TABLE, false); + return hasTablePermission(c.getPrincipal(), tableId, TablePermission.WRITE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.ALTER_TABLE, false); } /** @@ -350,18 +355,19 @@ public class SecurityOperation { * @throws ThriftSecurityException * @throws ThriftTableOperationException */ - public boolean canAlterTable(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canAlterTable(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasTablePermission(c.user, tableId, TablePermission.ALTER_TABLE, false) || hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false); + return hasTablePermission(c.getPrincipal(), tableId, TablePermission.ALTER_TABLE, false) + || hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false); } /** * @param c * @throws ThriftSecurityException */ - public boolean canCreateTable(AuthInfo c) throws ThriftSecurityException { + public boolean canCreateTable(InstanceTokenWrapper c) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.CREATE_TABLE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.CREATE_TABLE, false); } /** @@ -371,9 +377,10 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canRenameTable(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canRenameTable(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c.user, tableId, TablePermission.ALTER_TABLE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.ALTER_TABLE, false); } /** @@ -382,9 +389,10 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canCloneTable(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canCloneTable(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.CREATE_TABLE, false) && hasTablePermission(c.user, tableId, TablePermission.READ, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.CREATE_TABLE, false) + && hasTablePermission(c.getPrincipal(), tableId, TablePermission.READ, false); } /** @@ -394,9 +402,10 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canDeleteTable(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canDeleteTable(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.DROP_TABLE, false) || hasTablePermission(c.user, tableId, TablePermission.DROP_TABLE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.DROP_TABLE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.DROP_TABLE, false); } /** @@ -406,10 +415,10 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canOnlineOfflineTable(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canOnlineOfflineTable(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.SYSTEM, false) || hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false) - || hasTablePermission(c.user, tableId, TablePermission.ALTER_TABLE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.SYSTEM, false) || hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.ALTER_TABLE, false); } /** @@ -419,10 +428,10 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canMerge(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canMerge(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.SYSTEM, false) || hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false) - || hasTablePermission(c.user, tableId, TablePermission.ALTER_TABLE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.SYSTEM, false) || hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.ALTER_TABLE, false); } /** @@ -432,9 +441,9 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canDeleteRange(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canDeleteRange(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.SYSTEM, false) || hasTablePermission(c.user, tableId, TablePermission.WRITE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.SYSTEM, false) || hasTablePermission(c.getPrincipal(), tableId, TablePermission.WRITE, false); } /** @@ -444,9 +453,9 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canBulkImport(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canBulkImport(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasTablePermission(c.user, tableId, TablePermission.BULK_IMPORT, false); + return hasTablePermission(c.getPrincipal(), tableId, TablePermission.BULK_IMPORT, false); } /** @@ -456,10 +465,11 @@ public class SecurityOperation { * @throws TableNotFoundException * @throws ThriftSecurityException */ - public boolean canCompact(AuthInfo c, String tableId) throws ThriftSecurityException { + public boolean canCompact(InstanceTokenWrapper c, String tableId) throws ThriftSecurityException { authenticate(c); - return hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c.user, tableId, TablePermission.ALTER_TABLE, false) - || hasTablePermission(c.user, tableId, TablePermission.WRITE, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), tableId, TablePermission.WRITE, false); } /** @@ -467,11 +477,11 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canChangeAuthorizations(AuthInfo c, String user) throws ThriftSecurityException { + public boolean canChangeAuthorizations(InstanceTokenWrapper c, String user) throws ThriftSecurityException { authenticate(c); if (user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); - return hasSystemPermission(c.user, SystemPermission.ALTER_USER, false); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); + return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_USER, false); } /** @@ -480,11 +490,11 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canChangePassword(AuthInfo c, String user) throws ThriftSecurityException { + public boolean canChangePassword(InstanceTokenWrapper c, String user) throws ThriftSecurityException { authenticate(c); if (user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); - return c.user.equals(user) || hasSystemPermission(c.user, SystemPermission.ALTER_USER, false); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); + return c.getPrincipal().equals(user) || hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_USER, false); } /** @@ -493,14 +503,14 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canCreateUser(AuthInfo c, String user) throws ThriftSecurityException { + public boolean canCreateUser(InstanceTokenWrapper c, String user) throws ThriftSecurityException { authenticate(c); // don't allow creating a user with the same name as system user if (user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - return hasSystemPermission(c.user, SystemPermission.CREATE_USER, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.CREATE_USER, false); } /** @@ -509,14 +519,14 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canDropUser(AuthInfo c, String user) throws ThriftSecurityException { + public boolean canDropUser(InstanceTokenWrapper c, String user) throws ThriftSecurityException { authenticate(c); // can't delete root or system users if (user.equals(getRootUsername()) || user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - return hasSystemPermission(c.user, SystemPermission.DROP_USER, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.DROP_USER, false); } /** @@ -526,18 +536,18 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canGrantSystem(AuthInfo c, String user, SystemPermission sysPerm) throws ThriftSecurityException { + public boolean canGrantSystem(InstanceTokenWrapper c, String user, SystemPermission sysPerm) throws ThriftSecurityException { authenticate(c); // can't modify system user if (user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); // can't grant GRANT if (sysPerm.equals(SystemPermission.GRANT)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.GRANT_INVALID); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID); - return hasSystemPermission(c.user, SystemPermission.GRANT, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.GRANT, false); } /** @@ -547,14 +557,15 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canGrantTable(AuthInfo c, String user, String table) throws ThriftSecurityException { + public boolean canGrantTable(InstanceTokenWrapper c, String user, String table) throws ThriftSecurityException { authenticate(c); // can't modify system user if (user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - return hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c.user, table, TablePermission.GRANT, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), table, TablePermission.GRANT, false); } /** @@ -564,18 +575,18 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canRevokeSystem(AuthInfo c, String user, SystemPermission sysPerm) throws ThriftSecurityException { + public boolean canRevokeSystem(InstanceTokenWrapper c, String user, SystemPermission sysPerm) throws ThriftSecurityException { authenticate(c); // can't modify system or root user if (user.equals(getRootUsername()) || user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); // can't revoke GRANT if (sysPerm.equals(SystemPermission.GRANT)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.GRANT_INVALID); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID); - return hasSystemPermission(c.user, SystemPermission.GRANT, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.GRANT, false); } /** @@ -585,14 +596,15 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean canRevokeTable(AuthInfo c, String user, String table) throws ThriftSecurityException { + public boolean canRevokeTable(InstanceTokenWrapper c, String user, String table) throws ThriftSecurityException { authenticate(c); // can't modify system user if (user.equals(SecurityConstants.SYSTEM_USERNAME)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - return hasSystemPermission(c.user, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c.user, table, TablePermission.GRANT, false); + return hasSystemPermission(c.getPrincipal(), SystemPermission.ALTER_TABLE, false) + || hasTablePermission(c.getPrincipal(), table, TablePermission.GRANT, false); } /** @@ -601,15 +613,15 @@ public class SecurityOperation { * @param authorizations * @throws ThriftSecurityException */ - public void changeAuthorizations(AuthInfo credentials, String user, Authorizations authorizations) throws ThriftSecurityException { + public void changeAuthorizations(InstanceTokenWrapper credentials, String user, Authorizations authorizations) throws ThriftSecurityException { if (!canChangeAuthorizations(credentials, user)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { authorizor.changeAuthorizations(user, authorizations); - log.info("Changed authorizations for user " + user + " at the request of user " + credentials.user); + log.info("Changed authorizations for user " + user + " at the request of user " + credentials.getPrincipal()); } catch (AccumuloSecurityException ase) { throw ase.asThriftException(); } @@ -621,12 +633,12 @@ public class SecurityOperation { * @param bytes * @throws ThriftSecurityException */ - public void changePassword(AuthInfo credentials, String user, byte[] pass) throws ThriftSecurityException { - if (!canChangePassword(credentials, user)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + public void changePassword(InstanceTokenWrapper credentials, AccumuloToken token) throws ThriftSecurityException { + if (!canChangePassword(credentials, token.getPrincipal())) + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); try { - authenticator.changePassword(user, pass); - log.info("Changed password for user " + user + " at the request of user " + credentials.user); + authenticator.changePassword(token); + log.info("Changed password for user " + token.getPrincipal() + " at the request of user " + credentials.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); } @@ -639,16 +651,16 @@ public class SecurityOperation { * @param authorizations * @throws ThriftSecurityException */ - public void createUser(AuthInfo credentials, String user, byte[] pass, Authorizations authorizations) throws ThriftSecurityException { - if (!canCreateUser(credentials, user)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); - try { - authenticator.createUser(user, pass); - authorizor.initUser(user); - permHandle.initUser(user); - log.info("Created user " + user + " at the request of user " + credentials.user); - if (canChangeAuthorizations(credentials, user)) - authorizor.changeAuthorizations(user, authorizations); + public void createUser(InstanceTokenWrapper credentials, AccumuloToken token, Authorizations authorizations) throws ThriftSecurityException { + if (!canCreateUser(credentials, token.getPrincipal())) + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); + try { + authenticator.createUser(token); + authorizor.initUser(token.getPrincipal()); + permHandle.initUser(token.getPrincipal()); + log.info("Created user " + token.getPrincipal() + " at the request of user " + credentials.getPrincipal()); + if (canChangeAuthorizations(credentials, token.getPrincipal())) + authorizor.changeAuthorizations(token.getPrincipal(), authorizations); } catch (AccumuloSecurityException ase) { throw ase.asThriftException(); } @@ -659,14 +671,14 @@ public class SecurityOperation { * @param user * @throws ThriftSecurityException */ - public void dropUser(AuthInfo credentials, String user) throws ThriftSecurityException { + public void dropUser(InstanceTokenWrapper credentials, String user) throws ThriftSecurityException { if (!canDropUser(credentials, user)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); try { authorizor.dropUser(user); authenticator.dropUser(user); permHandle.cleanUser(user); - log.info("Deleted user " + user + " at the request of user " + credentials.user); + log.info("Deleted user " + user + " at the request of user " + credentials.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); } @@ -678,15 +690,15 @@ public class SecurityOperation { * @param permissionById * @throws ThriftSecurityException */ - public void grantSystemPermission(AuthInfo credentials, String user, SystemPermission permissionById) throws ThriftSecurityException { + public void grantSystemPermission(InstanceTokenWrapper credentials, String user, SystemPermission permissionById) throws ThriftSecurityException { if (!canGrantSystem(credentials, user, permissionById)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { permHandle.grantSystemPermission(user, permissionById); - log.info("Granted system permission " + permissionById + " for user " + user + " at the request of user " + credentials.user); + log.info("Granted system permission " + permissionById + " for user " + user + " at the request of user " + credentials.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); } @@ -699,19 +711,19 @@ public class SecurityOperation { * @param permission * @throws ThriftSecurityException */ - public void grantTablePermission(AuthInfo c, String user, String tableId, TablePermission permission) throws ThriftSecurityException { + public void grantTablePermission(InstanceTokenWrapper c, String user, String tableId, TablePermission permission) throws ThriftSecurityException { if (!canGrantTable(c, user, tableId)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { permHandle.grantTablePermission(user, tableId, permission); - log.info("Granted table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.user); + log.info("Granted table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); } catch (TableNotFoundException e) { - throw new ThriftSecurityException(c.user, SecurityErrorCode.TABLE_DOESNT_EXIST); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST); } } @@ -721,15 +733,15 @@ public class SecurityOperation { * @param permission * @throws ThriftSecurityException */ - public void revokeSystemPermission(AuthInfo credentials, String user, SystemPermission permission) throws ThriftSecurityException { + public void revokeSystemPermission(InstanceTokenWrapper credentials, String user, SystemPermission permission) throws ThriftSecurityException { if (!canRevokeSystem(credentials, user, permission)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { permHandle.revokeSystemPermission(user, permission); - log.info("Revoked system permission " + permission + " for user " + user + " at the request of user " + credentials.user); + log.info("Revoked system permission " + permission + " for user " + user + " at the request of user " + credentials.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); @@ -743,20 +755,20 @@ public class SecurityOperation { * @param permission * @throws ThriftSecurityException */ - public void revokeTablePermission(AuthInfo c, String user, String tableId, TablePermission permission) throws ThriftSecurityException { + public void revokeTablePermission(InstanceTokenWrapper c, String user, String tableId, TablePermission permission) throws ThriftSecurityException { if (!canRevokeTable(c, user, tableId)) - throw new ThriftSecurityException(c.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); targetUserExists(user); try { permHandle.revokeTablePermission(user, tableId, permission); - log.info("Revoked table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.user); + log.info("Revoked table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.getPrincipal()); } catch (AccumuloSecurityException e) { throw e.asThriftException(); } catch (TableNotFoundException e) { - throw new ThriftSecurityException(c.user, SecurityErrorCode.TABLE_DOESNT_EXIST); + throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST); } } @@ -767,9 +779,9 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean hasSystemPermission(AuthInfo credentials, String user, SystemPermission permissionById) throws ThriftSecurityException { + public boolean hasSystemPermission(InstanceTokenWrapper credentials, String user, SystemPermission permissionById) throws ThriftSecurityException { if (!canAskAboutOtherUsers(credentials, user)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); return hasSystemPermission(user, permissionById, false); } @@ -781,9 +793,10 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public boolean hasTablePermission(AuthInfo credentials, String user, String tableId, TablePermission permissionById) throws ThriftSecurityException { + public boolean hasTablePermission(InstanceTokenWrapper credentials, String user, String tableId, TablePermission permissionById) + throws ThriftSecurityException { if (!canAskAboutOtherUsers(credentials, user)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); return hasTablePermission(user, tableId, permissionById, false); } @@ -792,7 +805,7 @@ public class SecurityOperation { * @return * @throws ThriftSecurityException */ - public Set listUsers(AuthInfo credentials) throws ThriftSecurityException { + public Set listUsers(InstanceTokenWrapper credentials) throws ThriftSecurityException { authenticate(credentials); try { return authenticator.listUsers(); @@ -806,26 +819,30 @@ public class SecurityOperation { * @param tableId * @throws ThriftSecurityException */ - public void deleteTable(AuthInfo credentials, String tableId) throws ThriftSecurityException { + public void deleteTable(InstanceTokenWrapper credentials, String tableId) throws ThriftSecurityException { if (!canDeleteTable(credentials, tableId)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); try { permHandle.cleanTablePermissions(tableId); } catch (AccumuloSecurityException e) { - e.setUser(credentials.user); + e.setUser(credentials.getPrincipal()); throw e.asThriftException(); } catch (TableNotFoundException e) { - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.TABLE_DOESNT_EXIST); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST); } } - public boolean canExport(AuthInfo credentials, String tableId) throws ThriftSecurityException { + public boolean canExport(InstanceTokenWrapper credentials, String tableId) throws ThriftSecurityException { authenticate(credentials); - return hasTablePermission(credentials.user, tableId, TablePermission.READ, false); + return hasTablePermission(credentials.getPrincipal(), tableId, TablePermission.READ, false); } - public boolean canImport(AuthInfo credentials, String tableId) throws ThriftSecurityException { + public boolean canImport(InstanceTokenWrapper credentials, String tableId) throws ThriftSecurityException { authenticate(credentials); - return hasSystemPermission(credentials.user, SystemPermission.CREATE_TABLE, false); + return hasSystemPermission(credentials.getPrincipal(), SystemPermission.CREATE_TABLE, false); + } + + public String getTokenClassName() { + return authenticator.getTokenClassName(); } } Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java Wed Jan 23 18:05:10 2013 @@ -16,11 +16,12 @@ */ package org.apache.accumulo.server.security.handler; -import java.nio.ByteBuffer; import java.util.Set; import org.apache.accumulo.core.client.AccumuloSecurityException; -import org.apache.accumulo.core.security.thrift.AuthInfo; +import org.apache.accumulo.core.security.thrift.ThriftSecurityException; +import org.apache.accumulo.core.security.tokens.AccumuloToken; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; /** * This interface is used for the system which will be used for authenticating a user. If the implementation does not support configuration through Accumulo, it @@ -33,17 +34,19 @@ public interface Authenticator { public boolean validSecurityHandlers(Authorizor auth, PermissionHandler pm); - public void initializeSecurity(AuthInfo credentials, String rootuser, byte[] rootpass) throws AccumuloSecurityException; + public void initializeSecurity(InstanceTokenWrapper credentials, AccumuloToken at) throws AccumuloSecurityException, ThriftSecurityException; - public boolean authenticateUser(String user, ByteBuffer password, String instanceId); + public boolean authenticateUser(AccumuloToken token) throws AccumuloSecurityException; public Set listUsers() throws AccumuloSecurityException; - public void createUser(String user, byte[] pass) throws AccumuloSecurityException; + public void createUser(AccumuloToken user) throws AccumuloSecurityException; public void dropUser(String user) throws AccumuloSecurityException; - public void changePassword(String user, byte[] pass) throws AccumuloSecurityException; + public void changePassword(AccumuloToken user) throws AccumuloSecurityException; public boolean userExists(String user); + + public String getTokenClassName(); } Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java Wed Jan 23 18:05:10 2013 @@ -18,6 +18,8 @@ package org.apache.accumulo.server.secur import org.apache.accumulo.core.client.AccumuloSecurityException; import org.apache.accumulo.core.security.Authorizations; +import org.apache.accumulo.core.security.thrift.ThriftSecurityException; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; /** * This interface is used for the system which will be used for getting a users Authorizations. If the implementation does not support configuration through @@ -45,7 +47,7 @@ public interface Authorizor { * @param rootuser * @throws AccumuloSecurityException */ - public void initializeSecurity(String rootuser) throws AccumuloSecurityException; + public void initializeSecurity(InstanceTokenWrapper credentials, String rootuser) throws AccumuloSecurityException, ThriftSecurityException; /** * Used to change the authorizations for the user Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java Wed Jan 23 18:05:10 2013 @@ -16,12 +16,13 @@ */ package org.apache.accumulo.server.security.handler; -import java.nio.ByteBuffer; import java.util.Collections; import java.util.Set; import org.apache.accumulo.core.client.AccumuloSecurityException; -import org.apache.accumulo.core.security.thrift.AuthInfo; +import org.apache.accumulo.core.security.tokens.AccumuloToken; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; +import org.apache.accumulo.core.security.tokens.UserPassToken; /** * This is an Authenticator implementation that doesn't actually do any security. Use at your own risk. @@ -45,10 +46,10 @@ public class InsecureAuthenticator imple } /* (non-Javadoc) - * @see org.apache.accumulo.server.security.handler.Authenticator#initializeSecurity(org.apache.accumulo.core.security.thrift.AuthInfo, java.lang.String, byte[]) + * @see org.apache.accumulo.server.security.handler.Authenticator#initializeSecurity(org.apache.accumulo.core.security.thrift.InstanceTokenWrapper, java.lang.String, byte[]) */ @Override - public void initializeSecurity(AuthInfo credentials, String rootuser, byte[] rootpass) throws AccumuloSecurityException { + public void initializeSecurity(InstanceTokenWrapper credentials, AccumuloToken token) throws AccumuloSecurityException { return; } @@ -56,7 +57,7 @@ public class InsecureAuthenticator imple * @see org.apache.accumulo.server.security.handler.Authenticator#authenticateUser(java.lang.String, java.nio.ByteBuffer, java.lang.String) */ @Override - public boolean authenticateUser(String user, ByteBuffer password, String instanceId) { + public boolean authenticateUser(AccumuloToken token) { return true; } @@ -72,7 +73,7 @@ public class InsecureAuthenticator imple * @see org.apache.accumulo.server.security.handler.Authenticator#createUser(java.lang.String, byte[]) */ @Override - public void createUser(String user, byte[] pass) throws AccumuloSecurityException { + public void createUser(AccumuloToken token) throws AccumuloSecurityException { return; } @@ -88,7 +89,7 @@ public class InsecureAuthenticator imple * @see org.apache.accumulo.server.security.handler.Authenticator#changePassword(java.lang.String, byte[]) */ @Override - public void changePassword(String user, byte[] pass) throws AccumuloSecurityException { + public void changePassword(AccumuloToken token) throws AccumuloSecurityException { return; } @@ -99,5 +100,10 @@ public class InsecureAuthenticator imple public boolean userExists(String user) { return true; } + + @Override + public String getTokenClassName() { + return UserPassToken.class.getName(); + } } Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java Wed Jan 23 18:05:10 2013 @@ -20,6 +20,7 @@ import org.apache.accumulo.core.client.A import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; /** * This is a Permission Handler implementation that doesn't actually do any security. Use at your own risk. @@ -46,7 +47,7 @@ public class InsecurePermHandler impleme * @see org.apache.accumulo.server.security.handler.PermissionHandler#initializeSecurity(java.lang.String) */ @Override - public void initializeSecurity(String rootuser) throws AccumuloSecurityException { + public void initializeSecurity(InstanceTokenWrapper token, String rootuser) throws AccumuloSecurityException { return; } Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java Wed Jan 23 18:05:10 2013 @@ -20,6 +20,8 @@ import org.apache.accumulo.core.client.A import org.apache.accumulo.core.client.TableNotFoundException; import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; +import org.apache.accumulo.core.security.thrift.ThriftSecurityException; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; /** * This interface is used for the system which will be used for getting a users permissions. If the implementation does not support configuration through @@ -47,7 +49,7 @@ public interface PermissionHandler { * @param rootuser * @throws AccumuloSecurityException */ - public void initializeSecurity(String rootuser) throws AccumuloSecurityException; + public void initializeSecurity(InstanceTokenWrapper credentials, String rootuser) throws AccumuloSecurityException, ThriftSecurityException; /** * Used to get the system permission for the user Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java Wed Jan 23 18:05:10 2013 @@ -16,16 +16,16 @@ */ package org.apache.accumulo.server.security.handler; -import java.nio.ByteBuffer; import java.util.Set; import java.util.TreeSet; import org.apache.accumulo.core.Constants; import org.apache.accumulo.core.client.AccumuloException; import org.apache.accumulo.core.client.AccumuloSecurityException; -import org.apache.accumulo.core.security.thrift.AuthInfo; import org.apache.accumulo.core.security.thrift.SecurityErrorCode; -import org.apache.accumulo.core.util.ByteBufferUtil; +import org.apache.accumulo.core.security.tokens.AccumuloToken; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; +import org.apache.accumulo.core.security.tokens.UserPassToken; import org.apache.accumulo.fate.zookeeper.IZooReaderWriter; import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeExistsPolicy; import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeMissingPolicy; @@ -38,7 +38,7 @@ import org.apache.zookeeper.KeeperExcept public final class ZKAuthenticator implements Authenticator { static final Logger log = Logger.getLogger(ZKAuthenticator.class); private static Authenticator zkAuthenticatorInstance = null; - + private String ZKUserPath; private final ZooCache zooCache; @@ -55,9 +55,12 @@ public final class ZKAuthenticator imple public void initialize(String instanceId) { ZKUserPath = Constants.ZROOT + "/" + instanceId + "/users"; } - + @Override - public void initializeSecurity(AuthInfo credentials, String rootuser, byte[] rootpass) throws AccumuloSecurityException { + public void initializeSecurity(InstanceTokenWrapper credentials, AccumuloToken token) throws AccumuloSecurityException { + if (!(token instanceof UserPassToken)) + throw new AccumuloSecurityException("ZKAuthenticator doesn't take this token type", SecurityErrorCode.INVALID_TOKEN); + UserPassToken upt = (UserPassToken) token; try { // remove old settings from zookeeper first, if any IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance(); @@ -69,9 +72,9 @@ public final class ZKAuthenticator imple } // prep parent node of users with root username - zoo.putPersistentData(ZKUserPath, rootuser.getBytes(), NodeExistsPolicy.FAIL); + zoo.putPersistentData(ZKUserPath, upt.getPrincipal().getBytes(), NodeExistsPolicy.FAIL); - constructUser(rootuser, ZKSecurityTool.createPass(rootpass)); + constructUser(upt.getPrincipal(), ZKSecurityTool.createPass(upt.getPassword())); } } catch (KeeperException e) { log.error(e, e); @@ -88,8 +91,7 @@ public final class ZKAuthenticator imple /** * Sets up the user in ZK for the provided user. No checking for existence is done here, it should be done before calling. */ - private void constructUser(String user, byte[] pass) - throws KeeperException, InterruptedException { + private void constructUser(String user, byte[] pass) throws KeeperException, InterruptedException { synchronized (zooCache) { zooCache.clear(); IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance(); @@ -106,19 +108,22 @@ public final class ZKAuthenticator imple * Creates a user with no permissions whatsoever */ @Override - public void createUser(String user, byte[] pass) throws AccumuloSecurityException { + public void createUser(AccumuloToken token) throws AccumuloSecurityException { + if (!(token instanceof UserPassToken)) + throw new AccumuloSecurityException("ZKAuthenticator doesn't take this token type", SecurityErrorCode.INVALID_TOKEN); + UserPassToken upt = (UserPassToken) token; try { - constructUser(user, ZKSecurityTool.createPass(pass)); + constructUser(upt.getPrincipal(), ZKSecurityTool.createPass(upt.getPassword())); } catch (KeeperException e) { if (e.code().equals(KeeperException.Code.NODEEXISTS)) - throw new AccumuloSecurityException(user, SecurityErrorCode.USER_EXISTS, e); - throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e); + throw new AccumuloSecurityException(upt.getPrincipal(), SecurityErrorCode.USER_EXISTS, e); + throw new AccumuloSecurityException(upt.getPrincipal(), SecurityErrorCode.CONNECTION_ERROR, e); } catch (InterruptedException e) { log.error(e, e); throw new RuntimeException(e); } catch (AccumuloException e) { log.error(e, e); - throw new AccumuloSecurityException(user, SecurityErrorCode.DEFAULT_SECURITY_ERROR, e); + throw new AccumuloSecurityException(upt.getPrincipal(), SecurityErrorCode.DEFAULT_SECURITY_ERROR, e); } } @@ -141,25 +146,28 @@ public final class ZKAuthenticator imple } @Override - public void changePassword(String user, byte[] pass) throws AccumuloSecurityException { - if (userExists(user)) { + public void changePassword(AccumuloToken token) throws AccumuloSecurityException { + if (!(token instanceof UserPassToken)) + throw new AccumuloSecurityException("ZKAuthenticator doesn't take this token type", SecurityErrorCode.INVALID_TOKEN); + UserPassToken upt = (UserPassToken) token; + if (userExists(upt.getPrincipal())) { try { synchronized (zooCache) { - zooCache.clear(ZKUserPath + "/" + user); - ZooReaderWriter.getRetryingInstance().putPrivatePersistentData(ZKUserPath + "/" + user, ZKSecurityTool.createPass(pass), NodeExistsPolicy.OVERWRITE); + zooCache.clear(ZKUserPath + "/" + upt.getPrincipal()); + ZooReaderWriter.getRetryingInstance().putPrivatePersistentData(ZKUserPath + "/" + upt.getPrincipal(), ZKSecurityTool.createPass(upt.getPassword()), NodeExistsPolicy.OVERWRITE); } } catch (KeeperException e) { log.error(e, e); - throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e); + throw new AccumuloSecurityException(upt.getPrincipal(), SecurityErrorCode.CONNECTION_ERROR, e); } catch (InterruptedException e) { log.error(e, e); throw new RuntimeException(e); } catch (AccumuloException e) { log.error(e, e); - throw new AccumuloSecurityException(user, SecurityErrorCode.DEFAULT_SECURITY_ERROR, e); + throw new AccumuloSecurityException(upt.getPrincipal(), SecurityErrorCode.DEFAULT_SECURITY_ERROR, e); } } else - throw new AccumuloSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST); // user doesn't exist + throw new AccumuloSecurityException(upt.getPrincipal(), SecurityErrorCode.USER_DOESNT_EXIST); // user doesn't exist } /** @@ -176,16 +184,24 @@ public final class ZKAuthenticator imple } @Override - public boolean authenticateUser(String user, ByteBuffer password, String instanceId) { + public boolean authenticateUser(AccumuloToken token) throws AccumuloSecurityException { + if (!(token instanceof UserPassToken)) + throw new AccumuloSecurityException("ZKAuthenticator doesn't take this token type", SecurityErrorCode.INVALID_TOKEN); + UserPassToken upt = (UserPassToken) token; byte[] pass; - String zpath = ZKUserPath + "/" + user; + String zpath = ZKUserPath + "/" + upt.getPrincipal(); pass = zooCache.get(zpath); - boolean result = ZKSecurityTool.checkPass(ByteBufferUtil.toBytes(password), pass); + boolean result = ZKSecurityTool.checkPass(upt.getPassword(), pass); if (!result) { zooCache.clear(zpath); pass = zooCache.get(zpath); - result = ZKSecurityTool.checkPass(ByteBufferUtil.toBytes(password), pass); + result = ZKSecurityTool.checkPass(upt.getPassword(), pass); } return result; } + + @Override + public String getTokenClassName() { + return UserPassToken.class.getName(); + } } Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java Wed Jan 23 18:05:10 2013 @@ -28,6 +28,7 @@ import org.apache.accumulo.core.security import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; import org.apache.accumulo.core.security.thrift.SecurityErrorCode; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; import org.apache.accumulo.fate.zookeeper.IZooReaderWriter; import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeExistsPolicy; import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeMissingPolicy; @@ -72,7 +73,7 @@ public class ZKAuthorizor implements Aut } @Override - public void initializeSecurity(String rootuser) throws AccumuloSecurityException { + public void initializeSecurity(InstanceTokenWrapper itw, String rootuser) throws AccumuloSecurityException { IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance(); // create the root user with all system privileges, no table privileges, and no record-level authorizations Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java Wed Jan 23 18:05:10 2013 @@ -29,6 +29,7 @@ import org.apache.accumulo.core.client.T import org.apache.accumulo.core.security.SystemPermission; import org.apache.accumulo.core.security.TablePermission; import org.apache.accumulo.core.security.thrift.SecurityErrorCode; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; import org.apache.accumulo.fate.zookeeper.IZooReaderWriter; import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeExistsPolicy; import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeMissingPolicy; @@ -222,7 +223,7 @@ public class ZKPermHandler implements Pe } @Override - public void initializeSecurity(String rootuser) throws AccumuloSecurityException { + public void initializeSecurity(InstanceTokenWrapper itw, String rootuser) throws AccumuloSecurityException { IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance(); // create the root user with all system privileges, no table privileges, and no record-level authorizations Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/Tablet.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/Tablet.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/Tablet.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/Tablet.java Wed Jan 23 18:05:10 2013 @@ -86,7 +86,7 @@ import org.apache.accumulo.core.iterator import org.apache.accumulo.core.master.thrift.TabletLoadState; import org.apache.accumulo.core.security.Authorizations; import org.apache.accumulo.core.security.ColumnVisibility; -import org.apache.accumulo.core.security.thrift.AuthInfo; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; import org.apache.accumulo.core.util.CachedConfiguration; import org.apache.accumulo.core.util.LocalityGroupUtil; import org.apache.accumulo.core.util.MetadataTable.DataFileValue; @@ -679,10 +679,10 @@ public class Tablet { } synchronized (bulkFileImportLock) { - AuthInfo auths = SecurityConstants.getSystemCredentials(); + InstanceTokenWrapper auths = SecurityConstants.getSystemCredentials(); Connector conn; try { - conn = HdfsZooInstance.getInstance().getConnector(auths.user, auths.password); + conn = HdfsZooInstance.getInstance().getConnector(auths); } catch (Exception ex) { throw new IOException(ex); } @@ -844,7 +844,7 @@ public class Tablet { // need to write to !METADATA before writing to walog, when things are done in the reverse order // data could be lost... the minor compaction start even should be written before the following metadata // write is made - AuthInfo creds = SecurityConstants.getSystemCredentials(); + InstanceTokenWrapper creds = SecurityConstants.getSystemCredentials(); synchronized (timeLock) { if (commitSession.getMaxCommittedTime() > persistedTime) @@ -2278,7 +2278,7 @@ public class Tablet { } if (updateMetadata) { - AuthInfo creds = SecurityConstants.getSystemCredentials(); + InstanceTokenWrapper creds = SecurityConstants.getSystemCredentials(); // if multiple threads were allowed to update this outside of a sync block, then it would be // a race condition MetadataTable.updateTabletFlushID(extent, tableFlushID, creds, tabletServer.getLock()); Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/TabletServer.java URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/TabletServer.java?rev=1437605&r1=1437604&r2=1437605&view=diff ============================================================================== --- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/TabletServer.java (original) +++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/tabletserver/TabletServer.java Wed Jan 23 18:05:10 2013 @@ -106,9 +106,10 @@ import org.apache.accumulo.core.master.t import org.apache.accumulo.core.master.thrift.TabletLoadState; import org.apache.accumulo.core.master.thrift.TabletServerStatus; import org.apache.accumulo.core.security.Authorizations; -import org.apache.accumulo.core.security.thrift.AuthInfo; import org.apache.accumulo.core.security.thrift.SecurityErrorCode; +import org.apache.accumulo.core.security.thrift.ThriftInstanceTokenWrapper; import org.apache.accumulo.core.security.thrift.ThriftSecurityException; +import org.apache.accumulo.core.security.tokens.InstanceTokenWrapper; import org.apache.accumulo.core.tabletserver.thrift.ActiveScan; import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException; import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException; @@ -575,12 +576,12 @@ public class TabletServer extends Abstra static class TservConstraintEnv implements Environment { - private AuthInfo credentials; + private InstanceTokenWrapper credentials; private SecurityOperation security; private Authorizations auths; private KeyExtent ke; - TservConstraintEnv(SecurityOperation secOp, AuthInfo credentials) { + TservConstraintEnv(SecurityOperation secOp, InstanceTokenWrapper credentials) { this.security = secOp; this.credentials = credentials; } @@ -596,7 +597,7 @@ public class TabletServer extends Abstra @Override public String getUser() { - return credentials.user; + return credentials.getPrincipal(); } @Override @@ -716,7 +717,7 @@ public class TabletServer extends Abstra Map failures = new HashMap(); HashMap authFailures = new HashMap(); public Violations violations; - public AuthInfo credentials; + public InstanceTokenWrapper credentials; public long totalUpdates = 0; public long flushTime = 0; Stat prepareTimes = new Stat(); @@ -873,11 +874,11 @@ public class TabletServer extends Abstra } @Override - public List bulkImport(TInfo tinfo, AuthInfo credentials, long tid, Map> files, boolean setTime) + public List bulkImport(TInfo tinfo, ThriftInstanceTokenWrapper titw, long tid, Map> files, boolean setTime) throws ThriftSecurityException { - + InstanceTokenWrapper credentials = new InstanceTokenWrapper(titw); if (!security.canPerformSystemActions(credentials)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); List failures = new ArrayList(); @@ -1091,19 +1092,19 @@ public class TabletServer extends Abstra } @Override - public InitialScan startScan(TInfo tinfo, AuthInfo credentials, TKeyExtent textent, TRange range, List columns, int batchSize, + public InitialScan startScan(TInfo tinfo, ThriftInstanceTokenWrapper credentials, TKeyExtent textent, TRange range, List columns, int batchSize, List ssiList, Map> ssio, List authorizations, boolean waitForWrites, boolean isolated) throws NotServingTabletException, ThriftSecurityException, org.apache.accumulo.core.tabletserver.thrift.TooManyFilesException { Authorizations userauths = null; + InstanceTokenWrapper itw = new InstanceTokenWrapper(credentials); + if (!security.canScan(itw, new String(textent.getTable()))) + throw new ThriftSecurityException(itw.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - if (!security.canScan(credentials, new String(textent.getTable()))) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); - - userauths = security.getUserAuthorizations(credentials); + userauths = security.getUserAuthorizations(itw); for (ByteBuffer auth : authorizations) if (!userauths.contains(ByteBufferUtil.toBytes(auth))) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.BAD_AUTHORIZATIONS); + throw new ThriftSecurityException(itw.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS); KeyExtent extent = new KeyExtent(textent); @@ -1125,7 +1126,7 @@ public class TabletServer extends Abstra throw new NotServingTabletException(textent); ScanSession scanSession = new ScanSession(); - scanSession.user = credentials.user; + scanSession.user = itw.getPrincipal(); scanSession.extent = new KeyExtent(extent); scanSession.columnSet = new HashSet(); scanSession.ssiList = ssiList; @@ -1243,24 +1244,25 @@ public class TabletServer extends Abstra } @Override - public InitialMultiScan startMultiScan(TInfo tinfo, AuthInfo credentials, Map> tbatch, List tcolumns, + public InitialMultiScan startMultiScan(TInfo tinfo, ThriftInstanceTokenWrapper credentials, Map> tbatch, List tcolumns, List ssiList, Map> ssio, List authorizations, boolean waitForWrites) throws ThriftSecurityException { // find all of the tables that need to be scanned HashSet tables = new HashSet(); for (TKeyExtent keyExtent : tbatch.keySet()) { tables.add(new String(keyExtent.getTable())); } - + InstanceTokenWrapper itw = new InstanceTokenWrapper(credentials); + // check if user has permission to the tables Authorizations userauths = null; for (String table : tables) - if (!security.canScan(credentials, table)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + if (!security.canScan(itw, table)) + throw new ThriftSecurityException(itw.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); - userauths = security.getUserAuthorizations(credentials); + userauths = security.getUserAuthorizations(itw); for (ByteBuffer auth : authorizations) if (!userauths.contains(ByteBufferUtil.toBytes(auth))) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.BAD_AUTHORIZATIONS); + throw new ThriftSecurityException(itw.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS); KeyExtent threadPoolExtent = null; @@ -1281,7 +1283,7 @@ public class TabletServer extends Abstra writeTracker.waitForWrites(TabletType.type(batch.keySet())); MultiScanSession mss = new MultiScanSession(); - mss.user = credentials.user; + mss.user = itw.getPrincipal(); mss.queries = batch; mss.columnSet = new HashSet(tcolumns.size()); mss.ssiList = ssiList; @@ -1367,16 +1369,18 @@ public class TabletServer extends Abstra } @Override - public long startUpdate(TInfo tinfo, AuthInfo credentials) throws ThriftSecurityException { + public long startUpdate(TInfo tinfo, ThriftInstanceTokenWrapper credentials) throws ThriftSecurityException { // Make sure user is real - security.authenticateUser(credentials, credentials.user, credentials.password); + InstanceTokenWrapper itw = new InstanceTokenWrapper(credentials); + + security.authenticateUser(itw, itw.getToken()); if (updateMetrics.isEnabled()) updateMetrics.add(TabletServerUpdateMetrics.permissionErrors, 0); UpdateSession us = new UpdateSession(); us.violations = new Violations(); - us.credentials = credentials; - us.cenv = new TservConstraintEnv(security, credentials); + us.credentials = itw; + us.cenv = new TservConstraintEnv(security, us.credentials); long sid = sessionManager.createSession(us, false); @@ -1410,7 +1414,7 @@ public class TabletServer extends Abstra updateMetrics.add(TabletServerUpdateMetrics.unknownTabletErrors, 0); } } else { - log.warn("Denying access to table " + keyExtent.getTableId() + " for user " + us.credentials.user); + log.warn("Denying access to table " + keyExtent.getTableId() + " for user " + us.credentials.getPrincipal()); long t2 = System.currentTimeMillis(); us.authTimes.addStat(t2 - t1); us.currentTablet = null; @@ -1420,7 +1424,7 @@ public class TabletServer extends Abstra return; } } catch (ThriftSecurityException e) { - log.error("Denying permission to check user " + us.credentials.user + " with user " + e.getUser(), e); + log.error("Denying permission to check user " + us.credentials.getPrincipal() + " with user " + e.getUser(), e); long t2 = System.currentTimeMillis(); us.authTimes.addStat(t2 - t1); us.currentTablet = null; @@ -1638,10 +1642,12 @@ public class TabletServer extends Abstra } @Override - public void update(TInfo tinfo, AuthInfo credentials, TKeyExtent tkeyExtent, TMutation tmutation) throws NotServingTabletException, + public void update(TInfo tinfo, ThriftInstanceTokenWrapper credentials, TKeyExtent tkeyExtent, TMutation tmutation) throws NotServingTabletException, ConstraintViolationException, ThriftSecurityException { - if (!security.canWrite(credentials, new String(tkeyExtent.getTable()))) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + InstanceTokenWrapper itw = new InstanceTokenWrapper(credentials); + + if (!security.canWrite(itw, new String(tkeyExtent.getTable()))) + throw new ThriftSecurityException(itw.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); KeyExtent keyExtent = new KeyExtent(tkeyExtent); Tablet tablet = onlineTablets.get(new KeyExtent(keyExtent)); @@ -1659,7 +1665,7 @@ public class TabletServer extends Abstra List mutations = Collections.singletonList(mutation); Span prep = Trace.start("prep"); - CommitSession cs = tablet.prepareMutationsForCommit(new TservConstraintEnv(security, credentials), mutations); + CommitSession cs = tablet.prepareMutationsForCommit(new TservConstraintEnv(security, itw), mutations); prep.stop(); if (cs == null) { throw new NotServingTabletException(tkeyExtent); @@ -1687,11 +1693,13 @@ public class TabletServer extends Abstra } @Override - public void splitTablet(TInfo tinfo, AuthInfo credentials, TKeyExtent tkeyExtent, ByteBuffer splitPoint) throws NotServingTabletException, + public void splitTablet(TInfo tinfo, ThriftInstanceTokenWrapper credentials, TKeyExtent tkeyExtent, ByteBuffer splitPoint) throws NotServingTabletException, ThriftSecurityException { + InstanceTokenWrapper itw = new InstanceTokenWrapper(credentials); + String tableId = new String(ByteBufferUtil.toBytes(tkeyExtent.table)); - if (!security.canSplitTablet(credentials, tableId)) - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + if (!security.canSplitTablet(itw, tableId)) + throw new ThriftSecurityException(itw.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); KeyExtent keyExtent = new KeyExtent(tkeyExtent); @@ -1713,12 +1721,12 @@ public class TabletServer extends Abstra } @Override - public TabletServerStatus getTabletServerStatus(TInfo tinfo, AuthInfo credentials) throws ThriftSecurityException, TException { + public TabletServerStatus getTabletServerStatus(TInfo tinfo, ThriftInstanceTokenWrapper credentials) throws ThriftSecurityException, TException { return getStats(sessionManager.getActiveScansPerTable()); } @Override - public List getTabletStats(TInfo tinfo, AuthInfo credentials, String tableId) throws ThriftSecurityException, TException { + public List getTabletStats(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String tableId) throws ThriftSecurityException, TException { TreeMap onlineTabletsCopy; synchronized (onlineTablets) { onlineTabletsCopy = new TreeMap(onlineTablets); @@ -1744,14 +1752,14 @@ public class TabletServer extends Abstra private ZooCache masterLockCache = new ZooCache(); - private void checkPermission(AuthInfo credentials, String lock, boolean requiresSystemPermission, final String request) throws ThriftSecurityException { + private void checkPermission(InstanceTokenWrapper credentials, String lock, boolean requiresSystemPermission, final String request) throws ThriftSecurityException { if (requiresSystemPermission) { boolean fatal = false; try { - log.debug("Got " + request + " message from user: " + credentials.user); + log.debug("Got " + request + " message from user: " + credentials.getPrincipal()); if (!security.canPerformSystemActions(credentials)) { - log.warn("Got " + request + " message from user: " + credentials.user); - throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED); + log.warn("Got " + request + " message from user: " + credentials.getPrincipal()); + throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED); } } catch (ThriftSecurityException e) { log.warn("Got " + request + " message from unauthenticatable user: " + e.getUser()); @@ -1807,9 +1815,11 @@ public class TabletServer extends Abstra } @Override - public void loadTablet(TInfo tinfo, AuthInfo credentials, String lock, final TKeyExtent textent) { + public void loadTablet(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock, final TKeyExtent textent) { + InstanceTokenWrapper itw = new InstanceTokenWrapper(credentials); + try { - checkPermission(credentials, lock, true, "loadTablet"); + checkPermission(itw, lock, true, "loadTablet"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -1873,9 +1883,9 @@ public class TabletServer extends Abstra } @Override - public void unloadTablet(TInfo tinfo, AuthInfo credentials, String lock, TKeyExtent textent, boolean save) { + public void unloadTablet(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock, TKeyExtent textent, boolean save) { try { - checkPermission(credentials, lock, true, "unloadTablet"); + checkPermission(new InstanceTokenWrapper(credentials), lock, true, "unloadTablet"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -1887,9 +1897,9 @@ public class TabletServer extends Abstra } @Override - public void flush(TInfo tinfo, AuthInfo credentials, String lock, String tableId, ByteBuffer startRow, ByteBuffer endRow) { + public void flush(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock, String tableId, ByteBuffer startRow, ByteBuffer endRow) { try { - checkPermission(credentials, lock, true, "flush"); + checkPermission(new InstanceTokenWrapper(credentials), lock, true, "flush"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -1924,9 +1934,9 @@ public class TabletServer extends Abstra } @Override - public void flushTablet(TInfo tinfo, AuthInfo credentials, String lock, TKeyExtent textent) throws TException { + public void flushTablet(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock, TKeyExtent textent) throws TException { try { - checkPermission(credentials, lock, true, "flushTablet"); + checkPermission(new InstanceTokenWrapper(credentials), lock, true, "flushTablet"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -1943,9 +1953,9 @@ public class TabletServer extends Abstra } @Override - public void halt(TInfo tinfo, AuthInfo credentials, String lock) throws ThriftSecurityException { + public void halt(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock) throws ThriftSecurityException { - checkPermission(credentials, lock, true, "halt"); + checkPermission(new InstanceTokenWrapper(credentials), lock, true, "halt"); Halt.halt(0, new Runnable() { @Override @@ -1963,7 +1973,7 @@ public class TabletServer extends Abstra } @Override - public void fastHalt(TInfo info, AuthInfo credentials, String lock) { + public void fastHalt(TInfo info, ThriftInstanceTokenWrapper credentials, String lock) { try { halt(info, credentials, lock); } catch (Exception e) { @@ -1972,14 +1982,14 @@ public class TabletServer extends Abstra } @Override - public TabletStats getHistoricalStats(TInfo tinfo, AuthInfo credentials) throws ThriftSecurityException, TException { + public TabletStats getHistoricalStats(TInfo tinfo, ThriftInstanceTokenWrapper credentials) throws ThriftSecurityException, TException { return statsKeeper.getTabletStats(); } @Override - public List getActiveScans(TInfo tinfo, AuthInfo credentials) throws ThriftSecurityException, TException { + public List getActiveScans(TInfo tinfo, ThriftInstanceTokenWrapper credentials) throws ThriftSecurityException, TException { try { - checkPermission(credentials, null, true, "getScans"); + checkPermission(new InstanceTokenWrapper(credentials), null, true, "getScans"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -1989,9 +1999,9 @@ public class TabletServer extends Abstra } @Override - public void chop(TInfo tinfo, AuthInfo credentials, String lock, TKeyExtent textent) throws TException { + public void chop(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock, TKeyExtent textent) throws TException { try { - checkPermission(credentials, lock, true, "chop"); + checkPermission(new InstanceTokenWrapper(credentials), lock, true, "chop"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -2006,9 +2016,9 @@ public class TabletServer extends Abstra } @Override - public void compact(TInfo tinfo, AuthInfo credentials, String lock, String tableId, ByteBuffer startRow, ByteBuffer endRow) throws TException { + public void compact(TInfo tinfo, ThriftInstanceTokenWrapper credentials, String lock, String tableId, ByteBuffer startRow, ByteBuffer endRow) throws TException { try { - checkPermission(credentials, lock, true, "compact"); + checkPermission(new InstanceTokenWrapper(credentials), lock, true, "compact"); } catch (ThriftSecurityException e) { log.error(e, e); throw new RuntimeException(e); @@ -2044,10 +2054,10 @@ public class TabletServer extends Abstra * (non-Javadoc) * * @see org.apache.accumulo.core.tabletserver.thrift.TabletClientService.Iface#removeLogs(org.apache.accumulo.cloudtrace.thrift.TInfo, - * org.apache.accumulo.core.security.thrift.AuthInfo, java.util.List) + * org.apache.accumulo.core.security.thrift.InstanceTokenWrapper, java.util.List) */ @Override - public void removeLogs(TInfo tinfo, AuthInfo credentials, List filenames) throws TException { + public void removeLogs(TInfo tinfo, ThriftInstanceTokenWrapper credentials, List filenames) throws TException { String myname = getClientAddressString(); myname = myname.replace(':', '+'); Path logDir = new Path(Constants.getWalDirectory(acuConf), myname); @@ -2771,7 +2781,7 @@ public class TabletServer extends Abstra while (!serverStopRequested && mm != null && client != null && client.getOutputProtocol() != null && client.getOutputProtocol().getTransport() != null && client.getOutputProtocol().getTransport().isOpen()) { try { - mm.send(SecurityConstants.getSystemCredentials(), getClientAddressString(), iface); + mm.send(SecurityConstants.getThriftSystemCredentials(), getClientAddressString(), iface); mm = null; } catch (TException ex) { log.warn("Error sending message: queuing message again");