sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vam...@apache.org
Subject [01/52] [abbrv] sentry git commit: SENTRY-1593: Implement client failover for Generic and NN clients
Date Wed, 14 Jun 2017 00:56:39 GMT
Repository: sentry
Updated Branches:
  refs/for/cdh5-1.5.1_ha [created] 78aa15974


http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
deleted file mode 100644
index fca8e81..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import com.google.common.net.HostAndPort;
-import org.apache.thrift.protocol.TProtocol;
-import org.apache.thrift.transport.TSaslClientTransport;
-import org.apache.thrift.transport.TSaslServerTransport;
-import org.apache.thrift.transport.TSocket;
-import org.apache.thrift.transport.TTransport;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-
-public class ThriftUtil {
-
-  private static final Logger LOGGER = LoggerFactory.getLogger(ThriftUtil.class);
-
-  public static void setImpersonator(final TProtocol in) {
-    try {
-      TTransport transport = in.getTransport();
-      if (transport instanceof TSaslServerTransport) {
-        String impersonator = ((TSaslServerTransport) transport).getSaslServer()
-            .getAuthorizationID();
-        setImpersonator(impersonator);
-      }
-    } catch (Exception e) {
-      // If there has exception when get impersonator info, log the error information.
-      LOGGER.warn("There is an error when get the impersonator:" + e.getMessage());
-    }
-  }
-
-  public static void setIpAddress(final TProtocol in) {
-    try {
-      TTransport transport = in.getTransport();
-      TSocket tSocket = getUnderlyingSocketFromTransport(transport);
-      if (tSocket != null) {
-        setIpAddress(tSocket.getSocket().getInetAddress().toString());
-      } else {
-        LOGGER.warn("Unknown Transport, cannot determine ipAddress");
-      }
-    } catch (Exception e) {
-      // If there has exception when get impersonator info, log the error information.
-      LOGGER.warn("There is an error when get the client's ip address:" + e.getMessage());
-    }
-  }
-
-  /**
-   * Returns the underlying TSocket from the transport, or null of the transport type is
unknown.
-   */
-  private static TSocket getUnderlyingSocketFromTransport(TTransport transport) {
-    Preconditions.checkNotNull(transport);
-    if (transport instanceof TSaslServerTransport) {
-      return (TSocket) ((TSaslServerTransport) transport).getUnderlyingTransport();
-    } else if (transport instanceof TSaslClientTransport) {
-      return (TSocket) ((TSaslClientTransport) transport).getUnderlyingTransport();
-    } else if (transport instanceof TSocket) {
-      return (TSocket) transport;
-    }
-    return null;
-  }
-
-  private static ThreadLocal<String> threadLocalIpAddress = new ThreadLocal<String>()
{
-    @Override
-    protected synchronized String initialValue() {
-      return "";
-    }
-  };
-
-  public static void setIpAddress(String ipAddress) {
-    threadLocalIpAddress.set(ipAddress);
-  }
-
-  public static String getIpAddress() {
-    return threadLocalIpAddress.get();
-  }
-
-  private static ThreadLocal<String> threadLocalImpersonator = new ThreadLocal<String>()
{
-    @Override
-    protected synchronized String initialValue() {
-      return "";
-    }
-  };
-
-  public static void setImpersonator(String impersonator) {
-    threadLocalImpersonator.set(impersonator);
-  }
-
-  public static String getImpersonator() {
-    return threadLocalImpersonator.get();
-  }
-
-  /**
-   * Utility function for parsing host and port strings. Expected form should be
-   * (host:port). The hostname could be in ipv6 style. If port is not specified,
-   * defaultPort will be used.
-   */
-  public static HostAndPort[] parseHostPortStrings(String[] hostsAndPortsArr, int defaultPort)
{
-    HostAndPort[] hostsAndPorts = new HostAndPort[hostsAndPortsArr.length];
-    for (int i = 0; i < hostsAndPorts.length; i++) {
-     hostsAndPorts[i] =
-          HostAndPort.fromString(hostsAndPortsArr[i]).withDefaultPort(defaultPort);
-    }
-    return hostsAndPorts;
-  }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
index b289338..cf47df9 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
@@ -28,8 +28,9 @@ import org.apache.commons.pool2.impl.GenericObjectPool;
 import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
 import org.apache.hadoop.conf.Configuration;
 import org.apache.sentry.core.common.exception.SentryUserException;
+import org.apache.sentry.core.common.transport.SentryClientInvocationHandler;
 import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
+import org.apache.sentry.core.common.utils.ThriftUtil;
 import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
 import org.apache.thrift.transport.TTransportException;
 import org.slf4j.Logger;

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java
deleted file mode 100644
index 2f38198..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/RetryClientInvocationHandler.java
+++ /dev/null
@@ -1,146 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import com.google.common.base.Preconditions;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl;
-import org.apache.thrift.transport.TTransportException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-
-/**
- * The RetryClientInvocationHandler is a proxy class for handling thrift calls for non-pool
- * model. Currently only one client connection is allowed, and it's using lazy connection.
- * The client is not connected to the sentry server until there is any rpc call.
- * <p>
- * For every rpc call, if the client is not connected, it will first connect to a sentry
- * server, and then do the thrift call to the connected sentry server, which will execute
- * the requested method and return back the response. If it is failed with connection
- * problem, it will close the current connection and retry (reconnect and resend the
- * thrift call) no more than rpcRetryTotal times. If the client is already connected, it
- * will reuse the existing connection, and do the thrift call.
- * <p>
- * During reconnection, it will first cycle through all the available sentry servers, and
- * then retry the whole server list no more than connectionFullRetryTotal times. In this
- * case, it won't introduce more latency when some server fails. Also to prevent all
- * clients connecting to the same server, it will reorder the endpoints randomly after a
- * full retry.
- * <p>
- * TODO: allow multiple client connections
- */
-class RetryClientInvocationHandler extends SentryClientInvocationHandler{
-  private static final Logger LOGGER =
-      LoggerFactory.getLogger(RetryClientInvocationHandler.class);
-  private final Configuration conf;
-  private SentryPolicyServiceClientDefaultImpl client = null;
-  private final int rpcRetryTotal;
-
-  /**
-   * Initialize the sentry configurations, including rpc retry count and client connection
-   * configs for SentryPolicyServiceClientDefaultImpl
-   */
-  RetryClientInvocationHandler(Configuration conf) throws Exception {
-    this.conf = conf;
-    Preconditions.checkNotNull(this.conf, "Configuration object cannot be null");
-    this.rpcRetryTotal = conf.getInt(ServiceConstants.ClientConfig.SENTRY_RPC_RETRY_TOTAL,
-        ServiceConstants.ClientConfig.SENTRY_RPC_RETRY_TOTAL_DEFAULT);
-    client = new SentryPolicyServiceClientDefaultImpl(conf);
-  }
-
-  /**
-   * For every rpc call, if the client is not connected, it will first connect to a sentry
-   * server, and then do the thrift call to the connected sentry server, which will
-   * execute the requested method and return back the response. If it is failed with
-   * connection problem, it will close the current connection, and retry (reconnect and
-   * resend the thrift call) no more than rpcRetryTotal times. Throw SentryUserException
-   * if failed retry after rpcRetryTotal times.
-   * if it is failed with other exception, method would just re-throw the exception.
-   * Synchronized it for thread safety.
-   */
-  @Override
-  synchronized Object invokeImpl(Object proxy, Method method, Object[] args) throws Exception
{
-    int retryCount = 0;
-    Exception lastExc = null;
-
-    while (retryCount < rpcRetryTotal) {
-      // Connect to a sentry server if not connected yet.
-      try {
-        client.connectWithRetry();
-      } catch (IOException e) {
-        // Increase the retry num
-        // Retry when the exception is caused by connection problem.
-        retryCount++;
-        lastExc = e;
-        close();
-        continue;
-      } catch (Exception e) {
-        close();
-        throw e;
-      }
-
-      // do the thrift call
-      try {
-        return method.invoke(client, args);
-      } catch (InvocationTargetException e) {
-        // Get the target exception, check if SentryUserException or TTransportException
is wrapped.
-        // TTransportException means there has connection problem with the pool.
-        Throwable targetException = e.getCause();
-        if (targetException instanceof SentryUserException) {
-          Throwable sentryTargetException = targetException.getCause();
-          // If there has connection problem, eg, invalid connection if the service restarted,
-          // sentryTargetException instanceof TTransportException = true.
-          if (sentryTargetException instanceof TTransportException) {
-            // Retry when the exception is caused by connection problem.
-            lastExc = new TTransportException(sentryTargetException);
-            LOGGER.debug("Got TTransportException when do the thrift call ", lastExc);
-          } else {
-            // The exception is thrown by thrift call, eg, SentryAccessDeniedException.
-            // Do not need to reconnect to the sentry server.
-            throw (SentryUserException) targetException;
-          }
-        } else {
-          throw e;
-        }
-      }
-
-      // Increase the retry num
-      retryCount++;
-
-      // For connection problem, it will close the current connection, and reconnect to
-      // an available sentry server and redo the thrift call.
-      close();
-    }
-    // Throw the exception as reaching the max rpc retry num.
-    LOGGER.error(String.format("failed after %d retries ", rpcRetryTotal), lastExc);
-    throw new SentryUserException(
-        String.format("failed after %d retries ", rpcRetryTotal), lastExc);
-  }
-
-  @Override
-  public void close() {
-    client.close();
-    LOGGER.debug("Close the current client connection");
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
deleted file mode 100644
index b8c7f23..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.lang.reflect.InvocationHandler;
-import java.lang.reflect.Method;
-
-/**
- * SentryClientInvocationHandler is the base interface for all the InvocationHandler in SENTRY
- */
-public abstract class SentryClientInvocationHandler implements InvocationHandler {
-
-  /**
-   * Close the InvocationHandler: An InvocationHandler may create some contexts,
-   * these contexts should be close when the method "close()" of client be called.
-   */
-  @Override
-  public final Object invoke(Object proxy, Method method, Object[] args) throws Exception
{
-    // close() doesn't throw exception we supress that in case of connection
-    // loss. Changing SentryPolicyServiceClient#close() to throw an
-    // exception would be a backward incompatible change for Sentry clients.
-    if ("close".equals(method.getName()) && null == args) {
-      close();
-      return null;
-    }
-    return invokeImpl(proxy, method, args);
-  }
-
-  /**
-   * Subclass should implement this method for special function
-   */
-  abstract Object invokeImpl(Object proxy, Method method, Object[] args) throws Exception;
-
-  /**
-   * An abstract method "close", an invocationHandler should close its contexts at here.
-   */
-  public abstract void close();
-
-}

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
index bcbaba1..0e4b684 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
@@ -6,9 +6,9 @@
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -22,28 +22,32 @@ import java.lang.reflect.Proxy;
 
 import org.apache.hadoop.conf.Configuration;
 
+import org.apache.sentry.core.common.transport.RetryClientInvocationHandler;
+import org.apache.sentry.core.common.transport.SentryPolicyClientTransportConfig;
 import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
 import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl;
 import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
 
-public class SentryServiceClientFactory {
-
+public final class SentryServiceClientFactory {
+  private static final SentryPolicyClientTransportConfig transportConfig =
+          new SentryPolicyClientTransportConfig();
   private SentryServiceClientFactory() {
   }
 
   public static SentryPolicyServiceClient create(Configuration conf) throws Exception {
     boolean pooled = conf.getBoolean(
-        ClientConfig.SENTRY_POOL_ENABLED, ClientConfig.SENTRY_POOL_ENABLED_DEFAULT);
+      ClientConfig.SENTRY_POOL_ENABLED, ClientConfig.SENTRY_POOL_ENABLED_DEFAULT);
     if (pooled) {
       return (SentryPolicyServiceClient) Proxy
-          .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
-              SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
-              new PoolClientInvocationHandler(conf));
+        .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
+          SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
+          new PoolClientInvocationHandler(conf));
     } else {
       return (SentryPolicyServiceClient) Proxy
-          .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
-              SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
-              new RetryClientInvocationHandler(conf));
+        .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
+          SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
+          new RetryClientInvocationHandler(conf,
+            new SentryPolicyServiceClientDefaultImpl(conf,transportConfig), transportConfig));
     }
   }
 }

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
index fff5854..29fb421 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
@@ -25,7 +25,6 @@ import javax.security.sasl.Sasl;
 import com.google.common.base.Splitter;
 import com.google.common.collect.ImmutableMap;
 import org.apache.sentry.provider.db.service.thrift.SentryMetrics;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl;
 
 public class ServiceConstants {
 
@@ -119,6 +118,8 @@ public class ServiceConstants {
     public static final String SENTRY_STORE_LOCAL_GROUP_MAPPING = "org.apache.sentry.provider.file.LocalGroupMappingService";
     public static final String SENTRY_STORE_GROUP_MAPPING_DEFAULT = SENTRY_STORE_HADOOP_GROUP_MAPPING;
 
+    public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL = "sentry.store.orphaned.privilege.removal";
+    public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL_DEFAULT = "false";
     public static final String SENTRY_STORE_CLEAN_PERIOD_SECONDS =
         "sentry.store.clean.period.seconds";
     public static final long SENTRY_STORE_CLEAN_PERIOD_SECONDS_DEFAULT = 43200; // 12 hours.
@@ -225,12 +226,10 @@ public class ServiceConstants {
   }
 
   public static class ClientConfig {
-    public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES;
     public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port";
     public static final int SERVER_RPC_PORT_DEFAULT = ServerConfig.RPC_PORT_DEFAULT;
     public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-address";
     public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout";
-    public static final int SERVER_RPC_CONN_TIMEOUT_DEFAULT = 200000;
 
     // HA configuration
     public static final String SENTRY_HA_ENABLED = "sentry.ha.enabled";
@@ -254,20 +253,6 @@ public class ServiceConstants {
     public static final String SENTRY_POOL_RETRY_TOTAL = "sentry.service.client.connection.pool.retry-total";
     public static final int SENTRY_POOL_RETRY_TOTAL_DEFAULT = 3;
 
-    /**
-     * full retry num for getting the connection in non-pool model
-     * In a full retry, it will cycle through all available sentry servers
-     * {@link SentryPolicyServiceClientDefaultImpl#connectWithRetry()}
-     */
-    public static final String SENTRY_FULL_RETRY_TOTAL = "sentry.service.client.connection.full.retry-total";
-    public static final int SENTRY_FULL_RETRY_TOTAL_DEFAULT = 2;
-    /**
-     * max retry num for client rpc
-     * {@link RetryClientInvocationHandler#invokeImpl(Object, Method, Object[])}
-     */
-    public static final String SENTRY_RPC_RETRY_TOTAL = "sentry.service.client.rpc.retry-total";
-    public static final int SENTRY_RPC_RETRY_TOTAL_DEFAULT = 3;
-
     // max message size for thrift messages
     public static String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size";
     public static long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024
* 1024;

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
index 356e48c..4411bdd 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
@@ -43,8 +43,8 @@ import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer
 import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
 import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
 import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants;
 import org.apache.sentry.provider.db.service.thrift.SentryConfigurationException;
+import org.apache.sentry.core.common.utils.PolicyStoreConstants;
 import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
 import org.apache.sentry.service.thrift.Status;
 import org.apache.sentry.service.thrift.TSentryResponseStatus;

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java
new file mode 100644
index 0000000..8959ad8
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceClient.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.db.generic.service.thrift;
+
+import java.util.Set;
+
+import org.apache.sentry.service.thrift.SentryServiceFactory;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.google.common.collect.Sets;
+
+public class TestSentryGenericServiceClient extends SentryGenericServiceIntegrationBase {
+
+  @BeforeClass
+  public static void setup() throws Exception {
+    beforeSetup();
+    setupConf();
+    startSentryService();
+    afterSetup();
+    kerberos = false;
+  }
+
+  @Test
+  public void testConnectionWhenReconnect() throws Exception {
+    runTestAsSubject(new TestOperation() {
+      @Override
+      public void runTestAsSubject() throws Exception {
+        String requestorUserName = ADMIN_USER;
+        Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+        String roleName = "admin_r";
+        setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+        writePolicyFile();
+
+        client.dropRoleIfExists(requestorUserName, roleName, "solr");
+        client.createRole(requestorUserName, roleName, "solr");
+        stopSentryService();
+        server = new SentryServiceFactory().create(conf);
+        startSentryService();
+        client.dropRole(requestorUserName, roleName, "solr");
+      }
+    });
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
index 4e40038..ec066f0 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
@@ -40,7 +40,7 @@ import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
 import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleResponse;
 import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
 import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
+import org.apache.sentry.core.common.utils.ThriftUtil;
 import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
 import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
 import org.apache.sentry.service.thrift.Status;

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
index a5aff35..8e882ad 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
@@ -43,7 +43,7 @@ import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleReque
 import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse;
 import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
 import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
+import org.apache.sentry.core.common.utils.ThriftUtil;
 import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
 import org.apache.sentry.service.thrift.Status;
 import org.junit.BeforeClass;

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java
new file mode 100644
index 0000000..3b3b30e
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyServiceClient.java
@@ -0,0 +1,64 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.db.service.thrift;
+
+import java.util.Set;
+
+import org.apache.sentry.service.thrift.SentryServiceFactory;
+import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.google.common.collect.Sets;
+
+public class TestSentryPolicyServiceClient extends SentryServiceIntegrationBase {
+
+  @BeforeClass
+  public static void setup() throws Exception {
+    beforeSetup();
+    setupConf();
+    startSentryService();
+    afterSetup();
+    kerberos = false;
+  }
+
+  @Test
+  public void testConnectionWhenReconnect() throws Exception {
+    runTestAsSubject(new TestOperation() {
+      @Override
+      public void runTestAsSubject() throws Exception {
+        String requestorUserName = ADMIN_USER;
+        Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+        String roleName = "admin_r";
+        setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+        writePolicyFile();
+
+        client.dropRoleIfExists(requestorUserName, roleName);
+        client.createRole(requestorUserName, roleName);
+        client.listRoles(requestorUserName);
+        stopSentryService();
+        server = new SentryServiceFactory().create(conf);
+        startSentryService();
+        client.listRoles(requestorUserName);
+        client.dropRole(requestorUserName, roleName);
+      }
+    });
+  }
+
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
index 9ae6cb0..ae2d476 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
@@ -21,7 +21,7 @@ import junit.framework.Assert;
 
 import org.apache.hadoop.conf.Configuration;
 import org.apache.sentry.provider.db.SentryThriftAPIMismatchException;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig;
+import org.apache.sentry.core.common.utils.PolicyStoreConstants.PolicyStoreServerConfig;
 import org.apache.sentry.service.thrift.ServiceConstants;
 import org.junit.Before;
 import org.junit.Test;

http://git-wip-us.apache.org/repos/asf/sentry/blob/0dbe38aa/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java
b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java
index 7292387..a202775 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/TestPoolClientInvocationHandler.java
@@ -19,7 +19,7 @@
 package org.apache.sentry.service.thrift;
 
 import com.google.common.net.HostAndPort;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
+import org.apache.sentry.core.common.utils.ThriftUtil;
 import org.junit.Assert;
 import org.junit.Test;
 import org.slf4j.Logger;


Mime
View raw message