accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vi...@apache.org
Subject svn commit: r1453602 - in /accumulo/branches/1.5: core/src/main/java/org/apache/accumulo/core/security/handler/ core/src/main/java/org/apache/accumulo/core/util/shell/ test/src/main/java/org/apache/accumulo/test/randomwalk/security/
Date Wed, 06 Mar 2013 22:50:12 GMT
Author: vines
Date: Wed Mar  6 22:50:12 2013
New Revision: 1453602

URL: http://svn.apache.org/r1453602
Log:
ACCUMULO-1159 - Shell now supports AuthenticationToken


Modified:
    accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
    accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
    accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
    accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
    accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java

Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
--- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
(original)
+++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
Wed Mar  6 22:50:12 2013
@@ -30,10 +30,12 @@ public interface Authenticator {
   
   public class AuthProperty {
     private String key, description;
+    private boolean masked;
     
-    public AuthProperty(String name, String description) {
+    public AuthProperty(String name, String description, boolean mask) {
       this.key = name;
       this.description = description;
+      this.masked = mask;
     }
 
     public String toString() {
@@ -47,5 +49,9 @@ public interface Authenticator {
     public String getDescription() {
       return this.description;
     }
+    
+    public boolean getMask() {
+      return this.masked;
+    }
   }
 }

Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
--- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
(original)
+++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
Wed Mar  6 22:50:12 2013
@@ -43,7 +43,7 @@ public class ZKAuthenticator implements 
   public List<Set<AuthProperty>> getProperties() {
     List<Set<AuthProperty>> toRet = new LinkedList<Set<AuthProperty>>();
     Set<AuthProperty> internal = new TreeSet<AuthProperty>();
-    internal.add(new AuthProperty("password", "the password for the principal"));
+    internal.add(new AuthProperty("password", "the password for the principal", true));
     toRet.add(internal);
     return toRet;
   }

Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
--- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
(original)
+++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
Wed Mar  6 22:50:12 2013
@@ -30,6 +30,7 @@ import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.Properties;
 import java.util.Set;
 import java.util.TreeMap;
 import java.util.UUID;
@@ -54,6 +55,7 @@ import org.apache.accumulo.core.data.Key
 import org.apache.accumulo.core.data.Value;
 import org.apache.accumulo.core.data.thrift.TConstraintViolationSummary;
 import org.apache.accumulo.core.security.AuditLevel;
+import org.apache.accumulo.core.security.handler.Authenticator;
 import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException;
 import org.apache.accumulo.core.trace.DistributedTrace;
 import org.apache.accumulo.core.util.BadArgumentException;
@@ -244,17 +246,28 @@ public class Shell extends ShellOptions 
     String sysUser = System.getProperty("user.name");
     if (sysUser == null)
       sysUser = "root";
-    String user = cl.getOptionValue(usernameOption.getOpt(), sysUser);
+    String user = cl.getOptionValue(usernameOption.getOpt());
+    String principal = cl.getOptionValue(principalOption.getOpt(), sysUser);
     
     String passw = cl.getOptionValue(passwOption.getOpt(), null);
     tabCompletion = !cl.hasOption(tabCompleteOption.getLongOpt());
+    String[] loginOptions = cl.getOptionValues(loginOption.getOpt());
     
     // Use a fake (Mock), ZK, or HdfsZK Accumulo instance
     setInstance(cl);
     
     // process default parameters if unspecified
-    byte[] pass;
     try {
+      if (loginOptions != null) {
+        Properties props = new Properties();
+        for (String loginOption : loginOptions)
+          for (String lo : loginOption.split(",")) {
+            String[] split = lo.split("=");
+            props.put(split[0], split[1]);
+          }
+        this.token = instance.getAuthenticator().login(props);
+      }
+
       if (!cl.hasOption(fakeOption.getLongOpt())) {
         DistributedTrace.enable(instance, new ZooReader(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut()),
"shell", InetAddress.getLocalHost()
             .getHostName());
@@ -267,19 +280,45 @@ public class Shell extends ShellOptions 
         }
       });
       
-      if (passw == null)
-        passw = readMaskedLine("Enter current password for '" + user + "'@'" + instance.getInstanceName()
+ "': ", '*');
-      if (passw == null) {
+      if (passw != null) {
+        this.token = new PasswordToken(passw);
+      }
+      
+      if (this.token == null) {
+        List<Set<Authenticator.AuthProperty>> loginList = instance.getAuthenticator().getProperties();
+        int loginMethod = 0;
+        if (loginList.size() > 1) {
+          System.out.println("Please select your preferred login method: ");
+          int i = 0;
+          for (Set<Authenticator.AuthProperty> set : loginList) {
+            System.out.println(i + " " + set);
+            i++;
+          }
+          loginMethod = Integer.parseInt(reader.readLine());
+        }
+        Set<Authenticator.AuthProperty> chosenMethod = loginList.get(loginMethod);
+        Properties props = new Properties();
+        for (Authenticator.AuthProperty prop : chosenMethod) {
+          String value;
+          if (prop.getMask())
+            value = readMaskedLine("Enter " + prop + ": ", '*');
+          else
+            value = reader.readLine("Enter " + prop + ": ");
+          props.setProperty(prop.getKey(), value);
+        }
+        this.token = instance.getAuthenticator().login(props);
+      }
+      if (this.token == null) {
         reader.printNewline();
         configError = true;
         return true;
       } // user canceled
       
-      pass = passw.getBytes();
       this.setTableName("");
       this.principal = user;
-      this.token = new PasswordToken(pass);
-      connector = instance.getConnector(principal, token);
+      if (this.principal == null)
+        this.principal = principal;
+      connector = instance.getConnector(this.principal, token);
       
     } catch (Exception e) {
       printException(e);
@@ -953,7 +992,6 @@ public class Shell extends ShellOptions 
     return token;
   }
   
-  
   /**
    * Return the formatter for the current table.
    * 

Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
--- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
(original)
+++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
Wed Mar  6 22:50:12 2013
@@ -33,8 +33,13 @@ public abstract class ShellOptions {
   public static final String helpLongOption = "help";
   
   final Options opts = new Options();
+  @Deprecated // since 1.5
   final Option usernameOption = new Option("u", "user", true, "username (defaults to your
OS user)");
+  final Option principalOption = new Option("pr", "principal", true, "principal (defaults
to your OS user)");
+  @Deprecated // since 1.5
   final Option passwOption = new Option("p", "password", true, "password (prompt for password
if this option is missing)");
+  final Option loginOption = new Option("l", "login property", true, "login properties in
the format key=value. Reuse -l for each property and/or comma seperate (prompt for properties
if this option is missing");
+  
   final Option tabCompleteOption = new Option(null, "disable-tab-completion", false, "disables
tab completion (for less overhead when scripting)");
   final Option debugOption = new Option(null, "debug", false, "enables client debugging");
   final Option fakeOption = new Option(null, "fake", false, "fake a connection to accumulo");
@@ -54,9 +59,11 @@ public abstract class ShellOptions {
   public ShellOptions() {
     usernameOption.setArgName("user");
     opts.addOption(usernameOption);
+    opts.addOption(principalOption);
     
     passwOption.setArgName("pass");
     opts.addOption(passwOption);
+    opts.addOption(loginOption);
     
     opts.addOption(tabCompleteOption);
     

Modified: accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
--- accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
(original)
+++ accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
Wed Mar  6 22:50:12 2013
@@ -414,7 +414,7 @@ public class WalkingSecurity extends Sec
   public List<Set<AuthProperty>> getProperties() {
     List<Set<AuthProperty>> toRet = new LinkedList<Set<AuthProperty>>();
     Set<AuthProperty> internal = new TreeSet<AuthProperty>();
-    internal.add(new AuthProperty("password", "the password for the principal"));
+    internal.add(new AuthProperty("password", "the password for the principal", true));
     toRet.add(internal);
     return toRet;
   }



Mime
View raw message