accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ctubb...@apache.org
Subject svn commit: r1451419 [6/11] - in /accumulo/trunk: ./ assemble/ core/ core/src/main/java/org/apache/accumulo/core/cli/ core/src/main/java/org/apache/accumulo/core/client/ core/src/main/java/org/apache/accumulo/core/client/admin/ core/src/main/java/org/a...
Date Thu, 28 Feb 2013 23:05:27 GMT
Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
Thu Feb 28 23:05:24 2013
@@ -24,9 +24,9 @@ import java.nio.ByteBuffer;
 import java.nio.charset.Charset;
 
 import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.security.thrift.Credential;
 import org.apache.accumulo.core.security.thrift.SecurityErrorCode;
-import org.apache.accumulo.core.security.tokens.SecurityToken;
+import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.io.output.ByteArrayOutputStream;
 import org.apache.log4j.Logger;
@@ -37,30 +37,16 @@ import org.apache.thrift.TSerializer;
 public class CredentialHelper {
   static Logger log = Logger.getLogger(CredentialHelper.class);
   
-  /**
-   * @param principal
-   * @param token
-   * @param instanceID
-   * @return A proper Credential object which can be deserialized by the server
-   */
-  public static Credential create(String principal, SecurityToken token, String instanceID)
throws AccumuloSecurityException {
-    String className = token.getClass().getCanonicalName();
-    return new Credential(principal, className, ByteBuffer.wrap(toBytes(token)), instanceID);
-  }
-  
-  /**
-   * @param cred
-   * @return A serialized Credential as a Base64 encoded String
-   */
-  public static String asBase64String(Credential cred) throws AccumuloSecurityException {
+  public static TCredentials create(String principal, AuthenticationToken token, String instanceID)
throws AccumuloSecurityException {
+    String className = token.getClass().getName();
+    return new TCredentials(principal, className, ByteBuffer.wrap(toBytes(token)), instanceID);
+  }
+  
+  public static String asBase64String(TCredentials cred) throws AccumuloSecurityException
{
     return new String(Base64.encodeBase64(asByteArray(cred)), Charset.forName("UTF-8"));
   }
   
-  /**
-   * @param cred
-   * @return a serialized Credential
-   */
-  public static byte[] asByteArray(Credential cred) throws AccumuloSecurityException {
+  public static byte[] asByteArray(TCredentials cred) throws AccumuloSecurityException {
     TSerializer ts = new TSerializer();
     try {
       return ts.serialize(cred);
@@ -71,22 +57,14 @@ public class CredentialHelper {
     }
   }
   
-  /**
-   * @param string
-   * @return
-   */
-  public static Credential fromBase64String(String string) throws AccumuloSecurityException
{
+  public static TCredentials fromBase64String(String string) throws AccumuloSecurityException
{
     return fromByteArray(Base64.decodeBase64(string.getBytes(Charset.forName("UTF-8"))));
   }
   
-  /**
-   * @param decodeBase64
-   * @return
-   */
-  private static Credential fromByteArray(byte[] decodeBase64) throws AccumuloSecurityException
{
+  private static TCredentials fromByteArray(byte[] decodeBase64) throws AccumuloSecurityException
{
     TDeserializer td = new TDeserializer();
     try {
-      Credential toRet = new Credential();
+      TCredentials toRet = new TCredentials();
       td.deserialize(toRet, decodeBase64);
       return toRet;
     } catch (TException e) {
@@ -96,23 +74,11 @@ public class CredentialHelper {
     }
   }
   
-  /**
-   * @param toAuth
-   * @return
-   * @throws AccumuloSecurityException
-   */
-  public static SecurityToken extractToken(Credential toAuth) throws AccumuloSecurityException
{
-    return extractToken(toAuth.tokenClass, toAuth.getToken());
-  }
-  
-  /**
-   * @param systemPrincipal
-   * @param systemToken
-   * @param instanceID
-   * @param b
-   * @return
-   */
-  public static Credential createSquelchError(String principal, SecurityToken token, String
instanceID) {
+  public static AuthenticationToken extractToken(TCredentials toAuth) throws AccumuloSecurityException
{
+    return extractToken(toAuth.tokenClassName, toAuth.getToken());
+  }
+  
+  public static TCredentials createSquelchError(String principal, AuthenticationToken token,
String instanceID) {
     try {
       return create(principal, token, instanceID);
     } catch (AccumuloSecurityException e) {
@@ -121,21 +87,11 @@ public class CredentialHelper {
     }
   }
   
-  /**
-   * @param token
-   * @return
-   * @throws AccumuloSecurityException 
-   */
-  public static String tokenAsBase64(SecurityToken token) throws AccumuloSecurityException
{
+  public static String tokenAsBase64(AuthenticationToken token) throws AccumuloSecurityException
{
     return new String(Base64.encodeBase64(toBytes(token)), Charset.forName("UTF-8"));
   }
   
-  /**
-   * @param token
-   * @return
-   * @throws AccumuloSecurityException 
-   */
-  private static byte[] toBytes(SecurityToken token) throws AccumuloSecurityException {
+  private static byte[] toBytes(AuthenticationToken token) throws AccumuloSecurityException
{
     try {
       ByteArrayOutputStream bais = new ByteArrayOutputStream();
       token.write(new DataOutputStream(bais));
@@ -148,18 +104,12 @@ public class CredentialHelper {
     }
     
   }
-
-  /**
-   * @param tokenClass
-   * @param token
-   * @return
-   * @throws AccumuloSecurityException 
-   */
-  public static SecurityToken extractToken(String tokenClass, byte[] token) throws AccumuloSecurityException
{
+  
+  public static AuthenticationToken extractToken(String tokenClass, byte[] token) throws
AccumuloSecurityException {
     try {
       Object obj = Class.forName(tokenClass).newInstance();
-      if (obj instanceof SecurityToken) {
-        SecurityToken toRet = (SecurityToken) obj;
+      if (obj instanceof AuthenticationToken) {
+        AuthenticationToken toRet = (AuthenticationToken) obj;
         toRet.readFields(new DataInputStream(new ByteArrayInputStream(token)));
         return toRet;
       }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/CryptoModuleFactory.java
Thu Feb 28 23:05:24 2013
@@ -28,7 +28,10 @@ import org.apache.log4j.Logger;
 
 /**
  * This factory module exists to assist other classes in loading crypto modules.
+ * 
+ * @deprecated This feature is experimental and may go away in future versions.
  */
+@Deprecated
 public class CryptoModuleFactory {
   
   private static Logger log = Logger.getLogger(CryptoModuleFactory.class);
@@ -40,14 +43,12 @@ public class CryptoModuleFactory {
    * @return a class implementing the CryptoModule interface. It will *never* return null;
rather, it will return a class which obeys the interface but makes no
    *         changes to the underlying data.
    */
-  
-  @SuppressWarnings("deprecation")
   public static CryptoModule getCryptoModule(AccumuloConfiguration conf) {
     String cryptoModuleClassname = conf.get(Property.CRYPTO_MODULE_CLASS);
     return getCryptoModule(cryptoModuleClassname);
   }
   
-  @SuppressWarnings({"rawtypes", "deprecation"})
+  @SuppressWarnings({"rawtypes"})
   public static CryptoModule getCryptoModule(String cryptoModuleClassname) {
     log.debug(String.format("About to instantiate crypto module %s", cryptoModuleClassname));
     
@@ -172,37 +173,46 @@ public class CryptoModuleFactory {
       return context;
     }
     
+    @Override
     public SecretKeyEncryptionStrategyContext getNewContext() {
       return new SecretKeyEncryptionStrategyContext() {
         
+        @Override
         public byte[] getPlaintextSecretKey() {
           return plaintextSecretKey;
         }
         
+        @Override
         public void setPlaintextSecretKey(byte[] plaintextSecretKey) {
           this.plaintextSecretKey = plaintextSecretKey;
         }
         
+        @Override
         public byte[] getEncryptedSecretKey() {
           return encryptedSecretKey;
         }
         
+        @Override
         public void setEncryptedSecretKey(byte[] encryptedSecretKey) {
           this.encryptedSecretKey = encryptedSecretKey;
         }
         
+        @Override
         public String getOpaqueKeyEncryptionKeyID() {
           return opaqueKeyEncryptionKeyID;
         }
         
+        @Override
         public void setOpaqueKeyEncryptionKeyID(String opaqueKeyEncryptionKeyID) {
           this.opaqueKeyEncryptionKeyID = opaqueKeyEncryptionKeyID;
         }
         
+        @Override
         public Map<String,String> getContext() {
           return context;
         }
         
+        @Override
         public void setContext(Map<String,String> context) {
           this.context = context;
         }
@@ -216,7 +226,6 @@ public class CryptoModuleFactory {
     
   }
   
-  @SuppressWarnings("deprecation")
   private static class NullCryptoModule implements CryptoModule {
     
     @Override

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/crypto/DefaultCryptoModule.java
Thu Feb 28 23:05:24 2013
@@ -44,9 +44,9 @@ import org.apache.log4j.Logger;
  * This class contains the gritty details around setting up encrypted streams for reading
and writing the log file. It obeys the interface CryptoModule, which
  * other developers can implement to change out this logic as necessary.
  * 
+ * @deprecated This feature is experimental and may go away in future versions.
  */
-
-@SuppressWarnings("deprecation")
+@Deprecated
 public class DefaultCryptoModule implements CryptoModule {
   
   // This is how *I* like to format my variable declarations. Your mileage may vary.

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
Thu Feb 28 23:05:24 2013
@@ -19,8 +19,8 @@ package org.apache.accumulo.core.securit
 import java.util.Properties;
 
 import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.security.tokens.SecurityToken;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
 
 public interface Authenticator {
-  public SecurityToken login(Properties properties) throws AccumuloSecurityException;
+  public AuthenticationToken login(Properties properties) throws AccumuloSecurityException;
 }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java
Thu Feb 28 23:05:24 2013
@@ -20,7 +20,7 @@ import java.util.Properties;
 
 import org.apache.accumulo.core.client.AccumuloSecurityException;
 import org.apache.accumulo.core.security.tokens.NullToken;
-import org.apache.accumulo.core.security.tokens.SecurityToken;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
 
 /**
  * 
@@ -28,7 +28,7 @@ import org.apache.accumulo.core.security
 public class InsecureAuthenticator implements Authenticator {
   
   @Override
-  public SecurityToken login(Properties properties) throws AccumuloSecurityException {
+  public AuthenticationToken login(Properties properties) throws AccumuloSecurityException
{
     return new NullToken();
   }
   

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
Thu Feb 28 23:05:24 2013
@@ -16,13 +16,12 @@
  */
 package org.apache.accumulo.core.security.handler;
 
-import java.nio.charset.Charset;
 import java.util.Properties;
 
 import org.apache.accumulo.core.client.AccumuloSecurityException;
 import org.apache.accumulo.core.security.thrift.SecurityErrorCode;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
 import org.apache.accumulo.core.security.tokens.PasswordToken;
-import org.apache.accumulo.core.security.tokens.SecurityToken;
 
 /**
  * 
@@ -30,9 +29,9 @@ import org.apache.accumulo.core.security
 public class ZKAuthenticator implements Authenticator {
   
   @Override
-  public SecurityToken login(Properties properties) throws AccumuloSecurityException{
+  public AuthenticationToken login(Properties properties) throws AccumuloSecurityException
{
     if (properties.containsKey("password"))
-      return new PasswordToken().setPassword(properties.getProperty("password").getBytes(Charset.forName("UTF-8")));
+      return new PasswordToken(properties.getProperty("password"));
     throw new AccumuloSecurityException(properties.getProperty("user"), SecurityErrorCode.INSUFFICIENT_PROPERTIES);
   }
 }

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/AuthInfo.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/AuthInfo.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/AuthInfo.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/AuthInfo.java
Thu Feb 28 23:05:24 2013
@@ -47,8 +47,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- *  * @Deprecated since 1.5
- * *
+ * @deprecated since 1.5
  */
 @SuppressWarnings("all") public class AuthInfo implements org.apache.thrift.TBase<AuthInfo,
AuthInfo._Fields>, java.io.Serializable, Cloneable {
   private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("AuthInfo");

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/NullToken.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/NullToken.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/NullToken.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/NullToken.java
Thu Feb 28 23:05:24 2013
@@ -25,7 +25,7 @@ import javax.security.auth.DestroyFailed
 /**
  * 
  */
-public class NullToken implements SecurityToken {
+public class NullToken implements AuthenticationToken {
   
   @Override
   public void readFields(DataInput arg0) throws IOException {

Modified: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/PasswordToken.java
URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/PasswordToken.java?rev=1451419&r1=1451418&r2=1451419&view=diff
==============================================================================
--- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/PasswordToken.java
(original)
+++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/tokens/PasswordToken.java
Thu Feb 28 23:05:24 2013
@@ -19,24 +19,54 @@ package org.apache.accumulo.core.securit
 import java.io.DataInput;
 import java.io.DataOutput;
 import java.io.IOException;
+import java.nio.ByteBuffer;
 import java.util.Arrays;
 
 import javax.security.auth.DestroyFailedException;
 
+import org.apache.accumulo.core.Constants;
+import org.apache.accumulo.core.util.ByteBufferUtil;
+import org.apache.hadoop.io.Writable;
 import org.apache.hadoop.io.WritableUtils;
 
-public class PasswordToken implements SecurityToken {
+public class PasswordToken implements AuthenticationToken {
   private byte[] password = null;
   
   public byte[] getPassword() {
     return password;
   }
-
-  public PasswordToken setPassword(byte[] password) {
-    this.password = password;
-    return this;
+  
+  /**
+   * Constructor for use with {@link Writable}. Call {@link #readFields(DataInput)}.
+   */
+  public PasswordToken() {}
+  
+  /**
+   * Constructs a token from a copy of the password. Destroying the argument after construction
will not destroy the copy in this token, and destroying this
+   * token will only destroy the copy held inside this token, not the argument.
+   * 
+   * Password tokens created with this constructor will store the password as UTF-8 bytes.
+   */
+  public PasswordToken(CharSequence password) {
+    this.password = password.toString().getBytes(Constants.UTF8);
   }
-
+  
+  /**
+   * Constructs a token from a copy of the password. Destroying the argument after construction
will not destroy the copy in this token, and destroying this
+   * token will only destroy the copy held inside this token, not the argument.
+   */
+  public PasswordToken(byte[] password) {
+    this.password = Arrays.copyOf(password, password.length);
+  }
+  
+  /**
+   * Constructs a token from a copy of the password. Destroying the argument after construction
will not destroy the copy in this token, and destroying this
+   * token will only destroy the copy held inside this token, not the argument.
+   */
+  public PasswordToken(ByteBuffer password) {
+    this.password = ByteBufferUtil.toBytes(password);
+  }
+  
   @Override
   public void readFields(DataInput arg0) throws IOException {
     password = WritableUtils.readCompressedByteArray(arg0);
@@ -46,23 +76,23 @@ public class PasswordToken implements Se
   public void write(DataOutput arg0) throws IOException {
     WritableUtils.writeCompressedByteArray(arg0, password);
   }
-
+  
   @Override
   public void destroy() throws DestroyFailedException {
-    Arrays.fill(password, (byte)0x00);
+    Arrays.fill(password, (byte) 0x00);
     password = null;
   }
-
+  
   @Override
   public boolean isDestroyed() {
-    return password==null;
+    return password == null;
   }
-
+  
   @Override
   public int hashCode() {
     return Arrays.hashCode(password);
   }
-
+  
   @Override
   public boolean equals(Object obj) {
     if (this == obj)
@@ -72,12 +102,11 @@ public class PasswordToken implements Se
     if (!(obj instanceof PasswordToken))
       return false;
     PasswordToken other = (PasswordToken) obj;
-    if (!Arrays.equals(password, other.password))
-      return false;
-    return true;
+    return Arrays.equals(password, other.password);
   }
   
+  @Override
   public PasswordToken clone() {
-    return new PasswordToken().setPassword(Arrays.copyOf(password, password.length));
+    return new PasswordToken(password);
   }
 }



Mime
View raw message