incubator-blur-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cr...@apache.org
Subject [01/18] git commit: implemented security through providers
Date Tue, 15 Jul 2014 21:27:22 GMT
Repository: incubator-blur
Updated Branches:
  refs/heads/apache-blur-0.2 6a5f5b726 -> a560afccd


implemented security through providers

Signed-off-by: Chris Rohr <rohr.chris@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-blur/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-blur/commit/c9dafa19
Tree: http://git-wip-us.apache.org/repos/asf/incubator-blur/tree/c9dafa19
Diff: http://git-wip-us.apache.org/repos/asf/incubator-blur/diff/c9dafa19

Branch: refs/heads/apache-blur-0.2
Commit: c9dafa196f9ebc5c30d109d99626aa16f176c2dd
Parents: 6a5f5b7
Author: Andrew Avenoso <andrew.va@gmail.com>
Authored: Mon Jul 14 17:49:01 2014 -0400
Committer: Chris Rohr <rohr.chris@gmail.com>
Committed: Tue Jul 15 16:26:47 2014 -0400

----------------------------------------------------------------------
 blur-console/pom.xml                            |   9 +-
 .../org/apache/blur/console/JettyServer.java    |  14 ++-
 .../console/filters/ForbiddenException.java     |  21 ++++
 .../blur/console/filters/LoggedInFilter.java    |  72 ++++++++++++
 .../console/filters/UnauthorizedException.java  |  21 ++++
 .../org/apache/blur/console/model/User.java     |  52 ++++-----
 .../console/providers/AllAllowedProvider.java   |  55 +++------
 .../blur/console/providers/BaseProvider.java    |  76 +++++++++++++
 .../blur/console/providers/IProvider.java       |  48 --------
 .../console/providers/TomcatUsersProvider.java  | 105 +++++++++++++++++
 .../blur/console/servlets/AuthServlet.java      |  63 ++++------
 .../console/servlets/BaseConsoleServlet.java    |  27 +++--
 .../blur/console/servlets/NodesServlet.java     |   5 +-
 .../blur/console/servlets/QueriesServlet.java   |  15 ++-
 .../blur/console/servlets/SearchServlet.java    |   9 +-
 .../blur/console/servlets/TablesServlet.java    |  29 +++--
 .../org/apache/blur/console/util/Config.java    |  71 ++++++------
 blur-console/src/main/webapp/Gruntfile.js       |   2 +-
 blur-console/src/main/webapp/index.html         |   8 +-
 .../src/main/webapp/js/blurconsole.auth.js      | 114 +++++++++++++++++++
 .../src/main/webapp/js/blurconsole.data.js      |  31 ++---
 blur-console/src/main/webapp/js/blurconsole.js  |   7 +-
 .../src/main/webapp/js/blurconsole.queries.js   |   2 +-
 .../src/main/webapp/js/blurconsole.schema.js    |   2 +-
 .../src/main/webapp/js/blurconsole.shell.js     |  17 +++
 .../src/main/webapp/js/blurconsole.tables.js    |  10 +-
 .../src/main/webapp/less/blurconsole.auth.less  |  27 +++++
 .../src/main/webapp/less/blurconsole.less       |   1 +
 .../src/main/webapp/less/blurconsole.shell.less |   1 +
 .../apache/blur/console/ConsoleTestBase.java    |   2 +-
 .../apache/blur/console/util/ConfigTest.java    |   2 +-
 .../apache/blur/console/util/NodeUtilTest.java  |   2 +-
 .../apache/blur/console/util/QueryUtilTest.java |   2 +-
 .../apache/blur/console/util/TableUtilTest.java |   6 +-
 34 files changed, 663 insertions(+), 265 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/pom.xml
----------------------------------------------------------------------
diff --git a/blur-console/pom.xml b/blur-console/pom.xml
index 352703e..920eaa8 100644
--- a/blur-console/pom.xml
+++ b/blur-console/pom.xml
@@ -53,12 +53,17 @@
     <dependency>
       <groupId>org.codehaus.jackson</groupId>
       <artifactId>jackson-mapper-asl</artifactId>
-      <version>1.8.1</version>
+      <version>1.8.8</version>
     </dependency>
     <dependency>
       <groupId>org.codehaus.jackson</groupId>
       <artifactId>jackson-core-asl</artifactId>
-      <version>1.8.1</version>
+      <version>1.8.8</version>
+    </dependency>
+    <dependency>
+      <groupId>jdom</groupId>
+      <artifactId>jdom</artifactId>
+      <version>1.1</version>
     </dependency>
 
     <!-- Test Dependancies -->

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/JettyServer.java b/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
index 30b1563..ed9a26d 100644
--- a/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
+++ b/blur-console/src/main/java/org/apache/blur/console/JettyServer.java
@@ -17,12 +17,13 @@ package org.apache.blur.console;
  * limitations under the License.
  */
 
+import org.apache.blur.console.filters.LoggedInFilter;
 import org.apache.blur.console.servlets.*;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.mortbay.jetty.Handler;
 import org.mortbay.jetty.Server;
 import org.mortbay.jetty.servlet.Context;
-import org.mortbay.jetty.servlet.ServletHolder;
 import org.mortbay.jetty.webapp.WebAppContext;
 
 import java.io.File;
@@ -73,11 +74,12 @@ public class JettyServer {
 
     // for localhost:port/service/dashboard, etc.
     final Context context = new Context(server, "/service", Context.SESSIONS);
-    context.addServlet(new ServletHolder(new AuthServlet()), "/auth/*");
-    context.addServlet(new ServletHolder(new NodesServlet()), "/nodes/*");
-    context.addServlet(new ServletHolder(new TablesServlet()), "/tables/*");
-    context.addServlet(new ServletHolder(new QueriesServlet()), "/queries/*");
-    context.addServlet(new ServletHolder(new SearchServlet()), "/search/*");
+    context.addServlet(AuthServlet.class, "/auth/*");
+    context.addServlet(NodesServlet.class, "/nodes/*");
+    context.addServlet(TablesServlet.class, "/tables/*");
+    context.addServlet(QueriesServlet.class, "/queries/*");
+    context.addServlet(SearchServlet.class, "/search/*");
+    context.addFilter(LoggedInFilter.class, "/*", Handler.REQUEST);
 
     System.out.println("started server on http://localhost:" + port + CONTEXTPATH);
     try {

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/filters/ForbiddenException.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/filters/ForbiddenException.java b/blur-console/src/main/java/org/apache/blur/console/filters/ForbiddenException.java
new file mode 100644
index 0000000..a5f9d11
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/filters/ForbiddenException.java
@@ -0,0 +1,21 @@
+package org.apache.blur.console.filters;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+public class ForbiddenException extends RuntimeException {
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/filters/LoggedInFilter.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/filters/LoggedInFilter.java b/blur-console/src/main/java/org/apache/blur/console/filters/LoggedInFilter.java
new file mode 100644
index 0000000..bc2f4dc
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/filters/LoggedInFilter.java
@@ -0,0 +1,72 @@
+package org.apache.blur.console.filters;
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import org.apache.blur.console.model.User;
+import org.apache.commons.io.IOUtils;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+public class LoggedInFilter implements Filter {
+
+  private static final String UNAUTHORIZED = "User is unauthorized (not logged in)";
+  private static final String FORBIDDEN = "User is forbidden from performing this action";
+
+  @Override
+  public void init(FilterConfig filterConfig) throws ServletException {
+  }
+
+  @Override
+  public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+    HttpServletRequest request = (HttpServletRequest) servletRequest;
+    HttpSession session = request.getSession();
+    String path = request.getServletPath();
+    User user = (User) session.getAttribute("user");
+    if(path.startsWith("/auth") || user != null) {
+      try {
+        filterChain.doFilter(servletRequest, servletResponse);
+      } catch(UnauthorizedException e) {
+        sendUnauthorized((HttpServletResponse) servletResponse);
+      } catch(ForbiddenException e) {
+        sendForbidden((HttpServletResponse) servletResponse);
+      }
+    } else {
+      sendUnauthorized((HttpServletResponse) servletResponse);
+    }
+  }
+
+  protected void sendUnauthorized(HttpServletResponse response) throws IOException {
+    response.setContentType("application/json");
+    response.setContentLength(UNAUTHORIZED.getBytes().length);
+    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+    IOUtils.write(UNAUTHORIZED, response.getOutputStream());
+  }
+
+  protected void sendForbidden(HttpServletResponse response) throws IOException {
+    response.setContentType("application/json");
+    response.setContentLength(FORBIDDEN.getBytes().length);
+    response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+    IOUtils.write(FORBIDDEN, response.getOutputStream());
+  }
+
+  @Override
+  public void destroy() {
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/filters/UnauthorizedException.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/filters/UnauthorizedException.java b/blur-console/src/main/java/org/apache/blur/console/filters/UnauthorizedException.java
new file mode 100644
index 0000000..4958da8
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/filters/UnauthorizedException.java
@@ -0,0 +1,21 @@
+package org.apache.blur.console.filters;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+public class UnauthorizedException extends RuntimeException {
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/model/User.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/model/User.java b/blur-console/src/main/java/org/apache/blur/console/model/User.java
index 5165e62..4f0e9b3 100644
--- a/blur-console/src/main/java/org/apache/blur/console/model/User.java
+++ b/blur-console/src/main/java/org/apache/blur/console/model/User.java
@@ -17,53 +17,45 @@ package org.apache.blur.console.model;
  * limitations under the License.
  */
 
-import java.util.List;
+import java.util.Collection;
 
 public class User {
-  protected String authToken;
+
+  public static final String ADMIN_ROLE = "admin"; // can do everything
+  public static final String SEARCHER_ROLE = "searcher"; // reader + can query
+  public static final String MANAGER_ROLE = "manager"; // searcher + destructive actions
+
   protected String name;
-  protected String email;
-  protected String password;
-  protected List<String> roles;
 
-  public String getAuthToken() {
-    return authToken;
-  }
+  protected String email;
 
-  public void setAuthToken(String authToken) {
-    this.authToken = authToken;
-  }
+  protected Collection<String> roles;
 
   public String getName() {
     return name;
   }
 
-  public void setName(String name) {
-    this.name = name;
-  }
-
   public String getEmail() {
     return email;
   }
 
-  public void setEmail(String email) {
-    this.email = email;
-  }
-
-  public String getPassword() {
-    return password;
-  }
-
-  public void setPassword(String password) {
-    this.password = password;
-  }
-
-  public List<String> getRoles() {
+  public Collection<String> getRoles() {
     return roles;
   }
 
-  public void setRoles(List<String> roles) {
-    this.roles = roles;
+  public boolean hasRole(String role) {
+    if(roles != null && !roles.isEmpty()) {
+      if (roles.contains(ADMIN_ROLE)) {
+        return true;
+      }
+      if(MANAGER_ROLE.equals(role) && roles.contains(MANAGER_ROLE)) {
+        return true;
+      }
+      if(SEARCHER_ROLE.equals(role) && (roles.contains(MANAGER_ROLE) || roles.contains(SEARCHER_ROLE))) {
+        return true;
+      }
+    }
+    return false;
   }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
index fced5fe..eb8c99d 100644
--- a/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
@@ -21,52 +21,25 @@ import org.apache.blur.BlurConfiguration;
 import org.apache.blur.console.model.User;
 
 import javax.servlet.http.HttpServletRequest;
-import java.util.Map;
+import java.util.Arrays;
+import java.util.List;
 
-public class AllAllowedProvider implements IProvider {
+public class AllAllowedProvider extends BaseProvider {
+  private static class AllAllowedUser extends User {
 
-  @Override
-  public User login(HttpServletRequest request) {
-    return null;
-  }
-
-  @Override
-  public User getUser(String token) {
-    return null;
-  }
-
-  @Override
-  public User getUser(String token, HttpServletRequest request) {
-    return null;
-  }
-
-  @Override
-  public boolean isValidToken(String token, HttpServletRequest request) {
-    return true;
-  }
+    private String password;
 
-  @Override
-  public boolean userHasRole(User user, String role) {
-    return false;
-  }
-
-  @Override
-  public void setupProvider(BlurConfiguration config) {
-
-  }
+    public AllAllowedUser() {
+      this.name = "User";
+      this.roles = Arrays.asList(ADMIN_ROLE);
+    }
 
-  @Override
-  public Map<String, Map<String, Object>> getLoginFields() {
-    return null;
-  }
-
-  @Override
-  public boolean isLoginRequired() {
-    return false;
+    private boolean checkPassword(String passwd) {
+      return password.equals(passwd);
+    }
   }
-
   @Override
-  public boolean isRetryAllowed() {
-    return false;
+  public User login(HttpServletRequest request) {
+    return new AllAllowedUser();
   }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java
new file mode 100644
index 0000000..9d520f9
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java
@@ -0,0 +1,76 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+import java.io.FileNotFoundException;
+import java.util.*;
+
+/**
+ * Custom providers should extend this and override the methods
+ * This provider does not allow anybody in
+ */
+public class BaseProvider {
+
+  private Map<String, String> roleMapping;
+
+  public User login(HttpServletRequest request) {
+    return null;
+  }
+
+  public final void setupProvider(BlurConfiguration config) throws Exception {
+    setupRoleMapping(config);
+    setupProviderInternal(config);
+  }
+
+  private void setupRoleMapping(BlurConfiguration config) {
+    roleMapping = new HashMap<String, String>();
+    List<String> roles = Arrays.asList(User.ADMIN_ROLE, User.MANAGER_ROLE, User.SEARCHER_ROLE);
+    for(String role: roles) {
+      String configRoles = config.get("blur.console.auth.provider.roles." + role, role);
+      String[] splitRoles = configRoles.split(",");
+      for(String splitRole: splitRoles) {
+        roleMapping.put(splitRole, role);
+      }
+    }
+  }
+
+  protected void setupProviderInternal(BlurConfiguration config) throws Exception {
+
+  }
+
+  public String getLoginForm() {
+    return null;
+  }
+
+  protected Collection<String> mapRoles(Collection<String> roles) {
+    if(roles != null) {
+      Collection<String> mappedRoles = new ArrayList<String>(roles.size());
+      for(String role: roles) {
+        if (roleMapping.containsKey(role)) {
+          mappedRoles.add(roleMapping.get(role));
+        }
+      }
+      return mappedRoles;
+    }
+    return null;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java
deleted file mode 100644
index 02e0baa..0000000
--- a/blur-console/src/main/java/org/apache/blur/console/providers/IProvider.java
+++ /dev/null
@@ -1,48 +0,0 @@
-package org.apache.blur.console.providers;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.apache.blur.BlurConfiguration;
-import org.apache.blur.console.model.User;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.Map;
-
-public interface IProvider {
-  public static final String INPUT_FIELD = "input";
-  public static final String PASSWORD_FIELD = "password";
-  public static final String BROWSER_PROVIDED = "browser";
-
-  public User login(HttpServletRequest request);
-
-  public User getUser(String token);
-
-  public User getUser(String token, HttpServletRequest request);
-
-  public boolean isValidToken(String token, HttpServletRequest request);
-
-  public boolean userHasRole(User user, String role);
-
-  public void setupProvider(BlurConfiguration config);
-
-  public Map<String, Map<String, Object>> getLoginFields();
-
-  public boolean isLoginRequired();
-
-  public boolean isRetryAllowed();
-}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java
new file mode 100644
index 0000000..412f78c
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java
@@ -0,0 +1,105 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+import org.jdom.Document;
+import org.jdom.Element;
+import org.jdom.JDOMException;
+import org.jdom.input.SAXBuilder;
+
+import javax.servlet.http.HttpServletRequest;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.Reader;
+import java.util.*;
+
+/**
+ * Provider that reads from a tomcat-users.xml file
+ * config blur.console.auth.provider.tomcat.usersfile to point to the xml file
+ * This file gets read once at startup
+ */
+public class TomcatUsersProvider extends BaseProvider {
+
+  private static class TomcatUser extends User {
+
+    private String password;
+
+    public TomcatUser(String name, String password, Collection<String> roles) {
+      this.name = name;
+      this.password = password;
+      this.roles = roles;
+    }
+
+    private boolean checkPassword(String passwd) {
+      return password.equals(passwd);
+    }
+  }
+
+  private Map<String, TomcatUser> users = new HashMap<String, TomcatUser>();
+
+  @Override
+  public User login(HttpServletRequest request) {
+    Map<String, String[]> parameters = request.getParameterMap();
+    String[] usernames = parameters.get("username");
+    String[] passwords = parameters.get("password");
+    if (usernames != null && usernames.length > 0 && passwords != null && passwords.length > 0) {
+      String username = usernames[0];
+      String password = passwords[0];
+      TomcatUser user = users.get(username);
+      if (user != null && user.checkPassword(password)) {
+        return user;
+      }
+    }
+    return null;
+  }
+
+  @Override
+  protected void setupProviderInternal(BlurConfiguration config) throws IOException, JDOMException {
+    String usersFile = config.get("blur.console.auth.provider.tomcat.usersfile");
+    SAXBuilder builder = new SAXBuilder();
+    Reader in = new FileReader(usersFile);
+    Document doc = builder.build(in);
+    Element root = doc.getRootElement();
+    List<Element> xmlUsers = root.getChildren("user");
+    for (Element user : xmlUsers) {
+      String username = user.getAttribute("username").getValue();
+      String password = user.getAttribute("password").getValue();
+      String roles = user.getAttribute("roles").getValue();
+      Collection<String> splitRoles = Arrays.asList(roles.split(","));
+      users.put(username, new TomcatUser(username, password, mapRoles(splitRoles)));
+    }
+  }
+
+  @Override
+  public String getLoginForm() {
+    String html = "<form>" +
+      "<div class=\"form-group\">" +
+      "<label for=\"username\">Username</label>" +
+      "<input name=\"username\" class=\"form-control\"/>" +
+      "</div>" +
+      "<div class=\"form-group\">" +
+      "<label for=\"password\">Password</label>" +
+      "<input type=\"password\" name=\"password\" class=\"form-control\"/>" +
+      "</div>" +
+      "<button type=\"submit\" class=\"btn btn-default\">Submit</button>" +
+      "</form>";
+    return html;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
index 5646b56..9dbe7ec 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
@@ -18,31 +18,28 @@ package org.apache.blur.console.servlets;
  */
 
 import org.apache.blur.console.model.User;
-import org.apache.blur.console.providers.IProvider;
+import org.apache.blur.console.providers.BaseProvider;
 import org.apache.blur.console.util.Config;
 import org.apache.blur.console.util.HttpUtil;
-import org.apache.commons.lang.StringUtils;
 import org.codehaus.jackson.map.ObjectMapper;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
 
 public class AuthServlet extends BaseConsoleServlet {
   private static final String LOGIN_STATUS_FIELD = "loggedIn";
-  private static final String LOGIN_FIELDS_FIELD = "requiredFields";
-  private static final String LOGIN_RETRY_ALLOWED = "retryAllowed";
-  private static final String AUTH_TOKEN = "authToken";
+  private static final String LOGIN_FORM_FIELD = "formHtml";
+  private static final String USER_FIELD = "user";
 
   @Override
   protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
     String path = req.getPathInfo();
-    if (path == null) {
-      checkCurrentAuth(req, resp);
-    } else if ("/securityUsers".equalsIgnoreCase(path)) {
+    if ("/securityUsers".equalsIgnoreCase(path)) {
       getSecurityUsers(req, resp);
     } else {
       sendNotFound(resp, req.getRequestURI());
@@ -52,7 +49,7 @@ public class AuthServlet extends BaseConsoleServlet {
   @Override
   protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
     String path = req.getPathInfo();
-    if ("login".equalsIgnoreCase(path)) {
+    if ("/login".equalsIgnoreCase(path)) {
       loginUser(req, resp);
     } else {
       sendNotFound(resp, req.getRequestURI());
@@ -65,46 +62,26 @@ public class AuthServlet extends BaseConsoleServlet {
     HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(responseData), HttpUtil.JSON);
   }
 
-  private void checkCurrentAuth(HttpServletRequest request, HttpServletResponse response) throws IOException {
-    IProvider provider = Config.getProvider();
+  private void loginUser(HttpServletRequest request, HttpServletResponse response) throws IOException {
     Map<String, Object> responseData = new HashMap<String, Object>();
-
-    if (provider.isLoginRequired()) {
-      String authToken = HttpUtil.getFirstParam((String[]) request.getParameterMap().get(AUTH_TOKEN));
-
-      if (StringUtils.isNotBlank(authToken) && provider.getUser(authToken, request) != null) {
-        responseData.put(LOGIN_STATUS_FIELD, true);
-      } else {
-        responseData.put(LOGIN_STATUS_FIELD, false);
-        responseData.put(LOGIN_FIELDS_FIELD, provider.getLoginFields());
-      }
-    } else {
-      responseData.put(LOGIN_STATUS_FIELD, true);
+    HttpSession session = request.getSession();
+    User user = (User) session.getAttribute("user");
+    BaseProvider provider = Config.getProvider();
+    if(user == null) {
+      user = provider.login(request);
     }
-
-    HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(responseData), HttpUtil.JSON);
-  }
-
-  private void loginUser(HttpServletRequest request, HttpServletResponse response) throws IOException {
-    Map<String, Object> data = new HashMap<String, Object>();
-
-    IProvider provider = Config.getProvider();
-
-    User user = provider.login(request);
-
     if (user == null) {
-      data.put(LOGIN_STATUS_FIELD, false);
-
-      boolean retry = provider.isRetryAllowed();
-      data.put(LOGIN_RETRY_ALLOWED, retry);
-      if (retry) {
-        data.put(LOGIN_FIELDS_FIELD, provider.getLoginFields());
+      responseData.put(LOGIN_STATUS_FIELD, false);
+      String form = provider.getLoginForm();
+      if (form != null) {
+        responseData.put(LOGIN_FORM_FIELD, form);
       }
     } else {
-      data.put(AUTH_TOKEN, user.getAuthToken());
-      data.put("roles", user.getRoles());
+      responseData.put(LOGIN_STATUS_FIELD, true);
+      responseData.put(USER_FIELD, user);
+      session.setAttribute("user", user);
     }
 
-    HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(data), HttpUtil.JSON);
+    HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(responseData), HttpUtil.JSON);
   }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
index dbda765..81ff64a 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
@@ -17,18 +17,22 @@ package org.apache.blur.console.servlets;
  * limitations under the License.
  */
 
+import org.apache.blur.console.filters.ForbiddenException;
+import org.apache.blur.console.filters.UnauthorizedException;
+import org.apache.blur.console.model.User;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.io.IOException;
 
 public abstract class BaseConsoleServlet extends HttpServlet {
   private static final long serialVersionUID = -5156028303476799953L;
   private static final Log log = LogFactory.getLog(BaseConsoleServlet.class);
-  private static final String UNAUTHORIZED = "User is unauthorized to perform this action";
 
   protected void sendError(HttpServletResponse response, Exception e) throws IOException {
     log.error("Error processing request.", e);
@@ -39,13 +43,6 @@ public abstract class BaseConsoleServlet extends HttpServlet {
     IOUtils.write(body, response.getOutputStream());
   }
 
-  protected void sendUnauthorized(HttpServletResponse response) throws IOException {
-    response.setContentType("application/json");
-    response.setContentLength(UNAUTHORIZED.getBytes().length);
-    response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-    IOUtils.write(UNAUTHORIZED, response.getOutputStream());
-  }
-
   protected void sendGenericOk(HttpServletResponse response) throws IOException {
     String responseBody = "success";
     response.setContentType("text/plain");
@@ -58,4 +55,18 @@ public abstract class BaseConsoleServlet extends HttpServlet {
     response.setStatus(HttpServletResponse.SC_NOT_FOUND);
     IOUtils.write("URL [" + path + "] doesn't exist", response.getOutputStream());
   }
+
+  protected void authorize(HttpServletRequest request, String... roles) {
+    HttpSession session = request.getSession();
+    User user = (User) session.getAttribute("user");
+    if(user == null) {
+      throw new UnauthorizedException();
+    }
+    for(String role: roles) {
+      if(user.hasRole(role)){
+        return;
+      }
+    }
+    throw new ForbiddenException();
+  }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
index 1941ffd..2455a7c 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/NodesServlet.java
@@ -17,6 +17,7 @@ package org.apache.blur.console.servlets;
  * limitations under the License.
  */
 
+import org.apache.blur.console.model.User;
 import org.apache.blur.console.util.HttpUtil;
 import org.apache.blur.console.util.NodeUtil;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -35,13 +36,13 @@ public class NodesServlet extends BaseConsoleServlet {
   protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
     String path = req.getPathInfo();
     if (path == null) {
-      sendNodeStatus(res);
+      sendNodeStatus(req, res);
     } else {
       sendNotFound(res, req.getRequestURI());
     }
   }
 
-  private void sendNodeStatus(HttpServletResponse response) throws IOException {
+  private void sendNodeStatus(HttpServletRequest request, HttpServletResponse response) throws IOException {
     Map<String, Object> nodeData = new HashMap<String, Object>();
 
     try {

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
index bc0c896..99101d4 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/QueriesServlet.java
@@ -17,6 +17,7 @@ package org.apache.blur.console.servlets;
  * limitations under the License.
  */
 
+import org.apache.blur.console.model.User;
 import org.apache.blur.console.util.HttpUtil;
 import org.apache.blur.console.util.QueryUtil;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -39,17 +40,17 @@ public class QueriesServlet extends BaseConsoleServlet {
     String path = req.getPathInfo();
     Matcher m;
     if (path == null) {
-      sendQueries(res);
+      sendQueries(req, res);
     } else if ("/performance".equalsIgnoreCase(path)) {
-      sendCurrentQueryCount(res);
+      sendCurrentQueryCount(req, res);
     } else if ((m = queryCancelPattern.matcher(path)).matches()) {
-      cancelQuery(res, m.group(1), req.getParameter("table"));
+      cancelQuery(req, res, m.group(1));
     } else {
       sendNotFound(res, req.getRequestURI());
     }
   }
 
-  private void sendCurrentQueryCount(HttpServletResponse response) throws IOException {
+  private void sendCurrentQueryCount(HttpServletRequest request, HttpServletResponse response) throws IOException {
     int count;
     try {
       count = QueryUtil.getCurrentQueryCount();
@@ -63,7 +64,7 @@ public class QueriesServlet extends BaseConsoleServlet {
     HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(count), HttpUtil.JSON);
   }
 
-  private void sendQueries(HttpServletResponse response) throws IOException {
+  private void sendQueries(HttpServletRequest request, HttpServletResponse response) throws IOException {
     Map<String, Object> queries = new HashMap<String, Object>();
     try {
       queries = QueryUtil.getQueries();
@@ -77,7 +78,9 @@ public class QueriesServlet extends BaseConsoleServlet {
     HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(queries), HttpUtil.JSON);
   }
 
-  private void cancelQuery(HttpServletResponse response, String uuid, String table) throws IOException {
+  private void cancelQuery(HttpServletRequest request, HttpServletResponse response, String uuid) throws IOException {
+    authorize(request, User.MANAGER_ROLE);
+    String table = request.getParameter("table");
     try {
       QueryUtil.cancelQuery(table, uuid);
     } catch (IOException e) {

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
index 866ac9a..31a6c0c 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
@@ -17,6 +17,7 @@ package org.apache.blur.console.servlets;
  * limitations under the License.
  */
 
+import org.apache.blur.console.model.User;
 import org.apache.blur.console.util.HttpUtil;
 import org.apache.blur.console.util.SearchUtil;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -36,14 +37,16 @@ public class SearchServlet extends BaseConsoleServlet {
   protected void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
     String path = req.getPathInfo();
     if (path == null) {
-      String remoteHost = req.getRemoteHost();
-      search(res, req.getParameterMap(), remoteHost);
+      search(req, res);
     } else {
       sendNotFound(res, req.getRequestURI());
     }
   }
 
-  private void search(HttpServletResponse res, Map<String, String[]> params, String remoteHost) throws IOException {
+  private void search(HttpServletRequest req, HttpServletResponse res) throws IOException {
+    authorize(req, User.SEARCHER_ROLE);
+    Map<String, String[]> params =req.getParameterMap();
+    String remoteHost =req.getRemoteHost();
     Map<String, Object> results = new HashMap<String, Object>();
     try {
       results = SearchUtil.search(params, remoteHost);

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
index 2f211d8..856d6c0 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/TablesServlet.java
@@ -17,6 +17,7 @@ package org.apache.blur.console.servlets;
  * limitations under the License.
  */
 
+import org.apache.blur.console.model.User;
 import org.apache.blur.console.util.HttpUtil;
 import org.apache.blur.console.util.TableUtil;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -45,24 +46,24 @@ public class TablesServlet extends BaseConsoleServlet {
     String path = req.getPathInfo();
     Matcher m;
     if (path == null) {
-      summary(res);
+      summary(req, res);
     } else if ((m = tableSchemaPattern.matcher(path)).matches()) {
-      schema(res, m.group(1));
+      schema(req, res, m.group(1));
     } else if ((m = tableTermsPattern.matcher(path)).matches()) {
-      terms(res, m.group(1), m.group(2), m.group(3), req.getParameter("startsWith"));
+      terms(req, res, m.group(1), m.group(2), m.group(3), req.getParameter("startsWith"));
     } else if ((m = tableEnablePattern.matcher(path)).matches()) {
-      enable(res, m.group(1));
+      enable(req, res, m.group(1));
     } else if ((m = tableDisablePattern.matcher(path)).matches()) {
-      disable(res, m.group(1));
+      disable(req, res, m.group(1));
     } else if ((m = tableDeletePattern.matcher(path)).matches()) {
-      delete(res, m.group(1), req.getParameter("includeFiles"));
+      delete(req, res, m.group(1), req.getParameter("includeFiles"));
     } else {
       sendNotFound(res, req.getRequestURI());
     }
   }
 
   @SuppressWarnings("rawtypes")
-  private void summary(HttpServletResponse response) throws IOException {
+  private void summary(HttpServletRequest request, HttpServletResponse response) throws IOException {
     Map<String, List> tableSummaries = new HashMap<String, List>();
     try {
       tableSummaries = TableUtil.getTableSummaries();
@@ -76,7 +77,7 @@ public class TablesServlet extends BaseConsoleServlet {
     HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(tableSummaries), HttpUtil.JSON);
   }
 
-  private void schema(HttpServletResponse response, String table) throws IOException {
+  private void schema(HttpServletRequest request, HttpServletResponse response, String table) throws IOException {
     Object schema;
     try {
       schema = TableUtil.getSchema(table);
@@ -90,7 +91,8 @@ public class TablesServlet extends BaseConsoleServlet {
     HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(schema), HttpUtil.JSON);
   }
 
-  private void terms(HttpServletResponse res, String table, String family, String column, String startsWith) throws IOException {
+  private void terms(HttpServletRequest request, HttpServletResponse res, String table, String family, String column, String startsWith) throws IOException {
+    authorize(request, User.SEARCHER_ROLE);
     List<String> terms = new ArrayList<String>();
     try {
       terms = TableUtil.getTerms(table, family, column, startsWith);
@@ -104,7 +106,8 @@ public class TablesServlet extends BaseConsoleServlet {
     HttpUtil.sendResponse(res, new ObjectMapper().writeValueAsString(terms), HttpUtil.JSON);
   }
 
-  private void enable(HttpServletResponse response, String table) throws IOException {
+  private void enable(HttpServletRequest request, HttpServletResponse response, String table) throws IOException {
+    authorize(request, User.MANAGER_ROLE);
     try {
       TableUtil.enableTable(table);
     } catch (IOException e) {
@@ -116,7 +119,8 @@ public class TablesServlet extends BaseConsoleServlet {
     sendGenericOk(response);
   }
 
-  private void disable(HttpServletResponse response, String table) throws IOException {
+  private void disable(HttpServletRequest request, HttpServletResponse response, String table) throws IOException {
+    authorize(request, User.MANAGER_ROLE);
     try {
       TableUtil.disableTable(table);
     } catch (IOException e) {
@@ -128,7 +132,8 @@ public class TablesServlet extends BaseConsoleServlet {
     sendGenericOk(response);
   }
 
-  private void delete(HttpServletResponse response, String table, String includeFiles) throws IOException {
+  private void delete(HttpServletRequest request, HttpServletResponse response, String table, String includeFiles) throws IOException {
+    authorize(request, User.MANAGER_ROLE);
     try {
       TableUtil.deleteTable(table, Boolean.parseBoolean(includeFiles));
     } catch (IOException e) {

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/java/org/apache/blur/console/util/Config.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/util/Config.java b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
index f9bcf3f..17067f1 100644
--- a/blur-console/src/main/java/org/apache/blur/console/util/Config.java
+++ b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
@@ -19,8 +19,7 @@ package org.apache.blur.console.util;
 
 
 import org.apache.blur.BlurConfiguration;
-import org.apache.blur.console.providers.AllAllowedProvider;
-import org.apache.blur.console.providers.IProvider;
+import org.apache.blur.console.providers.BaseProvider;
 import org.apache.blur.manager.clusterstatus.ZookeeperClusterStatus;
 import org.apache.blur.thrift.BlurClient;
 import org.apache.blur.thrift.generated.Blur.Iface;
@@ -37,10 +36,7 @@ import org.codehaus.jackson.type.TypeReference;
 import java.io.File;
 import java.io.IOException;
 import java.lang.reflect.Method;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 
 public class Config {
 
@@ -54,7 +50,7 @@ public class Config {
   private static String blurConnection;
   private static Object cluster;
   private static Map<String, Map<String, String>> globalUserProperties;
-  private static IProvider provider;
+  private static BaseProvider provider;
 
   public static int getConsolePort() {
     return port;
@@ -64,21 +60,13 @@ public class Config {
     return blurConfig;
   }
 
-  public static void setupConfig() throws IOException {
+  public static void setupConfig() throws Exception {
     if (cluster == null) {
       blurConfig = new BlurConfiguration();
-    } else {
+    } else { // in dev mode
       blurConfig = new BlurConfiguration(false);
-
-      String zkConnection = "";
-      try {
-        Method zkMethod = cluster.getClass().getMethod("getZkConnectionString");
-        zkConnection = (String) zkMethod.invoke(cluster);
-      } catch (Exception e) {
-        log.fatal("Unable get zookeeper connection string", e);
-      }
-
-      blurConfig.set("blur.zookeeper.connection", zkConnection);
+      setDevelopmentZookeeperConnection();
+      setDevelopmentProperties();
     }
     zk = new ZookeeperClusterStatus(blurConfig.get("blur.zookeeper.connection"), blurConfig);
     blurConnection = buildConnectionString();
@@ -87,6 +75,27 @@ public class Config {
     setupProvider();
   }
 
+  private static void setDevelopmentZookeeperConnection() {
+    String zkConnection = "";
+    try {
+      Method zkMethod = cluster.getClass().getMethod("getZkConnectionString");
+      zkConnection = (String) zkMethod.invoke(cluster);
+    } catch (Exception e) {
+      log.fatal("Unable get zookeeper connection string", e);
+    }
+
+    blurConfig.set("blur.zookeeper.connection", zkConnection);
+  }
+
+  private static void setDevelopmentProperties() {
+    Properties properties = System.getProperties();
+    for (String name : properties.stringPropertyNames()) {
+      if (name.startsWith("blur.")) {
+        blurConfig.set(name, properties.getProperty(name));
+      }
+    }
+  }
+
   private static void parseSecurity() {
     String securityFile = blurConfig.get("blur.console.security.file");
 
@@ -94,7 +103,8 @@ public class Config {
       JsonFactory factory = new JsonFactory();
       ObjectMapper mapper = new ObjectMapper(factory);
       File from = new File(securityFile);
-      TypeReference<Map<String, Map<String, String>>> typeRef = new TypeReference<Map<String, Map<String, String>>>(){};
+      TypeReference<Map<String, Map<String, String>>> typeRef = new TypeReference<Map<String, Map<String, String>>>() {
+      };
 
       try {
         globalUserProperties = mapper.readValue(from, typeRef);
@@ -105,20 +115,17 @@ public class Config {
     }
   }
 
-  private static void setupProvider() {
+  private static void setupProvider() throws Exception {
     String providerClassName = blurConfig.get("blur.console.auth.provider", "org.apache.blur.console.providers.AllAllowedProvider");
 
-    try {
-      Class providerClass = Class.forName(providerClassName, false, Config.class.getClassLoader());
 
-      if (providerClass != null) {
-        provider = (IProvider) providerClass.newInstance();
-        provider.setupProvider(blurConfig);
-      }
-    } catch (Exception e) {
-      log.fatal("Unable to setup provider [" + providerClassName + "]. Reverting to default.");
-      provider = new AllAllowedProvider();
+    Class providerClass = Class.forName(providerClassName, false, Config.class.getClassLoader());
+
+    if (providerClass != null) {
+      provider = (BaseProvider) providerClass.newInstance();
+      provider.setupProvider(blurConfig);
     }
+
   }
 
   public static String getConnectionString() throws IOException {
@@ -185,12 +192,12 @@ public class Config {
     return cluster != null;
   }
 
-  public static IProvider getProvider() {
+  public static BaseProvider getProvider() {
     return provider;
   }
 
   public static Collection<String> getSecurityUserNames() {
-    if(globalUserProperties != null) {
+    if (globalUserProperties != null) {
       return globalUserProperties.keySet();
     } else {
       return new ArrayList<String>();

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/Gruntfile.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/Gruntfile.js b/blur-console/src/main/webapp/Gruntfile.js
index 9da1645..876c40d 100644
--- a/blur-console/src/main/webapp/Gruntfile.js
+++ b/blur-console/src/main/webapp/Gruntfile.js
@@ -57,7 +57,7 @@ module.exports = function (grunt) {
             options: {
                 sourceMap: true,
                 sourceMapFilename: 'public/css/blurconsole.css.map',
-                sourceMapURL: '/css/blurconsole.css.map',
+                sourceMapURL: 'blurconsole.css.map',
                 sourceMapBasepath: 'public',
                 sourceMapRootpath: '/',
                 dumpLineNumbers: true,

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/index.html
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/index.html b/blur-console/src/main/webapp/index.html
index a4aaa2e..f6a8e91 100644
--- a/blur-console/src/main/webapp/index.html
+++ b/blur-console/src/main/webapp/index.html
@@ -49,16 +49,16 @@ under the License.
     </nav>
     <nav class="side-nav">
       <ul>
-        <li title="Dashboard" data-toggle="tooltip" data-placement="right" data-container="body">
+        <li id="dashboard_tab" style="display:none;" title="Dashboard" data-toggle="tooltip" data-placement="right" data-container="body">
           <a href="#!tab=dashboard"><i class="glyphicon glyphicon-dashboard"></i></a>
         </li>
-        <li title="Tables" data-toggle="tooltip" data-placement="right" data-container="body">
+        <li id="tables_tab" style="display:none;" title="Tables" data-toggle="tooltip" data-placement="right" data-container="body">
           <a href="#!tab=tables"><i class="glyphicon glyphicon-list"></i></a>
         </li>
-        <li title="Queries" data-toggle="tooltip" data-placement="right" data-container="body">
+        <li id="queries_tab" style="display:none;" title="Queries" data-toggle="tooltip" data-placement="right" data-container="body">
           <a href="#!tab=queries"><i class="glyphicon glyphicon-tasks"></i></a>
         </li>
-        <li title="Search" data-toggle="tooltip" data-placement="right" data-container="body">
+        <li id="search_tab" style="display:none;" title="Search" data-toggle="tooltip" data-placement="right" data-container="body">
           <a href="#!tab=search"><i class="glyphicon glyphicon-search"></i></a>
         </li>
       </ul>

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.auth.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.auth.js b/blur-console/src/main/webapp/js/blurconsole.auth.js
new file mode 100644
index 0000000..472c3c5
--- /dev/null
+++ b/blur-console/src/main/webapp/js/blurconsole.auth.js
@@ -0,0 +1,114 @@
+/*
+
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+*/
+/*global blurconsole:false */
+blurconsole.auth = (function() {
+  'use strict';
+
+  var username, roles, fakeIt, container, loginDiv;
+
+  //------------------- Private methods --------------------------
+
+  function _attemptLogin(evt) {
+    if(evt) {
+      evt.preventDefault();
+    }
+    var serializedForm = _getLoginDiv().find('form').serialize();
+    _getLoginDiv().html('Attempting to login <img src="img/ajax-loader.gif"/>');
+    $.ajax('/service/auth/login', {
+      type: 'POST',
+      data: serializedForm,
+      success: function(data) {
+        if(data.loggedIn) {
+          if(data.user) {
+            username = data.user.name;
+            roles = data.user.roles;
+          }
+          container.trigger('userLoggedIn');
+        } else {
+          if(data.formHtml) {
+            _getLoginDiv().html(data.formHtml);
+            _getLoginDiv().find('form').on('submit',_attemptLogin);
+          } else {
+            _getLoginDiv().html('Login Failed');
+          }
+        }
+      }
+    });
+    return false;
+  }
+
+
+  function _getLoginDiv() {
+    if(loginDiv) {
+      return loginDiv;
+    }
+    loginDiv = container.find('.auth_container');
+    if(loginDiv.length === 0) {
+      loginDiv = $('<div class="auth_container jumbotron"></div>').appendTo(container);
+    }
+
+    return loginDiv;
+  }
+
+  //------------------- Public API -------------------------------
+  function initModule($container) {
+    container = $container;
+    if(window.location.href.indexOf('fakeIt=') > -1) {
+      fakeIt = true;
+      username = 'fake user';
+      container.trigger('userLoggedIn');
+    } else {
+      _attemptLogin();
+    }
+  }
+
+  function getUsername() {
+    return username;
+  }
+
+  function hasRole(role) {
+    if(fakeIt === true) {
+      return true;
+    }
+    if(roles !== null) {
+      if (roles.indexOf('admin') >= 0) {
+        return true;
+      }
+      if('manager' === role && roles.indexOf('manager') >= 0) {
+        return true;
+      }
+      if('searcher' === role && (roles.indexOf('manager') >= 0 || roles.indexOf('searcher') >= 0)) {
+        return true;
+      }
+    }
+    return false;
+  }
+
+  function getRoles() {
+    return roles;
+  }
+
+  return {
+    initModule: initModule,
+    getUsername: getUsername,
+    hasRole: hasRole,
+    getRoles: getRoles
+  };
+}());
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.data.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.data.js b/blur-console/src/main/webapp/js/blurconsole.data.js
index 3473b99..62ed53c 100644
--- a/blur-console/src/main/webapp/js/blurconsole.data.js
+++ b/blur-console/src/main/webapp/js/blurconsole.data.js
@@ -22,7 +22,12 @@ blurconsole.data = (function() {
   'use strict';
 
   //------------------- Private methods --------------------------
-  function _logError (errorMsg, status, module, callback) {
+  function _handleError (xhr, module, callback) {
+    var errorMsg = xhr.responseText;
+    var status = xhr.status;
+    if(status === 401 || status === 403) {
+      window.location.reload();
+    }
     blurconsole.model.logs.logError(status + ' - ' + errorMsg, module);
     if (callback) {
       callback('error');
@@ -32,24 +37,24 @@ blurconsole.data = (function() {
   //------------------- Public API -------------------------------
   function getTableList(callback) {
     $.getJSON('/service/tables', callback).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'tables', callback);
+      _handleError(xhr, 'tables', callback);
     });
   }
 
   function getNodeList(callback) {
     $.getJSON('/service/nodes', callback).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'tables', callback);
+      _handleError(xhr, 'tables', callback);
     });
   }
   function getQueryPerformance(callback) {
     $.getJSON('/service/queries/performance', callback).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'tables', callback);
+      _handleError(xhr, 'tables', callback);
     });
   }
 
   function getQueries(callback) {
     $.getJSON('/service/queries', callback).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'tables', callback);
+      _handleError(xhr, 'tables', callback);
     });
   }
 
@@ -59,7 +64,7 @@ blurconsole.data = (function() {
         table: table
       },
       error: function(xhr) {
-        _logError(xhr.responseText, xhr.status, 'tables');
+        _handleError(xhr, 'tables');
       }
     });
   }
@@ -67,7 +72,7 @@ blurconsole.data = (function() {
   function disableTable(table) {
     $.ajax('/service/tables/' + table + '/disable', {
       error: function(xhr) {
-        _logError(xhr.responseText, xhr.status, 'tables');
+        _handleError(xhr, 'tables');
       }
     });
   }
@@ -75,7 +80,7 @@ blurconsole.data = (function() {
   function enableTable (table){
     $.ajax('/service/tables/' + table + '/enable', {
       error: function(xhr) {
-        _logError(xhr.responseText, xhr.status, 'tables');
+        _handleError(xhr, 'tables');
       }
     });
   }
@@ -86,20 +91,20 @@ blurconsole.data = (function() {
         includeFiles: includeFiles
       },
       error: function(xhr) {
-        _logError(xhr.responseText, xhr.status, 'tables');
+        _handleError(xhr, 'tables');
       }
     });
   }
 
   function getSchema(table, callback) {
     $.getJSON('/service/tables/' + table + '/schema', callback).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'tables');
+      _handleError(xhr, 'tables');
     });
   }
 
   function findTerms (table, family, column, startsWith, callback) {
     $.getJSON('/service/tables/' + table + '/' + family + '/' + column + '/terms', {startsWith: startsWith}, callback).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'tables');
+      _handleError(xhr, 'tables');
     });
   }
 
@@ -110,7 +115,7 @@ blurconsole.data = (function() {
       'data': params,
       'success': callback,
       'error': function(xhr) {
-        _logError(xhr.responseText, xhr.status, 'tables');
+        _handleError(xhr, 'tables');
       }
     });
   }
@@ -119,7 +124,7 @@ blurconsole.data = (function() {
     $.getJSON('/service/auth/securityUsers', function(data) {
       callback(data.securityUserNames);
     }).fail(function(xhr) {
-      _logError(xhr.responseText, xhr.status, 'securityUsers');
+      _handleError(xhr, 'securityUsers');
     });
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.js b/blur-console/src/main/webapp/js/blurconsole.js
index dda57ac..7e62762 100644
--- a/blur-console/src/main/webapp/js/blurconsole.js
+++ b/blur-console/src/main/webapp/js/blurconsole.js
@@ -27,8 +27,11 @@ var blurconsole = (function () {
 
   //---------------------- Public API -------------------------
   function initModule( $container ) {
-    blurconsole.model.initModule();
-    blurconsole.shell.initModule( $container );
+    $container.on('userLoggedIn', function() {
+      blurconsole.model.initModule();
+      blurconsole.shell.initModule( $container );
+    });
+    blurconsole.auth.initModule($container);
   }
 
   return { initModule: initModule };

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.queries.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.queries.js b/blur-console/src/main/webapp/js/blurconsole.queries.js
index 42614b1..7eeff87 100644
--- a/blur-console/src/main/webapp/js/blurconsole.queries.js
+++ b/blur-console/src/main/webapp/js/blurconsole.queries.js
@@ -41,7 +41,7 @@ blurconsole.queries = (function() {
       } },
       { label: 'Actions', key: function(row) {
         var actions = '';
-        if(row.state === 0) {
+        if(row.state === 0 && blurconsole.auth.hasRole('manager')) {
           actions += '<a href="#" class="cancelTrigger btn btn-danger" data-uuid="' + row.uuid + '" data-query="' + row.query + '" data-table="' + row.table + '"><i class="glyphicon glyphicon-ban-circle"></i> Cancel</a> ';
         }
         return actions;

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.schema.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.schema.js b/blur-console/src/main/webapp/js/blurconsole.schema.js
index 27bc745..2fa553f 100644
--- a/blur-console/src/main/webapp/js/blurconsole.schema.js
+++ b/blur-console/src/main/webapp/js/blurconsole.schema.js
@@ -139,7 +139,7 @@ blurconsole.schema = (function () {
             info += '<li class="list-group-item"><strong>' + key + ':</strong> ' + value + '</li>';
           });
         }
-        if (def.type !== 'stored') {
+        if (def.type !== 'stored' && blurconsole.auth.hasRole('searcher')) {
           info += '<li class="list-group-item"><a href="#" class="termsTrigger" data-fam="' + family + '" data-col="' + col + '">View Terms</a></li>';
         }
         info += '</ul></div>';

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.shell.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.shell.js b/blur-console/src/main/webapp/js/blurconsole.shell.js
index 6651d20..6675361 100644
--- a/blur-console/src/main/webapp/js/blurconsole.shell.js
+++ b/blur-console/src/main/webapp/js/blurconsole.shell.js
@@ -68,6 +68,10 @@ blurconsole.shell = (function () {
       jqueryMap.$sideNavTabs.filter('a[href$="' + tab + '"]').addClass('active');
       if (blurconsole[tab]) {
         blurconsole[tab].initModule( jqueryMap.$container );
+      } else {
+        changeAnchorPart({
+          tab : 'dashboard'
+        });
       }
     }
 
@@ -151,6 +155,19 @@ blurconsole.shell = (function () {
     blurconsole.schema.initModule();
     blurconsole.logging.initModule();
 
+    $('#dashboard_tab').show();
+    $('#tables_tab').show();
+    $('#queries_tab').show();
+
+    if(blurconsole.auth.hasRole('searcher')) {
+      $('#search_tab').show();
+    } else {
+      configMap.allTabs.splice(configMap.allTabs.indexOf('search'), 1);
+      configMap.anchorSchemaMap.tab.search = false;
+      blurconsole.search = null;
+      $('#search_tab').remove();
+    }
+
     $('#view_logging_trigger').on('click', function() {
       $.gevent.publish('show-logging');
     });

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/js/blurconsole.tables.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.tables.js b/blur-console/src/main/webapp/js/blurconsole.tables.js
index a18128e..fb65ff3 100644
--- a/blur-console/src/main/webapp/js/blurconsole.tables.js
+++ b/blur-console/src/main/webapp/js/blurconsole.tables.js
@@ -34,7 +34,9 @@ blurconsole.tables = (function () {
       {label:'Actions', key: function(row) {
         var actions = '', table = row.name;
         actions += '<a href="#" class="schemaTrigger btn btn-default" data-name="' + table + '"><i class="glyphicon glyphicon-list-alt"></i> Schema</a> ';
-        actions += '<a href="#" class="disableTrigger btn btn-danger" data-name="' + table + '"><i class="glyphicon glyphicon-cloud-download"></i> Disable</a> ';
+        if(blurconsole.auth.hasRole('manager')) {
+          actions += '<a href="#" class="disableTrigger btn btn-danger" data-name="' + table + '"><i class="glyphicon glyphicon-cloud-download"></i> Disable</a> ';
+        }
         return actions;
       }}
     ],
@@ -42,8 +44,10 @@ blurconsole.tables = (function () {
       {label:'Table Name', key:'name'},
       {label:'Actions', key: function(row) {
         var actions = '', table = row.name;
-        actions += '<a href="#" class="enableTrigger btn btn-default" data-name="' + table + '"><i class="glyphicon glyphicon-cloud-upload"></i> Enable</a> ';
-        actions += '<a href="#" class="deleteTrigger btn btn-danger" data-name="' + table + '"><i class="glyphicon glyphicon-trash"></i> Delete</a> ';
+        if(blurconsole.auth.hasRole('manager')) {
+          actions += '<a href="#" class="enableTrigger btn btn-default" data-name="' + table + '"><i class="glyphicon glyphicon-cloud-upload"></i> Enable</a> ';
+          actions += '<a href="#" class="deleteTrigger btn btn-danger" data-name="' + table + '"><i class="glyphicon glyphicon-trash"></i> Delete</a> ';
+        }
         return actions;
       }}
     ]

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/less/blurconsole.auth.less
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/less/blurconsole.auth.less b/blur-console/src/main/webapp/less/blurconsole.auth.less
new file mode 100644
index 0000000..2cb5b23
--- /dev/null
+++ b/blur-console/src/main/webapp/less/blurconsole.auth.less
@@ -0,0 +1,27 @@
+/*
+
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+ */
+
+.auth_container {
+  margin-left: 100px;
+  margin-right: 100px;
+  border-radius: 10px;
+  font-size: 18px;
+  box-shadow: 1px 1px 15px #888888;
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/less/blurconsole.less
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/less/blurconsole.less b/blur-console/src/main/webapp/less/blurconsole.less
index d739f06..d9fa4b0 100644
--- a/blur-console/src/main/webapp/less/blurconsole.less
+++ b/blur-console/src/main/webapp/less/blurconsole.less
@@ -23,6 +23,7 @@ under the License.
 @icon-font-path: "fonts/";
 
 @import 'colors';
+@import 'blurconsole.auth.less';
 @import 'blurconsole.shell.less';
 @import 'blurconsole.dashboard.less';
 @import 'blurconsole.schema.less';

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/main/webapp/less/blurconsole.shell.less
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/less/blurconsole.shell.less b/blur-console/src/main/webapp/less/blurconsole.shell.less
index fb1ac92..1f5b439 100644
--- a/blur-console/src/main/webapp/less/blurconsole.shell.less
+++ b/blur-console/src/main/webapp/less/blurconsole.shell.less
@@ -55,6 +55,7 @@ nav.navbar-fixed-top {
         li {
             position: relative;
             display: block;
+            cursor: pointer;
             a {
                 padding: 10px;
                 color: @sidebar-color;

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/test/java/org/apache/blur/console/ConsoleTestBase.java
----------------------------------------------------------------------
diff --git a/blur-console/src/test/java/org/apache/blur/console/ConsoleTestBase.java b/blur-console/src/test/java/org/apache/blur/console/ConsoleTestBase.java
index e555bca..7edff2f 100644
--- a/blur-console/src/test/java/org/apache/blur/console/ConsoleTestBase.java
+++ b/blur-console/src/test/java/org/apache/blur/console/ConsoleTestBase.java
@@ -59,7 +59,7 @@ public class ConsoleTestBase {
     }
   }
 
-  protected void setupConfigIfNeeded() throws IOException {
+  protected void setupConfigIfNeeded() throws Exception {
     if (Config.getBlurConfig() == null) {
       Config.setupConfig();
     }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/test/java/org/apache/blur/console/util/ConfigTest.java
----------------------------------------------------------------------
diff --git a/blur-console/src/test/java/org/apache/blur/console/util/ConfigTest.java b/blur-console/src/test/java/org/apache/blur/console/util/ConfigTest.java
index a187f6f..797afa3 100644
--- a/blur-console/src/test/java/org/apache/blur/console/util/ConfigTest.java
+++ b/blur-console/src/test/java/org/apache/blur/console/util/ConfigTest.java
@@ -30,7 +30,7 @@ import static org.junit.Assert.*;
 public class ConfigTest extends ConsoleTestBase {
 
   @Before
-  public void setup() throws IOException {
+  public void setup() throws Exception {
     Config.setupConfig();
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/test/java/org/apache/blur/console/util/NodeUtilTest.java
----------------------------------------------------------------------
diff --git a/blur-console/src/test/java/org/apache/blur/console/util/NodeUtilTest.java b/blur-console/src/test/java/org/apache/blur/console/util/NodeUtilTest.java
index 8887684..0c86126 100644
--- a/blur-console/src/test/java/org/apache/blur/console/util/NodeUtilTest.java
+++ b/blur-console/src/test/java/org/apache/blur/console/util/NodeUtilTest.java
@@ -31,7 +31,7 @@ import static org.junit.Assert.assertEquals;
 
 public class NodeUtilTest extends ConsoleTestBase {
   @Before
-  public void setup() throws BlurException, TException, IOException {
+  public void setup() throws Exception {
     setupConfigIfNeeded();
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/test/java/org/apache/blur/console/util/QueryUtilTest.java
----------------------------------------------------------------------
diff --git a/blur-console/src/test/java/org/apache/blur/console/util/QueryUtilTest.java b/blur-console/src/test/java/org/apache/blur/console/util/QueryUtilTest.java
index 7320f12..08e6957 100644
--- a/blur-console/src/test/java/org/apache/blur/console/util/QueryUtilTest.java
+++ b/blur-console/src/test/java/org/apache/blur/console/util/QueryUtilTest.java
@@ -35,7 +35,7 @@ import static org.junit.Assert.assertEquals;
 
 public class QueryUtilTest extends ConsoleTestBase {
   @Before
-  public void setup() throws IOException, BlurException, TException {
+  public void setup() throws Exception {
     setupConfigIfNeeded();
 
     Iface client = BlurClient.getClient(Config.getConnectionString());

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/c9dafa19/blur-console/src/test/java/org/apache/blur/console/util/TableUtilTest.java
----------------------------------------------------------------------
diff --git a/blur-console/src/test/java/org/apache/blur/console/util/TableUtilTest.java b/blur-console/src/test/java/org/apache/blur/console/util/TableUtilTest.java
index 21fff82..c663870 100644
--- a/blur-console/src/test/java/org/apache/blur/console/util/TableUtilTest.java
+++ b/blur-console/src/test/java/org/apache/blur/console/util/TableUtilTest.java
@@ -34,7 +34,7 @@ import static org.junit.Assert.assertEquals;
 public class TableUtilTest extends ConsoleTestBase {
 
   @Before
-  public void ensureCleanTables() throws BlurException, TException, IOException {
+  public void ensureCleanTables() throws Exception {
     setupConfigIfNeeded();
 
     Iface client = BlurClient.getClient(Config.getConnectionString());
@@ -49,7 +49,7 @@ public class TableUtilTest extends ConsoleTestBase {
 
   @SuppressWarnings("rawtypes")
   @Test
-  public void testGetTableSummariesNoTables() throws BlurException, IOException, TException {
+  public void testGetTableSummariesNoTables() throws Exception {
     Map<String, List> data = TableUtil.getTableSummaries();
 
     assertEquals(0, data.get("tables").size());
@@ -57,7 +57,7 @@ public class TableUtilTest extends ConsoleTestBase {
 
   @SuppressWarnings({"unchecked", "rawtypes"})
   @Test
-  public void testGetTableSummaries() throws BlurException, TException, IOException {
+  public void testGetTableSummaries() throws Exception {
     Iface client = BlurClient.getClient(Config.getConnectionString());
 
     TableDescriptor td = new TableDescriptor();


Mime
View raw message