accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] mikewalch closed pull request #508: Refactored Accumulo client authentication properties
Date Wed, 06 Jun 2018 18:12:29 GMT
mikewalch closed pull request #508: Refactored Accumulo client authentication properties
URL: https://github.com/apache/accumulo/pull/508
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/INSTALL.md b/INSTALL.md
index f96f526e9d..a310142ea2 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -71,7 +71,7 @@ The `accumulo-env.sh` file sets up environment variables needed by Accumulo:
 
 2. Accumulo tablet servers are configured by default to use 1GB of memory (768MB is allocated to
    JVM and 256MB is allocated for native maps). Native maps are allocated memory equal to 33% of
-   the tserver JVM heap. The table below can be used if you would like to change tsever memory
+   the tserver JVM heap. The table below can be used if you would like to change tserver memory
    usage in the `JAVA_OPTS` section of `accumulo-env.sh`:
 
     | Native? | 512MB             | 1GB               | 2GB                 | 3GB           |
@@ -88,10 +88,10 @@ clients to simplify connecting to Accumulo. Below are steps to configure it.
 1. Set `instance.name` and `instance.zookeepers` to the Accumulo instance and zookeeper connection
    string of your instance.
 
-2. Pick an authentication method and set `auth.method` accordingly.  The most common `auth.method`
-   is `password` which typically requires `auth.username` and `auth.password` to be set. For the
-   Accumulo shell, `auth.password` can be commented out and the shell will prompt you for the
-   password of `auth.username` at login.
+2. Pick an authentication type and set `auth.type` accordingly.  The most common `auth.type`
+   is `password` which requires `auth.principal` to be set and `auth.token` to be set the password
+   of `auth.principal`. For the Accumulo shell, `auth.token` can be commented out and the shell will
+   prompt you for the password of `auth.principal` at login.
 
 ## Initialization
 
diff --git a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java
index c38566b520..a5a10b3658 100644
--- a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java
+++ b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java
@@ -130,6 +130,32 @@ public static void setConnectionInfo(JobConf job, ConnectionInfo info) {
     InputConfigurator.setConnectionInfo(CLASS, job, inputInfo);
   }
 
+  /**
+   * Set Accumulo client properties used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientProps
+   *          Accumulo client properties
+   * @since 2.0.0
+   */
+  public static void setClientProperties(JobConf job, Properties clientProps) {
+    InputConfigurator.setClientProperties(CLASS, job, clientProps);
+  }
+
+  /**
+   * Set Accumulo client properties file used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientPropsFile
+   *          URL to Accumulo client properties file
+   * @since 2.0.0
+   */
+  public static void setClientPropertiesFile(JobConf job, String clientPropsFile) {
+    InputConfigurator.setClientPropertiesFile(CLASS, job, clientPropsFile);
+  }
+
   /**
    * Retrieves {@link ConnectionInfo} from the configuration
    *
diff --git a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
index fad8a4f881..cc0e0db498 100644
--- a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
+++ b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
@@ -20,6 +20,7 @@
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map.Entry;
+import java.util.Properties;
 import java.util.Set;
 
 import org.apache.accumulo.core.client.AccumuloException;
@@ -92,6 +93,32 @@ public static void setConnectionInfo(JobConf job, ConnectionInfo info) {
     OutputConfigurator.setConnectionInfo(CLASS, job, outInfo);
   }
 
+  /**
+   * Set Accumulo client properties used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientProps
+   *          Accumulo client properties
+   * @since 2.0.0
+   */
+  public static void setClientProperties(JobConf job, Properties clientProps) {
+    OutputConfigurator.setClientProperties(CLASS, job, clientProps);
+  }
+
+  /**
+   * Set Accumulo client properties file used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientPropsFile
+   *          URL (hdfs:// or http://) to Accumulo client properties file
+   * @since 2.0.0
+   */
+  public static void setClientPropertiesFile(JobConf job, String clientPropsFile) {
+    OutputConfigurator.setClientPropertiesFile(CLASS, job, clientPropsFile);
+  }
+
   /**
    * Sets the connector information needed to communicate with Accumulo in this job.
    *
diff --git a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java
index d0deaeca14..1ac418cc46 100644
--- a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java
+++ b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java
@@ -132,6 +132,32 @@ public static void setConnectionInfo(Job job, ConnectionInfo info) {
     InputConfigurator.setConnectionInfo(CLASS, job.getConfiguration(), inputInfo);
   }
 
+  /**
+   * Set Accumulo client properties used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientProps
+   *          Accumulo client properties
+   * @since 2.0.0
+   */
+  public static void setClientProperties(Job job, Properties clientProps) {
+    InputConfigurator.setClientProperties(CLASS, job.getConfiguration(), clientProps);
+  }
+
+  /**
+   * Set Accumulo client properties file used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientPropsFile
+   *          URL (hdfs:// or http://) to Accumulo client properties file
+   * @since 2.0.0
+   */
+  public static void setClientPropertiesFile(Job job, String clientPropsFile) {
+    InputConfigurator.setClientPropertiesFile(CLASS, job.getConfiguration(), clientPropsFile);
+  }
+
   /**
    * Gets the {@link ConnectionInfo} from the configuration
    *
diff --git a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
index 9cf78b0d16..8a493824f3 100644
--- a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
+++ b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
@@ -20,6 +20,7 @@
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map.Entry;
+import java.util.Properties;
 import java.util.Set;
 
 import org.apache.accumulo.core.client.AccumuloException;
@@ -92,6 +93,32 @@ public static void setConnectionInfo(Job job, ConnectionInfo info) {
     OutputConfigurator.setConnectionInfo(CLASS, job.getConfiguration(), info);
   }
 
+  /**
+   * Set Accumulo client properties used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientProps
+   *          Accumulo client properties
+   * @since 2.0.0
+   */
+  public static void setClientProperties(Job job, Properties clientProps) {
+    OutputConfigurator.setClientProperties(CLASS, job.getConfiguration(), clientProps);
+  }
+
+  /**
+   * Set Accumulo client properties file used to connect to Accumulo
+   *
+   * @param job
+   *          Hadoop job to be configured
+   * @param clientPropsFile
+   *          URL to Accumulo client properties file
+   * @since 2.0.0
+   */
+  public static void setClientPropertiesFile(Job job, String clientPropsFile) {
+    OutputConfigurator.setClientPropertiesFile(CLASS, job.getConfiguration(), clientPropsFile);
+  }
+
   /**
    * Sets the connector information needed to communicate with Accumulo in this job.
    *
diff --git a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBase.java b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBase.java
index bb1d32cea6..d2abc562f8 100644
--- a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBase.java
+++ b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBase.java
@@ -26,8 +26,8 @@
 import java.io.StringWriter;
 import java.net.URI;
 import java.net.URISyntaxException;
-import java.util.Base64;
 import java.util.Properties;
+import java.util.Scanner;
 
 import org.apache.accumulo.core.Constants;
 import org.apache.accumulo.core.client.AccumuloException;
@@ -40,11 +40,9 @@
 import org.apache.accumulo.core.client.impl.AuthenticationTokenIdentifier;
 import org.apache.accumulo.core.client.impl.ClientConfConverter;
 import org.apache.accumulo.core.client.impl.ConnectionInfoImpl;
-import org.apache.accumulo.core.client.impl.Credentials;
 import org.apache.accumulo.core.client.impl.DelegationTokenImpl;
 import org.apache.accumulo.core.client.mapreduce.impl.DelegationTokenStub;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
 import org.apache.accumulo.core.client.security.tokens.KerberosToken;
 import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.hadoop.conf.Configuration;
@@ -73,34 +71,11 @@
    * @since 1.6.0
    */
   public enum ConnectorInfo {
-    IS_CONFIGURED, PRINCIPAL, TOKEN,
+    IS_CONFIGURED
   }
 
-  public enum ConnectionInfoOpts {
-    CLIENT_PROPS
-  }
-
-  public enum TokenSource {
-    FILE, INLINE, JOB;
-
-    private String prefix;
-
-    TokenSource() {
-      prefix = name().toLowerCase() + ":";
-    }
-
-    public String prefix() {
-      return prefix;
-    }
-  }
-
-  /**
-   * Configuration keys for available {@link Instance} types.
-   *
-   * @since 1.6.0
-   */
-  public enum InstanceOpts {
-    TYPE, NAME, ZOO_KEEPERS, CLIENT_CONFIG;
+  public enum ClientOpts {
+    CLIENT_PROPS, CLIENT_PROPS_FILE
   }
 
   /**
@@ -148,7 +123,8 @@ public static ConnectionInfo updateToken(org.apache.hadoop.security.Credentials
         Connector conn = Connector.builder().usingConnectionInfo(info).build();
         AuthenticationToken token = conn.securityOperations()
             .getDelegationToken(new DelegationTokenConfig());
-        result = new ConnectionInfoImpl(info.getProperties(), token);
+        result = Connector.builder().usingConnectionInfo(info)
+            .usingToken(info.getPrincipal(), token).info();
       } catch (Exception e) {
         log.warn("Failed to automatically obtain DelegationToken, "
             + "Mappers/Reducers will likely fail to communicate with Accumulo", e);
@@ -172,27 +148,66 @@ public static ConnectionInfo updateToken(org.apache.hadoop.security.Credentials
 
   public static void setConnectionInfo(Class<?> implementingClass, Configuration conf,
       ConnectionInfo info) {
-    conf.set(enumToConfKey(implementingClass, InstanceOpts.TYPE), "ConnectionInfo");
-    Properties props = info.getProperties();
+    setClientProperties(implementingClass, conf, info.getProperties());
+    conf.setBoolean(enumToConfKey(implementingClass, ConnectorInfo.IS_CONFIGURED), true);
+  }
+
+  public static ConnectionInfo getConnectionInfo(Class<?> implementingClass, Configuration conf) {
+    Properties props = getClientProperties(implementingClass, conf);
+    return new ConnectionInfoImpl(props);
+  }
+
+  public static void setClientPropertiesFile(Class<?> implementingClass, Configuration conf,
+      String clientPropertiesFile) {
+    try {
+      DistributedCacheHelper.addCacheFile(new URI(clientPropertiesFile), conf);
+    } catch (URISyntaxException e) {
+      throw new IllegalStateException("Unable to add client properties file \""
+          + clientPropertiesFile + "\" to distributed cache.");
+    }
+    conf.set(enumToConfKey(implementingClass, ClientOpts.CLIENT_PROPS_FILE), clientPropertiesFile);
+    conf.setBoolean(enumToConfKey(implementingClass, ConnectorInfo.IS_CONFIGURED), true);
+  }
+
+  public static void setClientProperties(Class<?> implementingClass, Configuration conf,
+      Properties props) {
     StringWriter writer = new StringWriter();
     try {
       props.store(writer, "client properties");
     } catch (IOException e) {
       throw new IllegalStateException(e);
     }
-    conf.set(enumToConfKey(implementingClass, ConnectionInfoOpts.CLIENT_PROPS), writer.toString());
-    setConnectorInfo(implementingClass, conf, info.getPrincipal(), info.getAuthenticationToken());
+    conf.set(enumToConfKey(implementingClass, ClientOpts.CLIENT_PROPS), writer.toString());
   }
 
-  @SuppressWarnings("deprecation")
-  public static ConnectionInfo getConnectionInfo(Class<?> implementingClass, Configuration conf) {
-    AuthenticationToken token = getAuthenticationToken(implementingClass, conf);
-    String propString = conf.get(enumToConfKey(implementingClass, ConnectionInfoOpts.CLIENT_PROPS),
-        "");
-    String confString = conf.get(enumToConfKey(implementingClass, InstanceOpts.CLIENT_CONFIG), "");
-    if (!propString.isEmpty() && !confString.isEmpty()) {
-      throw new IllegalStateException("Client connection information was set using both "
-          + "setConnectionInfo & setZookeeperInstance");
+  public static Properties getClientProperties(Class<?> implementingClass, Configuration conf) {
+    String propString;
+    String clientPropsFile = conf
+        .get(enumToConfKey(implementingClass, ClientOpts.CLIENT_PROPS_FILE), "");
+    if (!clientPropsFile.isEmpty()) {
+      try {
+        URI[] uris = DistributedCacheHelper.getCacheFiles(conf);
+        Path path = null;
+        for (URI u : uris) {
+          if (u.toString().equals(clientPropsFile)) {
+            path = new Path(u);
+          }
+        }
+        FileSystem fs = FileSystem.get(conf);
+        FSDataInputStream inputStream = fs.open(path);
+        StringBuilder sb = new StringBuilder();
+        try (Scanner scanner = new Scanner(inputStream)) {
+          while (scanner.hasNextLine()) {
+            sb.append(scanner.nextLine() + "\n");
+          }
+        }
+        propString = sb.toString();
+      } catch (IOException e) {
+        throw new IllegalStateException(
+            "Failed to read client properties from distributed cache: " + clientPropsFile);
+      }
+    } else {
+      propString = conf.get(enumToConfKey(implementingClass, ClientOpts.CLIENT_PROPS), "");
     }
     Properties props = new Properties();
     if (!propString.isEmpty()) {
@@ -201,15 +216,8 @@ public static ConnectionInfo getConnectionInfo(Class<?> implementingClass, Confi
       } catch (IOException e) {
         throw new IllegalStateException(e);
       }
-    } else {
-      props = ClientConfConverter.toProperties(
-          org.apache.accumulo.core.client.ClientConfiguration.deserialize(confString));
-      String principal = conf.get(enumToConfKey(implementingClass, ConnectorInfo.PRINCIPAL), "");
-      if (!principal.isEmpty()) {
-        props.setProperty(ClientProperty.AUTH_USERNAME.getKey(), principal);
-      }
     }
-    return new ConnectionInfoImpl(props, token);
+    return props;
   }
 
   /**
@@ -232,25 +240,13 @@ public static ConnectionInfo getConnectionInfo(Class<?> implementingClass, Confi
    */
   public static void setConnectorInfo(Class<?> implementingClass, Configuration conf,
       String principal, AuthenticationToken token) {
-    if (isConnectorInfoSet(implementingClass, conf))
-      throw new IllegalStateException("Connector info for " + implementingClass.getSimpleName()
-          + " can only be set once per job");
-
     checkArgument(principal != null, "principal is null");
     checkArgument(token != null, "token is null");
+    Properties props = getClientProperties(implementingClass, conf);
+    props.setProperty(ClientProperty.AUTH_PRINCIPAL.getKey(), principal);
+    ClientProperty.setAuthenticationToken(props, token);
+    setClientProperties(implementingClass, conf, props);
     conf.setBoolean(enumToConfKey(implementingClass, ConnectorInfo.IS_CONFIGURED), true);
-    conf.set(enumToConfKey(implementingClass, ConnectorInfo.PRINCIPAL), principal);
-    if (token instanceof DelegationTokenImpl) {
-      // Avoid serializing the DelegationToken secret in the configuration -- the Job will do that
-      // work for us securely
-      DelegationTokenImpl delToken = (DelegationTokenImpl) token;
-      conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN),
-          TokenSource.JOB.prefix() + token.getClass().getName() + ":" + delToken.getServiceName());
-    } else {
-      conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN),
-          TokenSource.INLINE.prefix() + token.getClass().getName() + ":"
-              + Base64.getEncoder().encodeToString(AuthenticationTokenSerializer.serialize(token)));
-    }
   }
 
   /**
@@ -276,21 +272,8 @@ public static void setConnectorInfo(Class<?> implementingClass, Configuration co
     if (isConnectorInfoSet(implementingClass, conf))
       throw new IllegalStateException("Connector info for " + implementingClass.getSimpleName()
           + " can only be set once per job");
-
-    checkArgument(principal != null, "principal is null");
     checkArgument(tokenFile != null, "tokenFile is null");
-
-    try {
-      DistributedCacheHelper.addCacheFile(new URI(tokenFile), conf);
-    } catch (URISyntaxException e) {
-      throw new IllegalStateException(
-          "Unable to add tokenFile \"" + tokenFile + "\" to distributed cache.");
-    }
-
-    conf.setBoolean(enumToConfKey(implementingClass, ConnectorInfo.IS_CONFIGURED), true);
-    conf.set(enumToConfKey(implementingClass, ConnectorInfo.PRINCIPAL), principal);
-    conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN),
-        TokenSource.FILE.prefix() + tokenFile);
+    setClientPropertiesFile(implementingClass, conf, tokenFile);
   }
 
   /**
@@ -320,7 +303,8 @@ public static Boolean isConnectorInfoSet(Class<?> implementingClass, Configurati
    * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken)
    */
   public static String getPrincipal(Class<?> implementingClass, Configuration conf) {
-    return conf.get(enumToConfKey(implementingClass, ConnectorInfo.PRINCIPAL));
+    Properties props = getClientProperties(implementingClass, conf);
+    return props.getProperty(ClientProperty.AUTH_PRINCIPAL.getKey());
   }
 
   /**
@@ -338,71 +322,8 @@ public static String getPrincipal(Class<?> implementingClass, Configuration conf
    */
   public static AuthenticationToken getAuthenticationToken(Class<?> implementingClass,
       Configuration conf) {
-    String token = conf.get(enumToConfKey(implementingClass, ConnectorInfo.TOKEN));
-    if (token == null || token.isEmpty())
-      return null;
-    if (token.startsWith(TokenSource.INLINE.prefix())) {
-      String[] args = token.substring(TokenSource.INLINE.prefix().length()).split(":", 2);
-      if (args.length == 2)
-        return AuthenticationTokenSerializer.deserialize(args[0],
-            Base64.getDecoder().decode(args[1]));
-    } else if (token.startsWith(TokenSource.FILE.prefix())) {
-      String tokenFileName = token.substring(TokenSource.FILE.prefix().length());
-      return getTokenFromFile(conf, getPrincipal(implementingClass, conf), tokenFileName);
-    } else if (token.startsWith(TokenSource.JOB.prefix())) {
-      String[] args = token.substring(TokenSource.JOB.prefix().length()).split(":", 2);
-      if (args.length == 2) {
-        String className = args[0], serviceName = args[1];
-        if (DelegationTokenImpl.class.getName().equals(className)) {
-          return new DelegationTokenStub(serviceName);
-        }
-      }
-    }
-
-    throw new IllegalStateException("Token was not properly serialized into the configuration");
-  }
-
-  /**
-   * Reads from the token file in distributed cache. Currently, the token file stores data separated
-   * by colons e.g. principal:token_class:token
-   *
-   * @param conf
-   *          the Hadoop context for the configured job
-   * @return path to the token file as a String
-   * @since 1.6.0
-   * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken)
-   */
-  public static AuthenticationToken getTokenFromFile(Configuration conf, String principal,
-      String tokenFile) {
-    FSDataInputStream in = null;
-    try {
-      URI[] uris = DistributedCacheHelper.getCacheFiles(conf);
-      Path path = null;
-      for (URI u : uris) {
-        if (u.toString().equals(tokenFile)) {
-          path = new Path(u);
-        }
-      }
-      if (path == null) {
-        throw new IllegalArgumentException(
-            "Couldn't find password file called \"" + tokenFile + "\" in cache.");
-      }
-      FileSystem fs = FileSystem.get(conf);
-      in = fs.open(path);
-    } catch (IOException e) {
-      throw new IllegalArgumentException(
-          "Couldn't open password file called \"" + tokenFile + "\".");
-    }
-    try (java.util.Scanner fileScanner = new java.util.Scanner(in)) {
-      while (fileScanner.hasNextLine()) {
-        Credentials creds = Credentials.deserialize(fileScanner.nextLine());
-        if (principal.equals(creds.getPrincipal())) {
-          return creds.getToken();
-        }
-      }
-      throw new IllegalArgumentException(
-          "Couldn't find token for user \"" + principal + "\" in file \"" + tokenFile + "\"");
-    }
+    Properties props = getClientProperties(implementingClass, conf);
+    return ClientProperty.getAuthenticationToken(props);
   }
 
   /**
@@ -419,16 +340,14 @@ public static AuthenticationToken getTokenFromFile(Configuration conf, String pr
   @Deprecated
   public static void setZooKeeperInstance(Class<?> implementingClass, Configuration conf,
       org.apache.accumulo.core.client.ClientConfiguration clientConfig) {
-    String key = enumToConfKey(implementingClass, InstanceOpts.TYPE);
-    if (!conf.get(key, "").isEmpty())
-      throw new IllegalStateException(
-          "Instance info can only be set once per job; it has already been configured with "
-              + conf.get(key));
-    conf.set(key, "ZooKeeperInstance");
-    if (clientConfig != null) {
-      conf.set(enumToConfKey(implementingClass, InstanceOpts.CLIENT_CONFIG),
-          clientConfig.serialize());
+    Properties props = getClientProperties(implementingClass, conf);
+    Properties newProps = ClientConfConverter.toProperties(clientConfig);
+    for (Object keyObj : newProps.keySet()) {
+      String propKey = (String) keyObj;
+      String val = newProps.getProperty(propKey);
+      props.setProperty(propKey, val);
     }
+    setClientProperties(implementingClass, conf, props);
   }
 
   /**
diff --git a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
index 93536d499b..586da931ac 100644
--- a/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
+++ b/client/mapreduce/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/impl/InputConfigurator.java
@@ -739,9 +739,6 @@ public static Instance validateInstance(Class<?> implementingClass, Configuratio
       throws IOException {
     if (!isConnectorInfoSet(implementingClass, conf))
       throw new IOException("Input info has not been set.");
-    String instanceKey = conf.get(enumToConfKey(implementingClass, InstanceOpts.TYPE));
-    if (!"ZooKeeperInstance".equals(instanceKey))
-      throw new IOException("Instance info has not been set.");
     return getInstance(implementingClass, conf);
   }
 
@@ -763,9 +760,14 @@ public static void validatePermissions(Class<?> implementingClass, Configuration
       if (getInputTableConfigs(implementingClass, conf).size() == 0)
         throw new IOException("No table set.");
 
+      String principal = getPrincipal(implementingClass, conf);
+      if (principal == null) {
+        principal = getConnectionInfo(implementingClass, conf).getPrincipal();
+      }
+
       for (Map.Entry<String,InputTableConfig> tableConfig : inputTableConfigs.entrySet()) {
-        if (!conn.securityOperations().hasTablePermission(getPrincipal(implementingClass, conf),
-            tableConfig.getKey(), TablePermission.READ))
+        if (!conn.securityOperations().hasTablePermission(principal, tableConfig.getKey(),
+            TablePermission.READ))
           throw new IOException("Unable to access table");
       }
       for (Map.Entry<String,InputTableConfig> tableConfigEntry : inputTableConfigs.entrySet()) {
diff --git a/client/mapreduce/src/test/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBaseTest.java b/client/mapreduce/src/test/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBaseTest.java
index 974f21dfdc..5e9f502a10 100644
--- a/client/mapreduce/src/test/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBaseTest.java
+++ b/client/mapreduce/src/test/java/org/apache/accumulo/core/client/mapreduce/lib/impl/ConfiguratorBaseTest.java
@@ -21,7 +21,6 @@
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
 
-import java.util.Base64;
 import java.util.Properties;
 
 import org.apache.accumulo.core.Constants;
@@ -29,7 +28,6 @@
 import org.apache.accumulo.core.client.ConnectionInfo;
 import org.apache.accumulo.core.client.Connector;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
 import org.apache.accumulo.core.client.security.tokens.PasswordToken;
 import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.hadoop.conf.Configuration;
@@ -64,12 +62,6 @@ public void testSetConnectorInfoClassOfQConfigurationStringAuthenticationToken()
     assertNotNull(token);
     assertEquals(PasswordToken.class, token.getClass());
     assertEquals(new PasswordToken("testPassword"), token);
-    assertEquals(
-        "inline:" + PasswordToken.class.getName() + ":"
-            + Base64.getEncoder().encodeToString(
-                AuthenticationTokenSerializer.serialize(new PasswordToken("testPassword"))),
-        conf.get(
-            ConfiguratorBase.enumToConfKey(this.getClass(), ConfiguratorBase.ConnectorInfo.TOKEN)));
   }
 
   @Test
@@ -77,11 +69,12 @@ public void testSetConnectorInfoClassOfQConfigurationStringString()
       throws AccumuloSecurityException {
     Configuration conf = new Configuration();
     assertFalse(ConfiguratorBase.isConnectorInfoSet(this.getClass(), conf));
-    ConfiguratorBase.setConnectorInfo(this.getClass(), conf, "testUser", "testFile");
+    ConfiguratorBase.setConnectorInfo(this.getClass(), conf, "testUser",
+        new PasswordToken("testPass"));
     assertTrue(ConfiguratorBase.isConnectorInfoSet(this.getClass(), conf));
     assertEquals("testUser", ConfiguratorBase.getPrincipal(this.getClass(), conf));
-    assertEquals("file:testFile", conf.get(
-        ConfiguratorBase.enumToConfKey(this.getClass(), ConfiguratorBase.ConnectorInfo.TOKEN)));
+    assertEquals("testPass", new String(((PasswordToken) ConfiguratorBase
+        .getConnectionInfo(this.getClass(), conf).getAuthenticationToken()).getPassword()));
   }
 
   @Test
diff --git a/core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java b/core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java
index 7e78d51a11..f583504592 100644
--- a/core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java
+++ b/core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java
@@ -229,7 +229,7 @@ public Properties getClientProperties() {
         cachedProps.setProperty(ClientProperty.SSL_ENABLED.getKey(), "true");
       }
       if (principal != null) {
-        cachedProps.setProperty(ClientProperty.AUTH_USERNAME.getKey(), principal);
+        cachedProps.setProperty(ClientProperty.AUTH_PRINCIPAL.getKey(), principal);
       }
       if (zookeepers != null) {
         cachedProps.setProperty(ClientProperty.INSTANCE_ZOOKEEPERS.getKey(), zookeepers);
@@ -238,12 +238,11 @@ public Properties getClientProperties() {
         cachedProps.setProperty(ClientProperty.INSTANCE_NAME.getKey(), instance);
       }
       if (securePassword != null) {
-        cachedProps.setProperty(ClientProperty.AUTH_PASSWORD.getKey(), securePassword.toString());
+        ClientProperty.setPassword(cachedProps, securePassword.toString());
       } else if (password != null) {
-        cachedProps.setProperty(ClientProperty.AUTH_PASSWORD.getKey(), password.toString());
+        ClientProperty.setPassword(cachedProps, password.toString());
       } else if (keytabPath != null) {
-        cachedProps.setProperty(ClientProperty.AUTH_METHOD.getKey(), "kerberos");
-        cachedProps.setProperty(ClientProperty.AUTH_KERBEROS_KEYTAB_PATH.getKey(), keytabPath);
+        ClientProperty.setKerberosKeytab(cachedProps, keytabPath);
       }
     }
     return cachedProps;
diff --git a/core/src/main/java/org/apache/accumulo/core/client/ConnectionInfo.java b/core/src/main/java/org/apache/accumulo/core/client/ConnectionInfo.java
index b06b223f0f..5815c5077b 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/ConnectionInfo.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/ConnectionInfo.java
@@ -16,7 +16,6 @@
  */
 package org.apache.accumulo.core.client;
 
-import java.io.File;
 import java.util.Properties;
 
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
@@ -48,11 +47,6 @@
    */
   AuthenticationToken getAuthenticationToken();
 
-  /**
-   * @return Keytab File if Kerberos is used or null
-   */
-  File getKeytab();
-
   /**
    * @return True if SASL enabled
    */
diff --git a/core/src/main/java/org/apache/accumulo/core/client/Connector.java b/core/src/main/java/org/apache/accumulo/core/client/Connector.java
index 41a87c425a..b046930833 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/Connector.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/Connector.java
@@ -429,19 +429,6 @@ public abstract ConditionalWriter createConditionalWriter(String tableName,
      */
     ConnectionOptions usingKerberos(String principal, String keyTabFile);
 
-    /**
-     * Build using credentials from a CredentialProvider
-     *
-     * @param username
-     *          Accumulo user name
-     * @param name
-     *          Alias to extract Accumulo user password from CredentialProvider
-     * @param providerUrls
-     *          Comma seperated list of URLs defining CredentialProvider(s)
-     * @return this builder
-     */
-    ConnectionOptions usingProvider(String username, String name, String providerUrls);
-
     /**
      * Build using specified credentials
      *
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/ClientContext.java b/core/src/main/java/org/apache/accumulo/core/client/impl/ClientContext.java
index 2d19bf59e4..0e959afb57 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/ClientContext.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/ClientContext.java
@@ -127,7 +127,7 @@ public Instance getInstance() {
   }
 
   public ConnectionInfo getConnectionInfo() {
-    return new ConnectionInfoImpl(clientProps, creds.getToken());
+    return new ConnectionInfoImpl(clientProps);
   }
 
   /**
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectionInfoImpl.java b/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectionInfoImpl.java
index 63a7fc29a1..2df5df3da4 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectionInfoImpl.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectionInfoImpl.java
@@ -16,7 +16,6 @@
  */
 package org.apache.accumulo.core.client.impl;
 
-import java.io.File;
 import java.util.Properties;
 
 import org.apache.accumulo.core.client.ConnectionInfo;
@@ -26,11 +25,9 @@
 public class ConnectionInfoImpl implements ConnectionInfo {
 
   private Properties properties;
-  private AuthenticationToken token;
 
-  public ConnectionInfoImpl(Properties properties, AuthenticationToken token) {
+  public ConnectionInfoImpl(Properties properties) {
     this.properties = properties;
-    this.token = token;
   }
 
   @Override
@@ -45,26 +42,21 @@ public String getZooKeepers() {
 
   @Override
   public String getPrincipal() {
-    return getString(ClientProperty.AUTH_USERNAME);
+    return getString(ClientProperty.AUTH_PRINCIPAL);
   }
 
   @Override
   public Properties getProperties() {
-    return properties;
+    Properties result = new Properties();
+    properties.forEach((key, value) -> {
+      result.setProperty((String) key, (String) value);
+    });
+    return result;
   }
 
   @Override
   public AuthenticationToken getAuthenticationToken() {
-    return token;
-  }
-
-  @Override
-  public File getKeytab() {
-    String keyTab = getString(ClientProperty.AUTH_KERBEROS_KEYTAB_PATH);
-    if (keyTab == null) {
-      return null;
-    }
-    return new File(keyTab);
+    return ClientProperty.getAuthenticationToken(properties);
   }
 
   @Override
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java b/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java
index c02169e00b..38e73c8b3c 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java
@@ -18,11 +18,9 @@
 
 import static com.google.common.base.Preconditions.checkArgument;
 
-import java.io.File;
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.util.Objects;
 import java.util.Properties;
 import java.util.concurrent.TimeUnit;
 
@@ -48,9 +46,6 @@
 import org.apache.accumulo.core.client.admin.TableOperations;
 import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.CredentialProviderToken;
-import org.apache.accumulo.core.client.security.tokens.KerberosToken;
-import org.apache.accumulo.core.client.security.tokens.PasswordToken;
 import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.accumulo.core.master.state.tables.TableState;
 import org.apache.accumulo.core.security.Authorizations;
@@ -249,16 +244,15 @@ public ConnectionInfo info() {
       ConnectionOptions, SslOptions, SaslOptions, ConnectorFactory, FromOptions {
 
     private Properties properties = new Properties();
-    private AuthenticationToken token = null;
 
     @Override
     public Connector build() throws AccumuloException, AccumuloSecurityException {
-      return ConnectionInfoFactory.getConnector(new ConnectionInfoImpl(properties, token));
+      return ConnectionInfoFactory.getConnector(new ConnectionInfoImpl(properties));
     }
 
     @Override
     public ConnectionInfo info() {
-      return new ConnectionInfoImpl(properties, token);
+      return new ConnectionInfoImpl(properties);
     }
 
     @Override
@@ -360,101 +354,33 @@ public ConnectorFactory usingProperties(String configFile) {
     @Override
     public ConnectorFactory usingProperties(Properties properties) {
       this.properties = properties;
-      String authMethod = ClientProperty.AUTH_METHOD.getValue(properties).toLowerCase();
-      switch (authMethod) {
-        case "password":
-          String password = ClientProperty.AUTH_PASSWORD.getValue(properties);
-          Objects.nonNull(password);
-          this.token = new PasswordToken(password);
-          this.properties.remove(ClientProperty.AUTH_PASSWORD);
-          break;
-        case "kerberos":
-          String principal = ClientProperty.AUTH_USERNAME.getValue(properties);
-          String keytabPath = ClientProperty.AUTH_KERBEROS_KEYTAB_PATH.getValue(properties);
-          Objects.nonNull(principal);
-          Objects.nonNull(keytabPath);
-          try {
-            this.token = new KerberosToken(principal, new File(keytabPath));
-          } catch (IOException e) {
-            throw new IllegalArgumentException(e);
-          }
-          break;
-        case "provider":
-          String name = ClientProperty.AUTH_PROVIDER_NAME.getValue(properties);
-          String providerUrls = ClientProperty.AUTH_PROVIDER_URLS.getValue(properties);
-          try {
-            this.token = new CredentialProviderToken(name, providerUrls);
-          } catch (IOException e) {
-            throw new IllegalArgumentException(e);
-          }
-          break;
-        default:
-          throw new IllegalArgumentException(
-              "An authentication method (password, kerberos, etc) must be set");
-      }
       return this;
     }
 
     @Override
-    public ConnectionOptions usingPassword(String username, CharSequence password) {
-      setProperty(ClientProperty.AUTH_METHOD, "password");
-      setProperty(ClientProperty.AUTH_USERNAME, username);
-      this.token = new PasswordToken(password);
+    public ConnectionOptions usingPassword(String principal, CharSequence password) {
+      setProperty(ClientProperty.AUTH_PRINCIPAL, principal);
+      ClientProperty.setPassword(properties, password.toString());
       return this;
     }
 
     @Override
     public ConnectionOptions usingKerberos(String principal, String keyTabFile) {
-      setProperty(ClientProperty.AUTH_METHOD, "kerberos");
-      setProperty(ClientProperty.AUTH_USERNAME, principal);
-      setProperty(ClientProperty.AUTH_KERBEROS_KEYTAB_PATH, keyTabFile);
-      try {
-        this.token = new KerberosToken(principal, new File(keyTabFile));
-      } catch (IOException e) {
-        throw new IllegalArgumentException(e);
-      }
-      return this;
-    }
-
-    @Override
-    public ConnectionOptions usingProvider(String username, String name, String providerUrls) {
-      setProperty(ClientProperty.AUTH_METHOD, "provider");
-      setProperty(ClientProperty.AUTH_USERNAME, username);
-      setProperty(ClientProperty.AUTH_PROVIDER_NAME, name);
-      setProperty(ClientProperty.AUTH_PROVIDER_URLS, providerUrls);
-      try {
-        this.token = new CredentialProviderToken(name, providerUrls);
-      } catch (IOException e) {
-        throw new IllegalArgumentException(e);
-      }
+      setProperty(ClientProperty.AUTH_PRINCIPAL, principal);
+      ClientProperty.setKerberosKeytab(properties, keyTabFile);
       return this;
     }
 
     @Override
     public ConnectionOptions usingToken(String principal, AuthenticationToken token) {
-      this.token = token;
-      setProperty(ClientProperty.AUTH_USERNAME, principal);
-      if (token instanceof CredentialProviderToken) {
-        setProperty(ClientProperty.AUTH_METHOD, "provider");
-        CredentialProviderToken cpt = (CredentialProviderToken) token;
-        setProperty(ClientProperty.AUTH_PROVIDER_NAME, cpt.getName());
-        setProperty(ClientProperty.AUTH_PROVIDER_URLS, cpt.getCredentialProviders());
-      } else if (token instanceof PasswordToken) {
-        setProperty(ClientProperty.AUTH_METHOD, "password");
-      } else if (token instanceof KerberosToken) {
-        setProperty(ClientProperty.AUTH_METHOD, "kerberos");
-        setProperty(ClientProperty.AUTH_KERBEROS_KEYTAB_PATH,
-            ((KerberosToken) token).getKeytab().getAbsolutePath());
-      } else {
-        setProperty(ClientProperty.AUTH_METHOD, "unknown");
-      }
+      setProperty(ClientProperty.AUTH_PRINCIPAL, principal);
+      ClientProperty.setAuthenticationToken(this.properties, token);
       return this;
     }
 
     @Override
     public FromOptions usingConnectionInfo(ConnectionInfo connectionInfo) {
       this.properties = connectionInfo.getProperties();
-      this.token = connectionInfo.getAuthenticationToken();
       return this;
     }
 
diff --git a/core/src/main/java/org/apache/accumulo/core/conf/ClientConfigGenerate.java b/core/src/main/java/org/apache/accumulo/core/conf/ClientConfigGenerate.java
index 3f1bfaad79..7b95ba22a5 100644
--- a/core/src/main/java/org/apache/accumulo/core/conf/ClientConfigGenerate.java
+++ b/core/src/main/java/org/apache/accumulo/core/conf/ClientConfigGenerate.java
@@ -45,7 +45,7 @@ void generate() {
       pageHeader();
 
       generateSection("Instance", "instance.");
-      generateSection("Authentication", "auth.", "auth.method", "auth.username");
+      generateSection("Authentication", "auth.", "auth.type", "auth.principal");
       generateSection("Batch Writer", "batch.writer.");
       generateSection("SSL", "ssl.");
       generateSection("SASL", "sasl.");
diff --git a/core/src/main/java/org/apache/accumulo/core/conf/ClientProperty.java b/core/src/main/java/org/apache/accumulo/core/conf/ClientProperty.java
index 09507369a0..d9c71c4d5c 100644
--- a/core/src/main/java/org/apache/accumulo/core/conf/ClientProperty.java
+++ b/core/src/main/java/org/apache/accumulo/core/conf/ClientProperty.java
@@ -16,12 +16,20 @@
  */
 package org.apache.accumulo.core.conf;
 
+import java.io.File;
+import java.io.IOException;
+import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
 import java.util.Properties;
 
 import org.apache.accumulo.core.Constants;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.CredentialProviderToken;
+import org.apache.accumulo.core.client.security.tokens.DelegationToken;
+import org.apache.accumulo.core.client.security.tokens.KerberosToken;
+import org.apache.accumulo.core.client.security.tokens.PasswordToken;
 
 public enum ClientProperty {
 
@@ -33,18 +41,12 @@
       "Zookeeper session timeout (in seconds)"),
 
   // Authentication
-  AUTH_METHOD("auth.method", "password",
-      "Authentication method (i.e password,"
-          + " kerberos, provider). Set more properties for chosen method below.",
-      "", true),
-  AUTH_USERNAME("auth.username", "", "Accumulo username/principal for chosen authentication method",
-      "", true),
-  AUTH_PASSWORD("auth.password", "", "Accumulo user password", "", true),
-  AUTH_KERBEROS_KEYTAB_PATH("auth.kerberos.keytab.path", "", "Path to Kerberos keytab"),
-  AUTH_PROVIDER_NAME("auth.provider.name", "",
-      "Alias used to extract Accumulo user password from CredentialProvider"),
-  AUTH_PROVIDER_URLS("auth.provider.urls", "",
-      "Comma separated list of URLs defining CredentialProvider(s)"),
+  AUTH_TYPE("auth.type", "password",
+      "Authentication method (i.e password, kerberos, PasswordToken, KerberosToken, etc)", "",
+      true),
+  AUTH_PRINCIPAL("auth.principal", "",
+      "Accumulo principal/username for chosen authentication method", "", true),
+  AUTH_TOKEN("auth.token", "", "Authentication token (ex. mypassword, /path/to/keytab)", "", true),
 
   // BatchWriter
   BATCH_WRITER_MAX_MEMORY_BYTES("batch.writer.max.memory.bytes", "52428800",
@@ -193,4 +195,55 @@ public static Properties getPrefix(Properties properties, String prefix) {
     }
     return propMap;
   }
+
+  public static String encodeToken(AuthenticationToken token) {
+    return Base64.getEncoder()
+        .encodeToString(AuthenticationToken.AuthenticationTokenSerializer.serialize(token));
+  }
+
+  public static AuthenticationToken decodeToken(String className, String tokenString) {
+    return AuthenticationToken.AuthenticationTokenSerializer.deserialize(className,
+        Base64.getDecoder().decode(tokenString));
+  }
+
+  public static void setPassword(Properties properties, String password) {
+    properties.setProperty(ClientProperty.AUTH_TYPE.getKey(), "password");
+    properties.setProperty(ClientProperty.AUTH_TOKEN.getKey(), password);
+  }
+
+  public static void setKerberosKeytab(Properties properties, String keytabPath) {
+    properties.setProperty(ClientProperty.AUTH_TYPE.getKey(), "kerberos");
+    properties.setProperty(ClientProperty.AUTH_TOKEN.getKey(), keytabPath);
+  }
+
+  public static AuthenticationToken getAuthenticationToken(Properties properties) {
+    String principal = ClientProperty.AUTH_PRINCIPAL.getValue(properties);
+    String authType = ClientProperty.AUTH_TYPE.getValue(properties);
+    String token = ClientProperty.AUTH_TOKEN.getValue(properties);
+    switch (authType) {
+      case "password":
+        return new PasswordToken(token);
+      case "PasswordToken":
+        return decodeToken(PasswordToken.class.getName(), token);
+      case "kerberos":
+        try {
+          return new KerberosToken(principal, new File(token));
+        } catch (IOException e) {
+          throw new IllegalArgumentException(e);
+        }
+      case "KerberosToken":
+        return decodeToken(KerberosToken.class.getName(), token);
+      case "CredentialProviderToken":
+        return decodeToken(CredentialProviderToken.class.getName(), token);
+      case "DelegationToken":
+        return decodeToken(DelegationToken.class.getName(), token);
+      default:
+        return decodeToken(authType, token);
+    }
+  }
+
+  public static void setAuthenticationToken(Properties properties, AuthenticationToken token) {
+    properties.setProperty(ClientProperty.AUTH_TYPE.getKey(), token.getClass().getName());
+    properties.setProperty(ClientProperty.AUTH_TOKEN.getKey(), encodeToken(token));
+  }
 }
diff --git a/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java b/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
index 80d2749c12..63864398f4 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
@@ -16,22 +16,16 @@
  */
 package org.apache.accumulo.core.util;
 
-import static java.nio.charset.StandardCharsets.UTF_8;
-
-import java.io.File;
-import java.io.FileOutputStream;
 import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Base64;
 
 import org.apache.accumulo.core.cli.ClientOpts.Password;
 import org.apache.accumulo.core.cli.ClientOpts.PasswordConverter;
 import org.apache.accumulo.core.cli.Help;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties;
 import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.TokenProperty;
 import org.apache.accumulo.core.client.security.tokens.PasswordToken;
+import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.accumulo.start.spi.KeywordExecutable;
 
 import com.beust.jcommander.Parameter;
@@ -65,12 +59,6 @@ private ConsoleReader getConsoleReader() throws IOException {
     @Parameter(names = {"-tc", "--tokenClass"},
         description = "The class of the authentication token")
     public String tokenClassName = PasswordToken.class.getName();
-
-    @Parameter(names = {"-f", "--file"},
-        description = "The filename to save the auth token to. Multiple tokens"
-            + " can be stored in the same file, but only the first for each user will"
-            + " be recognized.")
-    public String tokenFile = null;
   }
 
   public static void main(String[] args) {
@@ -120,24 +108,9 @@ public void execute(String[] args) {
         props.put(tp.getKey(), input);
         token.init(props);
       }
-      String tokenBase64 = Base64.getEncoder()
-          .encodeToString(AuthenticationTokenSerializer.serialize(token));
-
-      String tokenFile = opts.tokenFile;
-      if (tokenFile == null) {
-        tokenFile = getConsoleReader().readLine("File to save auth token to: ");
-      }
-      File tf = new File(tokenFile);
-      if (!tf.exists()) {
-        if (!tf.createNewFile()) {
-          throw new IOException("Couldn't create " + tf.getCanonicalPath());
-        }
-      }
-      PrintStream out = new PrintStream(new FileOutputStream(tf, true), true, UTF_8.name());
-      String outString = principal + ":" + opts.tokenClassName + ":" + tokenBase64;
-      out.println(outString);
-      out.close();
-      System.out.println("Token written to " + tokenFile + ". Remember to upload it to hdfs.");
+      System.out.println("auth.type = " + opts.tokenClassName);
+      System.out.println("auth.principal = " + principal);
+      System.out.println("auth.token = " + ClientProperty.encodeToken(token));
     } catch (IOException | InstantiationException | IllegalAccessException
         | ClassNotFoundException e) {
       throw new RuntimeException(e);
diff --git a/core/src/test/java/org/apache/accumulo/core/client/impl/ClientConfConverterTest.java b/core/src/test/java/org/apache/accumulo/core/client/impl/ClientConfConverterTest.java
index dd104e34db..894aaec990 100644
--- a/core/src/test/java/org/apache/accumulo/core/client/impl/ClientConfConverterTest.java
+++ b/core/src/test/java/org/apache/accumulo/core/client/impl/ClientConfConverterTest.java
@@ -29,8 +29,7 @@ public void testBasic() {
     Properties before = new Properties();
     before.setProperty(ClientProperty.INSTANCE_NAME.getKey(), "instance");
     before.setProperty(ClientProperty.INSTANCE_ZOOKEEPERS.getKey(), "zookeepers");
-    before.setProperty(ClientProperty.AUTH_METHOD.getKey(), "password");
-    before.setProperty(ClientProperty.AUTH_PASSWORD.getKey(), "mypass");
+    ClientProperty.setPassword(before, "mypass");
     before.setProperty(ClientProperty.SSL_ENABLED.getKey(), "true");
     before.setProperty(ClientProperty.SSL_KEYSTORE_PATH.getKey(), "key_path");
     before.setProperty(ClientProperty.SSL_KEYSTORE_PASSWORD.getKey(), "key_pass");
diff --git a/core/src/test/java/org/apache/accumulo/core/conf/ClientPropertyTest.java b/core/src/test/java/org/apache/accumulo/core/conf/ClientPropertyTest.java
new file mode 100644
index 0000000000..290cae67ca
--- /dev/null
+++ b/core/src/test/java/org/apache/accumulo/core/conf/ClientPropertyTest.java
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.accumulo.core.conf;
+
+import java.util.Properties;
+
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.PasswordToken;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class ClientPropertyTest {
+
+  @Test
+  public void testAuthentication() {
+    Properties props = new Properties();
+    props.setProperty(ClientProperty.AUTH_PRINCIPAL.getKey(), "user");
+    ClientProperty.setPassword(props, "testpass1");
+    Assert.assertEquals("testpass1", ClientProperty.AUTH_TOKEN.getValue(props));
+    AuthenticationToken token = ClientProperty.getAuthenticationToken(props);
+    Assert.assertTrue(token instanceof PasswordToken);
+    Assert.assertEquals("testpass1", new String(((PasswordToken) token).getPassword()));
+
+    ClientProperty.setAuthenticationToken(props, new PasswordToken("testpass2"));
+    Assert.assertEquals("AAAAHR+LCAAAAAAAAAArSS0uKUgsLjYCANxwRH4JAAAA",
+        ClientProperty.AUTH_TOKEN.getValue(props));
+    token = ClientProperty.getAuthenticationToken(props);
+    Assert.assertTrue(token instanceof PasswordToken);
+    Assert.assertEquals("testpass2", new String(((PasswordToken) token).getPassword()));
+
+    ClientProperty.setAuthenticationToken(props, new PasswordToken("testpass3"));
+    Assert.assertEquals("AAAAHR+LCAAAAAAAAAArSS0uKUgsLjYGAEpAQwkJAAAA",
+        ClientProperty.AUTH_TOKEN.getValue(props));
+    token = ClientProperty.getAuthenticationToken(props);
+    Assert.assertTrue(token instanceof PasswordToken);
+    Assert.assertEquals("testpass3", new String(((PasswordToken) token).getPassword()));
+
+    ClientProperty.setKerberosKeytab(props, "/path/to/keytab");
+    Assert.assertEquals("/path/to/keytab", ClientProperty.AUTH_TOKEN.getValue(props));
+  }
+}
diff --git a/core/src/test/java/org/apache/accumulo/core/security/AuthenticationTokenTest.java b/core/src/test/java/org/apache/accumulo/core/security/AuthenticationTokenTest.java
index f332d491d1..f27d27f96c 100644
--- a/core/src/test/java/org/apache/accumulo/core/security/AuthenticationTokenTest.java
+++ b/core/src/test/java/org/apache/accumulo/core/security/AuthenticationTokenTest.java
@@ -51,5 +51,4 @@ public void testSerializeDeserializeToken() throws AccumuloSecurityException, IO
         serialized);
     assertEquals(new NullToken(), nullToken);
   }
-
 }
diff --git a/minicluster/src/main/java/org/apache/accumulo/minicluster/impl/MiniAccumuloClusterImpl.java b/minicluster/src/main/java/org/apache/accumulo/minicluster/impl/MiniAccumuloClusterImpl.java
index 4a68a16a07..2180fac916 100644
--- a/minicluster/src/main/java/org/apache/accumulo/minicluster/impl/MiniAccumuloClusterImpl.java
+++ b/minicluster/src/main/java/org/apache/accumulo/minicluster/impl/MiniAccumuloClusterImpl.java
@@ -451,10 +451,10 @@ public MiniAccumuloClusterImpl(MiniAccumuloConfigImpl config) throws IOException
     Map<String,String> clientProps = config.getClientProps();
     clientProps.put(ClientProperty.INSTANCE_ZOOKEEPERS.getKey(), config.getZooKeepers());
     clientProps.put(ClientProperty.INSTANCE_NAME.getKey(), config.getInstanceName());
-    if (!clientProps.containsKey(ClientProperty.AUTH_METHOD.getKey())) {
-      clientProps.put(ClientProperty.AUTH_METHOD.getKey(), "password");
-      clientProps.put(ClientProperty.AUTH_USERNAME.getKey(), config.getRootUserName());
-      clientProps.put(ClientProperty.AUTH_PASSWORD.getKey(), config.getRootPassword());
+    if (!clientProps.containsKey(ClientProperty.AUTH_TYPE.getKey())) {
+      clientProps.put(ClientProperty.AUTH_TYPE.getKey(), "password");
+      clientProps.put(ClientProperty.AUTH_PRINCIPAL.getKey(), config.getRootUserName());
+      clientProps.put(ClientProperty.AUTH_TOKEN.getKey(), config.getRootPassword());
     }
 
     File clientPropsFile = config.getClientPropsFile();
diff --git a/proxy/src/main/java/org/apache/accumulo/proxy/Proxy.java b/proxy/src/main/java/org/apache/accumulo/proxy/Proxy.java
index de817f99e1..a00d6356fa 100644
--- a/proxy/src/main/java/org/apache/accumulo/proxy/Proxy.java
+++ b/proxy/src/main/java/org/apache/accumulo/proxy/Proxy.java
@@ -25,6 +25,7 @@
 
 import org.apache.accumulo.core.cli.Help;
 import org.apache.accumulo.core.client.impl.ClientConfConverter;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
 import org.apache.accumulo.core.client.security.tokens.KerberosToken;
 import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.accumulo.core.conf.ConfigurationTypeHelper;
@@ -243,8 +244,13 @@ public static ServerAddress createProxyServer(HostAndPort address,
         }
 
         // Login via principal and keytab
-        final String kerberosPrincipal = ClientProperty.AUTH_USERNAME.getValue(props);
-        final String kerberosKeytab = ClientProperty.AUTH_KERBEROS_KEYTAB_PATH.getValue(props);
+        final String kerberosPrincipal = ClientProperty.AUTH_PRINCIPAL.getValue(props);
+        final AuthenticationToken authToken = ClientProperty.getAuthenticationToken(props);
+        if (!(authToken instanceof KerberosToken)) {
+          throw new IllegalStateException("Kerberos authentication must be used with SASL");
+        }
+        final KerberosToken kerberosToken = (KerberosToken) authToken;
+        final String kerberosKeytab = kerberosToken.getKeytab().getAbsolutePath();
         if (StringUtils.isBlank(kerberosPrincipal) || StringUtils.isBlank(kerberosKeytab)) {
           throw new IllegalStateException(
               String.format("Kerberos principal '%s' and keytab '%s'" + " must be provided",
diff --git a/shell/src/main/java/org/apache/accumulo/shell/Shell.java b/shell/src/main/java/org/apache/accumulo/shell/Shell.java
index 11042b6d82..4b544fffe3 100644
--- a/shell/src/main/java/org/apache/accumulo/shell/Shell.java
+++ b/shell/src/main/java/org/apache/accumulo/shell/Shell.java
@@ -304,7 +304,6 @@ public boolean config(String... args) throws IOException {
       exitCode = 1;
       return false;
     }
-    String password = options.getPassword();
 
     tabCompletion = !options.isTabCompletionDisabled();
 
@@ -316,59 +315,31 @@ public boolean config(String... args) throws IOException {
       return false;
     }
 
-    try {
-      token = options.getAuthenticationToken();
-    } catch (Exception e) {
-      printException(e);
-      return true;
+    Properties props = options.getClientProperties();
+    String password = options.getPassword();
+    if (password == null && props.containsKey(ClientProperty.AUTH_TOKEN.getKey()) &&
+        user.equals(ClientProperty.AUTH_PRINCIPAL.getValue(props))) {
+      token = ClientProperty.getAuthenticationToken(props);
     }
-
-    Map<String,String> loginOptions = options.getTokenProperties();
-
-    // process default parameters if unspecified
-    try {
-      final boolean hasToken = (token != null);
-
-      if (hasToken && password != null) {
-        throw new ParameterException("Can not supply '--pass' option with '--tokenClass' option");
+    if (token == null) {
+      Runtime.getRuntime()
+          .addShutdownHook(new Thread(() -> reader.getTerminal().setEchoEnabled(true)));
+      // Read password if the user explicitly asked for it, or didn't specify anything at all
+      if ("stdin".equals(password) || password == null) {
+        password = reader.readLine("Password: ", '*');
       }
-
-      Runtime.getRuntime().addShutdownHook(new Thread() {
-        @Override
-        public void run() {
-          reader.getTerminal().setEchoEnabled(true);
-        }
-      });
-
-      if (hasToken) { // implied hasTokenOptions
-        // Fully qualified name so we don't shadow java.util.Properties
-        // @formatter:off
-        org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties props =
-          new org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties();
-        // @formatter:on
-
-        if (!loginOptions.isEmpty()) {
-          props.putAllStrings(loginOptions);
-        }
-        token.init(props);
+      if (password == null) {
+        // User cancel, e.g. Ctrl-D pressed
+        throw new ParameterException("No password or token option supplied");
       } else {
-        // Read password if the user explicitly asked for it, or didn't specify anything at all
-        if ("stdin".equals(password) || password == null) {
-          password = reader.readLine("Password: ", '*');
-        }
-
-        if (password == null) {
-          // User cancel, e.g. Ctrl-D pressed
-          throw new ParameterException("No password or token option supplied");
-        } else {
-          this.token = new PasswordToken(password);
-        }
+        token = new PasswordToken(password);
       }
+    }
 
+    try {
       if (!options.isFake()) {
         DistributedTrace.enable(InetAddress.getLocalHost().getHostName(), "shell", properties);
       }
-
       this.setTableName("");
       connector = instance.getConnector(user, token);
 
diff --git a/shell/src/main/java/org/apache/accumulo/shell/ShellOptionsJC.java b/shell/src/main/java/org/apache/accumulo/shell/ShellOptionsJC.java
index f36e70b089..6ac99a1141 100644
--- a/shell/src/main/java/org/apache/accumulo/shell/ShellOptionsJC.java
+++ b/shell/src/main/java/org/apache/accumulo/shell/ShellOptionsJC.java
@@ -29,8 +29,6 @@
 import java.util.Scanner;
 import java.util.TreeMap;
 
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.KerberosToken;
 import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.hadoop.security.UserGroupInformation;
 import org.slf4j.Logger;
@@ -126,28 +124,9 @@ public String convert(String value) {
       converter = PasswordConverter.class)
   private String password;
 
-  public static class TokenConverter implements IStringConverter<AuthenticationToken> {
-    @Override
-    public AuthenticationToken convert(String value) {
-      try {
-        return Class.forName(value).asSubclass(AuthenticationToken.class).newInstance();
-      } catch (Exception e) {
-        // Catching ClassNotFoundException, ClassCastException, InstantiationException and
-        // IllegalAccessException
-        log.error("Could not instantiate AuthenticationToken {}", value, e);
-        throw new ParameterException(e);
-      }
-    }
-  }
-
-  @Parameter(names = {"-tc", "--tokenClass"},
-      description = "token type to create, use the -l to pass options",
-      converter = TokenConverter.class)
-  private AuthenticationToken authenticationToken;
-
-  @DynamicParameter(names = {"-l", "--tokenProperty"},
-      description = "login properties in the format key=value. Reuse -l for each property")
-  private Map<String,String> tokenProperties = new TreeMap<>();
+  @DynamicParameter(names = {"-l"},
+      description = "command line properties in the format key=value. Reuse -l for each property")
+  private Map<String,String> commandLineProperties = new TreeMap<>();
 
   @Parameter(names = "--disable-tab-completion",
       description = "disables tab completion (for less overhead when scripting)")
@@ -219,7 +198,7 @@ public AuthenticationToken convert(String value) {
 
   public String getUsername() throws Exception {
     if (null == username) {
-      username = getClientProperties().getProperty(ClientProperty.AUTH_USERNAME.getKey());
+      username = getClientProperties().getProperty(ClientProperty.AUTH_PRINCIPAL.getKey());
       if (username == null || username.isEmpty()) {
         if (ClientProperty.SASL_ENABLED.getBoolean(getClientProperties())) {
           if (!UserGroupInformation.isSecurityEnabled()) {
@@ -231,7 +210,7 @@ public String getUsername() throws Exception {
           username = ugi.getUserName();
         } else {
           throw new IllegalArgumentException("Username is not set. Run with '-u"
-              + " myuser' or set 'auth.username' in accumulo-client.properties");
+              + " myuser' or set 'auth.principal' in accumulo-client.properties");
         }
       }
     }
@@ -239,26 +218,9 @@ public String getUsername() throws Exception {
   }
 
   public String getPassword() {
-    if (password == null) {
-      password = getClientProperties().getProperty(ClientProperty.AUTH_PASSWORD.getKey());
-    }
     return password;
   }
 
-  public AuthenticationToken getAuthenticationToken() throws Exception {
-    if (null == authenticationToken) {
-      // Automatically use a KerberosToken if shell is configured for SASL
-      if (ClientProperty.SASL_ENABLED.getBoolean(getClientProperties())) {
-        authenticationToken = new KerberosToken();
-      }
-    }
-    return authenticationToken;
-  }
-
-  public Map<String,String> getTokenProperties() {
-    return tokenProperties;
-  }
-
   public boolean isTabCompletionDisabled() {
     return tabCompletionDisabled;
   }
@@ -330,6 +292,7 @@ public String getClientConfigFile() {
         File file = new File(path);
         if (file.isFile() && file.canRead()) {
           clientConfigFile = file.getAbsolutePath();
+          System.out.println("Loading configuration from " + clientConfigFile);
           break;
         }
       }
@@ -347,6 +310,9 @@ public Properties getClientProperties() {
             "Failed to load properties from " + getClientConfigFile());
       }
     }
+    for (Map.Entry<String,String> entry : commandLineProperties.entrySet()) {
+      props.setProperty(entry.getKey(), entry.getValue());
+    }
     if (useSsl()) {
       props.setProperty(ClientProperty.SSL_ENABLED.getKey(), "true");
     }
diff --git a/shell/src/test/java/org/apache/accumulo/shell/ShellConfigTest.java b/shell/src/test/java/org/apache/accumulo/shell/ShellConfigTest.java
index ab47e1f9fb..9782f307ed 100644
--- a/shell/src/test/java/org/apache/accumulo/shell/ShellConfigTest.java
+++ b/shell/src/test/java/org/apache/accumulo/shell/ShellConfigTest.java
@@ -28,7 +28,6 @@
 import java.nio.file.Files;
 import java.util.Properties;
 
-import org.apache.accumulo.core.client.security.tokens.PasswordToken;
 import org.apache.accumulo.core.conf.ClientProperty;
 import org.apache.accumulo.shell.ShellTest.TestOutputStream;
 import org.apache.log4j.Level;
@@ -38,8 +37,6 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.beust.jcommander.ParameterException;
-
 import jline.console.ConsoleReader;
 
 public class ShellConfigTest {
@@ -100,25 +97,6 @@ public void testBadArg() throws IOException {
     assertTrue("Did not print usage", output.get().contains("Usage"));
   }
 
-  @Test
-  public void testTokenWithoutOptions() throws IOException {
-    assertFalse(shell.config(args("--fake", "-u", "foo", "-tc", PasswordToken.class.getName())));
-    assertFalse(output.get().contains(ParameterException.class.getName()));
-  }
-
-  @Test
-  public void testTokenAndOption() throws IOException {
-    assertTrue(shell.config(
-        args("--fake", "-tc", PasswordToken.class.getName(), "-u", "foo", "-l", "password=foo")));
-  }
-
-  @Test
-  public void testTokenAndOptionAndPassword() throws IOException {
-    assertFalse(shell.config(args("--fake", "-tc", PasswordToken.class.getName(), "-u", "foo", "-l",
-        "password=foo", "-p", "bar")));
-    assertTrue(output.get().contains(ParameterException.class.getName()));
-  }
-
   @Test
   public void testZooKeeperHostFromClientProps() {
     Properties props = new Properties();
diff --git a/test/src/main/java/org/apache/accumulo/test/functional/ConnectorIT.java b/test/src/main/java/org/apache/accumulo/test/functional/ConnectorIT.java
index 4ca61fb096..bcbbcc6e37 100644
--- a/test/src/main/java/org/apache/accumulo/test/functional/ConnectorIT.java
+++ b/test/src/main/java/org/apache/accumulo/test/functional/ConnectorIT.java
@@ -54,8 +54,8 @@ public void testConnectorBuilder() throws Exception {
     Properties props = new Properties();
     props.put(ClientProperty.INSTANCE_NAME.getKey(), instanceName);
     props.put(ClientProperty.INSTANCE_ZOOKEEPERS.getKey(), zookeepers);
-    props.put(ClientProperty.AUTH_USERNAME.getKey(), user);
-    props.put(ClientProperty.AUTH_PASSWORD.getKey(), password);
+    props.put(ClientProperty.AUTH_PRINCIPAL.getKey(), user);
+    ClientProperty.setPassword(props, password);
     conn = Connector.builder().usingProperties(props).build();
 
     Assert.assertEquals(instanceName, conn.getInstance().getInstanceName());
diff --git a/test/src/main/java/org/apache/accumulo/test/functional/KerberosProxyIT.java b/test/src/main/java/org/apache/accumulo/test/functional/KerberosProxyIT.java
index c17fb4523e..d7ee459bee 100644
--- a/test/src/main/java/org/apache/accumulo/test/functional/KerberosProxyIT.java
+++ b/test/src/main/java/org/apache/accumulo/test/functional/KerberosProxyIT.java
@@ -283,10 +283,8 @@ private File generateNewAccumuloClientConfiguration(MiniAccumuloConfigImpl cfg)
     Properties clientProps = new Properties();
     clientProps.setProperty(ClientProperty.INSTANCE_NAME.getKey(), cfg.getInstanceName());
     clientProps.setProperty(ClientProperty.INSTANCE_ZOOKEEPERS.getKey(), cfg.getZooKeepers());
-    clientProps.setProperty(ClientProperty.AUTH_METHOD.getKey(), "kerberos");
-    clientProps.setProperty(ClientProperty.AUTH_USERNAME.getKey(), proxyPrincipal);
-    clientProps.setProperty(ClientProperty.AUTH_KERBEROS_KEYTAB_PATH.getKey(),
-        proxyKeytab.getCanonicalPath());
+    clientProps.setProperty(ClientProperty.AUTH_PRINCIPAL.getKey(), proxyPrincipal);
+    ClientProperty.setKerberosKeytab(clientProps, proxyKeytab.getCanonicalPath());
     clientProps.setProperty(ClientProperty.SASL_ENABLED.getKey(), "true");
 
     // Write out the proxy.properties file
diff --git a/test/src/main/java/org/apache/accumulo/test/mapred/TokenFileIT.java b/test/src/main/java/org/apache/accumulo/test/mapred/TokenFileIT.java
index dbe3f1fc3a..f07f503bd5 100644
--- a/test/src/main/java/org/apache/accumulo/test/mapred/TokenFileIT.java
+++ b/test/src/main/java/org/apache/accumulo/test/mapred/TokenFileIT.java
@@ -26,12 +26,12 @@
 import java.io.PrintStream;
 import java.util.Iterator;
 import java.util.Map.Entry;
+import java.util.Properties;
 
 import org.apache.accumulo.core.client.BatchWriter;
 import org.apache.accumulo.core.client.BatchWriterConfig;
 import org.apache.accumulo.core.client.Connector;
 import org.apache.accumulo.core.client.Scanner;
-import org.apache.accumulo.core.client.impl.Credentials;
 import org.apache.accumulo.core.client.mapred.AccumuloInputFormat;
 import org.apache.accumulo.core.client.mapred.AccumuloOutputFormat;
 import org.apache.accumulo.core.data.Key;
@@ -160,10 +160,13 @@ public void testMR() throws Exception {
     }
     bw.close();
 
-    File tf = folder.newFile("root_test.pw");
+    File tf = folder.newFile("client.properties");
     PrintStream out = new PrintStream(tf);
-    String outString = new Credentials(getAdminPrincipal(), getAdminToken()).serialize();
-    out.println(outString);
+    Properties props = getConnectionInfo().getProperties();
+    for (Object keyObj : props.keySet()) {
+      String key = (String) keyObj;
+      out.println(key + " = " + props.getProperty(key));
+    }
     out.close();
 
     MRTokenFileTester.main(new String[] {tf.getAbsolutePath(), table1, table2});


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message