accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From els...@apache.org
Subject accumulo git commit: ACCUMULO-3636 Ensure KerberosToken is created when SASL is enabled.
Date Tue, 03 Mar 2015 18:27:52 GMT
Repository: accumulo
Updated Branches:
  refs/heads/master a52b23827 -> 548796163


ACCUMULO-3636 Ensure KerberosToken is created when SASL is enabled.

Typically, no token properties are needed for kerberos, so we need
to ensure that we don't try to use a password in that case.


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/54879616
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/54879616
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/54879616

Branch: refs/heads/master
Commit: 548796163149a917e4d8d7beb69f9d5e41360ee9
Parents: a52b238
Author: Josh Elser <elserj@apache.org>
Authored: Tue Mar 3 09:56:00 2015 -0800
Committer: Josh Elser <elserj@apache.org>
Committed: Tue Mar 3 09:56:00 2015 -0800

----------------------------------------------------------------------
 .../accumulo/monitor/servlets/trace/Basic.java  | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/54879616/server/monitor/src/main/java/org/apache/accumulo/monitor/servlets/trace/Basic.java
----------------------------------------------------------------------
diff --git a/server/monitor/src/main/java/org/apache/accumulo/monitor/servlets/trace/Basic.java
b/server/monitor/src/main/java/org/apache/accumulo/monitor/servlets/trace/Basic.java
index 1a098c2..19cd2c6 100644
--- a/server/monitor/src/main/java/org/apache/accumulo/monitor/servlets/trace/Basic.java
+++ b/server/monitor/src/main/java/org/apache/accumulo/monitor/servlets/trace/Basic.java
@@ -18,6 +18,7 @@ package org.apache.accumulo.monitor.servlets.trace;
 
 import static java.nio.charset.StandardCharsets.UTF_8;
 
+import java.io.IOException;
 import java.util.Date;
 import java.util.Map;
 import java.util.Map.Entry;
@@ -31,6 +32,7 @@ import org.apache.accumulo.core.client.Scanner;
 import org.apache.accumulo.core.client.TableNotFoundException;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties;
+import org.apache.accumulo.core.client.security.tokens.KerberosToken;
 import org.apache.accumulo.core.client.security.tokens.PasswordToken;
 import org.apache.accumulo.core.conf.AccumuloConfiguration;
 import org.apache.accumulo.core.conf.Property;
@@ -71,12 +73,22 @@ abstract class Basic extends BasicServlet {
 
   protected Scanner getScanner(StringBuilder sb) throws AccumuloException, AccumuloSecurityException
{
     AccumuloConfiguration conf = Monitor.getContext().getConfiguration();
+    final boolean saslEnabled = conf.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED);
     String principal = conf.get(Property.TRACE_USER);
     AuthenticationToken at;
     Map<String,String> loginMap = conf.getAllPropertiesWithPrefix(Property.TRACE_TOKEN_PROPERTY_PREFIX);
     if (loginMap.isEmpty()) {
-      Property p = Property.TRACE_PASSWORD;
-      at = new PasswordToken(conf.get(p).getBytes(UTF_8));
+      if (saslEnabled) {
+        try {
+          at = new KerberosToken();
+        } catch (IOException e) {
+          throw new AccumuloException("Failed to create KerberosToken", e);
+        }
+        principal = SecurityUtil.getServerPrincipal(principal);
+      } else {
+        Property p = Property.TRACE_PASSWORD;
+        at = new PasswordToken(conf.get(p).getBytes(UTF_8));
+      }
     } else {
       Properties props = new Properties();
       int prefixLength = Property.TRACE_TOKEN_PROPERTY_PREFIX.getKey().length();
@@ -89,10 +101,6 @@ abstract class Basic extends BasicServlet {
       at = token;
     }
 
-    if (conf.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)) {
-      principal = SecurityUtil.getServerPrincipal(principal);
-    }
-
     String table = conf.get(Property.TRACE_TABLE);
     try {
       Connector conn = HdfsZooInstance.getInstance().getConnector(principal, at);


Mime
View raw message