incubator-blur-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aaven...@apache.org
Subject [9/9] git commit: allow authentication and authorization providers
Date Sat, 02 Aug 2014 22:08:56 GMT
allow authentication and authorization providers


Project: http://git-wip-us.apache.org/repos/asf/incubator-blur/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-blur/commit/a872832b
Tree: http://git-wip-us.apache.org/repos/asf/incubator-blur/tree/a872832b
Diff: http://git-wip-us.apache.org/repos/asf/incubator-blur/diff/a872832b

Branch: refs/heads/master
Commit: a872832b0194f19913ec8413947346112033edec
Parents: d005daa
Author: Andrew Avenoso <andrew.va@gmail.com>
Authored: Sat Aug 2 18:08:03 2014 -0400
Committer: Andrew Avenoso <andrew.va@gmail.com>
Committed: Sat Aug 2 18:08:03 2014 -0400

----------------------------------------------------------------------
 .../org/apache/blur/console/model/User.java     |  24 +++++
 .../console/providers/AllAllowedProvider.java   |  45 --------
 .../console/providers/AllAuthenticated.java     |  54 ++++++++++
 .../console/providers/AuthenticationDenied.java |  44 ++++++++
 .../blur/console/providers/BaseProvider.java    |  76 -------------
 .../console/providers/EmptyAuthorization.java   |  33 ++++++
 .../providers/GlobalJsonAuthorization.java      |  65 +++++++++++
 .../providers/IAuthenticationProvider.java      |  31 ++++++
 .../providers/IAuthorizationProvider.java       |  27 +++++
 .../blur/console/providers/RoleMapper.java      |  53 +++++++++
 .../blur/console/providers/TomcatUsers.java     | 107 +++++++++++++++++++
 .../console/providers/TomcatUsersProvider.java  | 105 ------------------
 .../blur/console/servlets/AuthServlet.java      |  25 +----
 .../console/servlets/BaseConsoleServlet.java    |  15 ++-
 .../blur/console/servlets/SearchServlet.java    |   5 +-
 .../org/apache/blur/console/util/Config.java    |  88 +++++++--------
 .../apache/blur/console/util/SearchUtil.java    |  25 ++---
 .../src/main/webapp/js/blurconsole.auth.js      |  10 +-
 .../src/main/webapp/js/blurconsole.data.js      |  11 +-
 .../src/main/webapp/js/blurconsole.fake.js      |   7 +-
 .../src/main/webapp/js/blurconsole.model.js     |  23 +---
 .../src/main/webapp/js/blurconsole.search.js    |  21 ++--
 blur-console/src/main/webapp/public/index.html  |   2 +-
 ...rconsole.25eca61b3a7b87b9a6006e16995fef28.js |  27 -----
 ...rconsole.4cb08879ff9d1303a1e4e10f29a09c14.js |  27 +++++
 ...rconsole.b3b55f3b66f68d99a652d8034e0d53a4.js |  27 +++++
 .../src/main/webapp/public/js/blurconsole.js    |   8 +-
 ...sole.js.2d04b49d3f00a8ce62d30d6b682d3561.map |   1 +
 ...sole.js.73b9e36b2f0e79be60aa19df31137f02.map |   1 +
 ...sole.js.d35d3bd264ae88e0144dc99c5a95cb53.map |   1 -
 .../main/webapp/public/js/blurconsole.js.map    |   2 +-
 31 files changed, 597 insertions(+), 393 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/model/User.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/model/User.java b/blur-console/src/main/java/org/apache/blur/console/model/User.java
index 4f0e9b3..f6703e2 100644
--- a/blur-console/src/main/java/org/apache/blur/console/model/User.java
+++ b/blur-console/src/main/java/org/apache/blur/console/model/User.java
@@ -18,6 +18,7 @@ package org.apache.blur.console.model;
  */
 
 import java.util.Collection;
+import java.util.Map;
 
 public class User {
 
@@ -31,6 +32,8 @@ public class User {
 
   protected Collection<String> roles;
 
+  protected Map<String, Map<String, String>> securityAttributesMap;
+
   public String getName() {
     return name;
   }
@@ -58,4 +61,25 @@ public class User {
     return false;
   }
 
+  public void setSecurityAttributesMap(Map<String, Map<String, String>> securityAttributesMap) {
+    this.securityAttributesMap = securityAttributesMap;
+  }
+
+  public Collection<String> getSecurityNames() {
+    if(securityAttributesMap == null) {
+      return null;
+    }
+    return securityAttributesMap.keySet();
+  }
+
+  public Map<String,String> getSecurityAttributes(String name) {
+    if(securityAttributesMap == null || securityAttributesMap.isEmpty()) {
+      return null;
+    }
+    if(securityAttributesMap.size() == 1) {
+      return securityAttributesMap.values().iterator().next();
+    }
+    return securityAttributesMap.get(name);
+  }
+
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
deleted file mode 100644
index eb8c99d..0000000
--- a/blur-console/src/main/java/org/apache/blur/console/providers/AllAllowedProvider.java
+++ /dev/null
@@ -1,45 +0,0 @@
-package org.apache.blur.console.providers;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.apache.blur.BlurConfiguration;
-import org.apache.blur.console.model.User;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.Arrays;
-import java.util.List;
-
-public class AllAllowedProvider extends BaseProvider {
-  private static class AllAllowedUser extends User {
-
-    private String password;
-
-    public AllAllowedUser() {
-      this.name = "User";
-      this.roles = Arrays.asList(ADMIN_ROLE);
-    }
-
-    private boolean checkPassword(String passwd) {
-      return password.equals(passwd);
-    }
-  }
-  @Override
-  public User login(HttpServletRequest request) {
-    return new AllAllowedUser();
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/AllAuthenticated.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/AllAuthenticated.java b/blur-console/src/main/java/org/apache/blur/console/providers/AllAuthenticated.java
new file mode 100644
index 0000000..e9180b8
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/AllAuthenticated.java
@@ -0,0 +1,54 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+
+public class AllAuthenticated implements IAuthenticationProvider {
+  private static class AllAllowedUser extends User {
+
+    private String password;
+
+    public AllAllowedUser(String name) {
+      this.name = name;
+      this.roles = Arrays.asList(ADMIN_ROLE);
+    }
+
+    private boolean checkPassword(String passwd) {
+      return password.equals(passwd);
+    }
+  }
+
+  @Override
+  public void setupProvider(BlurConfiguration config) {
+  }
+
+  @Override
+  public User login(HttpServletRequest request) {
+    return new AllAllowedUser(request.getRemoteHost());
+  }
+
+  @Override
+  public String getLoginForm() {
+    return null;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/AuthenticationDenied.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/AuthenticationDenied.java b/blur-console/src/main/java/org/apache/blur/console/providers/AuthenticationDenied.java
new file mode 100644
index 0000000..8384b90
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/AuthenticationDenied.java
@@ -0,0 +1,44 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * This provider does not allow anybody in
+ */
+public class AuthenticationDenied implements IAuthenticationProvider {
+
+  @Override
+  public User login(HttpServletRequest request) {
+    return null;
+  }
+
+  @Override
+  public final void setupProvider(BlurConfiguration config) {
+  }
+
+  @Override
+  public String getLoginForm() {
+    return null;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java
deleted file mode 100644
index 9d520f9..0000000
--- a/blur-console/src/main/java/org/apache/blur/console/providers/BaseProvider.java
+++ /dev/null
@@ -1,76 +0,0 @@
-package org.apache.blur.console.providers;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.apache.blur.BlurConfiguration;
-import org.apache.blur.console.model.User;
-
-import javax.servlet.http.HttpServletRequest;
-import java.io.FileNotFoundException;
-import java.util.*;
-
-/**
- * Custom providers should extend this and override the methods
- * This provider does not allow anybody in
- */
-public class BaseProvider {
-
-  private Map<String, String> roleMapping;
-
-  public User login(HttpServletRequest request) {
-    return null;
-  }
-
-  public final void setupProvider(BlurConfiguration config) throws Exception {
-    setupRoleMapping(config);
-    setupProviderInternal(config);
-  }
-
-  private void setupRoleMapping(BlurConfiguration config) {
-    roleMapping = new HashMap<String, String>();
-    List<String> roles = Arrays.asList(User.ADMIN_ROLE, User.MANAGER_ROLE, User.SEARCHER_ROLE);
-    for(String role: roles) {
-      String configRoles = config.get("blur.console.auth.provider.roles." + role, role);
-      String[] splitRoles = configRoles.split(",");
-      for(String splitRole: splitRoles) {
-        roleMapping.put(splitRole, role);
-      }
-    }
-  }
-
-  protected void setupProviderInternal(BlurConfiguration config) throws Exception {
-
-  }
-
-  public String getLoginForm() {
-    return null;
-  }
-
-  protected Collection<String> mapRoles(Collection<String> roles) {
-    if(roles != null) {
-      Collection<String> mappedRoles = new ArrayList<String>(roles.size());
-      for(String role: roles) {
-        if (roleMapping.containsKey(role)) {
-          mappedRoles.add(roleMapping.get(role));
-        }
-      }
-      return mappedRoles;
-    }
-    return null;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/EmptyAuthorization.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/EmptyAuthorization.java b/blur-console/src/main/java/org/apache/blur/console/providers/EmptyAuthorization.java
new file mode 100644
index 0000000..2341f9a
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/EmptyAuthorization.java
@@ -0,0 +1,33 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+public class EmptyAuthorization implements IAuthorizationProvider {
+  @Override
+  public void setupProvider(BlurConfiguration config) throws Exception {
+    // do nothing
+  }
+
+  @Override
+  public void setUserSecurityAttributes(User user) {
+    // do nothing
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/GlobalJsonAuthorization.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/GlobalJsonAuthorization.java b/blur-console/src/main/java/org/apache/blur/console/providers/GlobalJsonAuthorization.java
new file mode 100644
index 0000000..6d30d2e
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/GlobalJsonAuthorization.java
@@ -0,0 +1,65 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.codehaus.jackson.JsonFactory;
+import org.codehaus.jackson.map.ObjectMapper;
+import org.codehaus.jackson.type.TypeReference;
+
+import java.io.File;
+import java.util.Collections;
+import java.util.Map;
+
+public class GlobalJsonAuthorization implements IAuthorizationProvider {
+  private static final Log log = LogFactory.getLog(GlobalJsonAuthorization.class);
+
+  private Map<String, Map<String, String>> globalUserProperties;
+
+  @Override
+  public void setupProvider(BlurConfiguration config) throws Exception {
+
+    String securityFile = config.get("blur.console.authorization.provider.globaljson.file");
+
+    if (securityFile != null) {
+      JsonFactory factory = new JsonFactory();
+      ObjectMapper mapper = new ObjectMapper(factory);
+      File from = new File(securityFile);
+      TypeReference<Map<String, Map<String, String>>> typeRef = new TypeReference<Map<String, Map<String, String>>>() {
+      };
+
+      try {
+        Map<String, Map<String, String>> properties = mapper.readValue(from, typeRef);
+        globalUserProperties = Collections.unmodifiableMap(properties);
+      } catch (Exception e) {
+        log.error("Unable to parse security file.  Search may not work right.", e);
+        globalUserProperties = null;
+      }
+    }
+  }
+
+  @Override
+  public void setUserSecurityAttributes(User user) {
+    if (user != null) {
+      user.setSecurityAttributesMap(globalUserProperties);
+    }
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/IAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/IAuthenticationProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/IAuthenticationProvider.java
new file mode 100644
index 0000000..f333120
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/IAuthenticationProvider.java
@@ -0,0 +1,31 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+
+public interface IAuthenticationProvider {
+  void setupProvider(BlurConfiguration config) throws Exception;
+
+  User login(HttpServletRequest request);
+
+  String getLoginForm();
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/IAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/IAuthorizationProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/IAuthorizationProvider.java
new file mode 100644
index 0000000..1121211
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/IAuthorizationProvider.java
@@ -0,0 +1,27 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * <p/>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p/>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+public interface IAuthorizationProvider {
+  void setupProvider(BlurConfiguration config) throws Exception;
+
+  void setUserSecurityAttributes(User user);
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/RoleMapper.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/RoleMapper.java b/blur-console/src/main/java/org/apache/blur/console/providers/RoleMapper.java
new file mode 100644
index 0000000..8d4d755
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/RoleMapper.java
@@ -0,0 +1,53 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+
+import java.util.*;
+
+public class RoleMapper {
+  private Map<String, String> roleMapping;
+
+  public RoleMapper(BlurConfiguration config) {
+    roleMapping = new HashMap<String, String>();
+    List<String> roles = Arrays.asList(User.ADMIN_ROLE, User.MANAGER_ROLE, User.SEARCHER_ROLE);
+    for (String role : roles) {
+      String configRoles = config.get("blur.console.authentication.roles." + role, role);
+      String[] splitRoles = configRoles.split(",");
+      for (String splitRole : splitRoles) {
+        roleMapping.put(splitRole, role);
+      }
+    }
+  }
+
+  public Collection<String> mapRoles(Collection<String> roles) {
+    if (roles != null) {
+      Collection<String> mappedRoles = new ArrayList<String>(roles.size());
+      for (String role : roles) {
+        if (roleMapping.containsKey(role)) {
+          mappedRoles.add(roleMapping.get(role));
+        }
+      }
+      return mappedRoles;
+    }
+    return null;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsers.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsers.java b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsers.java
new file mode 100644
index 0000000..fb9cd2c
--- /dev/null
+++ b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsers.java
@@ -0,0 +1,107 @@
+package org.apache.blur.console.providers;
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.blur.BlurConfiguration;
+import org.apache.blur.console.model.User;
+import org.jdom.Document;
+import org.jdom.Element;
+import org.jdom.JDOMException;
+import org.jdom.input.SAXBuilder;
+
+import javax.servlet.http.HttpServletRequest;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.Reader;
+import java.util.*;
+
+/**
+ * Provider that reads from a tomcat-users.xml file
+ * config blur.console.authentication.provider.tomcat.usersfile to point to the xml file
+ * This file gets read once at startup
+ */
+public class TomcatUsers implements IAuthenticationProvider {
+
+  private static class TomcatUser extends User {
+
+    private String password;
+
+    public TomcatUser(String name, String password, Collection<String> roles) {
+      this.name = name;
+      this.password = password;
+      this.roles = roles;
+    }
+
+    private boolean checkPassword(String passwd) {
+      return password.equals(passwd);
+    }
+  }
+
+  private Map<String, TomcatUser> users = new HashMap<String, TomcatUser>();
+  private RoleMapper roleMapper;
+
+  @Override
+  public User login(HttpServletRequest request) {
+    Map<String, String[]> parameters = request.getParameterMap();
+    String[] usernames = parameters.get("username");
+    String[] passwords = parameters.get("password");
+    if (usernames != null && usernames.length > 0 && passwords != null && passwords.length > 0) {
+      String username = usernames[0];
+      String password = passwords[0];
+      TomcatUser user = users.get(username);
+      if (user != null && user.checkPassword(password)) {
+        return user;
+      }
+    }
+    return null;
+  }
+
+  @Override
+  public void setupProvider(BlurConfiguration config) throws IOException, JDOMException {
+    roleMapper = new RoleMapper(config);
+    String usersFile = config.get("blur.console.authentication.provider.tomcat.usersfile");
+    SAXBuilder builder = new SAXBuilder();
+    Reader in = new FileReader(usersFile);
+    Document doc = builder.build(in);
+    Element root = doc.getRootElement();
+    List<Element> xmlUsers = root.getChildren("user");
+    for (Element user : xmlUsers) {
+      String username = user.getAttribute("username").getValue();
+      String password = user.getAttribute("password").getValue();
+      String roles = user.getAttribute("roles").getValue();
+      Collection<String> splitRoles = Arrays.asList(roles.split(","));
+      users.put(username, new TomcatUser(username, password, roleMapper.mapRoles(splitRoles)));
+    }
+  }
+
+  @Override
+  public String getLoginForm() {
+    String html = "<form>" +
+      "<div class=\"form-group\">" +
+      "<label for=\"username\">Username</label>" +
+      "<input name=\"username\" class=\"form-control\"/>" +
+      "</div>" +
+      "<div class=\"form-group\">" +
+      "<label for=\"password\">Password</label>" +
+      "<input type=\"password\" name=\"password\" class=\"form-control\"/>" +
+      "</div>" +
+      "<button type=\"submit\" class=\"btn btn-default\">Submit</button>" +
+      "</form>";
+    return html;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java b/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java
deleted file mode 100644
index 412f78c..0000000
--- a/blur-console/src/main/java/org/apache/blur/console/providers/TomcatUsersProvider.java
+++ /dev/null
@@ -1,105 +0,0 @@
-package org.apache.blur.console.providers;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.apache.blur.BlurConfiguration;
-import org.apache.blur.console.model.User;
-import org.jdom.Document;
-import org.jdom.Element;
-import org.jdom.JDOMException;
-import org.jdom.input.SAXBuilder;
-
-import javax.servlet.http.HttpServletRequest;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.Reader;
-import java.util.*;
-
-/**
- * Provider that reads from a tomcat-users.xml file
- * config blur.console.auth.provider.tomcat.usersfile to point to the xml file
- * This file gets read once at startup
- */
-public class TomcatUsersProvider extends BaseProvider {
-
-  private static class TomcatUser extends User {
-
-    private String password;
-
-    public TomcatUser(String name, String password, Collection<String> roles) {
-      this.name = name;
-      this.password = password;
-      this.roles = roles;
-    }
-
-    private boolean checkPassword(String passwd) {
-      return password.equals(passwd);
-    }
-  }
-
-  private Map<String, TomcatUser> users = new HashMap<String, TomcatUser>();
-
-  @Override
-  public User login(HttpServletRequest request) {
-    Map<String, String[]> parameters = request.getParameterMap();
-    String[] usernames = parameters.get("username");
-    String[] passwords = parameters.get("password");
-    if (usernames != null && usernames.length > 0 && passwords != null && passwords.length > 0) {
-      String username = usernames[0];
-      String password = passwords[0];
-      TomcatUser user = users.get(username);
-      if (user != null && user.checkPassword(password)) {
-        return user;
-      }
-    }
-    return null;
-  }
-
-  @Override
-  protected void setupProviderInternal(BlurConfiguration config) throws IOException, JDOMException {
-    String usersFile = config.get("blur.console.auth.provider.tomcat.usersfile");
-    SAXBuilder builder = new SAXBuilder();
-    Reader in = new FileReader(usersFile);
-    Document doc = builder.build(in);
-    Element root = doc.getRootElement();
-    List<Element> xmlUsers = root.getChildren("user");
-    for (Element user : xmlUsers) {
-      String username = user.getAttribute("username").getValue();
-      String password = user.getAttribute("password").getValue();
-      String roles = user.getAttribute("roles").getValue();
-      Collection<String> splitRoles = Arrays.asList(roles.split(","));
-      users.put(username, new TomcatUser(username, password, mapRoles(splitRoles)));
-    }
-  }
-
-  @Override
-  public String getLoginForm() {
-    String html = "<form>" +
-      "<div class=\"form-group\">" +
-      "<label for=\"username\">Username</label>" +
-      "<input name=\"username\" class=\"form-control\"/>" +
-      "</div>" +
-      "<div class=\"form-group\">" +
-      "<label for=\"password\">Password</label>" +
-      "<input type=\"password\" name=\"password\" class=\"form-control\"/>" +
-      "</div>" +
-      "<button type=\"submit\" class=\"btn btn-default\">Submit</button>" +
-      "</form>";
-    return html;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
index 9dbe7ec..de4ecb3 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/AuthServlet.java
@@ -18,7 +18,7 @@ package org.apache.blur.console.servlets;
  */
 
 import org.apache.blur.console.model.User;
-import org.apache.blur.console.providers.BaseProvider;
+import org.apache.blur.console.providers.IAuthenticationProvider;
 import org.apache.blur.console.util.Config;
 import org.apache.blur.console.util.HttpUtil;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -37,16 +37,6 @@ public class AuthServlet extends BaseConsoleServlet {
   private static final String USER_FIELD = "user";
 
   @Override
-  protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-    String path = req.getPathInfo();
-    if ("/securityUsers".equalsIgnoreCase(path)) {
-      getSecurityUsers(req, resp);
-    } else {
-      sendNotFound(resp, req.getRequestURI());
-    }
-  }
-
-  @Override
   protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
     String path = req.getPathInfo();
     if ("/login".equalsIgnoreCase(path)) {
@@ -56,27 +46,22 @@ public class AuthServlet extends BaseConsoleServlet {
     }
   }
 
-  private void getSecurityUsers(HttpServletRequest request, HttpServletResponse response) throws IOException {
-    Map<String, Object> responseData = new HashMap<String, Object>();
-    responseData.put("securityUserNames", Config.getSecurityUserNames());
-    HttpUtil.sendResponse(response, new ObjectMapper().writeValueAsString(responseData), HttpUtil.JSON);
-  }
-
   private void loginUser(HttpServletRequest request, HttpServletResponse response) throws IOException {
     Map<String, Object> responseData = new HashMap<String, Object>();
     HttpSession session = request.getSession();
     User user = (User) session.getAttribute("user");
-    BaseProvider provider = Config.getProvider();
+    IAuthenticationProvider authenticationProvider = Config.getAuthenticationProvider();
     if(user == null) {
-      user = provider.login(request);
+      user = authenticationProvider.login(request);
     }
     if (user == null) {
       responseData.put(LOGIN_STATUS_FIELD, false);
-      String form = provider.getLoginForm();
+      String form = authenticationProvider.getLoginForm();
       if (form != null) {
         responseData.put(LOGIN_FORM_FIELD, form);
       }
     } else {
+      Config.getAuthorizationProvider().setUserSecurityAttributes(user);
       responseData.put(LOGIN_STATUS_FIELD, true);
       responseData.put(USER_FIELD, user);
       session.setAttribute("user", user);

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
index 81ff64a..c7e9082 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/BaseConsoleServlet.java
@@ -57,11 +57,7 @@ public abstract class BaseConsoleServlet extends HttpServlet {
   }
 
   protected void authorize(HttpServletRequest request, String... roles) {
-    HttpSession session = request.getSession();
-    User user = (User) session.getAttribute("user");
-    if(user == null) {
-      throw new UnauthorizedException();
-    }
+    User user = currentUser(request);
     for(String role: roles) {
       if(user.hasRole(role)){
         return;
@@ -69,4 +65,13 @@ public abstract class BaseConsoleServlet extends HttpServlet {
     }
     throw new ForbiddenException();
   }
+
+  protected User currentUser(HttpServletRequest request) {
+    HttpSession session = request.getSession();
+    User user = (User) session.getAttribute("user");
+    if(user == null) {
+      throw new UnauthorizedException();
+    }
+    return user;
+  }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
index 31a6c0c..685676e 100644
--- a/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
+++ b/blur-console/src/main/java/org/apache/blur/console/servlets/SearchServlet.java
@@ -45,11 +45,10 @@ public class SearchServlet extends BaseConsoleServlet {
 
   private void search(HttpServletRequest req, HttpServletResponse res) throws IOException {
     authorize(req, User.SEARCHER_ROLE);
-    Map<String, String[]> params =req.getParameterMap();
-    String remoteHost =req.getRemoteHost();
+    Map<String, String[]> params = req.getParameterMap();
     Map<String, Object> results = new HashMap<String, Object>();
     try {
-      results = SearchUtil.search(params, remoteHost);
+      results = SearchUtil.search(params, currentUser(req));
     } catch (IOException e) {
       throw new IOException(e);
     } catch (Exception e) {

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/util/Config.java b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
index 17067f1..7abd3c6 100644
--- a/blur-console/src/main/java/org/apache/blur/console/util/Config.java
+++ b/blur-console/src/main/java/org/apache/blur/console/util/Config.java
@@ -19,7 +19,10 @@ package org.apache.blur.console.util;
 
 
 import org.apache.blur.BlurConfiguration;
-import org.apache.blur.console.providers.BaseProvider;
+import org.apache.blur.console.providers.AuthenticationDenied;
+import org.apache.blur.console.providers.EmptyAuthorization;
+import org.apache.blur.console.providers.IAuthenticationProvider;
+import org.apache.blur.console.providers.IAuthorizationProvider;
 import org.apache.blur.manager.clusterstatus.ZookeeperClusterStatus;
 import org.apache.blur.thrift.BlurClient;
 import org.apache.blur.thrift.generated.Blur.Iface;
@@ -49,8 +52,8 @@ public class Config {
   private static ZookeeperClusterStatus zk;
   private static String blurConnection;
   private static Object cluster;
-  private static Map<String, Map<String, String>> globalUserProperties;
-  private static BaseProvider provider;
+  private static IAuthenticationProvider authenticationProvider;
+  private static IAuthorizationProvider authorizationProvider;
 
   public static int getConsolePort() {
     return port;
@@ -71,8 +74,7 @@ public class Config {
     zk = new ZookeeperClusterStatus(blurConfig.get("blur.zookeeper.connection"), blurConfig);
     blurConnection = buildConnectionString();
     port = blurConfig.getInt("blur.console.port", DEFAULT_PORT);
-    parseSecurity();
-    setupProvider();
+    setupProviders();
   }
 
   private static void setDevelopmentZookeeperConnection() {
@@ -96,36 +98,41 @@ public class Config {
     }
   }
 
-  private static void parseSecurity() {
-    String securityFile = blurConfig.get("blur.console.security.file");
+  private static void setupProviders() throws Exception {
+    String authenticationProviderClassName = blurConfig.get("blur.console.authentication.provider", "org.apache.blur.console.providers.AllAuthenticated");
+    String authorizationProviderClassName = blurConfig.get("blur.console.authorization.provider");
 
-    if (securityFile != null) {
-      JsonFactory factory = new JsonFactory();
-      ObjectMapper mapper = new ObjectMapper(factory);
-      File from = new File(securityFile);
-      TypeReference<Map<String, Map<String, String>>> typeRef = new TypeReference<Map<String, Map<String, String>>>() {
-      };
 
-      try {
-        globalUserProperties = mapper.readValue(from, typeRef);
-      } catch (Exception e) {
-        log.error("Unable to parse security file.  Search may not work right.", e);
-        globalUserProperties = null;
+    Class authenticationProviderClass = Class.forName(authenticationProviderClassName, false, Config.class.getClassLoader());
+
+    if (authenticationProviderClass == null) {
+      authenticationProvider = new AuthenticationDenied();
+      log.error("Error in blur.console.authentication.provider: AuthenticationDenied");
+    } else {
+      authenticationProvider = (IAuthenticationProvider) authenticationProviderClass.newInstance();
+      log.info("Using " + authenticationProviderClassName + " for authentication");
+      if(authenticationProviderClassName.equals(authorizationProviderClassName)) {
+        log.info("authentication and authorization providers are the same, reusing");
+        authorizationProvider = (IAuthorizationProvider) authenticationProvider;
       }
     }
-  }
-
-  private static void setupProvider() throws Exception {
-    String providerClassName = blurConfig.get("blur.console.auth.provider", "org.apache.blur.console.providers.AllAllowedProvider");
-
-
-    Class providerClass = Class.forName(providerClassName, false, Config.class.getClassLoader());
-
-    if (providerClass != null) {
-      provider = (BaseProvider) providerClass.newInstance();
-      provider.setupProvider(blurConfig);
+    authenticationProvider.setupProvider(blurConfig);
+
+    if(authorizationProvider == null) {
+      if(authorizationProviderClassName != null) {
+        Class authorizationProviderClass = Class.forName(authorizationProviderClassName, false, Config.class.getClassLoader());
+        if (authorizationProviderClass == null) {
+          log.error("Error in blur.console.authorization.provider: EmptyAuthorization");
+          authorizationProvider = new EmptyAuthorization();
+        } else {
+          log.info("Using " + authorizationProviderClassName + " for authorization");
+          authorizationProvider = (IAuthorizationProvider) authorizationProviderClass.newInstance();
+        }
+      } else {
+        authorizationProvider = new EmptyAuthorization();
+      }
+      authorizationProvider.setupProvider(blurConfig);
     }
-
   }
 
   public static String getConnectionString() throws IOException {
@@ -178,11 +185,11 @@ public class Config {
     }
   }
 
-  public static Iface getClient(String username, String securityUser) throws IOException {
+  public static Iface getClient(org.apache.blur.console.model.User user, String securityUser) throws IOException {
     Iface client = BlurClient.getClient(getConnectionString());
-
-    if (globalUserProperties != null && globalUserProperties.get(securityUser) != null) {
-      UserContext.setUser(new User(username, globalUserProperties.get(securityUser)));
+    Map<String, String> securityAttributes = user.getSecurityAttributes(securityUser);
+    if(securityAttributes != null) {
+      UserContext.setUser(new User(user.getName(), securityAttributes));
     }
 
     return client;
@@ -192,16 +199,11 @@ public class Config {
     return cluster != null;
   }
 
-  public static BaseProvider getProvider() {
-    return provider;
+  public static IAuthenticationProvider getAuthenticationProvider() {
+    return authenticationProvider;
   }
 
-  public static Collection<String> getSecurityUserNames() {
-    if (globalUserProperties != null) {
-      return globalUserProperties.keySet();
-    } else {
-      return new ArrayList<String>();
-    }
-
+  public static IAuthorizationProvider getAuthorizationProvider() {
+    return authorizationProvider;
   }
 }

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
----------------------------------------------------------------------
diff --git a/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java b/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
index ed99a71..e1014f3 100644
--- a/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
+++ b/blur-console/src/main/java/org/apache/blur/console/util/SearchUtil.java
@@ -1,9 +1,10 @@
 package org.apache.blur.console.util;
 
 import org.apache.blur.console.model.ResultRow;
+import org.apache.blur.console.model.User;
 import org.apache.blur.thirdparty.thrift_0_9_0.TException;
-import org.apache.blur.thrift.generated.Blur.Iface;
 import org.apache.blur.thrift.generated.*;
+import org.apache.blur.thrift.generated.Blur.Iface;
 import org.apache.blur.user.UserContext;
 import org.apache.commons.lang.StringUtils;
 
@@ -35,7 +36,7 @@ public class SearchUtil {
   private static final String ROW_ROW_OPTION = "rowrow";
   private static final String RECORD_RECORD_OPTION = "recordrecord";
 
-  public static Map<String, Object> search(Map<String, String[]> params, String remoteHost) throws IOException, TException {
+  public static Map<String, Object> search(Map<String, String[]> params, User user) throws IOException, TException {
     String table = HttpUtil.getFirstParam(params.get("table"));
     String query = HttpUtil.getFirstParam(params.get("query"));
     String rowQuery = HttpUtil.getFirstParam(params.get("rowRecordOption"));
@@ -45,16 +46,16 @@ public class SearchUtil {
     String securityUser = HttpUtil.getFirstParam(params.get("securityUser"));
 
     if (query.indexOf("rowid:") >= 0) {
-      return fetchRow(table, query, families, remoteHost, securityUser);
+      return fetchRow(table, query, families, user, securityUser);
     }
 
-    return searchAndFetch(table, query, rowQuery, start, fetch, families, remoteHost, securityUser);
+    return searchAndFetch(table, query, rowQuery, start, fetch, families, user, securityUser);
   }
 
   @SuppressWarnings({"unchecked", "rawtypes"})
-  private static Map<String, Object> searchAndFetch(String table, String query, String rowQuery, String start, String fetch, String[] families, String remoteHost, String securityUser) throws IOException, TException {
+  private static Map<String, Object> searchAndFetch(String table, String query, String rowQuery, String start, String fetch, String[] families, User user, String securityUser) throws IOException, TException {
     try {
-      Iface client = Config.getClient(remoteHost, securityUser);
+      Iface client = Config.getClient(user, securityUser);
 
       boolean recordsOnly = RECORD_RECORD_OPTION.equalsIgnoreCase(rowQuery);
 
@@ -64,7 +65,7 @@ public class SearchUtil {
       blurQuery.setQuery(q);
       blurQuery.setStart(Long.parseLong(start));
       blurQuery.setFetch(Integer.parseInt(fetch));
-      blurQuery.setUserContext(remoteHost);
+      blurQuery.setUserContext(user.getName());
 
       Selector s = new Selector();
       s.setRecordOnly(recordsOnly);
@@ -119,15 +120,15 @@ public class SearchUtil {
     }
   }
 
-  private static Map<String, Object> fullTextSearch(String table, String query, String remoteHost, String securityUser) throws IOException, TException {
+  private static Map<String, Object> fullTextSearch(String table, String query, User user, String securityUser) throws IOException, TException {
     try {
-      Iface client = Config.getClient(remoteHost, securityUser);
+      Iface client = Config.getClient(user, securityUser);
 
       BlurQuery blurQuery = new BlurQuery();
 
       Query q = new Query(query, true, ScoreType.SUPER, null, null);
       blurQuery.setQuery(q);
-      blurQuery.setUserContext(remoteHost);
+      blurQuery.setUserContext(user.getName());
       BlurResults blurResults = client.query(table, blurQuery);
 
       Map<String, Object> results = new HashMap<String, Object>();
@@ -139,9 +140,9 @@ public class SearchUtil {
   }
 
   @SuppressWarnings({"unchecked", "rawtypes"})
-  private static Map<String, Object> fetchRow(String table, String query, String[] families, String remoteHost, String securityUser) throws IOException, TException {
+  private static Map<String, Object> fetchRow(String table, String query, String[] families, User user, String securityUser) throws IOException, TException {
     try {
-      Iface client = Config.getClient(remoteHost, securityUser);
+      Iface client = Config.getClient(user, securityUser);
 
       Selector selector = new Selector();
       String rowid = StringUtils.remove(query, "rowid:");

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/webapp/js/blurconsole.auth.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.auth.js b/blur-console/src/main/webapp/js/blurconsole.auth.js
index 472c3c5..e975f2d 100644
--- a/blur-console/src/main/webapp/js/blurconsole.auth.js
+++ b/blur-console/src/main/webapp/js/blurconsole.auth.js
@@ -21,7 +21,7 @@ under the License.
 blurconsole.auth = (function() {
   'use strict';
 
-  var username, roles, fakeIt, container, loginDiv;
+  var username, roles, securityNames, fakeIt, container, loginDiv;
 
   //------------------- Private methods --------------------------
 
@@ -39,6 +39,7 @@ blurconsole.auth = (function() {
           if(data.user) {
             username = data.user.name;
             roles = data.user.roles;
+            securityNames = data.user.securityNames;
           }
           container.trigger('userLoggedIn');
         } else {
@@ -105,10 +106,15 @@ blurconsole.auth = (function() {
     return roles;
   }
 
+  function getSecurityNames() {
+    return securityNames;
+  }
+
   return {
     initModule: initModule,
     getUsername: getUsername,
     hasRole: hasRole,
-    getRoles: getRoles
+    getRoles: getRoles,
+    getSecurityNames: getSecurityNames
   };
 }());
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/webapp/js/blurconsole.data.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.data.js b/blur-console/src/main/webapp/js/blurconsole.data.js
index 62ed53c..6b5a7dd 100644
--- a/blur-console/src/main/webapp/js/blurconsole.data.js
+++ b/blur-console/src/main/webapp/js/blurconsole.data.js
@@ -120,14 +120,6 @@ blurconsole.data = (function() {
     });
   }
 
-  function getSecurityUserNames(callback) {
-    $.getJSON('/service/auth/securityUsers', function(data) {
-      callback(data.securityUserNames);
-    }).fail(function(xhr) {
-      _handleError(xhr, 'securityUsers');
-    });
-  }
-
   return {
     getTableList : getTableList,
     getNodeList : getNodeList,
@@ -139,7 +131,6 @@ blurconsole.data = (function() {
     deleteTable : deleteTable,
     getSchema : getSchema,
     findTerms : findTerms,
-    sendSearch : sendSearch,
-    getSecurityUserNames : getSecurityUserNames
+    sendSearch : sendSearch
   };
 }());
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/webapp/js/blurconsole.fake.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.fake.js b/blur-console/src/main/webapp/js/blurconsole.fake.js
index 887b9b7..03e4cdb 100644
--- a/blur-console/src/main/webapp/js/blurconsole.fake.js
+++ b/blur-console/src/main/webapp/js/blurconsole.fake.js
@@ -269,10 +269,6 @@ blurconsole.fake = (function() {
     }
   }
 
-  function getSecurityUserNames(callback) {
-    _sendCallback(callback, ['superuser','limiteduser']);
-  }
-
   function initModule() {
     $('nav.navbar .pull-right').append('<button type="button" id="fake_freeze" class="btn btn-default btn-sm">Freeze</button>');
     $('#fake_freeze').click(_toggleFreeze);
@@ -290,7 +286,6 @@ blurconsole.fake = (function() {
     deleteTable : deleteTable,
     getSchema : getSchema,
     findTerms : findTerms,
-    sendSearch : sendSearch,
-    getSecurityUserNames : getSecurityUserNames
+    sendSearch : sendSearch
   };
 }());
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/webapp/js/blurconsole.model.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.model.js b/blur-console/src/main/webapp/js/blurconsole.model.js
index b81d8af..ec8323f 100644
--- a/blur-console/src/main/webapp/js/blurconsole.model.js
+++ b/blur-console/src/main/webapp/js/blurconsole.model.js
@@ -33,8 +33,7 @@ blurconsole.model = (function() {
       queryPerformance : [],
       queries : {},
       errors: [],
-      schema: {},
-      securityUserNames: null
+      schema: {}
     };
 
   //----------------------- Models ----------------------------------
@@ -493,23 +492,6 @@ blurconsole.model = (function() {
     };
   }());
 
-  var security = (function() {
-    function userNames(callback) {
-      if(stateMap.securityUserNames) {
-        callback(stateMap.securityUserNames);
-      } else {
-        configMap.poller.getSecurityUserNames(function(data) {
-          stateMap.securityUserNames = data;
-          callback(data);
-        });
-      }
-    }
-
-    return {
-      userNames: userNames
-    };
-  }());
-
   //----------------------- Private Methods -------------------------
   function _nodePoller() {
     configMap.poller.getNodeList(_updateNodes);
@@ -591,7 +573,6 @@ blurconsole.model = (function() {
     nodes : nodes,
     queries : queries,
     search : search,
-    logs: logs,
-    security: security
+    logs: logs
   };
 }());
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/webapp/js/blurconsole.search.js
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/js/blurconsole.search.js b/blur-console/src/main/webapp/js/blurconsole.search.js
index 6e04c55..1af0664 100644
--- a/blur-console/src/main/webapp/js/blurconsole.search.js
+++ b/blur-console/src/main/webapp/js/blurconsole.search.js
@@ -243,17 +243,16 @@ blurconsole.search = (function () {
     }
     var user = $('#user');
     if (user.length > 0) {
-      blurconsole.model.security.userNames(function(names) {
-        if(names.length === 0) {
-          user.closest('.form-group').remove();
-        } else {
-          user.append('<option value=""></option>');
-          $.each(names, function(index, name) {
-            user.append('<option>'+name+'</option>');
-          });
-          user.val(stateMap.$userOption);
-        }
-      });
+      var names = blurconsole.auth.getSecurityNames();
+      if(names == null || names.length <= 1) {
+        user.closest('.form-group').remove();
+      } else {
+        user.append('<option value=""></option>');
+        $.each(names, function(index, name) {
+          user.append('<option>'+name+'</option>');
+        });
+        user.val(stateMap.$userOption);
+      }
     }
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-blur/blob/a872832b/blur-console/src/main/webapp/public/index.html
----------------------------------------------------------------------
diff --git a/blur-console/src/main/webapp/public/index.html b/blur-console/src/main/webapp/public/index.html
index 07672c8..6eafdf6 100644
--- a/blur-console/src/main/webapp/public/index.html
+++ b/blur-console/src/main/webapp/public/index.html
@@ -64,7 +64,7 @@ under the License.
       </ul>
     </nav>
     <div id="blurconsole"></div>
-    <script src="js/blurconsole.25eca61b3a7b87b9a6006e16995fef28.js"></script>
+    <script src="js/blurconsole.b3b55f3b66f68d99a652d8034e0d53a4.js"></script>
     <script type="text/javascript">
       $(function () { blurconsole.initModule( $('#blurconsole') ); });
     </script>


Mime
View raw message