incubator-blur-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cr...@apache.org
Subject [14/15] git commit: Started adding authentication, not finished yet
Date Tue, 01 Jul 2014 13:28:23 GMT
Started adding authentication, not finished yet


Project: http://git-wip-us.apache.org/repos/asf/incubator-blur/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-blur/commit/f6b19a9f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-blur/tree/f6b19a9f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-blur/diff/f6b19a9f

Branch: refs/heads/apache-blur-0.2
Commit: f6b19a9f8fed4c64f2e2d81165cc86dd2e5a2d21
Parents: b2e2952
Author: Chris Rohr <rohr.chris@gmail.com>
Authored: Tue Jul 1 09:27:50 2014 -0400
Committer: Chris Rohr <rohr.chris@gmail.com>
Committed: Tue Jul 1 09:27:50 2014 -0400

----------------------------------------------------------------------
 .../org/apache/blur/console/JettyServer.java    |    6 +-
 .../org/apache/blur/console/model/User.java     |   69 +
 .../console/providers/AllAllowedProvider.java   |   74 +
 .../blur/console/providers/IProvider.java       |   40 +
 .../blur/console/servlets/AuthServlet.java      |  104 +
 .../console/servlets/BaseConsoleServlet.java    |   18 +-
 .../blur/console/servlets/NodesServlet.java     |    3 +-
 .../blur/console/servlets/QueriesServlet.java   |    3 +-
 .../blur/console/servlets/SearchServlet.java    |    3 +-
 .../blur/console/servlets/TablesServlet.java    |    4 +-
 .../org/apache/blur/console/util/Config.java    |   42 +-
 .../org/apache/blur/console/util/HttpUtil.java  |    7 +
 .../apache/blur/console/util/SearchUtil.java    |   31 +-
 ...console.018c8d880edbb816d45f576c8cf85eed.css | 6592 +++++++++++++++++
 ...console.52f95d3d625a3fddbc9e7a03e36b99f5.css |   19 -
 .../src/main/webapp/public/css/blurconsole.css  | 6611 +++++++++++++++++-
 ...ole.css.0212975e50782bb2f0d4b89d196e90dc.map |    7 +
 ...ole.css.2dce84df98e8778277eceec68cfe56ca.map |    7 -
 .../main/webapp/public/css/blurconsole.css.map  |    2 +-
 blur-console/src/main/webapp/public/index.html  |    4 +-
 ...rconsole.30907698bb5cd04fc79379cdc68bf683.js |   27 +
 ...rconsole.3b2e36bed1188bf6d6709c238d901a2b.js |   27 -
 .../src/main/webapp/public/js/blurconsole.js    |    4 +-
 ...sole.js.13e45f7dcc18364f8967d5ac8cac7214.map |    1 +
 ...sole.js.256687eb5a2e118e9a09c90bbc929ecf.map |    1 -
 .../main/webapp/public/js/blurconsole.js.map    |    2 +-
 26 files changed, 13592 insertions(+), 116 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/JettyServer.java b/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
index 8b693cb..2bcbf88 100644
--- a/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
+++ b/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
@@ -17,10 +17,7 @@ package org.apache.blur.console;
  * limitations under the License.
  */
 
-import org.apache.blur.console.servlets.NodesServlet;
-import org.apache.blur.console.servlets.QueriesServlet;
-import org.apache.blur.console.servlets.SearchServlet;
-import org.apache.blur.console.servlets.TablesServlet;
+import org.apache.blur.console.servlets.*;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.mortbay.jetty.Server;
@@ -74,6 +71,7 @@ public class JettyServer {
 
 	    // for localhost:port/service/dashboard, etc.
 	    final Context context = new Context(server, "/service", Context.SESSIONS);
+        context.addServlet(new ServletHolder(new AuthServlet()), "/auth/*");
 	    context.addServlet(new ServletHolder(new NodesServlet()), "/nodes/*");
 	    context.addServlet(new ServletHolder(new TablesServlet()), "/tables/*");
 	    context.addServlet(new ServletHolder(new QueriesServlet()), "/queries/*");

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/model/User.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/model/User.java b/blur-console/src/main/java/org/apache/blur/console/model/User.java
new file mode 100644
index 0000000..2625f7f
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/model/User.java
@@ -0,0 +1,69 @@
+package org.apache.blur.console.model;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.List;
+
+public class User {
+    protected String authToken;
+    protected String name;
+    protected String email;
+    protected String password;
+    protected List<String> roles;
+
+    public String getAuthToken() {
+        return authToken;
+    }
+
+    public void setAuthToken(String authToken) {
+        this.authToken = authToken;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public List<String> getRoles() {
+        return roles;
+    }
+
+    public void setRoles(List<String> roles) {
+        this.roles = roles;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
b/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
new file mode 100644
index 0000000..6086a7e
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
@@ -0,0 +1,74 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+public class AllAllowedProvider implements IProvider {
+
+    @Override
+    public User login(HttpServletRequest request) {
+        return null;
+    }
+
+    @Override
+    public User getUser(String token) {
+        return null;
+    }
+
+    @Override
+    public User getUser(String token, HttpServletRequest request) {
+        return null;
+    }
+
+    @Override
+    public boolean isValidToken(String token, HttpServletRequest request) {
+        return true;
+    }
+
+    @Override
+    public boolean userHasRole(User user, String role) {
+        return false;
+    }
+
+    @Override
+    public void setupProvider(BlurConfiguration config) {
+
+    }
+
+    @Override
+    public Map<String, Map<String, Object>> getLoginFields() {
+        return null;
+    }
+
+    @Override
+    public boolean isLoginRequired() {
+        return false;
+    }
+
+    @Override
+    public boolean isRetryAllowed() {
+        return false;
+    }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java
new file mode 100644
index 0000000..9381a00
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java
@@ -0,0 +1,40 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+
+public interface IProvider {
+    public static final String INPUT_FIELD = "input";
+    public static final String PASSWORD_FIELD = "password";
+    public static final String BROWSER_PROVIDED = "browser";
+
+    public User login(HttpServletRequest request);
+    public User getUser(String token);
+    public User getUser(String token, HttpServletRequest request);
+    public boolean isValidToken(String token, HttpServletRequest request);
+    public boolean userHasRole(User user, String role);
+    public void setupProvider(BlurConfiguration config);
+    public Map<String, Map<String, Object>> getLoginFields();
+    public boolean isLoginRequired();
+    public boolean isRetryAllowed();
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
new file mode 100644
index 0000000..f47a183
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
@@ -0,0 +1,104 @@
+package org.apache.blur.console.servlets;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.console.model.User;
+import org.apache.blur.console.providers.IProvider;
+import org.apache.blur.console.util.Config;
+import org.apache.blur.console.util.HttpUtil;
+import org.apache.commons.lang.StringUtils;
+import org.codehaus.jackson.map.ObjectMapper;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public class AuthServlet extends BaseConsoleServlet {
+    private static final String LOGIN_STATUS_FIELD = "loggedIn";
+    private static final String LOGIN_FIELDS_FIELD = "requiredFields";
+    private static final String LOGIN_RETRY_ALLOWED = "retryAllowed";
+    private static final String AUTH_TOKEN = "authToken";
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
IOException {
+        String path = req.getPathInfo();
+
+        if (path == null) {
+            checkCurrentAuth(req, resp);
+        } else {
+            sendNotFound(resp, req.getRequestURI());
+        }
+    }
+
+    @Override
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
IOException {
+        String path = req.getPathInfo();
+
+        if ("login".equalsIgnoreCase(path)) {
+            loginUser(req, resp);
+        } else {
+            sendNotFound(resp, req.getRequestURI());
+        }
+    }
+
+    private void checkCurrentAuth(HttpServletRequest request, HttpServletResponse response)
throws IOException {
+        IProvider provider = Config.getProvider();
+        Map<String, Object> responseData = new HashMap<String, Object>();
+
+        if (provider.isLoginRequired()) {
+            String authToken = HttpUtil.getFirstParam(request.getParameterMap().get(AUTH_TOKEN));
+
+            if (StringUtils.isNotBlank(authToken) && provider.getUser(authToken,
request) != null) {
+                responseData.put(LOGIN_STATUS_FIELD, true);
+            } else {
+                responseData.put(LOGIN_STATUS_FIELD, false);
+                responseData.put(LOGIN_FIELDS_FIELD, provider.getLoginFields());
+            }
+        } else {
+            responseData.put(LOGIN_STATUS_FIELD, true);
+        }
+
+        HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(responseData),
HttpUtil.JSON);
+    }
+
+    private void loginUser(HttpServletRequest request, HttpServletResponse response) throws
IOException {
+        Map<String, Object> data = new HashMap<String, Object>();
+
+        IProvider provider = Config.getProvider();
+
+        User user = provider.login(request);
+
+        if (user == null) {
+            data.put(LOGIN_STATUS_FIELD, false);
+
+            boolean retry = provider.isRetryAllowed();
+            data.put(LOGIN_RETRY_ALLOWED, retry);
+            if (retry) {
+                data.put(LOGIN_FIELDS_FIELD, provider.getLoginFields());
+            }
+        } else {
+            data.put(AUTH_TOKEN, user.getAuthToken());
+            data.put("roles", user.getRoles());
+        }
+
+        HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(data), HttpUtil.JSON);
+    }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
index 86ba33a..c155813 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
@@ -23,12 +23,16 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.io.IOUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 
 public abstract class BaseConsoleServlet extends HttpServlet {
 	private static final long serialVersionUID = -5156028303476799953L;
+    private static final Log log = LogFactory.getLog(BaseConsoleServlet.class);
+    private static final String UNAUTHORIZED = "User is unauthorized to perform this action";
 
 	protected void sendError(HttpServletResponse response, Exception e) throws IOException {
-		e.printStackTrace();
+		log.error("Error processing request.", e);
 		String body = e.getMessage();
 		response.setContentType("application/json");
 		response.setContentLength(body.getBytes().length);
@@ -36,6 +40,13 @@ public abstract class BaseConsoleServlet extends HttpServlet {
 		IOUtils.write(body, response.getOutputStream());
 	}
 
+    protected void sendUnauthorized(HttpServletResponse response) throws IOException {
+        response.setContentType("application/json");
+        response.setContentLength(UNAUTHORIZED.getBytes().length);
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        IOUtils.write(UNAUTHORIZED, response.getOutputStream());
+    }
+
 	protected void sendGenericOk(HttpServletResponse response) throws IOException {
         String responseBody = "success";
 		response.setContentType("text/plain");
@@ -43,4 +54,9 @@ public abstract class BaseConsoleServlet extends HttpServlet {
 		response.setStatus(HttpServletResponse.SC_OK);
 		IOUtils.write(responseBody, response.getOutputStream());
 	}
+
+    protected void sendNotFound(HttpServletResponse response, String path) throws IOException
{
+        response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+        IOUtils.write("URL [" + path + "] doesn't exist", response.getOutputStream());
+    }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
b/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
index 2333bad..d2e1bd4 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
@@ -39,8 +39,7 @@ public class NodesServlet extends BaseConsoleServlet {
 		if (path == null) {
 			sendNodeStatus(res);
 		} else {
-			res.setStatus(HttpServletResponse.SC_NOT_FOUND);
-			IOUtils.write("Route [" + path + "] doesn't exist", res.getOutputStream());
+			sendNotFound(res, req.getRequestURI());
 		}
 	}
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
b/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
index 816d391..913c6de 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
@@ -47,8 +47,7 @@ public class QueriesServlet extends BaseConsoleServlet {
 		} else if ((m = queryCancelPattern.matcher(path)).matches()) {
 			cancelQuery(res, m.group(1), req.getParameter("table"));
 		} else {
-			res.setStatus(HttpServletResponse.SC_NOT_FOUND);
-			IOUtils.write("Route [" + path + "] doesn't exist", res.getOutputStream());
+			sendNotFound(res, req.getRequestURI());
 		}
 	}
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
index cf64515..54e73e1 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
@@ -41,8 +41,7 @@ public class SearchServlet extends BaseConsoleServlet {
 			String remoteHost = req.getRemoteHost();
 			search(res, req.getParameterMap(), remoteHost);
 		} else {
-			res.setStatus(HttpServletResponse.SC_NOT_FOUND);
-			IOUtils.write("Route [" + path + "] doesn't exist", res.getOutputStream());
+			sendNotFound(res, req.getRequestURI());
 		}
 	}
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
b/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
index 61983aa..2fb3ecd 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
@@ -31,7 +31,6 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.blur.console.util.HttpUtil;
 import org.apache.blur.console.util.TableUtil;
-import org.apache.commons.io.IOUtils;
 import org.codehaus.jackson.map.ObjectMapper;
 
 public class TablesServlet extends BaseConsoleServlet {
@@ -59,8 +58,7 @@ public class TablesServlet extends BaseConsoleServlet {
 		} else if ((m = tableDeletePattern.matcher(path)).matches()) {
 			delete(res, m.group(1), req.getParameter("includeFiles"));
 		} else {
-			res.setStatus(HttpServletResponse.SC_NOT_FOUND);
-			IOUtils.write("Route [" + path + "] doesn't exist", res.getOutputStream());
+			sendNotFound(res, req.getRequestURI());
 		}
 	}
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/util/Config.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/util/Config.java b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
index 20e37c8..d867e54 100644
--- a/blur-console/src/main/java/org/apache/blur/console/util/Config.java
+++ b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
@@ -25,6 +25,8 @@ import java.util.List;
 import java.util.Map;
 
 import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.providers.AllAllowedProvider;
+import org.apache.blur.console.providers.IProvider;
 import org.apache.blur.manager.clusterstatus.ZookeeperClusterStatus;
 import org.apache.blur.thrift.BlurClient;
 import org.apache.blur.thrift.generated.Blur.Iface;
@@ -49,7 +51,8 @@ public class Config {
 	private static ZookeeperClusterStatus zk;
 	private static String blurConnection;
 	private static Object cluster;
-	private static Map<String, String> globalUserProperties;
+	private static Map<String, Map<String, String>> globalUserProperties;
+    private static IProvider provider;
 
 	public static int getConsolePort() {
 		return port;
@@ -78,6 +81,7 @@ public class Config {
 		blurConnection = buildConnectionString();
 		port = blurConfig.getInt("blur.console.port", DEFAULT_PORT);
 		parseSecurity();
+        setupProvider();
 	}
 
 	private static void parseSecurity() {
@@ -87,8 +91,8 @@ public class Config {
 			JsonFactory factory = new JsonFactory();
 		    ObjectMapper mapper = new ObjectMapper(factory);
 		    File from = new File(securityFile);
-		    TypeReference<Map<String, String>> typeRef
-		            = new TypeReference<Map<String, String>>() { };
+		    TypeReference<Map<String, Map<String, String>>> typeRef
+		            = new TypeReference<Map<String, Map<String, String>>>() {
};
 
 		    try {
 				globalUserProperties = mapper.readValue(from, typeRef);
@@ -99,6 +103,22 @@ public class Config {
 		}
 	}
 
+    private static void setupProvider() {
+        String providerClassName = blurConfig.get("blur.console.auth.provider", "org.apache.blur.console.providers.AllAllowedProvider");
+
+        try {
+            Class providerClass = Class.forName(providerClassName, false, Config.class.getClassLoader());
+
+            if (providerClass != null) {
+                provider = (IProvider) providerClass.newInstance();
+                provider.setupProvider(blurConfig);
+            }
+        } catch (Exception e) {
+            log.fatal("Unable to setup provider [" + providerClassName + "]. Reverting to
default.");
+            provider = new AllAllowedProvider();
+        }
+    }
+
 	public static String getConnectionString() throws IOException {
 		return blurConnection;
 	}
@@ -149,17 +169,21 @@ public class Config {
 	    }
 	}
 
-	public static Iface getClient(String username) throws IOException {
+	public static Iface getClient(String username, String securityUser) throws IOException {
 		Iface client = BlurClient.getClient(getConnectionString());
 
-		if (globalUserProperties != null) {
-			UserContext.setUser(new User(username, globalUserProperties));
+		if (globalUserProperties != null && globalUserProperties.get(securityUser) != null)
{
+			UserContext.setUser(new User(username, globalUserProperties.get(securityUser)));
 		}
 
 		return client;
 	}
 
-  public static boolean isClusterSetup() {
-    return cluster != null;
-  }
+    public static boolean isClusterSetup() {
+        return cluster != null;
+    }
+
+    public static IProvider getProvider() {
+        return provider;
+    }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/util/HttpUtil.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/util/HttpUtil.java b/blur-console/src/main/java/org/apache/blur/console/util/HttpUtil.java
index 1a9253b..32690e5 100644
--- a/blur-console/src/main/java/org/apache/blur/console/util/HttpUtil.java
+++ b/blur-console/src/main/java/org/apache/blur/console/util/HttpUtil.java
@@ -33,4 +33,11 @@ public class HttpUtil {
 		res.setStatus(HttpServletResponse.SC_OK);
 		IOUtils.write(body, res.getOutputStream());
 	}
+
+    public static String getFirstParam(String[] param) {
+        if (param == null || param.length == 0) {
+            return "";
+        }
+        return param[0];
+    }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/f6b19a9f/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java b/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
index f932bb2..4eccab9 100644
--- a/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
+++ b/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
@@ -53,28 +53,29 @@ public class SearchUtil {
 	private static final String RECORD_RECORD_OPTION = "recordrecord";
 
 	public static Map<String, Object> search(Map<String, String[]> params, String
remoteHost) throws IOException, TException {
-		String table = params.get("table")[0];
-		String query = params.get("query")[0];
-		String rowQuery = params.get("rowRecordOption")[0];
-		String start = params.get("start")[0];
-		String fetch = params.get("fetch")[0];
+		String table = HttpUtil.getFirstParam(params.get("table"));
+		String query = HttpUtil.getFirstParam(params.get("query"));
+		String rowQuery = HttpUtil.getFirstParam(params.get("rowRecordOption"));
+		String start = HttpUtil.getFirstParam(params.get("start"));
+		String fetch = HttpUtil.getFirstParam(params.get("fetch"));
 		String[] families = params.get("families[]");
+        String securityUser = HttpUtil.getFirstParam(params.get("securityUser"));
 
 		if (query.indexOf("rowid:") >= 0) {
-			return fetchRow(table, query, families, remoteHost);
+			return fetchRow(table, query, families, remoteHost, securityUser);
 		}
 
 		if (families == null || families.length == 0) {
-			return fullTextSearch(table, query, remoteHost);
+			return fullTextSearch(table, query, remoteHost, securityUser);
 		}
 
-		return searchAndFetch(table, query, rowQuery, start, fetch, families, remoteHost);
+		return searchAndFetch(table, query, rowQuery, start, fetch, families, remoteHost, securityUser);
 	}
 
 	@SuppressWarnings({ "unchecked", "rawtypes" })
-	private static Map<String, Object> searchAndFetch(String table, String query, String
rowQuery, String start, String fetch, String[] families, String remoteHost) throws IOException,
TException {
+	private static Map<String, Object> searchAndFetch(String table, String query, String
rowQuery, String start, String fetch, String[] families, String remoteHost, String securityUser)
throws IOException, TException {
 		try {
-			Iface client = Config.getClient(remoteHost);
+			Iface client = Config.getClient(remoteHost, securityUser);
 
 			boolean recordsOnly = RECORD_RECORD_OPTION.equalsIgnoreCase(rowQuery);
 
@@ -84,6 +85,7 @@ public class SearchUtil {
 			blurQuery.setQuery(q);
 			blurQuery.setStart(Long.parseLong(start));
 			blurQuery.setFetch(Integer.parseInt(fetch));
+            blurQuery.setUserContext(remoteHost);
 
 			Selector s = new Selector();
 			s.setRecordOnly(recordsOnly);
@@ -138,14 +140,15 @@ public class SearchUtil {
 		}
 	}
 
-	private static Map<String, Object> fullTextSearch(String table, String query, String
remoteHost) throws IOException, TException {
+	private static Map<String, Object> fullTextSearch(String table, String query, String
remoteHost, String securityUser) throws IOException, TException {
 		try {
-			Iface client = Config.getClient(remoteHost);
+			Iface client = Config.getClient(remoteHost, securityUser);
 
 			BlurQuery blurQuery = new BlurQuery();
 
 			Query q = new Query(query, true, ScoreType.SUPER, null, null);
 			blurQuery.setQuery(q);
+            blurQuery.setUserContext(remoteHost);
 			BlurResults blurResults = client.query(table, blurQuery);
 
 			Map<String, Object> results = new HashMap<String, Object>();
@@ -157,9 +160,9 @@ public class SearchUtil {
 	}
 
 	@SuppressWarnings({ "unchecked", "rawtypes" })
-	private static Map<String, Object> fetchRow(String table, String query, String[] families,
String remoteHost) throws IOException, TException {
+	private static Map<String, Object> fetchRow(String table, String query, String[] families,
String remoteHost, String securityUser) throws IOException, TException {
 		try {
-			Iface client = Config.getClient(remoteHost);
+			Iface client = Config.getClient(remoteHost, securityUser);
 
 			Selector selector = new Selector();
 			String rowid = StringUtils.remove(query, "rowid:");


Mime
View raw message