Mailing-List: contact commits-help@eagle.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@eagle.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
From: hao@apache.org
To: commits@eagle.apache.org
Date: Wed, 22 Feb 2017 08:12:39 -0000
Message-Id: <a8d73439ae9741708adbb9be1fa70876@git.apache.org>
In-Reply-To: <82cba4fae38c473cabf5db20ac62b323@git.apache.org>
References: <82cba4fae38c473cabf5db20ac62b323@git.apache.org>
Subject: [3/3] eagle git commit: [EAGLE-918] Support auth annotations
 PermitAll/DenyAll/RolesAllowed and API
archived-at: Wed, 22 Feb 2017 08:12:40 -0000

[EAGLE-918] Support auth annotations PermitAll/DenyAll/RolesAllowed and API

* Improve eagle auth framework to support annotations under Jersey 1.9 and Dropwizard 0.7.1

        PermitAll
        DenyAll
        RolesAllowed
        Auth

* Add Authentication API

        GET /auth/principal
        GET /auth/validate
        GET /auth/login

* Add password encryption and EncrytTool

        java ServerMain encrypt [text to encrypt]

Author: Hao Chen <hao@apache.org>

Closes #831 from haoch/EnableAuthAPI.


Project: http://git-wip-us.apache.org/repos/asf/eagle/repo
Commit: http://git-wip-us.apache.org/repos/asf/eagle/commit/94b597b7
Tree: http://git-wip-us.apache.org/repos/asf/eagle/tree/94b597b7
Diff: http://git-wip-us.apache.org/repos/asf/eagle/diff/94b597b7

Branch: refs/heads/master
Commit: 94b597b774464d33c30b290538a4231075a363e1
Parents: a7df69e
Author: Hao Chen <hao@apache.org>
Authored: Wed Feb 22 16:12:10 2017 +0800
Committer: Hao Chen <hao@apache.org>
Committed: Wed Feb 22 16:12:10 2017 +0800

----------------------------------------------------------------------
 .../eagle/app/resource/ApplicationResource.java |   2 +-
 .../eagle/common/authentication/User.java       |  46 ----
 .../apache/eagle/common/rest/RESTResponse.java  | 255 +++++++++++++++++++
 .../apache/eagle/common/security/DenyAll.java   |  27 ++
 .../apache/eagle/common/security/PermitAll.java |  29 +++
 .../eagle/common/security/RolesAllowed.java     |  26 ++
 .../org/apache/eagle/common/security/User.java  | 176 +++++++++++++
 .../apache/eagle/common/service/HadoopUser.java |   2 +-
 .../eagle-metadata/eagle-metadata-base/pom.xml  |   4 +
 .../eagle/metadata/resource/RESTResponse.java   | 246 ------------------
 .../eagle/metadata/resource/SiteResource.java   |   1 +
 .../entity/meta/EntityDefinitionManager.java    |   2 +-
 .../storage/hbase/TestWithHBaseCoprocessor.java |  24 +-
 .../jpm/analyzer/resource/AnalyzerResource.java |   2 +-
 .../apache/eagle/jpm/analyzer/util/Utils.java   |   2 +-
 .../history/crawl/JHFSparkEventReader.java      |   2 +-
 .../app/apps/jpm/partials/queue/overview.html   |   2 +-
 .../entity/HdfsUserCommandPatternEntity.java    |   2 +-
 .../eagle/security/hive/ql/TestParser.java      |   2 +-
 eagle-server/pom.xml                            |   9 +
 .../eagle/server/RESTExceptionMapper.java       |   2 +-
 .../apache/eagle/server/ServerApplication.java  |  29 ++-
 .../org/apache/eagle/server/ServerConfig.java   |   8 +-
 .../org/apache/eagle/server/ServerMain.java     |  46 +++-
 .../BasicAuthProviderBuilder.java               |  82 ------
 .../authenticator/LdapBasicAuthenticator.java   | 106 --------
 .../authenticator/SimpleBasicAuthenticator.java |  43 ----
 .../config/AuthenticationSettings.java          | 119 ---------
 .../authentication/config/LdapSettings.java     |  96 -------
 .../authentication/config/SimpleSettings.java   |  46 ----
 .../server/resource/AuthenticationResource.java |  65 +++++
 .../eagle/server/security/BasicAuthBuilder.java |  99 +++++++
 .../server/security/BasicAuthRequestFilter.java | 161 ++++++++++++
 .../BasicAuthResourceFilterFactory.java         |  53 ++++
 .../authenticator/LdapBasicAuthenticator.java   | 106 ++++++++
 .../authenticator/SimpleBasicAuthenticator.java |  59 +++++
 .../security/config/AuthenticationConfig.java   |  95 +++++++
 .../server/security/config/LdapConfig.java      |  96 +++++++
 .../server/security/config/SimpleConfig.java    |  34 +++
 .../server/security/config/UserAccount.java     |  55 ++++
 .../security/encrypt/EncryptorFactory.java      |  23 ++
 .../security/encrypt/PasswordEncryptor.java     |  23 ++
 .../security/encrypt/PasswordEncryptorImpl.java |  37 +++
 .../apache/eagle/server/tool/EncryptTool.java   |  42 +++
 .../java/org/apache/eagle/server/tool/Tool.java |  21 ++
 .../src/main/resources/configuration.yml        | 151 ++++++-----
 .../eagle/server/ServerApplicationTest.java     |  26 --
 .../org/apache/eagle/server/ServerDebug.java    |   2 +
 .../LdapBasicAuthenticatorTest.java             | 168 ------------
 .../SimpleBasicAuthenticatorTest.java           |  71 ------
 .../TestBasicAuthenticationResource.java        |  39 ---
 .../LdapBasicAuthenticatorTest.java             | 168 ++++++++++++
 .../SimpleBasicAuthenticatorTest.java           |  81 ++++++
 .../resource/BasicAuthenticationTestCase.java   | 164 ++++++++++++
 .../TestBasicAuthenticationResource.java        | 107 ++++++++
 .../src/test/resources/configuration.yml        |  34 ++-
 pom.xml                                         |  11 +
 57 files changed, 2215 insertions(+), 1214 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-app/eagle-app-base/src/main/java/org/apache/eagle/app/resource/ApplicationResource.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-app/eagle-app-base/src/main/java/org/apache/eagle/app/resource/ApplicationResource.java b/eagle-core/eagle-app/eagle-app-base/src/main/java/org/apache/eagle/app/resource/ApplicationResource.java
index f304768..3c62367 100644
--- a/eagle-core/eagle-app/eagle-app-base/src/main/java/org/apache/eagle/app/resource/ApplicationResource.java
+++ b/eagle-core/eagle-app/eagle-app-base/src/main/java/org/apache/eagle/app/resource/ApplicationResource.java
@@ -19,9 +19,9 @@ package org.apache.eagle.app.resource;
 import org.apache.eagle.app.service.ApplicationManagementService;
 import org.apache.eagle.app.service.ApplicationOperations;
 import org.apache.eagle.app.service.ApplicationProviderService;
+import org.apache.eagle.common.rest.RESTResponse;
 import org.apache.eagle.metadata.model.ApplicationDesc;
 import org.apache.eagle.metadata.model.ApplicationEntity;
-import org.apache.eagle.metadata.resource.RESTResponse;
 import org.apache.eagle.metadata.service.ApplicationEntityService;
 import com.google.inject.Inject;
 

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/authentication/User.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/authentication/User.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/authentication/User.java
deleted file mode 100644
index e967624..0000000
--- a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/authentication/User.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.common.authentication;
-
-import java.io.Serializable;
-import java.security.Principal;
-import java.util.Set;
-
-public class User implements Principal, Serializable {
-    private String username = "Unauthenticated";
-    private Set<String> roles = null;
-
-    public User() {
-    }
-
-    public User(String username) {
-        this.username = username;
-    }
-
-    public User(String username, Set<String> roles) {
-        this.username = username;
-        this.roles = roles;
-    }
-
-    public Set<String> getRoles() {
-        return roles;
-    }
-
-    public String getName() {
-        return username;
-    }
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/rest/RESTResponse.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/rest/RESTResponse.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/rest/RESTResponse.java
new file mode 100644
index 0000000..7aaade3
--- /dev/null
+++ b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/rest/RESTResponse.java
@@ -0,0 +1,255 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.eagle.common.rest;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.apache.eagle.common.function.ThrowableConsumer;
+import org.apache.eagle.common.function.ThrowableSupplier;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ExecutionException;
+import java.util.function.Consumer;
+import java.util.function.Supplier;
+
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
+public class RESTResponse<T> {
+    private static final Logger LOGGER = LoggerFactory.getLogger(RESTResponse.class);
+
+    @JsonProperty
+    private boolean success = false;
+    @JsonProperty
+    private String message;
+    @JsonProperty
+    private String exception;
+    @JsonProperty
+    private T data;
+
+    public RESTResponse() {
+    }
+
+    public RESTResponse(Throwable throwable) {
+        if (throwable.getMessage() == null || throwable.getMessage().isEmpty()) {
+            this.setMessage(throwable.getMessage());
+        } else {
+            this.setMessage(ExceptionUtils.getMessage(throwable));
+        }
+        this.setException(ExceptionUtils.getStackTrace(throwable));
+    }
+
+    public T getData() {
+        return data;
+    }
+
+    public void setData(T data) {
+        this.data = data;
+    }
+
+    public String getMessage() {
+        return message;
+    }
+
+    public void setMessage(String message) {
+        this.message = message;
+    }
+
+    public boolean isSuccess() {
+        return success;
+    }
+
+    public void setSuccess(boolean success) {
+        this.success = success;
+    }
+
+    public static <E> RestResponseBuilder<E> builder() {
+        return new RestResponseBuilder<>();
+    }
+
+    public static <E> RestResponseBuilder<E> of(E data) {
+        return RESTResponse.<E>builder().data(data);
+    }
+
+    public static <E> RestResponseBuilder<E> of(Consumer<RestResponseBuilder<E>> func) {
+        return RESTResponse.<E>builder().of(func);
+    }
+
+    public static <E> RestResponseBuilder<E> of(Supplier<E> func) {
+        return RESTResponse.<E>builder().of(func);
+    }
+
+    public static <E> RestResponseBuilder<E> async(ThrowableSupplier<E, Exception> func) {
+        return RESTResponse.<E>builder().async(func);
+    }
+
+    public static <E> RestResponseBuilder<E> async(ThrowableConsumer<RestResponseBuilder<E>, Exception> func) {
+        return RESTResponse.<E>builder().async(func);
+    }
+
+    public String getException() {
+        return exception;
+    }
+
+    public void setThrowable(Throwable exception) {
+        this.setException(ExceptionUtils.getStackTrace(exception));
+    }
+
+    public void setException(String exception) {
+        this.exception = exception;
+    }
+
+    public static class RestResponseBuilder<E> {
+        private RESTResponse current = new RESTResponse();
+        private Response.Status status = Response.Status.OK;
+        private CompletableFuture future = null;
+
+        public RestResponseBuilder<E> success(boolean success) {
+            this.current.setSuccess(success);
+            return this;
+        }
+
+        public RestResponseBuilder<E> status(Response.Status status) {
+            this.status = status;
+            return this;
+        }
+
+        public RestResponseBuilder<E> status(boolean success, Response.Status status) {
+            this.success(success);
+            this.status(status);
+            return this;
+        }
+
+        public RestResponseBuilder<E> message(String message) {
+            this.current.setMessage(message);
+            return this;
+        }
+
+        public RestResponseBuilder<E> data(E data) {
+            this.current.setData(data);
+            return this;
+        }
+
+        public RestResponseBuilder<E> exception(Throwable exception) {
+            this.current.setThrowable(exception);
+            if (this.current.getMessage() == null) {
+                if (exception.getMessage() == null || exception.getMessage().isEmpty()) {
+                    this.current.setMessage(ExceptionUtils.getMessage(exception));
+                } else {
+                    this.current.setMessage(exception.getMessage());
+                }
+            }
+            return this;
+        }
+
+        public RestResponseBuilder<E> of(Consumer<RestResponseBuilder<E>> func) {
+            try {
+                this.success(true).status(Response.Status.OK);
+                func.accept(this);
+            } catch (Exception ex) {
+                LOGGER.error("Exception: " + ex.getMessage(), ex);
+                this.success(false).data(null).status(Response.Status.BAD_REQUEST).exception(ex);
+                raiseWebAppException(ex);
+            }
+            return this;
+        }
+
+        public RestResponseBuilder<E> of(Supplier<E> func) {
+            try {
+                this.success(true).status(Response.Status.OK).data(func.get());
+            } catch (Throwable ex) {
+                LOGGER.error("Exception: " + ex.getMessage(), ex);
+                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex);
+                raiseWebAppException(ex);
+            }
+            return this;
+        }
+
+        public RestResponseBuilder<E> async(ThrowableSupplier<E, Exception> func) {
+            CompletableFuture future = CompletableFuture.runAsync(() -> {
+                try {
+                    this.status(Response.Status.OK).success(true).data(func.get());
+                } catch (Throwable e) {
+                    LOGGER.error("Exception: " + e.getMessage(), e);
+                    this.success(false).status(Response.Status.BAD_REQUEST).exception(e);
+                    raiseWebAppException(e);
+                }
+            });
+            runAsync(future);
+            return this;
+        }
+
+        public RestResponseBuilder<E> async(ThrowableConsumer<RestResponseBuilder<E>, Exception> func) {
+            CompletableFuture future = CompletableFuture.runAsync(() -> {
+                try {
+                    func.accept(this);
+                    this.success(true);
+                } catch (Throwable ex) {
+                    LOGGER.error("Exception: " + ex.getMessage(), ex);
+                    this.success(false).status(Response.Status.BAD_REQUEST).exception(ex);
+                    raiseWebAppException(ex);
+                }
+            });
+            runAsync(future);
+            return this;
+        }
+
+        private void runAsync(CompletableFuture future) {
+            try {
+                future.get();
+            } catch (InterruptedException ex) {
+                LOGGER.error("InterruptedException: " + ex.getMessage(), ex);
+                Thread.currentThread().interrupt();
+                future.cancel(true);
+                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex.getCause());
+                raiseWebAppException(ex);
+            } catch (ExecutionException ex) {
+                LOGGER.error("ExecutionException: " + ex.getMessage(), ex);
+                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex.getCause());
+                raiseWebAppException(ex);
+            }
+        }
+
+        private void raiseWebAppException(Throwable ex) {
+            throw new WebApplicationException(ex, Response.status(this.status).entity(this.current).build());
+        }
+
+
+        public RestResponseBuilder<E> then(ThrowableConsumer<RestResponseBuilder<E>, Exception> func) {
+            try {
+                func.accept(this);
+            } catch (Throwable ex) {
+                LOGGER.error("Exception: " + ex.getMessage(), ex);
+                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex);
+                raiseWebAppException(ex);
+            }
+            return this;
+        }
+
+        public RESTResponse<E> get() {
+            return current;
+        }
+
+        public Response build() {
+            return Response.status(status).entity(current).type(MediaType.APPLICATION_JSON).build();
+        }
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/DenyAll.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/DenyAll.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/DenyAll.java
new file mode 100644
index 0000000..db5cc99
--- /dev/null
+++ b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/DenyAll.java
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.eagle.common.security;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface DenyAll {
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/PermitAll.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/PermitAll.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/PermitAll.java
new file mode 100644
index 0000000..7975f67
--- /dev/null
+++ b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/PermitAll.java
@@ -0,0 +1,29 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.eagle.common.security;
+
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target({ElementType.METHOD, ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface PermitAll {
+
+}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/RolesAllowed.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/RolesAllowed.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/RolesAllowed.java
new file mode 100644
index 0000000..b3aae58
--- /dev/null
+++ b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/RolesAllowed.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.eagle.common.security;
+
+import java.lang.annotation.*;
+
+@Inherited
+@Target({ElementType.TYPE, ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface RolesAllowed {
+    User.Role[] value();
+}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/User.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/User.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/User.java
new file mode 100644
index 0000000..a99ba95
--- /dev/null
+++ b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/security/User.java
@@ -0,0 +1,176 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.eagle.common.security;
+
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.google.common.base.Preconditions;
+
+import java.io.Serializable;
+import java.security.Principal;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+
+@JsonSerialize
+public class User implements Principal, Serializable {
+    private String username;
+    private String firstName;
+    private String lastName;
+    private String email;
+    private String fullName;
+
+    private Collection<Role> roles;
+
+    public User() {
+
+    }
+
+    public User(User user) {
+        this.setName(user.getName());
+        this.setFirstName(user.getFirstName());
+        this.setLastName(user.getLastName());
+        this.setEmail(user.getEmail());
+        this.setRoles(user.getRoles());
+    }
+
+    public User(String username) {
+        this.username = username;
+    }
+
+    public User(String username, Collection<Role> roles) {
+        this.username = username;
+        this.roles = roles;
+    }
+
+    public Collection<Role> getRoles() {
+        return roles;
+    }
+
+    public void setRoles(Collection<Role> roles) {
+        this.roles = roles;
+    }
+
+    public String getFullName() {
+        if (this.fullName != null ) {
+            return this.fullName;
+        }
+        if (this.firstName == null && this.lastName == null) {
+            return this.username;
+        } else if (this.firstName != null && this.lastName == null ) {
+            return this.firstName;
+        } else if (this.firstName == null) {
+            return this.lastName;
+        } else {
+            return String.format("%s, %s", this.lastName, this.firstName);
+        }
+    }
+
+    @Override
+    public String getName() {
+        return this.username;
+    }
+
+    public void setName(String username) {
+        this.username = username;
+    }
+
+    public String getFirstName() {
+        return firstName;
+    }
+
+    public void setFirstName(String firstName) {
+        this.firstName = firstName;
+    }
+
+    public String getLastName() {
+        return lastName;
+    }
+
+    public void setLastName(String lastName) {
+        this.lastName = lastName;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public void setFullName(String fullName) {
+        this.fullName = fullName;
+    }
+
+    @Override
+    public String toString() {
+        return "User {"
+            + "name='" + username + '\''
+            + ", firstName='" + firstName + '\''
+            + ", lastName='" + lastName + '\''
+            + ", email='" + email + '\''
+            + ", fullName='" + fullName + '\''
+            + ", roles=" + roles
+            + '}';
+    }
+
+    public enum Role implements Serializable {
+        USER("USER"),                     // USER role with user-level permissions
+        APPLICATION("APPLICATION"),       // APPLICATION role with application-level permissions
+        ADMINISTRATOR("ADMINISTRATOR");   // ADMINISTRATOR role with admin-level permissions
+
+        public static final Role[] ALL_ROLES = new Role[] {
+            USER,APPLICATION, ADMINISTRATOR
+        };
+
+        private static Map<String,Role> nameRoleMap = new HashMap<String,Role>() {
+            {
+                put(ADMINISTRATOR.roleName.toUpperCase(), ADMINISTRATOR);
+                put(APPLICATION.roleName.toUpperCase(), APPLICATION);
+                put(USER.roleName.toUpperCase(), USER);
+            }
+        };
+
+        Role(String roleName) {
+            this.roleName = roleName;
+        }
+
+        @Override
+        public String toString() {
+            return roleName;
+        }
+
+        public static Role locateCaseInsensitive(String roleName) {
+            Preconditions.checkArgument(nameRoleMap.containsKey(roleName.toUpperCase()), "Illegal role " + roleName);
+            return nameRoleMap.get(roleName.toUpperCase());
+        }
+
+        private final String roleName;
+    }
+
+    public boolean isInRole(Role ... allowedRoles) {
+        Preconditions.checkNotNull(allowedRoles);
+        if (this.roles != null ) {
+            for (Role allowRole: allowedRoles) {
+                if (this.roles.contains(allowRole)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/service/HadoopUser.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/service/HadoopUser.java b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/service/HadoopUser.java
index 5c9cf80..094b808 100644
--- a/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/service/HadoopUser.java
+++ b/eagle-core/eagle-common/src/main/java/org/apache/eagle/common/service/HadoopUser.java
@@ -19,7 +19,7 @@ package org.apache.eagle.common.service;
 import java.util.List;
 
 /**
- * Hadoop User.
+ * Hadoop UserPrincipal.
  * @since : 7/11/14,2014
  */
 public class HadoopUser {

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-metadata/eagle-metadata-base/pom.xml
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-metadata/eagle-metadata-base/pom.xml b/eagle-core/eagle-metadata/eagle-metadata-base/pom.xml
index ff3db18..88274c2 100644
--- a/eagle-core/eagle-metadata/eagle-metadata-base/pom.xml
+++ b/eagle-core/eagle-metadata/eagle-metadata-base/pom.xml
@@ -67,5 +67,9 @@
             <groupId>org.mockito</groupId>
             <artifactId>mockito-all</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-auth</artifactId>
+        </dependency>
     </dependencies>
 </project>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/RESTResponse.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/RESTResponse.java b/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/RESTResponse.java
deleted file mode 100644
index 5647458..0000000
--- a/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/RESTResponse.java
+++ /dev/null
@@ -1,246 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- * <p/>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p/>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.metadata.resource;
-
-import com.fasterxml.jackson.databind.annotation.JsonSerialize;
-import org.apache.commons.lang3.exception.ExceptionUtils;
-import org.apache.eagle.common.function.ThrowableConsumer;
-import org.apache.eagle.common.function.ThrowableSupplier;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Response;
-import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.ExecutionException;
-import java.util.function.Consumer;
-import java.util.function.Supplier;
-
-@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
-public class RESTResponse<T> {
-    private static final Logger LOGGER = LoggerFactory.getLogger(RESTResponse.class);
-    private boolean success = false;
-    private String message;
-    private String exception;
-    private T data;
-
-    public RESTResponse() {
-    }
-
-    public RESTResponse(Throwable throwable) {
-        if (throwable.getMessage() == null || throwable.getMessage().isEmpty()) {
-            this.setMessage(throwable.getMessage());
-        } else {
-            this.setMessage(ExceptionUtils.getMessage(throwable));
-        }
-        this.setException(ExceptionUtils.getStackTrace(throwable));
-    }
-
-    public T getData() {
-        return data;
-    }
-
-    public void setData(T data) {
-        this.data = data;
-    }
-
-    public String getMessage() {
-        return message;
-    }
-
-    public void setMessage(String message) {
-        this.message = message;
-    }
-
-    public boolean isSuccess() {
-        return success;
-    }
-
-    public void setSuccess(boolean success) {
-        this.success = success;
-    }
-
-    public static <E> RestResponseBuilder<E> builder() {
-        return new RestResponseBuilder<>();
-    }
-
-    public static <E> RestResponseBuilder<E> of(E data) {
-        return RESTResponse.<E>builder().data(data);
-    }
-
-    public static <E> RestResponseBuilder<E> of(Consumer<RestResponseBuilder<E>> func) {
-        return RESTResponse.<E>builder().of(func);
-    }
-
-    public static <E> RestResponseBuilder<E> of(Supplier<E> func) {
-        return RESTResponse.<E>builder().of(func);
-    }
-
-    public static <E> RestResponseBuilder<E> async(ThrowableSupplier<E, Exception> func) {
-        return RESTResponse.<E>builder().async(func);
-    }
-
-    public static <E> RestResponseBuilder<E> async(ThrowableConsumer<RestResponseBuilder<E>, Exception> func) {
-        return RESTResponse.<E>builder().async(func);
-    }
-
-    public String getException() {
-        return exception;
-    }
-
-    public void setThrowable(Throwable exception) {
-        this.setException(ExceptionUtils.getStackTrace(exception));
-    }
-
-    public void setException(String exception) {
-        this.exception = exception;
-    }
-
-
-    public static class RestResponseBuilder<E> {
-        private RESTResponse current = new RESTResponse();
-        private Response.Status status = Response.Status.OK;
-        private CompletableFuture future = null;
-
-        public RestResponseBuilder<E> success(boolean success) {
-            this.current.setSuccess(success);
-            return this;
-        }
-
-        public RestResponseBuilder<E> status(Response.Status status) {
-            this.status = status;
-            return this;
-        }
-
-        public RestResponseBuilder<E> status(boolean success, Response.Status status) {
-            this.success(success);
-            this.status(status);
-            return this;
-        }
-
-        public RestResponseBuilder<E> message(String message) {
-            this.current.setMessage(message);
-            return this;
-        }
-
-        public RestResponseBuilder<E> data(E data) {
-            this.current.setData(data);
-            return this;
-        }
-
-        public RestResponseBuilder<E> exception(Throwable exception) {
-            this.current.setThrowable(exception);
-            if (this.current.getMessage() == null) {
-                if (exception.getMessage() == null || exception.getMessage().isEmpty()) {
-                    this.current.setMessage(ExceptionUtils.getMessage(exception));
-                } else {
-                    this.current.setMessage(exception.getMessage());
-                }
-            }
-            return this;
-        }
-
-        public RestResponseBuilder<E> of(Consumer<RestResponseBuilder<E>> func) {
-            try {
-                this.success(true).status(Response.Status.OK);
-                func.accept(this);
-            } catch (Exception ex) {
-                LOGGER.error("Exception: " + ex.getMessage(), ex);
-                this.success(false).data(null).status(Response.Status.BAD_REQUEST).exception(ex);
-                raiseWebAppException(ex);
-            }
-            return this;
-        }
-
-        public RestResponseBuilder<E> of(Supplier<E> func) {
-            try {
-                this.success(true).status(Response.Status.OK).data(func.get());
-            } catch (Throwable ex) {
-                LOGGER.error("Exception: " + ex.getMessage(), ex);
-                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex);
-                raiseWebAppException(ex);
-            }
-            return this;
-        }
-
-        public RestResponseBuilder<E> async(ThrowableSupplier<E, Exception> func) {
-            CompletableFuture future = CompletableFuture.runAsync(() -> {
-                try {
-                    this.status(Response.Status.OK).success(true).data(func.get());
-                } catch (Throwable e) {
-                    LOGGER.error("Exception: " + e.getMessage(), e);
-                    this.success(false).status(Response.Status.BAD_REQUEST).exception(e);
-                    raiseWebAppException(e);
-                }
-            });
-            runAsync(future);
-            return this;
-        }
-
-        public RestResponseBuilder<E> async(ThrowableConsumer<RestResponseBuilder<E>, Exception> func) {
-            CompletableFuture future = CompletableFuture.runAsync(() -> {
-                try {
-                    func.accept(this);
-                    this.success(true);
-                } catch (Throwable ex) {
-                    LOGGER.error("Exception: " + ex.getMessage(), ex);
-                    this.success(false).status(Response.Status.BAD_REQUEST).exception(ex);
-                    raiseWebAppException(ex);
-                }
-            });
-            runAsync(future);
-            return this;
-        }
-
-        private void runAsync(CompletableFuture future) {
-            try {
-                future.get();
-            } catch (InterruptedException ex) {
-                LOGGER.error("InterruptedException: " + ex.getMessage(), ex);
-                Thread.currentThread().interrupt();
-                future.cancel(true);
-                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex.getCause());
-                raiseWebAppException(ex);
-            } catch (ExecutionException ex) {
-                LOGGER.error("ExecutionException: " + ex.getMessage(), ex);
-                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex.getCause());
-                raiseWebAppException(ex);
-            }
-        }
-
-        private void raiseWebAppException(Throwable ex) {
-            throw new WebApplicationException(ex, Response.status(this.status).entity(this.current).build());
-        }
-
-
-        public RestResponseBuilder<E> then(ThrowableConsumer<RestResponseBuilder<E>, Exception> func) {
-            try {
-                func.accept(this);
-            } catch (Throwable ex) {
-                LOGGER.error("Exception: " + ex.getMessage(), ex);
-                this.success(false).status(Response.Status.BAD_REQUEST).exception(ex);
-                raiseWebAppException(ex);
-            }
-            return this;
-        }
-
-        public RESTResponse<E> get() {
-            return current;
-        }
-
-    }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/SiteResource.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/SiteResource.java b/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/SiteResource.java
index a5461b3..22a693a 100644
--- a/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/SiteResource.java
+++ b/eagle-core/eagle-metadata/eagle-metadata-base/src/main/java/org/apache/eagle/metadata/resource/SiteResource.java
@@ -16,6 +16,7 @@
  */
 package org.apache.eagle.metadata.resource;
 
+import org.apache.eagle.common.rest.RESTResponse;
 import org.apache.eagle.metadata.exceptions.SiteDeleteException;
 import org.apache.eagle.metadata.model.SiteEntity;
 import org.apache.eagle.metadata.service.ApplicationEntityService;

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-query/eagle-entity-base/src/main/java/org/apache/eagle/log/entity/meta/EntityDefinitionManager.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-query/eagle-entity-base/src/main/java/org/apache/eagle/log/entity/meta/EntityDefinitionManager.java b/eagle-core/eagle-query/eagle-entity-base/src/main/java/org/apache/eagle/log/entity/meta/EntityDefinitionManager.java
index 7b1010d..8795ba0 100755
--- a/eagle-core/eagle-query/eagle-entity-base/src/main/java/org/apache/eagle/log/entity/meta/EntityDefinitionManager.java
+++ b/eagle-core/eagle-query/eagle-entity-base/src/main/java/org/apache/eagle/log/entity/meta/EntityDefinitionManager.java
@@ -278,7 +278,7 @@ public class EntityDefinitionManager {
 	}
 
 	/**
-	 * User can register their own field SerDeser
+	 * UserPrincipal can register their own field SerDeser
 	 * @param clazz class of the the SerDeser 
 	 * @param entitySerDeser entity or field SerDeser
 	 * @throws IllegalArgumentException

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-core/eagle-query/eagle-storage-hbase/src/test/java/org/apache/eagle/storage/hbase/TestWithHBaseCoprocessor.java
----------------------------------------------------------------------
diff --git a/eagle-core/eagle-query/eagle-storage-hbase/src/test/java/org/apache/eagle/storage/hbase/TestWithHBaseCoprocessor.java b/eagle-core/eagle-query/eagle-storage-hbase/src/test/java/org/apache/eagle/storage/hbase/TestWithHBaseCoprocessor.java
index b3d3cfa..b647173 100644
--- a/eagle-core/eagle-query/eagle-storage-hbase/src/test/java/org/apache/eagle/storage/hbase/TestWithHBaseCoprocessor.java
+++ b/eagle-core/eagle-query/eagle-storage-hbase/src/test/java/org/apache/eagle/storage/hbase/TestWithHBaseCoprocessor.java
@@ -25,6 +25,7 @@ import org.apache.hadoop.hbase.HTableDescriptor;
 import org.apache.hadoop.hbase.client.HTable;
 import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
 import org.junit.AfterClass;
+import org.junit.Assert;
 import org.junit.BeforeClass;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -46,14 +47,27 @@ public class TestWithHBaseCoprocessor {
         conf.setStrings(CoprocessorHost.REGION_COPROCESSOR_CONF_KEY, AggregateProtocolEndPoint.class.getName());
         conf.setInt("hbase.master.info.port", -1);//avoid port clobbering
         conf.setInt("hbase.regionserver.info.port", -1);//avoid port clobbering
+
+        int attempts = 0;
         hbase = new HBaseTestingUtility();
-        try {
-            hbase.startMiniCluster();
-        } catch (Exception e) {
-            LOG.error("Error to start mini cluster: " + e.getMessage(), e);
-            throw new IllegalStateException(e);
+        boolean successToStart = false;
+        while (attempts < 3) {
+            try {
+                attempts ++;
+                hbase.startMiniCluster();
+                successToStart = true;
+            } catch (Exception e) {
+                LOG.error("Error to start mini cluster (tried {} times): {}", attempts, e.getMessage(), e);
+                try {
+                    hbase.shutdownMiniCluster();
+                } catch (Exception e1) {
+                    LOG.warn(e.getMessage(), e);
+                }
+            }
         }
 
+        Assert.assertTrue("Failed to start mini cluster in " + attempts + " attempts", successToStart);
+
         HTable table = hbase.createTable(String.valueOf("unittest"),"f");
         HTableDescriptor descriptor = new HTableDescriptor(table.getTableDescriptor());
         descriptor.addCoprocessor(AggregateProtocolEndPoint.class.getName());

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/resource/AnalyzerResource.java
----------------------------------------------------------------------
diff --git a/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/resource/AnalyzerResource.java b/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/resource/AnalyzerResource.java
index dc09202..80d9fb7 100644
--- a/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/resource/AnalyzerResource.java
+++ b/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/resource/AnalyzerResource.java
@@ -18,10 +18,10 @@
 package org.apache.eagle.jpm.analyzer.resource;
 
 import com.google.inject.Inject;
+import org.apache.eagle.common.rest.RESTResponse;
 import org.apache.eagle.jpm.analyzer.meta.MetaManagementService;
 import org.apache.eagle.jpm.analyzer.meta.model.JobMetaEntity;
 import org.apache.eagle.jpm.analyzer.meta.model.PublisherEntity;
-import org.apache.eagle.metadata.resource.RESTResponse;
 
 import javax.ws.rs.*;
 import javax.ws.rs.core.MediaType;

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/util/Utils.java
----------------------------------------------------------------------
diff --git a/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/util/Utils.java b/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/util/Utils.java
index 66f7622..a987bd8 100644
--- a/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/util/Utils.java
+++ b/eagle-jpm/eagle-jpm-analyzer/src/main/java/org/apache/eagle/jpm/analyzer/util/Utils.java
@@ -19,9 +19,9 @@
 package org.apache.eagle.jpm.analyzer.util;
 
 import com.typesafe.config.Config;
+import org.apache.eagle.common.rest.RESTResponse;
 import org.apache.eagle.jpm.analyzer.meta.model.JobMetaEntity;
 import org.apache.eagle.jpm.util.resourcefetch.connection.InputStreamUtils;
-import org.apache.eagle.metadata.resource.RESTResponse;
 import org.codehaus.jackson.JsonParser;
 import org.codehaus.jackson.map.ObjectMapper;
 import org.slf4j.Logger;

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-jpm/eagle-jpm-spark-history/src/main/java/org/apache/eagle/jpm/spark/history/crawl/JHFSparkEventReader.java
----------------------------------------------------------------------
diff --git a/eagle-jpm/eagle-jpm-spark-history/src/main/java/org/apache/eagle/jpm/spark/history/crawl/JHFSparkEventReader.java b/eagle-jpm/eagle-jpm-spark-history/src/main/java/org/apache/eagle/jpm/spark/history/crawl/JHFSparkEventReader.java
index 2ef1bd9..d245f49 100644
--- a/eagle-jpm/eagle-jpm-spark-history/src/main/java/org/apache/eagle/jpm/spark/history/crawl/JHFSparkEventReader.java
+++ b/eagle-jpm/eagle-jpm-spark-history/src/main/java/org/apache/eagle/jpm/spark/history/crawl/JHFSparkEventReader.java
@@ -169,7 +169,7 @@ public class JHFSparkEventReader {
             // the second argument of getNormalizeName() is changed to null because the original code contains sensitive text
             // original second argument looks like: this.app.getConfig().getConfig().get("xxx"), "xxx" is the sensitive text
             entity.getTags().put(SparkJobTagName.SPARK_APP_NORM_NAME.toString(), this.getNormalizedName(JSONUtils.getString(event, "App Name"), null));
-            entity.getTags().put(SparkJobTagName.SPARK_USER.toString(), JSONUtils.getString(event, "User"));
+            entity.getTags().put(SparkJobTagName.SPARK_USER.toString(), JSONUtils.getString(event, "UserPrincipal"));
 
             entity.setTimestamp(appStartTime);
         }

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-jpm/eagle-jpm-web/src/main/webapp/app/apps/jpm/partials/queue/overview.html
----------------------------------------------------------------------
diff --git a/eagle-jpm/eagle-jpm-web/src/main/webapp/app/apps/jpm/partials/queue/overview.html b/eagle-jpm/eagle-jpm-web/src/main/webapp/app/apps/jpm/partials/queue/overview.html
index 732fbb2..dfcf41c 100644
--- a/eagle-jpm/eagle-jpm-web/src/main/webapp/app/apps/jpm/partials/queue/overview.html
+++ b/eagle-jpm/eagle-jpm-web/src/main/webapp/app/apps/jpm/partials/queue/overview.html
@@ -42,7 +42,7 @@
 
 <!-- div class="nav-tabs-custom">
 	<ul class="nav nav-tabs">
-		<li class="active"><a data-toggle="tab" href="#queueUser">User</a></li>
+		<li class="active"><a data-toggle="tab" href="#queueUser">UserPrincipal</a></li>
 		<li><a data-toggle="tab" href="#queueJob">Job</a></li>
 
 		<li class="pull-right">

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-security/eagle-security-common/src/main/java/org/apache/eagle/security/entity/HdfsUserCommandPatternEntity.java
----------------------------------------------------------------------
diff --git a/eagle-security/eagle-security-common/src/main/java/org/apache/eagle/security/entity/HdfsUserCommandPatternEntity.java b/eagle-security/eagle-security-common/src/main/java/org/apache/eagle/security/entity/HdfsUserCommandPatternEntity.java
index e8c7b72..713057b 100644
--- a/eagle-security/eagle-security-common/src/main/java/org/apache/eagle/security/entity/HdfsUserCommandPatternEntity.java
+++ b/eagle-security/eagle-security-common/src/main/java/org/apache/eagle/security/entity/HdfsUserCommandPatternEntity.java
@@ -25,7 +25,7 @@ import org.apache.eagle.log.entity.meta.*;
 import java.util.Map;
 
 /**
- * User command pattern entity to specify Siddhi pattern, field selector and field modifier
+ * UserPrincipal command pattern entity to specify Siddhi pattern, field selector and field modifier
  */
 @Table("hdfsusercommandpattern")
 @ColumnFamily("f")

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-security/eagle-security-hive/src/test/java/org/apache/eagle/security/hive/ql/TestParser.java
----------------------------------------------------------------------
diff --git a/eagle-security/eagle-security-hive/src/test/java/org/apache/eagle/security/hive/ql/TestParser.java b/eagle-security/eagle-security-hive/src/test/java/org/apache/eagle/security/hive/ql/TestParser.java
index a5f5f82..599a4c8 100644
--- a/eagle-security/eagle-security-hive/src/test/java/org/apache/eagle/security/hive/ql/TestParser.java
+++ b/eagle-security/eagle-security-hive/src/test/java/org/apache/eagle/security/hive/ql/TestParser.java
@@ -212,7 +212,7 @@ public class TestParser {
     public void testCreateTable() throws Exception {
         String query = "CREATE TABLE page_view(viewTime INT, userid BIGINT,\n" +
                 "                page_url STRING, referrer_url STRING,\n" +
-                "                ip STRING COMMENT 'IP Address of the User')\n" +
+                "                ip STRING COMMENT 'IP Address of the UserPrincipal')\n" +
                 "COMMENT 'This is the page view table'\n" +
                 "PARTITIONED BY(dt STRING, country STRING)\n" +
                 "STORED AS SEQUENCEFILE";

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/pom.xml
----------------------------------------------------------------------
diff --git a/eagle-server/pom.xml b/eagle-server/pom.xml
index c2cefcd..77e974a 100644
--- a/eagle-server/pom.xml
+++ b/eagle-server/pom.xml
@@ -181,6 +181,15 @@
             <version>1.6</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>io.dropwizard</groupId>
+            <artifactId>dropwizard-testing</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jasypt</groupId>
+            <artifactId>jasypt</artifactId>
+        </dependency>
     </dependencies>
 
     <profiles>

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/RESTExceptionMapper.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/RESTExceptionMapper.java b/eagle-server/src/main/java/org/apache/eagle/server/RESTExceptionMapper.java
index 1799eff..9a5ab49 100644
--- a/eagle-server/src/main/java/org/apache/eagle/server/RESTExceptionMapper.java
+++ b/eagle-server/src/main/java/org/apache/eagle/server/RESTExceptionMapper.java
@@ -16,8 +16,8 @@
  */
 package org.apache.eagle.server;
 
-import org.apache.eagle.metadata.resource.RESTResponse;
 import io.dropwizard.jersey.errors.LoggingExceptionMapper;
+import org.apache.eagle.common.rest.RESTResponse;
 
 import java.util.concurrent.ThreadLocalRandom;
 import javax.ws.rs.WebApplicationException;

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/ServerApplication.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/ServerApplication.java b/eagle-server/src/main/java/org/apache/eagle/server/ServerApplication.java
index c779201..9f2a4ef 100644
--- a/eagle-server/src/main/java/org/apache/eagle/server/ServerApplication.java
+++ b/eagle-server/src/main/java/org/apache/eagle/server/ServerApplication.java
@@ -28,18 +28,18 @@ import io.dropwizard.setup.Bootstrap;
 import io.dropwizard.setup.Environment;
 import io.swagger.jaxrs.config.BeanConfig;
 import io.swagger.jaxrs.listing.ApiListingResource;
-import org.apache.eagle.alert.coordinator.CoordinatorListener;
+import org.apache.eagle.alert.coordinator.Coordinator;
 import org.apache.eagle.alert.resource.SimpleCORSFiler;
 import org.apache.eagle.app.service.ApplicationHealthCheckService;
 import org.apache.eagle.app.service.ApplicationProviderService;
 import org.apache.eagle.app.spi.ApplicationProvider;
 import org.apache.eagle.common.Version;
-import org.apache.eagle.common.utils.ReflectionsHelper;
 import org.apache.eagle.log.base.taggedlog.EntityJsonModule;
 import org.apache.eagle.log.base.taggedlog.TaggedLogAPIEntity;
 import org.apache.eagle.log.entity.repo.EntityRepositoryScanner;
 import org.apache.eagle.metadata.service.ApplicationStatusUpdateService;
-import org.apache.eagle.server.authentication.BasicAuthProviderBuilder;
+import org.apache.eagle.server.security.BasicAuthBuilder;
+import org.apache.eagle.server.security.BasicAuthResourceFilterFactory;
 import org.apache.eagle.server.task.ManagedService;
 import org.apache.eagle.server.module.GuiceBundleLoader;
 import org.slf4j.Logger;
@@ -50,7 +50,7 @@ import java.util.EnumSet;
 
 import static org.apache.eagle.app.service.impl.ApplicationHealthCheckServiceImpl.HEALTH_CHECK_PATH;
 
-class ServerApplication extends Application<ServerConfig> {
+public class ServerApplication extends Application<ServerConfig> {
     private static final Logger LOG = LoggerFactory.getLogger(ServerApplication.class);
     @Inject
     private ApplicationStatusUpdateService applicationStatusUpdateService;
@@ -116,15 +116,28 @@ class ServerApplication extends Application<ServerConfig> {
             .addMappingForUrlPatterns(EnumSet.of(DispatcherType.REQUEST), true, "/*");
 
         // Register authentication provider
-        environment.jersey().register(new BasicAuthProviderBuilder(configuration.getAuth(), environment).build());
-
-        // Context listener
-        environment.servlets().addServletListeners(new CoordinatorListener());
+        BasicAuthBuilder authBuilder = new BasicAuthBuilder(configuration.getAuthConfig(), environment);
+        environment.jersey().register(authBuilder.getBasicAuthProvider());
+        environment.jersey().getResourceConfig().getResourceFilterFactories()
+            .add(new BasicAuthResourceFilterFactory(authBuilder.getBasicAuthenticator()));
 
         registerAppServices(environment);
     }
 
     private void registerAppServices(Environment environment) {
+        LOG.debug("Registering CoordinatorService");
+        environment.lifecycle().manage(new Managed() {
+            @Override
+            public void start() throws Exception {
+                Coordinator.startSchedule();
+            }
+
+            @Override
+            public void stop() throws Exception {
+
+            }
+        });
+
         // Run application status service in background
         LOG.debug("Registering ApplicationStatusUpdateService");
         Managed updateAppStatusTask = new ManagedService(applicationStatusUpdateService);

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/ServerConfig.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/ServerConfig.java b/eagle-server/src/main/java/org/apache/eagle/server/ServerConfig.java
index 3def198..68a874e 100644
--- a/eagle-server/src/main/java/org/apache/eagle/server/ServerConfig.java
+++ b/eagle-server/src/main/java/org/apache/eagle/server/ServerConfig.java
@@ -18,7 +18,7 @@ package org.apache.eagle.server;
 
 import io.dropwizard.Configuration;
 import org.apache.eagle.common.Version;
-import org.apache.eagle.server.authentication.config.AuthenticationSettings;
+import org.apache.eagle.server.security.config.AuthenticationConfig;
 import com.fasterxml.jackson.annotation.JsonProperty;
 
 public class ServerConfig extends Configuration {
@@ -29,15 +29,15 @@ public class ServerConfig extends Configuration {
     private static final String LICENSE = "Apache License (Version 2.0)";
     private static final String LICENSE_URL = "http://www.apache.org/licenses/LICENSE-2.0";
 
-    private AuthenticationSettings auth = new AuthenticationSettings();
+    private AuthenticationConfig auth = new AuthenticationConfig();
 
     @JsonProperty("auth")
-    public AuthenticationSettings getAuth() {
+    public AuthenticationConfig getAuthConfig() {
         return auth;
     }
 
     @JsonProperty("auth")
-    public void setAuth(AuthenticationSettings auth) {
+    public void setAuthConfig(AuthenticationConfig auth) {
         this.auth = auth;
     }
 

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/ServerMain.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/ServerMain.java b/eagle-server/src/main/java/org/apache/eagle/server/ServerMain.java
index 318a74e..412dc2e 100644
--- a/eagle-server/src/main/java/org/apache/eagle/server/ServerMain.java
+++ b/eagle-server/src/main/java/org/apache/eagle/server/ServerMain.java
@@ -17,21 +17,47 @@
 package org.apache.eagle.server;
 
 import org.apache.eagle.common.Version;
+import org.apache.eagle.server.tool.EncryptTool;
 
 import java.util.Date;
 
 public class ServerMain {
+    private static final String USAGE =
+        "Usage: java " + ServerMain.class.getName() + " command [options] \n"
+        + "where options include: \n"
+        + "\tserver\t[path to configuration]\n"
+        + "\tencrypt\t[text to encrypt]\n";
+
     public static void main(String[] args) {
-        System.out.println(
-            "\nApache Eagle™ v" + Version.version + ": "
-            + "built with git revision " + Version.gitRevision + " by " + Version.userName + " on " + new Date(Long.parseLong(Version.timestamp))
-        );
-        System.out.println("\nStarting Eagle Server ...\n");
-        try {
-            new ServerApplication().run(args);
-        } catch (Exception e) {
-            System.err.println("Oops, got error to start eagle server: " + e.getMessage());
-            e.printStackTrace();
+        if (args.length > 1) {
+            String cmd = args[0];
+
+            switch (cmd) {
+                case "server":
+                    System.out.println(
+                        "\nApache Eagle™ v" + Version.version + ": "
+                            + "built with git revision " + Version.gitRevision + " by " + Version.userName + " on " + new Date(Long.parseLong(Version.timestamp))
+                    );
+
+                    System.out.println("\nStarting Eagle Server ...\n");
+                    try {
+                        new ServerApplication().run(args);
+                    } catch (Exception e) {
+                        System.err.println("Oops, got error to start eagle server: " + e.getMessage());
+                        e.printStackTrace();
+                        System.exit(1);
+                    }
+                    break;
+                case "encrypt":
+                    new EncryptTool().execute(args);
+                    break;
+                default:
+                    System.err.println("Invalid command " + cmd);
+                    System.err.print(USAGE);
+                    System.exit(2);
+            }
+        } else {
+            System.err.print(USAGE);
             System.exit(1);
         }
     }

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/authentication/BasicAuthProviderBuilder.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/authentication/BasicAuthProviderBuilder.java b/eagle-server/src/main/java/org/apache/eagle/server/authentication/BasicAuthProviderBuilder.java
deleted file mode 100644
index 855134b..0000000
--- a/eagle-server/src/main/java/org/apache/eagle/server/authentication/BasicAuthProviderBuilder.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.server.authentication;
-
-import com.google.common.cache.CacheBuilderSpec;
-import com.sun.jersey.api.core.HttpContext;
-import com.sun.jersey.api.model.Parameter;
-import com.sun.jersey.core.spi.component.ComponentContext;
-import com.sun.jersey.server.impl.inject.AbstractHttpContextInjectable;
-import com.sun.jersey.spi.inject.Injectable;
-import io.dropwizard.auth.Auth;
-import io.dropwizard.auth.Authenticator;
-import io.dropwizard.auth.CachingAuthenticator;
-import io.dropwizard.auth.basic.BasicAuthProvider;
-import io.dropwizard.auth.basic.BasicCredentials;
-import io.dropwizard.setup.Environment;
-import org.apache.eagle.common.authentication.User;
-import org.apache.eagle.server.authentication.authenticator.LdapBasicAuthenticator;
-import org.apache.eagle.server.authentication.authenticator.SimpleBasicAuthenticator;
-import org.apache.eagle.server.authentication.config.AuthenticationSettings;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class BasicAuthProviderBuilder {
-    private static final String SIMPLE_MODE_REALM = "SIMPLE_AUTHENTICATION";
-    private static final String LDAP_MODE_REALM = "LDAP_AUTHENTICATION";
-    private static final Map<String, BasicAuthProvider<User>> MAPPING = new HashMap<>();
-    private AuthenticationSettings authSettings;
-    private Environment environment;
-
-    public BasicAuthProviderBuilder(AuthenticationSettings authSettings, Environment environment) {
-        this.authSettings = authSettings;
-        this.environment = environment;
-        Authenticator<BasicCredentials, User> simpleAuthenticator = new SimpleBasicAuthenticator(authSettings.getSimple());
-        Authenticator<BasicCredentials, User> ldapAuthenticator = new LdapBasicAuthenticator(authSettings.getLdap());
-        boolean needsCaching = authSettings.needsCaching();
-        MAPPING.put("simple",
-                new BasicAuthProvider<>(needsCaching ? cache(simpleAuthenticator) : simpleAuthenticator, SIMPLE_MODE_REALM));
-        MAPPING.put("ldap",
-                new BasicAuthProvider<>(needsCaching ? cache(ldapAuthenticator) : ldapAuthenticator, LDAP_MODE_REALM));
-    }
-
-    public BasicAuthProvider build() {
-        if (authSettings.isEnabled()) {
-            String mode = authSettings.getMode();
-            if (MAPPING.containsKey(mode)) {
-                return MAPPING.get(mode);
-            } else {
-                throw new RuntimeException(String.format("No matching mode found: %s", mode));
-            }
-        } else {
-            return new BasicAuthProvider<User>(null, "") {
-                public Injectable<?> getInjectable(ComponentContext ic, Auth a, Parameter c) {
-                    return new AbstractHttpContextInjectable<User>() {
-                        public User getValue(HttpContext c) {
-                            return new User("non-auth");
-                        }
-                    };
-                }
-            };
-        }
-    }
-
-    private Authenticator<BasicCredentials, User> cache(Authenticator<BasicCredentials, User> authenticator) {
-        return new CachingAuthenticator<>(environment.metrics(), authenticator, CacheBuilderSpec.parse(authSettings.getCachePolicy()));
-    }
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/LdapBasicAuthenticator.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/LdapBasicAuthenticator.java b/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/LdapBasicAuthenticator.java
deleted file mode 100644
index c67dea8..0000000
--- a/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/LdapBasicAuthenticator.java
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.server.authentication.authenticator;
-
-import com.google.common.base.Optional;
-import io.dropwizard.auth.AuthenticationException;
-import io.dropwizard.auth.Authenticator;
-import io.dropwizard.auth.basic.BasicCredentials;
-import org.apache.eagle.common.authentication.User;
-import org.apache.eagle.server.authentication.config.LdapSettings;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.naming.Context;
-import javax.naming.directory.InitialDirContext;
-import java.io.File;
-import java.util.Hashtable;
-
-public class LdapBasicAuthenticator implements Authenticator<BasicCredentials, User> {
-    private static final Logger LOGGER = LoggerFactory.getLogger(LdapBasicAuthenticator.class);
-    private static final String LDAP_LDAP_CTX_FACTORY_NAME = "com.sun.jndi.ldap.LdapCtxFactory";
-    private static final String LDAP_CONNECT_TIMEOUT_KEY = "com.sun.jndi.ldap.connect.timeout";
-    private static final String LDAP_READ_TIMEOUT_KEY = "com.sun.jndi.ldap.read.timeout";
-    private static final String SYS_PROP_SSL_KEY_STORE = "javax.net.ssl.keyStore";
-    private static final String SYS_PROP_SSL_TRUST_STORE = "javax.net.ssl.trustStore";
-    private static final String LDAPS_URL_PREFIX = "ldaps://";
-    private static final String SSL_PROTOCOL_VALUE = "ssl";
-    private LdapSettings settings = null;
-
-    public LdapBasicAuthenticator(LdapSettings settings) {
-        this.settings = settings;
-    }
-
-    public Optional<User> authenticate(BasicCredentials credentials) throws AuthenticationException {
-        String sanitizedUsername = sanitizeUsername(credentials.getUsername());
-        try {
-            new InitialDirContext(getContextEnvironment(sanitizedUsername, credentials.getPassword()));
-            return Optional.of(new User(sanitizedUsername));
-        } catch (javax.naming.AuthenticationException ae) {
-            LOGGER.warn(String.format("Authentication failed for user[%s]: wrong username or password", sanitizedUsername));
-            return Optional.absent();
-        } catch (Exception e) {
-            throw new AuthenticationException(String.format("Error occurs while trying to authenticate for user[%s]: %s", sanitizedUsername, e.getMessage()), e);
-        }
-    }
-
-    Hashtable<String, String> getContextEnvironment(String sanitizedUsername, String password) {
-        String providerUrl = settings.getProviderUrl();
-        if (providerUrl == null) {
-            throw new IllegalArgumentException("providerUrl of the ldap service shouldn't be null");
-        }
-
-        Hashtable<String, String> env = new Hashtable<>();
-        env.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_LDAP_CTX_FACTORY_NAME);
-        env.put(Context.PROVIDER_URL, providerUrl);
-        env.put(LDAP_CONNECT_TIMEOUT_KEY, String.valueOf(settings.getConnectingTimeout().toMilliseconds()));
-        env.put(LDAP_READ_TIMEOUT_KEY, String.valueOf(settings.getReadingTimeout().toMilliseconds()));
-
-        String strategy = settings.getStrategy();
-        if (!"".equals(strategy)) {
-            env.put(Context.SECURITY_AUTHENTICATION, strategy);
-        }
-
-        if (providerUrl.toLowerCase().startsWith(LDAPS_URL_PREFIX)) { // using ldap over ssl to authenticate
-            env.put(Context.SECURITY_PROTOCOL, SSL_PROTOCOL_VALUE);
-
-            String certificateAbsolutePath = settings.getCertificateAbsolutePath();
-            if (certificateAbsolutePath == null || "".equals(certificateAbsolutePath)) {
-                throw new RuntimeException("The attribute 'certificateAbsolutePath' must be set when using ldap over ssl to authenticate.");
-            }
-            if (!new File(certificateAbsolutePath).exists()) {
-                throw new RuntimeException(String.format("The file specified not existing: %s", certificateAbsolutePath));
-            }
-
-            System.setProperty(SYS_PROP_SSL_KEY_STORE, certificateAbsolutePath);
-            System.setProperty(SYS_PROP_SSL_TRUST_STORE, certificateAbsolutePath);
-        }
-
-        env.put(Context.SECURITY_PRINCIPAL, comprisePrincipal(sanitizedUsername));
-        env.put(Context.SECURITY_CREDENTIALS, password);
-        return env;
-    }
-
-    String comprisePrincipal(String sanitizedUsername) {
-        return settings.getPrincipalTemplate().replaceAll("\\$\\{USERNAME\\}", sanitizedUsername);
-    }
-
-    String sanitizeUsername(String username) {
-        return username.replaceAll("[^a-zA-Z0-9_.]", "");
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/SimpleBasicAuthenticator.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/SimpleBasicAuthenticator.java b/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/SimpleBasicAuthenticator.java
deleted file mode 100644
index ede3b06..0000000
--- a/eagle-server/src/main/java/org/apache/eagle/server/authentication/authenticator/SimpleBasicAuthenticator.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.server.authentication.authenticator;
-
-import com.google.common.base.Optional;
-import io.dropwizard.auth.AuthenticationException;
-import io.dropwizard.auth.Authenticator;
-import io.dropwizard.auth.basic.BasicCredentials;
-import org.apache.eagle.common.authentication.User;
-import org.apache.eagle.server.authentication.config.SimpleSettings;
-
-public class SimpleBasicAuthenticator implements Authenticator<BasicCredentials, User> {
-    private String acceptedUsername = null;
-    private String acceptedPassword = null;
-
-    public SimpleBasicAuthenticator(SimpleSettings settings) {
-        acceptedUsername = settings.getUsername();
-        acceptedPassword = settings.getPassword();
-    }
-
-    public Optional<User> authenticate(BasicCredentials credentials) throws AuthenticationException {
-        String username = credentials.getUsername();
-        if (acceptedUsername.equals(username) && acceptedPassword.equals(credentials.getPassword())) {
-            return Optional.of(new User(username));
-        }
-        return Optional.absent();
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/AuthenticationSettings.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/AuthenticationSettings.java b/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/AuthenticationSettings.java
deleted file mode 100644
index 501ca13..0000000
--- a/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/AuthenticationSettings.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.server.authentication.config;
-
-import io.dropwizard.Configuration;
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-public class AuthenticationSettings extends Configuration {
-    private boolean enabled = false;
-    private String mode = null;
-    private boolean caching = false;
-    private String cachePolicy = null;
-    private boolean authorization = false;
-    private boolean annotated = true;
-    private SimpleSettings simple = new SimpleSettings();
-    private LdapSettings ldap = new LdapSettings();
-
-    @JsonProperty
-    public boolean isEnabled() {
-        return enabled;
-    }
-
-    @JsonProperty
-    public AuthenticationSettings setEnabled(boolean enabled) {
-        this.enabled = enabled;
-        return this;
-    }
-
-    @JsonProperty
-    public String getMode() {
-        return mode;
-    }
-
-    @JsonProperty
-    public AuthenticationSettings setMode(String mode) {
-        this.mode = mode;
-        return this;
-    }
-
-    @JsonProperty
-    public boolean needsCaching() {
-        return caching;
-    }
-
-    @JsonProperty
-    public AuthenticationSettings setCaching(boolean caching) {
-        this.caching = caching;
-        return this;
-    }
-
-    @JsonProperty
-    public String getCachePolicy() {
-        return cachePolicy;
-    }
-
-    @JsonProperty
-    public AuthenticationSettings setCachePolicy(String cachePolicy) {
-        this.cachePolicy = cachePolicy;
-        return this;
-    }
-
-    @JsonProperty
-    public boolean needsAuthorization() {
-        return authorization;
-    }
-
-    @JsonProperty
-    public AuthenticationSettings setAuthorization(boolean authorization) {
-        this.authorization = authorization;
-        return this;
-    }
-
-    @JsonProperty
-    public boolean byAnnotated() {
-        return annotated;
-    }
-
-    @JsonProperty
-    public AuthenticationSettings setAnnotated(boolean annotated) {
-        this.annotated = annotated;
-        return this;
-    }
-
-    @JsonProperty("ldap")
-    public LdapSettings getLdap() {
-        return ldap;
-    }
-
-    @JsonProperty("ldap")
-    public AuthenticationSettings setLdap(LdapSettings ldap) {
-        this.ldap = ldap;
-        return this;
-    }
-
-    @JsonProperty("simple")
-    public SimpleSettings getSimple() {
-        return simple;
-    }
-
-    @JsonProperty("simple")
-    public AuthenticationSettings setSimple(SimpleSettings simple) {
-        this.simple = simple;
-        return this;
-    }
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/LdapSettings.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/LdapSettings.java b/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/LdapSettings.java
deleted file mode 100644
index ea2d896..0000000
--- a/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/LdapSettings.java
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.server.authentication.config;
-
-import io.dropwizard.util.Duration;
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-public class LdapSettings {
-
-    private String providerUrl = "";
-    private String strategy = "";
-    private String principalTemplate = "";
-    private String certificateAbsolutePath = "";
-    private Duration connectingTimeout = Duration.parse("500ms");
-    private Duration readingTimeout = Duration.parse("500ms");
-
-    @JsonProperty
-    public String getProviderUrl() {
-        return providerUrl;
-    }
-
-    @JsonProperty
-    public LdapSettings setProviderUrl(String providerUrl) {
-        this.providerUrl = providerUrl;
-        return this;
-    }
-
-    @JsonProperty
-    public String getPrincipalTemplate() {
-        return principalTemplate;
-    }
-
-    @JsonProperty
-    public LdapSettings setPrincipalTemplate(String principalTemplate) {
-        this.principalTemplate = principalTemplate;
-        return this;
-    }
-
-    @JsonProperty
-    public String getStrategy() {
-        return strategy;
-    }
-
-    @JsonProperty
-    public LdapSettings setStrategy(String strategy) {
-        this.strategy = strategy;
-        return this;
-    }
-
-    @JsonProperty
-    public Duration getConnectingTimeout() {
-        return connectingTimeout;
-    }
-
-    @JsonProperty
-    public LdapSettings setConnectingTimeout(Duration connectingTimeout) {
-        this.connectingTimeout = connectingTimeout;
-        return this;
-    }
-
-    @JsonProperty
-    public Duration getReadingTimeout() {
-        return readingTimeout;
-    }
-
-    @JsonProperty
-    public LdapSettings setReadingTimeout(Duration readingTimeout) {
-        this.readingTimeout = readingTimeout;
-        return this;
-    }
-
-    @JsonProperty
-    public String getCertificateAbsolutePath() {
-        return certificateAbsolutePath;
-    }
-
-    @JsonProperty
-    public LdapSettings setCertificateAbsolutePath(String certificateAbsolutePath) {
-        this.certificateAbsolutePath = certificateAbsolutePath;
-        return this;
-    }
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/SimpleSettings.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/SimpleSettings.java b/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/SimpleSettings.java
deleted file mode 100644
index 35cfd70..0000000
--- a/eagle-server/src/main/java/org/apache/eagle/server/authentication/config/SimpleSettings.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.eagle.server.authentication.config;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-public class SimpleSettings {
-    private String username = null;
-    private String password = null;
-
-    @JsonProperty
-    public String getUsername() {
-        return username;
-    }
-
-    @JsonProperty
-    public SimpleSettings setUsername(String username) {
-        this.username = username;
-        return this;
-    }
-
-    @JsonProperty
-    public String getPassword() {
-        return password;
-    }
-
-    @JsonProperty
-    public SimpleSettings setPassword(String password) {
-        this.password = password;
-        return this;
-    }
-}

http://git-wip-us.apache.org/repos/asf/eagle/blob/94b597b7/eagle-server/src/main/java/org/apache/eagle/server/resource/AuthenticationResource.java
----------------------------------------------------------------------
diff --git a/eagle-server/src/main/java/org/apache/eagle/server/resource/AuthenticationResource.java b/eagle-server/src/main/java/org/apache/eagle/server/resource/AuthenticationResource.java
new file mode 100644
index 0000000..f14cb71
--- /dev/null
+++ b/eagle-server/src/main/java/org/apache/eagle/server/resource/AuthenticationResource.java
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.eagle.server.resource;
+
+import io.dropwizard.auth.Auth;
+import org.apache.eagle.common.security.User;
+import org.apache.eagle.common.rest.RESTResponse;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+@Path("/auth")
+public class AuthenticationResource {
+    @GET
+    @Path("/principal")
+    @Produces(MediaType.APPLICATION_JSON)
+    public Response getCurrentPrincipal(@Auth(required = false) User user) {
+        if (user != null) {
+            return RESTResponse.of(user)
+                .status(true, Response.Status.OK)
+                .build();
+        } else {
+            return RESTResponse.builder()
+                .message("No authorized principal found")
+                .status(false, Response.Status.OK)
+                .build();
+        }
+    }
+
+    @GET
+    @Path("/validate")
+    @Produces(MediaType.APPLICATION_JSON)
+    public Response validate(@Auth User user) {
+        return RESTResponse.of(user)
+            .message("Validated successfully as " + user.getName())
+            .status(true, Response.Status.OK).build();
+    }
+
+    @POST
+    @Path("/login")
+    @Produces(MediaType.APPLICATION_JSON)
+    public Response login(@Auth User user) {
+        return RESTResponse.of(user)
+            .message("Login successfully as " + user.getName())
+            .status(true, Response.Status.OK).build();
+    }
+}
\ No newline at end of file