accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From els...@apache.org
Subject accumulo git commit: ACCUMULO-3639 Use original principal in exceptions.
Date Thu, 05 Mar 2015 00:10:12 GMT
Repository: accumulo
Updated Branches:
  refs/heads/master 87208e5de -> 6c6e4f4e7


ACCUMULO-3639 Use original principal in exceptions.

Added IT to ensure exception contains principal.


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/6c6e4f4e
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/6c6e4f4e
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/6c6e4f4e

Branch: refs/heads/master
Commit: 6c6e4f4e7cbf1fbec57e648b5f04eb2ab6b7cb45
Parents: 87208e5
Author: Josh Elser <elserj@apache.org>
Authored: Wed Mar 4 15:53:44 2015 -0800
Committer: Josh Elser <elserj@apache.org>
Committed: Wed Mar 4 15:53:44 2015 -0800

----------------------------------------------------------------------
 .../security/handler/KerberosAuthenticator.java |  4 +-
 .../java/org/apache/accumulo/test/UsersIT.java  | 60 ++++++++++++++++++++
 2 files changed, 61 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/6c6e4f4e/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosAuthenticator.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosAuthenticator.java
b/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosAuthenticator.java
index 369fa89..fd7d055 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosAuthenticator.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/security/handler/KerberosAuthenticator.java
@@ -154,10 +154,8 @@ public class KerberosAuthenticator implements Authenticator {
       throw new UnsupportedOperationException("Expected a KerberosToken but got a " + token.getClass().getSimpleName());
     }
 
-    principal = Base64.encodeBase64String(principal.getBytes(UTF_8));
-
     try {
-      createUserNodeInZk(principal);
+      createUserNodeInZk(Base64.encodeBase64String(principal.getBytes(UTF_8)));
     } catch (KeeperException e) {
       if (e.code().equals(KeeperException.Code.NODEEXISTS)) {
         log.error("User already exists in ZooKeeper", e);

http://git-wip-us.apache.org/repos/asf/accumulo/blob/6c6e4f4e/test/src/test/java/org/apache/accumulo/test/UsersIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/UsersIT.java b/test/src/test/java/org/apache/accumulo/test/UsersIT.java
new file mode 100644
index 0000000..579daee
--- /dev/null
+++ b/test/src/test/java/org/apache/accumulo/test/UsersIT.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.accumulo.test;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import java.util.Set;
+
+import org.apache.accumulo.cluster.ClusterUser;
+import org.apache.accumulo.core.client.AccumuloSecurityException;
+import org.apache.accumulo.core.client.ClientConfiguration.ClientProperty;
+import org.apache.accumulo.core.client.Connector;
+import org.apache.accumulo.core.client.security.SecurityErrorCode;
+import org.apache.accumulo.core.client.security.tokens.PasswordToken;
+import org.apache.accumulo.harness.AccumuloClusterIT;
+import org.junit.Test;
+
+public class UsersIT extends AccumuloClusterIT {
+
+  @Test
+  public void testCreateExistingUser() throws Exception {
+    ClusterUser user0 = getUser(0);
+    Connector conn = getConnector();
+    Set<String> currentUsers = conn.securityOperations().listLocalUsers();
+
+    // Ensure that the user exists
+    if (!currentUsers.contains(user0.getPrincipal())) {
+      PasswordToken token = null;
+      if (!getCluster().getClientConfig().getBoolean(ClientProperty.INSTANCE_RPC_SASL_ENABLED.getKey(),
false)) {
+        token = new PasswordToken(user0.getPassword());
+      }
+      conn.securityOperations().createLocalUser(user0.getPrincipal(), token);
+    }
+
+    try {
+      conn.securityOperations().createLocalUser(user0.getPrincipal(), new PasswordToken("better_fail"));
+      fail("Creating a user that already exists should throw an exception");
+    } catch (AccumuloSecurityException e) {
+      assertTrue("Expected USER_EXISTS error", SecurityErrorCode.USER_EXISTS == e.getSecurityErrorCode());
+      String msg = e.getMessage();
+      assertTrue("Error message didn't contain principal: '" + msg + "'", msg.contains(user0.getPrincipal()));
+    }
+  }
+
+}


Mime
View raw message