accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From els...@apache.org
Subject [5/7] accumulo git commit: ACCUMULO-3513 Add delegation token support for kerberos configurations
Date Fri, 13 Feb 2015 19:33:29 GMT
http://git-wip-us.apache.org/repos/asf/accumulo/blob/2c983317/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationKey.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationKey.java b/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationKey.java
new file mode 100644
index 0000000..4da2bb2
--- /dev/null
+++ b/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationKey.java
@@ -0,0 +1,705 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Autogenerated by Thrift Compiler (0.9.1)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ *  @generated
+ */
+package org.apache.accumulo.core.security.thrift;
+
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import org.apache.thrift.async.AsyncMethodCallback;
+import org.apache.thrift.server.AbstractNonblockingServer.*;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@SuppressWarnings({"unchecked", "serial", "rawtypes", "unused"}) public class TAuthenticationKey implements org.apache.thrift.TBase<TAuthenticationKey, TAuthenticationKey._Fields>, java.io.Serializable, Cloneable, Comparable<TAuthenticationKey> {
+  private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAuthenticationKey");
+
+  private static final org.apache.thrift.protocol.TField SECRET_FIELD_DESC = new org.apache.thrift.protocol.TField("secret", org.apache.thrift.protocol.TType.STRING, (short)1);
+  private static final org.apache.thrift.protocol.TField KEY_ID_FIELD_DESC = new org.apache.thrift.protocol.TField("keyId", org.apache.thrift.protocol.TType.I32, (short)2);
+  private static final org.apache.thrift.protocol.TField EXPIRATION_DATE_FIELD_DESC = new org.apache.thrift.protocol.TField("expirationDate", org.apache.thrift.protocol.TType.I64, (short)3);
+  private static final org.apache.thrift.protocol.TField CREATION_DATE_FIELD_DESC = new org.apache.thrift.protocol.TField("creationDate", org.apache.thrift.protocol.TType.I64, (short)4);
+
+  private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+  static {
+    schemes.put(StandardScheme.class, new TAuthenticationKeyStandardSchemeFactory());
+    schemes.put(TupleScheme.class, new TAuthenticationKeyTupleSchemeFactory());
+  }
+
+  public ByteBuffer secret; // required
+  public int keyId; // optional
+  public long expirationDate; // optional
+  public long creationDate; // optional
+
+  /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+  public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+    SECRET((short)1, "secret"),
+    KEY_ID((short)2, "keyId"),
+    EXPIRATION_DATE((short)3, "expirationDate"),
+    CREATION_DATE((short)4, "creationDate");
+
+    private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+    static {
+      for (_Fields field : EnumSet.allOf(_Fields.class)) {
+        byName.put(field.getFieldName(), field);
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, or null if its not found.
+     */
+    public static _Fields findByThriftId(int fieldId) {
+      switch(fieldId) {
+        case 1: // SECRET
+          return SECRET;
+        case 2: // KEY_ID
+          return KEY_ID;
+        case 3: // EXPIRATION_DATE
+          return EXPIRATION_DATE;
+        case 4: // CREATION_DATE
+          return CREATION_DATE;
+        default:
+          return null;
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, throwing an exception
+     * if it is not found.
+     */
+    public static _Fields findByThriftIdOrThrow(int fieldId) {
+      _Fields fields = findByThriftId(fieldId);
+      if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+      return fields;
+    }
+
+    /**
+     * Find the _Fields constant that matches name, or null if its not found.
+     */
+    public static _Fields findByName(String name) {
+      return byName.get(name);
+    }
+
+    private final short _thriftId;
+    private final String _fieldName;
+
+    _Fields(short thriftId, String fieldName) {
+      _thriftId = thriftId;
+      _fieldName = fieldName;
+    }
+
+    public short getThriftFieldId() {
+      return _thriftId;
+    }
+
+    public String getFieldName() {
+      return _fieldName;
+    }
+  }
+
+  // isset id assignments
+  private static final int __KEYID_ISSET_ID = 0;
+  private static final int __EXPIRATIONDATE_ISSET_ID = 1;
+  private static final int __CREATIONDATE_ISSET_ID = 2;
+  private byte __isset_bitfield = 0;
+  private _Fields optionals[] = {_Fields.KEY_ID,_Fields.EXPIRATION_DATE,_Fields.CREATION_DATE};
+  public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+  static {
+    Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+    tmpMap.put(_Fields.SECRET, new org.apache.thrift.meta_data.FieldMetaData("secret", org.apache.thrift.TFieldRequirementType.DEFAULT, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING        , true)));
+    tmpMap.put(_Fields.KEY_ID, new org.apache.thrift.meta_data.FieldMetaData("keyId", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+    tmpMap.put(_Fields.EXPIRATION_DATE, new org.apache.thrift.meta_data.FieldMetaData("expirationDate", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
+    tmpMap.put(_Fields.CREATION_DATE, new org.apache.thrift.meta_data.FieldMetaData("creationDate", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
+    metaDataMap = Collections.unmodifiableMap(tmpMap);
+    org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAuthenticationKey.class, metaDataMap);
+  }
+
+  public TAuthenticationKey() {
+  }
+
+  public TAuthenticationKey(
+    ByteBuffer secret)
+  {
+    this();
+    this.secret = secret;
+  }
+
+  /**
+   * Performs a deep copy on <i>other</i>.
+   */
+  public TAuthenticationKey(TAuthenticationKey other) {
+    __isset_bitfield = other.__isset_bitfield;
+    if (other.isSetSecret()) {
+      this.secret = org.apache.thrift.TBaseHelper.copyBinary(other.secret);
+;
+    }
+    this.keyId = other.keyId;
+    this.expirationDate = other.expirationDate;
+    this.creationDate = other.creationDate;
+  }
+
+  public TAuthenticationKey deepCopy() {
+    return new TAuthenticationKey(this);
+  }
+
+  @Override
+  public void clear() {
+    this.secret = null;
+    setKeyIdIsSet(false);
+    this.keyId = 0;
+    setExpirationDateIsSet(false);
+    this.expirationDate = 0;
+    setCreationDateIsSet(false);
+    this.creationDate = 0;
+  }
+
+  public byte[] getSecret() {
+    setSecret(org.apache.thrift.TBaseHelper.rightSize(secret));
+    return secret == null ? null : secret.array();
+  }
+
+  public ByteBuffer bufferForSecret() {
+    return secret;
+  }
+
+  public TAuthenticationKey setSecret(byte[] secret) {
+    setSecret(secret == null ? (ByteBuffer)null : ByteBuffer.wrap(secret));
+    return this;
+  }
+
+  public TAuthenticationKey setSecret(ByteBuffer secret) {
+    this.secret = secret;
+    return this;
+  }
+
+  public void unsetSecret() {
+    this.secret = null;
+  }
+
+  /** Returns true if field secret is set (has been assigned a value) and false otherwise */
+  public boolean isSetSecret() {
+    return this.secret != null;
+  }
+
+  public void setSecretIsSet(boolean value) {
+    if (!value) {
+      this.secret = null;
+    }
+  }
+
+  public int getKeyId() {
+    return this.keyId;
+  }
+
+  public TAuthenticationKey setKeyId(int keyId) {
+    this.keyId = keyId;
+    setKeyIdIsSet(true);
+    return this;
+  }
+
+  public void unsetKeyId() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __KEYID_ISSET_ID);
+  }
+
+  /** Returns true if field keyId is set (has been assigned a value) and false otherwise */
+  public boolean isSetKeyId() {
+    return EncodingUtils.testBit(__isset_bitfield, __KEYID_ISSET_ID);
+  }
+
+  public void setKeyIdIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __KEYID_ISSET_ID, value);
+  }
+
+  public long getExpirationDate() {
+    return this.expirationDate;
+  }
+
+  public TAuthenticationKey setExpirationDate(long expirationDate) {
+    this.expirationDate = expirationDate;
+    setExpirationDateIsSet(true);
+    return this;
+  }
+
+  public void unsetExpirationDate() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __EXPIRATIONDATE_ISSET_ID);
+  }
+
+  /** Returns true if field expirationDate is set (has been assigned a value) and false otherwise */
+  public boolean isSetExpirationDate() {
+    return EncodingUtils.testBit(__isset_bitfield, __EXPIRATIONDATE_ISSET_ID);
+  }
+
+  public void setExpirationDateIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __EXPIRATIONDATE_ISSET_ID, value);
+  }
+
+  public long getCreationDate() {
+    return this.creationDate;
+  }
+
+  public TAuthenticationKey setCreationDate(long creationDate) {
+    this.creationDate = creationDate;
+    setCreationDateIsSet(true);
+    return this;
+  }
+
+  public void unsetCreationDate() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __CREATIONDATE_ISSET_ID);
+  }
+
+  /** Returns true if field creationDate is set (has been assigned a value) and false otherwise */
+  public boolean isSetCreationDate() {
+    return EncodingUtils.testBit(__isset_bitfield, __CREATIONDATE_ISSET_ID);
+  }
+
+  public void setCreationDateIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __CREATIONDATE_ISSET_ID, value);
+  }
+
+  public void setFieldValue(_Fields field, Object value) {
+    switch (field) {
+    case SECRET:
+      if (value == null) {
+        unsetSecret();
+      } else {
+        setSecret((ByteBuffer)value);
+      }
+      break;
+
+    case KEY_ID:
+      if (value == null) {
+        unsetKeyId();
+      } else {
+        setKeyId((Integer)value);
+      }
+      break;
+
+    case EXPIRATION_DATE:
+      if (value == null) {
+        unsetExpirationDate();
+      } else {
+        setExpirationDate((Long)value);
+      }
+      break;
+
+    case CREATION_DATE:
+      if (value == null) {
+        unsetCreationDate();
+      } else {
+        setCreationDate((Long)value);
+      }
+      break;
+
+    }
+  }
+
+  public Object getFieldValue(_Fields field) {
+    switch (field) {
+    case SECRET:
+      return getSecret();
+
+    case KEY_ID:
+      return Integer.valueOf(getKeyId());
+
+    case EXPIRATION_DATE:
+      return Long.valueOf(getExpirationDate());
+
+    case CREATION_DATE:
+      return Long.valueOf(getCreationDate());
+
+    }
+    throw new IllegalStateException();
+  }
+
+  /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+  public boolean isSet(_Fields field) {
+    if (field == null) {
+      throw new IllegalArgumentException();
+    }
+
+    switch (field) {
+    case SECRET:
+      return isSetSecret();
+    case KEY_ID:
+      return isSetKeyId();
+    case EXPIRATION_DATE:
+      return isSetExpirationDate();
+    case CREATION_DATE:
+      return isSetCreationDate();
+    }
+    throw new IllegalStateException();
+  }
+
+  @Override
+  public boolean equals(Object that) {
+    if (that == null)
+      return false;
+    if (that instanceof TAuthenticationKey)
+      return this.equals((TAuthenticationKey)that);
+    return false;
+  }
+
+  public boolean equals(TAuthenticationKey that) {
+    if (that == null)
+      return false;
+
+    boolean this_present_secret = true && this.isSetSecret();
+    boolean that_present_secret = true && that.isSetSecret();
+    if (this_present_secret || that_present_secret) {
+      if (!(this_present_secret && that_present_secret))
+        return false;
+      if (!this.secret.equals(that.secret))
+        return false;
+    }
+
+    boolean this_present_keyId = true && this.isSetKeyId();
+    boolean that_present_keyId = true && that.isSetKeyId();
+    if (this_present_keyId || that_present_keyId) {
+      if (!(this_present_keyId && that_present_keyId))
+        return false;
+      if (this.keyId != that.keyId)
+        return false;
+    }
+
+    boolean this_present_expirationDate = true && this.isSetExpirationDate();
+    boolean that_present_expirationDate = true && that.isSetExpirationDate();
+    if (this_present_expirationDate || that_present_expirationDate) {
+      if (!(this_present_expirationDate && that_present_expirationDate))
+        return false;
+      if (this.expirationDate != that.expirationDate)
+        return false;
+    }
+
+    boolean this_present_creationDate = true && this.isSetCreationDate();
+    boolean that_present_creationDate = true && that.isSetCreationDate();
+    if (this_present_creationDate || that_present_creationDate) {
+      if (!(this_present_creationDate && that_present_creationDate))
+        return false;
+      if (this.creationDate != that.creationDate)
+        return false;
+    }
+
+    return true;
+  }
+
+  @Override
+  public int hashCode() {
+    return 0;
+  }
+
+  @Override
+  public int compareTo(TAuthenticationKey other) {
+    if (!getClass().equals(other.getClass())) {
+      return getClass().getName().compareTo(other.getClass().getName());
+    }
+
+    int lastComparison = 0;
+
+    lastComparison = Boolean.valueOf(isSetSecret()).compareTo(other.isSetSecret());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetSecret()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.secret, other.secret);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetKeyId()).compareTo(other.isSetKeyId());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetKeyId()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.keyId, other.keyId);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetExpirationDate()).compareTo(other.isSetExpirationDate());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetExpirationDate()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.expirationDate, other.expirationDate);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetCreationDate()).compareTo(other.isSetCreationDate());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetCreationDate()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.creationDate, other.creationDate);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    return 0;
+  }
+
+  public _Fields fieldForId(int fieldId) {
+    return _Fields.findByThriftId(fieldId);
+  }
+
+  public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+    schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+  }
+
+  public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+    schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder sb = new StringBuilder("TAuthenticationKey(");
+    boolean first = true;
+
+    sb.append("secret:");
+    if (this.secret == null) {
+      sb.append("null");
+    } else {
+      org.apache.thrift.TBaseHelper.toString(this.secret, sb);
+    }
+    first = false;
+    if (isSetKeyId()) {
+      if (!first) sb.append(", ");
+      sb.append("keyId:");
+      sb.append(this.keyId);
+      first = false;
+    }
+    if (isSetExpirationDate()) {
+      if (!first) sb.append(", ");
+      sb.append("expirationDate:");
+      sb.append(this.expirationDate);
+      first = false;
+    }
+    if (isSetCreationDate()) {
+      if (!first) sb.append(", ");
+      sb.append("creationDate:");
+      sb.append(this.creationDate);
+      first = false;
+    }
+    sb.append(")");
+    return sb.toString();
+  }
+
+  public void validate() throws org.apache.thrift.TException {
+    // check for required fields
+    // check for sub-struct validity
+  }
+
+  private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+    try {
+      write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+    try {
+      // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+      __isset_bitfield = 0;
+      read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private static class TAuthenticationKeyStandardSchemeFactory implements SchemeFactory {
+    public TAuthenticationKeyStandardScheme getScheme() {
+      return new TAuthenticationKeyStandardScheme();
+    }
+  }
+
+  private static class TAuthenticationKeyStandardScheme extends StandardScheme<TAuthenticationKey> {
+
+    public void read(org.apache.thrift.protocol.TProtocol iprot, TAuthenticationKey struct) throws org.apache.thrift.TException {
+      org.apache.thrift.protocol.TField schemeField;
+      iprot.readStructBegin();
+      while (true)
+      {
+        schemeField = iprot.readFieldBegin();
+        if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { 
+          break;
+        }
+        switch (schemeField.id) {
+          case 1: // SECRET
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.secret = iprot.readBinary();
+              struct.setSecretIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 2: // KEY_ID
+            if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+              struct.keyId = iprot.readI32();
+              struct.setKeyIdIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 3: // EXPIRATION_DATE
+            if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
+              struct.expirationDate = iprot.readI64();
+              struct.setExpirationDateIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 4: // CREATION_DATE
+            if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
+              struct.creationDate = iprot.readI64();
+              struct.setCreationDateIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          default:
+            org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+        }
+        iprot.readFieldEnd();
+      }
+      iprot.readStructEnd();
+
+      // check for required fields of primitive type, which can't be checked in the validate method
+      struct.validate();
+    }
+
+    public void write(org.apache.thrift.protocol.TProtocol oprot, TAuthenticationKey struct) throws org.apache.thrift.TException {
+      struct.validate();
+
+      oprot.writeStructBegin(STRUCT_DESC);
+      if (struct.secret != null) {
+        oprot.writeFieldBegin(SECRET_FIELD_DESC);
+        oprot.writeBinary(struct.secret);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetKeyId()) {
+        oprot.writeFieldBegin(KEY_ID_FIELD_DESC);
+        oprot.writeI32(struct.keyId);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetExpirationDate()) {
+        oprot.writeFieldBegin(EXPIRATION_DATE_FIELD_DESC);
+        oprot.writeI64(struct.expirationDate);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetCreationDate()) {
+        oprot.writeFieldBegin(CREATION_DATE_FIELD_DESC);
+        oprot.writeI64(struct.creationDate);
+        oprot.writeFieldEnd();
+      }
+      oprot.writeFieldStop();
+      oprot.writeStructEnd();
+    }
+
+  }
+
+  private static class TAuthenticationKeyTupleSchemeFactory implements SchemeFactory {
+    public TAuthenticationKeyTupleScheme getScheme() {
+      return new TAuthenticationKeyTupleScheme();
+    }
+  }
+
+  private static class TAuthenticationKeyTupleScheme extends TupleScheme<TAuthenticationKey> {
+
+    @Override
+    public void write(org.apache.thrift.protocol.TProtocol prot, TAuthenticationKey struct) throws org.apache.thrift.TException {
+      TTupleProtocol oprot = (TTupleProtocol) prot;
+      BitSet optionals = new BitSet();
+      if (struct.isSetSecret()) {
+        optionals.set(0);
+      }
+      if (struct.isSetKeyId()) {
+        optionals.set(1);
+      }
+      if (struct.isSetExpirationDate()) {
+        optionals.set(2);
+      }
+      if (struct.isSetCreationDate()) {
+        optionals.set(3);
+      }
+      oprot.writeBitSet(optionals, 4);
+      if (struct.isSetSecret()) {
+        oprot.writeBinary(struct.secret);
+      }
+      if (struct.isSetKeyId()) {
+        oprot.writeI32(struct.keyId);
+      }
+      if (struct.isSetExpirationDate()) {
+        oprot.writeI64(struct.expirationDate);
+      }
+      if (struct.isSetCreationDate()) {
+        oprot.writeI64(struct.creationDate);
+      }
+    }
+
+    @Override
+    public void read(org.apache.thrift.protocol.TProtocol prot, TAuthenticationKey struct) throws org.apache.thrift.TException {
+      TTupleProtocol iprot = (TTupleProtocol) prot;
+      BitSet incoming = iprot.readBitSet(4);
+      if (incoming.get(0)) {
+        struct.secret = iprot.readBinary();
+        struct.setSecretIsSet(true);
+      }
+      if (incoming.get(1)) {
+        struct.keyId = iprot.readI32();
+        struct.setKeyIdIsSet(true);
+      }
+      if (incoming.get(2)) {
+        struct.expirationDate = iprot.readI64();
+        struct.setExpirationDateIsSet(true);
+      }
+      if (incoming.get(3)) {
+        struct.creationDate = iprot.readI64();
+        struct.setCreationDateIsSet(true);
+      }
+    }
+  }
+
+}
+

http://git-wip-us.apache.org/repos/asf/accumulo/blob/2c983317/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationTokenIdentifier.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationTokenIdentifier.java b/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationTokenIdentifier.java
new file mode 100644
index 0000000..d4e75f0
--- /dev/null
+++ b/core/src/main/java/org/apache/accumulo/core/security/thrift/TAuthenticationTokenIdentifier.java
@@ -0,0 +1,796 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Autogenerated by Thrift Compiler (0.9.1)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ *  @generated
+ */
+package org.apache.accumulo.core.security.thrift;
+
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import org.apache.thrift.async.AsyncMethodCallback;
+import org.apache.thrift.server.AbstractNonblockingServer.*;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@SuppressWarnings({"unchecked", "serial", "rawtypes", "unused"}) public class TAuthenticationTokenIdentifier implements org.apache.thrift.TBase<TAuthenticationTokenIdentifier, TAuthenticationTokenIdentifier._Fields>, java.io.Serializable, Cloneable, Comparable<TAuthenticationTokenIdentifier> {
+  private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAuthenticationTokenIdentifier");
+
+  private static final org.apache.thrift.protocol.TField PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("principal", org.apache.thrift.protocol.TType.STRING, (short)1);
+  private static final org.apache.thrift.protocol.TField KEY_ID_FIELD_DESC = new org.apache.thrift.protocol.TField("keyId", org.apache.thrift.protocol.TType.I32, (short)2);
+  private static final org.apache.thrift.protocol.TField ISSUE_DATE_FIELD_DESC = new org.apache.thrift.protocol.TField("issueDate", org.apache.thrift.protocol.TType.I64, (short)3);
+  private static final org.apache.thrift.protocol.TField EXPIRATION_DATE_FIELD_DESC = new org.apache.thrift.protocol.TField("expirationDate", org.apache.thrift.protocol.TType.I64, (short)4);
+  private static final org.apache.thrift.protocol.TField INSTANCE_ID_FIELD_DESC = new org.apache.thrift.protocol.TField("instanceId", org.apache.thrift.protocol.TType.STRING, (short)5);
+
+  private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+  static {
+    schemes.put(StandardScheme.class, new TAuthenticationTokenIdentifierStandardSchemeFactory());
+    schemes.put(TupleScheme.class, new TAuthenticationTokenIdentifierTupleSchemeFactory());
+  }
+
+  public String principal; // required
+  public int keyId; // optional
+  public long issueDate; // optional
+  public long expirationDate; // optional
+  public String instanceId; // optional
+
+  /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+  public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+    PRINCIPAL((short)1, "principal"),
+    KEY_ID((short)2, "keyId"),
+    ISSUE_DATE((short)3, "issueDate"),
+    EXPIRATION_DATE((short)4, "expirationDate"),
+    INSTANCE_ID((short)5, "instanceId");
+
+    private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+    static {
+      for (_Fields field : EnumSet.allOf(_Fields.class)) {
+        byName.put(field.getFieldName(), field);
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, or null if its not found.
+     */
+    public static _Fields findByThriftId(int fieldId) {
+      switch(fieldId) {
+        case 1: // PRINCIPAL
+          return PRINCIPAL;
+        case 2: // KEY_ID
+          return KEY_ID;
+        case 3: // ISSUE_DATE
+          return ISSUE_DATE;
+        case 4: // EXPIRATION_DATE
+          return EXPIRATION_DATE;
+        case 5: // INSTANCE_ID
+          return INSTANCE_ID;
+        default:
+          return null;
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, throwing an exception
+     * if it is not found.
+     */
+    public static _Fields findByThriftIdOrThrow(int fieldId) {
+      _Fields fields = findByThriftId(fieldId);
+      if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+      return fields;
+    }
+
+    /**
+     * Find the _Fields constant that matches name, or null if its not found.
+     */
+    public static _Fields findByName(String name) {
+      return byName.get(name);
+    }
+
+    private final short _thriftId;
+    private final String _fieldName;
+
+    _Fields(short thriftId, String fieldName) {
+      _thriftId = thriftId;
+      _fieldName = fieldName;
+    }
+
+    public short getThriftFieldId() {
+      return _thriftId;
+    }
+
+    public String getFieldName() {
+      return _fieldName;
+    }
+  }
+
+  // isset id assignments
+  private static final int __KEYID_ISSET_ID = 0;
+  private static final int __ISSUEDATE_ISSET_ID = 1;
+  private static final int __EXPIRATIONDATE_ISSET_ID = 2;
+  private byte __isset_bitfield = 0;
+  private _Fields optionals[] = {_Fields.KEY_ID,_Fields.ISSUE_DATE,_Fields.EXPIRATION_DATE,_Fields.INSTANCE_ID};
+  public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+  static {
+    Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+    tmpMap.put(_Fields.PRINCIPAL, new org.apache.thrift.meta_data.FieldMetaData("principal", org.apache.thrift.TFieldRequirementType.DEFAULT, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    tmpMap.put(_Fields.KEY_ID, new org.apache.thrift.meta_data.FieldMetaData("keyId", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+    tmpMap.put(_Fields.ISSUE_DATE, new org.apache.thrift.meta_data.FieldMetaData("issueDate", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
+    tmpMap.put(_Fields.EXPIRATION_DATE, new org.apache.thrift.meta_data.FieldMetaData("expirationDate", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
+    tmpMap.put(_Fields.INSTANCE_ID, new org.apache.thrift.meta_data.FieldMetaData("instanceId", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    metaDataMap = Collections.unmodifiableMap(tmpMap);
+    org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAuthenticationTokenIdentifier.class, metaDataMap);
+  }
+
+  public TAuthenticationTokenIdentifier() {
+  }
+
+  public TAuthenticationTokenIdentifier(
+    String principal)
+  {
+    this();
+    this.principal = principal;
+  }
+
+  /**
+   * Performs a deep copy on <i>other</i>.
+   */
+  public TAuthenticationTokenIdentifier(TAuthenticationTokenIdentifier other) {
+    __isset_bitfield = other.__isset_bitfield;
+    if (other.isSetPrincipal()) {
+      this.principal = other.principal;
+    }
+    this.keyId = other.keyId;
+    this.issueDate = other.issueDate;
+    this.expirationDate = other.expirationDate;
+    if (other.isSetInstanceId()) {
+      this.instanceId = other.instanceId;
+    }
+  }
+
+  public TAuthenticationTokenIdentifier deepCopy() {
+    return new TAuthenticationTokenIdentifier(this);
+  }
+
+  @Override
+  public void clear() {
+    this.principal = null;
+    setKeyIdIsSet(false);
+    this.keyId = 0;
+    setIssueDateIsSet(false);
+    this.issueDate = 0;
+    setExpirationDateIsSet(false);
+    this.expirationDate = 0;
+    this.instanceId = null;
+  }
+
+  public String getPrincipal() {
+    return this.principal;
+  }
+
+  public TAuthenticationTokenIdentifier setPrincipal(String principal) {
+    this.principal = principal;
+    return this;
+  }
+
+  public void unsetPrincipal() {
+    this.principal = null;
+  }
+
+  /** Returns true if field principal is set (has been assigned a value) and false otherwise */
+  public boolean isSetPrincipal() {
+    return this.principal != null;
+  }
+
+  public void setPrincipalIsSet(boolean value) {
+    if (!value) {
+      this.principal = null;
+    }
+  }
+
+  public int getKeyId() {
+    return this.keyId;
+  }
+
+  public TAuthenticationTokenIdentifier setKeyId(int keyId) {
+    this.keyId = keyId;
+    setKeyIdIsSet(true);
+    return this;
+  }
+
+  public void unsetKeyId() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __KEYID_ISSET_ID);
+  }
+
+  /** Returns true if field keyId is set (has been assigned a value) and false otherwise */
+  public boolean isSetKeyId() {
+    return EncodingUtils.testBit(__isset_bitfield, __KEYID_ISSET_ID);
+  }
+
+  public void setKeyIdIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __KEYID_ISSET_ID, value);
+  }
+
+  public long getIssueDate() {
+    return this.issueDate;
+  }
+
+  public TAuthenticationTokenIdentifier setIssueDate(long issueDate) {
+    this.issueDate = issueDate;
+    setIssueDateIsSet(true);
+    return this;
+  }
+
+  public void unsetIssueDate() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __ISSUEDATE_ISSET_ID);
+  }
+
+  /** Returns true if field issueDate is set (has been assigned a value) and false otherwise */
+  public boolean isSetIssueDate() {
+    return EncodingUtils.testBit(__isset_bitfield, __ISSUEDATE_ISSET_ID);
+  }
+
+  public void setIssueDateIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __ISSUEDATE_ISSET_ID, value);
+  }
+
+  public long getExpirationDate() {
+    return this.expirationDate;
+  }
+
+  public TAuthenticationTokenIdentifier setExpirationDate(long expirationDate) {
+    this.expirationDate = expirationDate;
+    setExpirationDateIsSet(true);
+    return this;
+  }
+
+  public void unsetExpirationDate() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __EXPIRATIONDATE_ISSET_ID);
+  }
+
+  /** Returns true if field expirationDate is set (has been assigned a value) and false otherwise */
+  public boolean isSetExpirationDate() {
+    return EncodingUtils.testBit(__isset_bitfield, __EXPIRATIONDATE_ISSET_ID);
+  }
+
+  public void setExpirationDateIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __EXPIRATIONDATE_ISSET_ID, value);
+  }
+
+  public String getInstanceId() {
+    return this.instanceId;
+  }
+
+  public TAuthenticationTokenIdentifier setInstanceId(String instanceId) {
+    this.instanceId = instanceId;
+    return this;
+  }
+
+  public void unsetInstanceId() {
+    this.instanceId = null;
+  }
+
+  /** Returns true if field instanceId is set (has been assigned a value) and false otherwise */
+  public boolean isSetInstanceId() {
+    return this.instanceId != null;
+  }
+
+  public void setInstanceIdIsSet(boolean value) {
+    if (!value) {
+      this.instanceId = null;
+    }
+  }
+
+  public void setFieldValue(_Fields field, Object value) {
+    switch (field) {
+    case PRINCIPAL:
+      if (value == null) {
+        unsetPrincipal();
+      } else {
+        setPrincipal((String)value);
+      }
+      break;
+
+    case KEY_ID:
+      if (value == null) {
+        unsetKeyId();
+      } else {
+        setKeyId((Integer)value);
+      }
+      break;
+
+    case ISSUE_DATE:
+      if (value == null) {
+        unsetIssueDate();
+      } else {
+        setIssueDate((Long)value);
+      }
+      break;
+
+    case EXPIRATION_DATE:
+      if (value == null) {
+        unsetExpirationDate();
+      } else {
+        setExpirationDate((Long)value);
+      }
+      break;
+
+    case INSTANCE_ID:
+      if (value == null) {
+        unsetInstanceId();
+      } else {
+        setInstanceId((String)value);
+      }
+      break;
+
+    }
+  }
+
+  public Object getFieldValue(_Fields field) {
+    switch (field) {
+    case PRINCIPAL:
+      return getPrincipal();
+
+    case KEY_ID:
+      return Integer.valueOf(getKeyId());
+
+    case ISSUE_DATE:
+      return Long.valueOf(getIssueDate());
+
+    case EXPIRATION_DATE:
+      return Long.valueOf(getExpirationDate());
+
+    case INSTANCE_ID:
+      return getInstanceId();
+
+    }
+    throw new IllegalStateException();
+  }
+
+  /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+  public boolean isSet(_Fields field) {
+    if (field == null) {
+      throw new IllegalArgumentException();
+    }
+
+    switch (field) {
+    case PRINCIPAL:
+      return isSetPrincipal();
+    case KEY_ID:
+      return isSetKeyId();
+    case ISSUE_DATE:
+      return isSetIssueDate();
+    case EXPIRATION_DATE:
+      return isSetExpirationDate();
+    case INSTANCE_ID:
+      return isSetInstanceId();
+    }
+    throw new IllegalStateException();
+  }
+
+  @Override
+  public boolean equals(Object that) {
+    if (that == null)
+      return false;
+    if (that instanceof TAuthenticationTokenIdentifier)
+      return this.equals((TAuthenticationTokenIdentifier)that);
+    return false;
+  }
+
+  public boolean equals(TAuthenticationTokenIdentifier that) {
+    if (that == null)
+      return false;
+
+    boolean this_present_principal = true && this.isSetPrincipal();
+    boolean that_present_principal = true && that.isSetPrincipal();
+    if (this_present_principal || that_present_principal) {
+      if (!(this_present_principal && that_present_principal))
+        return false;
+      if (!this.principal.equals(that.principal))
+        return false;
+    }
+
+    boolean this_present_keyId = true && this.isSetKeyId();
+    boolean that_present_keyId = true && that.isSetKeyId();
+    if (this_present_keyId || that_present_keyId) {
+      if (!(this_present_keyId && that_present_keyId))
+        return false;
+      if (this.keyId != that.keyId)
+        return false;
+    }
+
+    boolean this_present_issueDate = true && this.isSetIssueDate();
+    boolean that_present_issueDate = true && that.isSetIssueDate();
+    if (this_present_issueDate || that_present_issueDate) {
+      if (!(this_present_issueDate && that_present_issueDate))
+        return false;
+      if (this.issueDate != that.issueDate)
+        return false;
+    }
+
+    boolean this_present_expirationDate = true && this.isSetExpirationDate();
+    boolean that_present_expirationDate = true && that.isSetExpirationDate();
+    if (this_present_expirationDate || that_present_expirationDate) {
+      if (!(this_present_expirationDate && that_present_expirationDate))
+        return false;
+      if (this.expirationDate != that.expirationDate)
+        return false;
+    }
+
+    boolean this_present_instanceId = true && this.isSetInstanceId();
+    boolean that_present_instanceId = true && that.isSetInstanceId();
+    if (this_present_instanceId || that_present_instanceId) {
+      if (!(this_present_instanceId && that_present_instanceId))
+        return false;
+      if (!this.instanceId.equals(that.instanceId))
+        return false;
+    }
+
+    return true;
+  }
+
+  @Override
+  public int hashCode() {
+    return 0;
+  }
+
+  @Override
+  public int compareTo(TAuthenticationTokenIdentifier other) {
+    if (!getClass().equals(other.getClass())) {
+      return getClass().getName().compareTo(other.getClass().getName());
+    }
+
+    int lastComparison = 0;
+
+    lastComparison = Boolean.valueOf(isSetPrincipal()).compareTo(other.isSetPrincipal());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetPrincipal()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.principal, other.principal);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetKeyId()).compareTo(other.isSetKeyId());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetKeyId()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.keyId, other.keyId);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetIssueDate()).compareTo(other.isSetIssueDate());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetIssueDate()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.issueDate, other.issueDate);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetExpirationDate()).compareTo(other.isSetExpirationDate());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetExpirationDate()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.expirationDate, other.expirationDate);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetInstanceId()).compareTo(other.isSetInstanceId());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetInstanceId()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.instanceId, other.instanceId);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    return 0;
+  }
+
+  public _Fields fieldForId(int fieldId) {
+    return _Fields.findByThriftId(fieldId);
+  }
+
+  public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+    schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+  }
+
+  public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+    schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder sb = new StringBuilder("TAuthenticationTokenIdentifier(");
+    boolean first = true;
+
+    sb.append("principal:");
+    if (this.principal == null) {
+      sb.append("null");
+    } else {
+      sb.append(this.principal);
+    }
+    first = false;
+    if (isSetKeyId()) {
+      if (!first) sb.append(", ");
+      sb.append("keyId:");
+      sb.append(this.keyId);
+      first = false;
+    }
+    if (isSetIssueDate()) {
+      if (!first) sb.append(", ");
+      sb.append("issueDate:");
+      sb.append(this.issueDate);
+      first = false;
+    }
+    if (isSetExpirationDate()) {
+      if (!first) sb.append(", ");
+      sb.append("expirationDate:");
+      sb.append(this.expirationDate);
+      first = false;
+    }
+    if (isSetInstanceId()) {
+      if (!first) sb.append(", ");
+      sb.append("instanceId:");
+      if (this.instanceId == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.instanceId);
+      }
+      first = false;
+    }
+    sb.append(")");
+    return sb.toString();
+  }
+
+  public void validate() throws org.apache.thrift.TException {
+    // check for required fields
+    // check for sub-struct validity
+  }
+
+  private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+    try {
+      write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+    try {
+      // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+      __isset_bitfield = 0;
+      read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private static class TAuthenticationTokenIdentifierStandardSchemeFactory implements SchemeFactory {
+    public TAuthenticationTokenIdentifierStandardScheme getScheme() {
+      return new TAuthenticationTokenIdentifierStandardScheme();
+    }
+  }
+
+  private static class TAuthenticationTokenIdentifierStandardScheme extends StandardScheme<TAuthenticationTokenIdentifier> {
+
+    public void read(org.apache.thrift.protocol.TProtocol iprot, TAuthenticationTokenIdentifier struct) throws org.apache.thrift.TException {
+      org.apache.thrift.protocol.TField schemeField;
+      iprot.readStructBegin();
+      while (true)
+      {
+        schemeField = iprot.readFieldBegin();
+        if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { 
+          break;
+        }
+        switch (schemeField.id) {
+          case 1: // PRINCIPAL
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.principal = iprot.readString();
+              struct.setPrincipalIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 2: // KEY_ID
+            if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+              struct.keyId = iprot.readI32();
+              struct.setKeyIdIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 3: // ISSUE_DATE
+            if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
+              struct.issueDate = iprot.readI64();
+              struct.setIssueDateIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 4: // EXPIRATION_DATE
+            if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
+              struct.expirationDate = iprot.readI64();
+              struct.setExpirationDateIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 5: // INSTANCE_ID
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.instanceId = iprot.readString();
+              struct.setInstanceIdIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          default:
+            org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+        }
+        iprot.readFieldEnd();
+      }
+      iprot.readStructEnd();
+
+      // check for required fields of primitive type, which can't be checked in the validate method
+      struct.validate();
+    }
+
+    public void write(org.apache.thrift.protocol.TProtocol oprot, TAuthenticationTokenIdentifier struct) throws org.apache.thrift.TException {
+      struct.validate();
+
+      oprot.writeStructBegin(STRUCT_DESC);
+      if (struct.principal != null) {
+        oprot.writeFieldBegin(PRINCIPAL_FIELD_DESC);
+        oprot.writeString(struct.principal);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetKeyId()) {
+        oprot.writeFieldBegin(KEY_ID_FIELD_DESC);
+        oprot.writeI32(struct.keyId);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetIssueDate()) {
+        oprot.writeFieldBegin(ISSUE_DATE_FIELD_DESC);
+        oprot.writeI64(struct.issueDate);
+        oprot.writeFieldEnd();
+      }
+      if (struct.isSetExpirationDate()) {
+        oprot.writeFieldBegin(EXPIRATION_DATE_FIELD_DESC);
+        oprot.writeI64(struct.expirationDate);
+        oprot.writeFieldEnd();
+      }
+      if (struct.instanceId != null) {
+        if (struct.isSetInstanceId()) {
+          oprot.writeFieldBegin(INSTANCE_ID_FIELD_DESC);
+          oprot.writeString(struct.instanceId);
+          oprot.writeFieldEnd();
+        }
+      }
+      oprot.writeFieldStop();
+      oprot.writeStructEnd();
+    }
+
+  }
+
+  private static class TAuthenticationTokenIdentifierTupleSchemeFactory implements SchemeFactory {
+    public TAuthenticationTokenIdentifierTupleScheme getScheme() {
+      return new TAuthenticationTokenIdentifierTupleScheme();
+    }
+  }
+
+  private static class TAuthenticationTokenIdentifierTupleScheme extends TupleScheme<TAuthenticationTokenIdentifier> {
+
+    @Override
+    public void write(org.apache.thrift.protocol.TProtocol prot, TAuthenticationTokenIdentifier struct) throws org.apache.thrift.TException {
+      TTupleProtocol oprot = (TTupleProtocol) prot;
+      BitSet optionals = new BitSet();
+      if (struct.isSetPrincipal()) {
+        optionals.set(0);
+      }
+      if (struct.isSetKeyId()) {
+        optionals.set(1);
+      }
+      if (struct.isSetIssueDate()) {
+        optionals.set(2);
+      }
+      if (struct.isSetExpirationDate()) {
+        optionals.set(3);
+      }
+      if (struct.isSetInstanceId()) {
+        optionals.set(4);
+      }
+      oprot.writeBitSet(optionals, 5);
+      if (struct.isSetPrincipal()) {
+        oprot.writeString(struct.principal);
+      }
+      if (struct.isSetKeyId()) {
+        oprot.writeI32(struct.keyId);
+      }
+      if (struct.isSetIssueDate()) {
+        oprot.writeI64(struct.issueDate);
+      }
+      if (struct.isSetExpirationDate()) {
+        oprot.writeI64(struct.expirationDate);
+      }
+      if (struct.isSetInstanceId()) {
+        oprot.writeString(struct.instanceId);
+      }
+    }
+
+    @Override
+    public void read(org.apache.thrift.protocol.TProtocol prot, TAuthenticationTokenIdentifier struct) throws org.apache.thrift.TException {
+      TTupleProtocol iprot = (TTupleProtocol) prot;
+      BitSet incoming = iprot.readBitSet(5);
+      if (incoming.get(0)) {
+        struct.principal = iprot.readString();
+        struct.setPrincipalIsSet(true);
+      }
+      if (incoming.get(1)) {
+        struct.keyId = iprot.readI32();
+        struct.setKeyIdIsSet(true);
+      }
+      if (incoming.get(2)) {
+        struct.issueDate = iprot.readI64();
+        struct.setIssueDateIsSet(true);
+      }
+      if (incoming.get(3)) {
+        struct.expirationDate = iprot.readI64();
+        struct.setExpirationDateIsSet(true);
+      }
+      if (incoming.get(4)) {
+        struct.instanceId = iprot.readString();
+        struct.setInstanceIdIsSet(true);
+      }
+    }
+  }
+
+}
+

http://git-wip-us.apache.org/repos/asf/accumulo/blob/2c983317/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationToken.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationToken.java b/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationToken.java
new file mode 100644
index 0000000..904d195
--- /dev/null
+++ b/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationToken.java
@@ -0,0 +1,520 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Autogenerated by Thrift Compiler (0.9.1)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ *  @generated
+ */
+package org.apache.accumulo.core.security.thrift;
+
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import org.apache.thrift.async.AsyncMethodCallback;
+import org.apache.thrift.server.AbstractNonblockingServer.*;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@SuppressWarnings({"unchecked", "serial", "rawtypes", "unused"}) public class TDelegationToken implements org.apache.thrift.TBase<TDelegationToken, TDelegationToken._Fields>, java.io.Serializable, Cloneable, Comparable<TDelegationToken> {
+  private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDelegationToken");
+
+  private static final org.apache.thrift.protocol.TField PASSWORD_FIELD_DESC = new org.apache.thrift.protocol.TField("password", org.apache.thrift.protocol.TType.STRING, (short)1);
+  private static final org.apache.thrift.protocol.TField IDENTIFIER_FIELD_DESC = new org.apache.thrift.protocol.TField("identifier", org.apache.thrift.protocol.TType.STRUCT, (short)2);
+
+  private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+  static {
+    schemes.put(StandardScheme.class, new TDelegationTokenStandardSchemeFactory());
+    schemes.put(TupleScheme.class, new TDelegationTokenTupleSchemeFactory());
+  }
+
+  public ByteBuffer password; // required
+  public TAuthenticationTokenIdentifier identifier; // required
+
+  /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+  public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+    PASSWORD((short)1, "password"),
+    IDENTIFIER((short)2, "identifier");
+
+    private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+    static {
+      for (_Fields field : EnumSet.allOf(_Fields.class)) {
+        byName.put(field.getFieldName(), field);
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, or null if its not found.
+     */
+    public static _Fields findByThriftId(int fieldId) {
+      switch(fieldId) {
+        case 1: // PASSWORD
+          return PASSWORD;
+        case 2: // IDENTIFIER
+          return IDENTIFIER;
+        default:
+          return null;
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, throwing an exception
+     * if it is not found.
+     */
+    public static _Fields findByThriftIdOrThrow(int fieldId) {
+      _Fields fields = findByThriftId(fieldId);
+      if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+      return fields;
+    }
+
+    /**
+     * Find the _Fields constant that matches name, or null if its not found.
+     */
+    public static _Fields findByName(String name) {
+      return byName.get(name);
+    }
+
+    private final short _thriftId;
+    private final String _fieldName;
+
+    _Fields(short thriftId, String fieldName) {
+      _thriftId = thriftId;
+      _fieldName = fieldName;
+    }
+
+    public short getThriftFieldId() {
+      return _thriftId;
+    }
+
+    public String getFieldName() {
+      return _fieldName;
+    }
+  }
+
+  // isset id assignments
+  public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+  static {
+    Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+    tmpMap.put(_Fields.PASSWORD, new org.apache.thrift.meta_data.FieldMetaData("password", org.apache.thrift.TFieldRequirementType.DEFAULT, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING        , true)));
+    tmpMap.put(_Fields.IDENTIFIER, new org.apache.thrift.meta_data.FieldMetaData("identifier", org.apache.thrift.TFieldRequirementType.DEFAULT, 
+        new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TAuthenticationTokenIdentifier.class)));
+    metaDataMap = Collections.unmodifiableMap(tmpMap);
+    org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDelegationToken.class, metaDataMap);
+  }
+
+  public TDelegationToken() {
+  }
+
+  public TDelegationToken(
+    ByteBuffer password,
+    TAuthenticationTokenIdentifier identifier)
+  {
+    this();
+    this.password = password;
+    this.identifier = identifier;
+  }
+
+  /**
+   * Performs a deep copy on <i>other</i>.
+   */
+  public TDelegationToken(TDelegationToken other) {
+    if (other.isSetPassword()) {
+      this.password = org.apache.thrift.TBaseHelper.copyBinary(other.password);
+;
+    }
+    if (other.isSetIdentifier()) {
+      this.identifier = new TAuthenticationTokenIdentifier(other.identifier);
+    }
+  }
+
+  public TDelegationToken deepCopy() {
+    return new TDelegationToken(this);
+  }
+
+  @Override
+  public void clear() {
+    this.password = null;
+    this.identifier = null;
+  }
+
+  public byte[] getPassword() {
+    setPassword(org.apache.thrift.TBaseHelper.rightSize(password));
+    return password == null ? null : password.array();
+  }
+
+  public ByteBuffer bufferForPassword() {
+    return password;
+  }
+
+  public TDelegationToken setPassword(byte[] password) {
+    setPassword(password == null ? (ByteBuffer)null : ByteBuffer.wrap(password));
+    return this;
+  }
+
+  public TDelegationToken setPassword(ByteBuffer password) {
+    this.password = password;
+    return this;
+  }
+
+  public void unsetPassword() {
+    this.password = null;
+  }
+
+  /** Returns true if field password is set (has been assigned a value) and false otherwise */
+  public boolean isSetPassword() {
+    return this.password != null;
+  }
+
+  public void setPasswordIsSet(boolean value) {
+    if (!value) {
+      this.password = null;
+    }
+  }
+
+  public TAuthenticationTokenIdentifier getIdentifier() {
+    return this.identifier;
+  }
+
+  public TDelegationToken setIdentifier(TAuthenticationTokenIdentifier identifier) {
+    this.identifier = identifier;
+    return this;
+  }
+
+  public void unsetIdentifier() {
+    this.identifier = null;
+  }
+
+  /** Returns true if field identifier is set (has been assigned a value) and false otherwise */
+  public boolean isSetIdentifier() {
+    return this.identifier != null;
+  }
+
+  public void setIdentifierIsSet(boolean value) {
+    if (!value) {
+      this.identifier = null;
+    }
+  }
+
+  public void setFieldValue(_Fields field, Object value) {
+    switch (field) {
+    case PASSWORD:
+      if (value == null) {
+        unsetPassword();
+      } else {
+        setPassword((ByteBuffer)value);
+      }
+      break;
+
+    case IDENTIFIER:
+      if (value == null) {
+        unsetIdentifier();
+      } else {
+        setIdentifier((TAuthenticationTokenIdentifier)value);
+      }
+      break;
+
+    }
+  }
+
+  public Object getFieldValue(_Fields field) {
+    switch (field) {
+    case PASSWORD:
+      return getPassword();
+
+    case IDENTIFIER:
+      return getIdentifier();
+
+    }
+    throw new IllegalStateException();
+  }
+
+  /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+  public boolean isSet(_Fields field) {
+    if (field == null) {
+      throw new IllegalArgumentException();
+    }
+
+    switch (field) {
+    case PASSWORD:
+      return isSetPassword();
+    case IDENTIFIER:
+      return isSetIdentifier();
+    }
+    throw new IllegalStateException();
+  }
+
+  @Override
+  public boolean equals(Object that) {
+    if (that == null)
+      return false;
+    if (that instanceof TDelegationToken)
+      return this.equals((TDelegationToken)that);
+    return false;
+  }
+
+  public boolean equals(TDelegationToken that) {
+    if (that == null)
+      return false;
+
+    boolean this_present_password = true && this.isSetPassword();
+    boolean that_present_password = true && that.isSetPassword();
+    if (this_present_password || that_present_password) {
+      if (!(this_present_password && that_present_password))
+        return false;
+      if (!this.password.equals(that.password))
+        return false;
+    }
+
+    boolean this_present_identifier = true && this.isSetIdentifier();
+    boolean that_present_identifier = true && that.isSetIdentifier();
+    if (this_present_identifier || that_present_identifier) {
+      if (!(this_present_identifier && that_present_identifier))
+        return false;
+      if (!this.identifier.equals(that.identifier))
+        return false;
+    }
+
+    return true;
+  }
+
+  @Override
+  public int hashCode() {
+    return 0;
+  }
+
+  @Override
+  public int compareTo(TDelegationToken other) {
+    if (!getClass().equals(other.getClass())) {
+      return getClass().getName().compareTo(other.getClass().getName());
+    }
+
+    int lastComparison = 0;
+
+    lastComparison = Boolean.valueOf(isSetPassword()).compareTo(other.isSetPassword());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetPassword()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.password, other.password);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetIdentifier()).compareTo(other.isSetIdentifier());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetIdentifier()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.identifier, other.identifier);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    return 0;
+  }
+
+  public _Fields fieldForId(int fieldId) {
+    return _Fields.findByThriftId(fieldId);
+  }
+
+  public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+    schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+  }
+
+  public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+    schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder sb = new StringBuilder("TDelegationToken(");
+    boolean first = true;
+
+    sb.append("password:");
+    if (this.password == null) {
+      sb.append("null");
+    } else {
+      org.apache.thrift.TBaseHelper.toString(this.password, sb);
+    }
+    first = false;
+    if (!first) sb.append(", ");
+    sb.append("identifier:");
+    if (this.identifier == null) {
+      sb.append("null");
+    } else {
+      sb.append(this.identifier);
+    }
+    first = false;
+    sb.append(")");
+    return sb.toString();
+  }
+
+  public void validate() throws org.apache.thrift.TException {
+    // check for required fields
+    // check for sub-struct validity
+    if (identifier != null) {
+      identifier.validate();
+    }
+  }
+
+  private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+    try {
+      write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+    try {
+      read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private static class TDelegationTokenStandardSchemeFactory implements SchemeFactory {
+    public TDelegationTokenStandardScheme getScheme() {
+      return new TDelegationTokenStandardScheme();
+    }
+  }
+
+  private static class TDelegationTokenStandardScheme extends StandardScheme<TDelegationToken> {
+
+    public void read(org.apache.thrift.protocol.TProtocol iprot, TDelegationToken struct) throws org.apache.thrift.TException {
+      org.apache.thrift.protocol.TField schemeField;
+      iprot.readStructBegin();
+      while (true)
+      {
+        schemeField = iprot.readFieldBegin();
+        if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { 
+          break;
+        }
+        switch (schemeField.id) {
+          case 1: // PASSWORD
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.password = iprot.readBinary();
+              struct.setPasswordIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 2: // IDENTIFIER
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+              struct.identifier = new TAuthenticationTokenIdentifier();
+              struct.identifier.read(iprot);
+              struct.setIdentifierIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          default:
+            org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+        }
+        iprot.readFieldEnd();
+      }
+      iprot.readStructEnd();
+
+      // check for required fields of primitive type, which can't be checked in the validate method
+      struct.validate();
+    }
+
+    public void write(org.apache.thrift.protocol.TProtocol oprot, TDelegationToken struct) throws org.apache.thrift.TException {
+      struct.validate();
+
+      oprot.writeStructBegin(STRUCT_DESC);
+      if (struct.password != null) {
+        oprot.writeFieldBegin(PASSWORD_FIELD_DESC);
+        oprot.writeBinary(struct.password);
+        oprot.writeFieldEnd();
+      }
+      if (struct.identifier != null) {
+        oprot.writeFieldBegin(IDENTIFIER_FIELD_DESC);
+        struct.identifier.write(oprot);
+        oprot.writeFieldEnd();
+      }
+      oprot.writeFieldStop();
+      oprot.writeStructEnd();
+    }
+
+  }
+
+  private static class TDelegationTokenTupleSchemeFactory implements SchemeFactory {
+    public TDelegationTokenTupleScheme getScheme() {
+      return new TDelegationTokenTupleScheme();
+    }
+  }
+
+  private static class TDelegationTokenTupleScheme extends TupleScheme<TDelegationToken> {
+
+    @Override
+    public void write(org.apache.thrift.protocol.TProtocol prot, TDelegationToken struct) throws org.apache.thrift.TException {
+      TTupleProtocol oprot = (TTupleProtocol) prot;
+      BitSet optionals = new BitSet();
+      if (struct.isSetPassword()) {
+        optionals.set(0);
+      }
+      if (struct.isSetIdentifier()) {
+        optionals.set(1);
+      }
+      oprot.writeBitSet(optionals, 2);
+      if (struct.isSetPassword()) {
+        oprot.writeBinary(struct.password);
+      }
+      if (struct.isSetIdentifier()) {
+        struct.identifier.write(oprot);
+      }
+    }
+
+    @Override
+    public void read(org.apache.thrift.protocol.TProtocol prot, TDelegationToken struct) throws org.apache.thrift.TException {
+      TTupleProtocol iprot = (TTupleProtocol) prot;
+      BitSet incoming = iprot.readBitSet(2);
+      if (incoming.get(0)) {
+        struct.password = iprot.readBinary();
+        struct.setPasswordIsSet(true);
+      }
+      if (incoming.get(1)) {
+        struct.identifier = new TAuthenticationTokenIdentifier();
+        struct.identifier.read(iprot);
+        struct.setIdentifierIsSet(true);
+      }
+    }
+  }
+
+}
+

http://git-wip-us.apache.org/repos/asf/accumulo/blob/2c983317/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationTokenConfig.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationTokenConfig.java b/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationTokenConfig.java
new file mode 100644
index 0000000..cdde83e
--- /dev/null
+++ b/core/src/main/java/org/apache/accumulo/core/security/thrift/TDelegationTokenConfig.java
@@ -0,0 +1,399 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * Autogenerated by Thrift Compiler (0.9.1)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ *  @generated
+ */
+package org.apache.accumulo.core.security.thrift;
+
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import org.apache.thrift.async.AsyncMethodCallback;
+import org.apache.thrift.server.AbstractNonblockingServer.*;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@SuppressWarnings({"unchecked", "serial", "rawtypes", "unused"}) public class TDelegationTokenConfig implements org.apache.thrift.TBase<TDelegationTokenConfig, TDelegationTokenConfig._Fields>, java.io.Serializable, Cloneable, Comparable<TDelegationTokenConfig> {
+  private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDelegationTokenConfig");
+
+  private static final org.apache.thrift.protocol.TField LIFETIME_FIELD_DESC = new org.apache.thrift.protocol.TField("lifetime", org.apache.thrift.protocol.TType.I64, (short)1);
+
+  private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+  static {
+    schemes.put(StandardScheme.class, new TDelegationTokenConfigStandardSchemeFactory());
+    schemes.put(TupleScheme.class, new TDelegationTokenConfigTupleSchemeFactory());
+  }
+
+  public long lifetime; // optional
+
+  /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+  public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+    LIFETIME((short)1, "lifetime");
+
+    private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+    static {
+      for (_Fields field : EnumSet.allOf(_Fields.class)) {
+        byName.put(field.getFieldName(), field);
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, or null if its not found.
+     */
+    public static _Fields findByThriftId(int fieldId) {
+      switch(fieldId) {
+        case 1: // LIFETIME
+          return LIFETIME;
+        default:
+          return null;
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, throwing an exception
+     * if it is not found.
+     */
+    public static _Fields findByThriftIdOrThrow(int fieldId) {
+      _Fields fields = findByThriftId(fieldId);
+      if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+      return fields;
+    }
+
+    /**
+     * Find the _Fields constant that matches name, or null if its not found.
+     */
+    public static _Fields findByName(String name) {
+      return byName.get(name);
+    }
+
+    private final short _thriftId;
+    private final String _fieldName;
+
+    _Fields(short thriftId, String fieldName) {
+      _thriftId = thriftId;
+      _fieldName = fieldName;
+    }
+
+    public short getThriftFieldId() {
+      return _thriftId;
+    }
+
+    public String getFieldName() {
+      return _fieldName;
+    }
+  }
+
+  // isset id assignments
+  private static final int __LIFETIME_ISSET_ID = 0;
+  private byte __isset_bitfield = 0;
+  private _Fields optionals[] = {_Fields.LIFETIME};
+  public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+  static {
+    Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+    tmpMap.put(_Fields.LIFETIME, new org.apache.thrift.meta_data.FieldMetaData("lifetime", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
+    metaDataMap = Collections.unmodifiableMap(tmpMap);
+    org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDelegationTokenConfig.class, metaDataMap);
+  }
+
+  public TDelegationTokenConfig() {
+  }
+
+  /**
+   * Performs a deep copy on <i>other</i>.
+   */
+  public TDelegationTokenConfig(TDelegationTokenConfig other) {
+    __isset_bitfield = other.__isset_bitfield;
+    this.lifetime = other.lifetime;
+  }
+
+  public TDelegationTokenConfig deepCopy() {
+    return new TDelegationTokenConfig(this);
+  }
+
+  @Override
+  public void clear() {
+    setLifetimeIsSet(false);
+    this.lifetime = 0;
+  }
+
+  public long getLifetime() {
+    return this.lifetime;
+  }
+
+  public TDelegationTokenConfig setLifetime(long lifetime) {
+    this.lifetime = lifetime;
+    setLifetimeIsSet(true);
+    return this;
+  }
+
+  public void unsetLifetime() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __LIFETIME_ISSET_ID);
+  }
+
+  /** Returns true if field lifetime is set (has been assigned a value) and false otherwise */
+  public boolean isSetLifetime() {
+    return EncodingUtils.testBit(__isset_bitfield, __LIFETIME_ISSET_ID);
+  }
+
+  public void setLifetimeIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __LIFETIME_ISSET_ID, value);
+  }
+
+  public void setFieldValue(_Fields field, Object value) {
+    switch (field) {
+    case LIFETIME:
+      if (value == null) {
+        unsetLifetime();
+      } else {
+        setLifetime((Long)value);
+      }
+      break;
+
+    }
+  }
+
+  public Object getFieldValue(_Fields field) {
+    switch (field) {
+    case LIFETIME:
+      return Long.valueOf(getLifetime());
+
+    }
+    throw new IllegalStateException();
+  }
+
+  /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+  public boolean isSet(_Fields field) {
+    if (field == null) {
+      throw new IllegalArgumentException();
+    }
+
+    switch (field) {
+    case LIFETIME:
+      return isSetLifetime();
+    }
+    throw new IllegalStateException();
+  }
+
+  @Override
+  public boolean equals(Object that) {
+    if (that == null)
+      return false;
+    if (that instanceof TDelegationTokenConfig)
+      return this.equals((TDelegationTokenConfig)that);
+    return false;
+  }
+
+  public boolean equals(TDelegationTokenConfig that) {
+    if (that == null)
+      return false;
+
+    boolean this_present_lifetime = true && this.isSetLifetime();
+    boolean that_present_lifetime = true && that.isSetLifetime();
+    if (this_present_lifetime || that_present_lifetime) {
+      if (!(this_present_lifetime && that_present_lifetime))
+        return false;
+      if (this.lifetime != that.lifetime)
+        return false;
+    }
+
+    return true;
+  }
+
+  @Override
+  public int hashCode() {
+    return 0;
+  }
+
+  @Override
+  public int compareTo(TDelegationTokenConfig other) {
+    if (!getClass().equals(other.getClass())) {
+      return getClass().getName().compareTo(other.getClass().getName());
+    }
+
+    int lastComparison = 0;
+
+    lastComparison = Boolean.valueOf(isSetLifetime()).compareTo(other.isSetLifetime());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetLifetime()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.lifetime, other.lifetime);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    return 0;
+  }
+
+  public _Fields fieldForId(int fieldId) {
+    return _Fields.findByThriftId(fieldId);
+  }
+
+  public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+    schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+  }
+
+  public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+    schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder sb = new StringBuilder("TDelegationTokenConfig(");
+    boolean first = true;
+
+    if (isSetLifetime()) {
+      sb.append("lifetime:");
+      sb.append(this.lifetime);
+      first = false;
+    }
+    sb.append(")");
+    return sb.toString();
+  }
+
+  public void validate() throws org.apache.thrift.TException {
+    // check for required fields
+    // check for sub-struct validity
+  }
+
+  private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+    try {
+      write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+    try {
+      // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+      __isset_bitfield = 0;
+      read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private static class TDelegationTokenConfigStandardSchemeFactory implements SchemeFactory {
+    public TDelegationTokenConfigStandardScheme getScheme() {
+      return new TDelegationTokenConfigStandardScheme();
+    }
+  }
+
+  private static class TDelegationTokenConfigStandardScheme extends StandardScheme<TDelegationTokenConfig> {
+
+    public void read(org.apache.thrift.protocol.TProtocol iprot, TDelegationTokenConfig struct) throws org.apache.thrift.TException {
+      org.apache.thrift.protocol.TField schemeField;
+      iprot.readStructBegin();
+      while (true)
+      {
+        schemeField = iprot.readFieldBegin();
+        if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { 
+          break;
+        }
+        switch (schemeField.id) {
+          case 1: // LIFETIME
+            if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
+              struct.lifetime = iprot.readI64();
+              struct.setLifetimeIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          default:
+            org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+        }
+        iprot.readFieldEnd();
+      }
+      iprot.readStructEnd();
+
+      // check for required fields of primitive type, which can't be checked in the validate method
+      struct.validate();
+    }
+
+    public void write(org.apache.thrift.protocol.TProtocol oprot, TDelegationTokenConfig struct) throws org.apache.thrift.TException {
+      struct.validate();
+
+      oprot.writeStructBegin(STRUCT_DESC);
+      if (struct.isSetLifetime()) {
+        oprot.writeFieldBegin(LIFETIME_FIELD_DESC);
+        oprot.writeI64(struct.lifetime);
+        oprot.writeFieldEnd();
+      }
+      oprot.writeFieldStop();
+      oprot.writeStructEnd();
+    }
+
+  }
+
+  private static class TDelegationTokenConfigTupleSchemeFactory implements SchemeFactory {
+    public TDelegationTokenConfigTupleScheme getScheme() {
+      return new TDelegationTokenConfigTupleScheme();
+    }
+  }
+
+  private static class TDelegationTokenConfigTupleScheme extends TupleScheme<TDelegationTokenConfig> {
+
+    @Override
+    public void write(org.apache.thrift.protocol.TProtocol prot, TDelegationTokenConfig struct) throws org.apache.thrift.TException {
+      TTupleProtocol oprot = (TTupleProtocol) prot;
+      BitSet optionals = new BitSet();
+      if (struct.isSetLifetime()) {
+        optionals.set(0);
+      }
+      oprot.writeBitSet(optionals, 1);
+      if (struct.isSetLifetime()) {
+        oprot.writeI64(struct.lifetime);
+      }
+    }
+
+    @Override
+    public void read(org.apache.thrift.protocol.TProtocol prot, TDelegationTokenConfig struct) throws org.apache.thrift.TException {
+      TTupleProtocol iprot = (TTupleProtocol) prot;
+      BitSet incoming = iprot.readBitSet(1);
+      if (incoming.get(0)) {
+        struct.lifetime = iprot.readI64();
+        struct.setLifetimeIsSet(true);
+      }
+    }
+  }
+
+}
+


Mime
View raw message