sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sp...@apache.org
Subject [51/51] [abbrv] [partial] sentry git commit: SENTRY-2206: Refactor out sentry api from sentry-provider-db to own module (Steve Moist, reviewed by Sergio Pena)
Date Tue, 15 May 2018 21:45:09 GMT
SENTRY-2206: Refactor out sentry api from sentry-provider-db to own module (Steve Moist, reviewed by Sergio Pena)

I had to revert this patch previously in order to remove some files that were removed after I committed this patch before.

Change-Id: I75de264e145653d18b75c0be9619f8967102c49f


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/48422f4c
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/48422f4c
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/48422f4c

Branch: refs/heads/master
Commit: 48422f4cc0995d5e0fd0d9705fba7cc3f8e13a40
Parents: edd8a7a
Author: Sergio Pena <sergio.pena@cloudera.com>
Authored: Tue May 15 16:39:29 2018 -0500
Committer: Sergio Pena <sergio.pena@cloudera.com>
Committed: Tue May 15 16:39:29 2018 -0500

----------------------------------------------------------------------
 pom.xml                                         |     5 +-
 .../authz/HBaseIndexerAuthzBinding.java         |     4 +-
 .../binding/hive/authz/HiveAuthzBinding.java    |     2 +-
 .../binding/hive/authz/SentryConfigTool.java    |     2 +-
 .../DefaultSentryAccessController.java          |     6 +-
 .../SentryMetastorePostEventListenerBaseV2.java |     2 +-
 .../hive/v2/util/SentryAuthorizerUtil.java      |     6 +-
 .../authz/DefaultSentryAccessController.java    |     6 +-
 .../binding/hive/authz/SentryConfigTool.java    |     2 +-
 ...rySyncHMSNotificationsPostEventListener.java |     2 +-
 .../binding/util/SentryAuthorizerUtil.java      |    12 +-
 ...rySyncHMSNotificationsPostEventListener.java |     2 +-
 .../sentry/kafka/binding/KafkaAuthBinding.java  |    25 +-
 .../binding/solr/authz/SolrAuthzBinding.java    |    12 +-
 .../sentry/sqoop/binding/SqoopAuthBinding.java  |    20 +-
 .../apache/sentry/api/common/ApiConstants.java  |    90 +
 .../sentry/service/common/ServiceConstants.java |   251 +
 sentry-dist/src/license/THIRD-PARTY.properties  |     3 +-
 .../sentry/hdfs/SentryHdfsMetricsUtil.java      |     2 +-
 .../org/apache/sentry/hdfs/SentryPlugin.java    |    22 +-
 sentry-provider/sentry-provider-db/pom.xml      |   100 +-
 .../thrift/SentryGenericPolicyService.java      | 10416 -----------
 .../TAlterSentryRoleAddGroupsRequest.java       |   842 -
 .../TAlterSentryRoleAddGroupsResponse.java      |   391 -
 .../TAlterSentryRoleDeleteGroupsRequest.java    |   842 -
 .../TAlterSentryRoleDeleteGroupsResponse.java   |   391 -
 .../TAlterSentryRoleGrantPrivilegeRequest.java  |   798 -
 .../TAlterSentryRoleGrantPrivilegeResponse.java |   391 -
 .../TAlterSentryRoleRevokePrivilegeRequest.java |   798 -
 ...TAlterSentryRoleRevokePrivilegeResponse.java |   391 -
 .../generic/service/thrift/TAuthorizable.java   |   490 -
 .../thrift/TCreateSentryRoleRequest.java        |   692 -
 .../thrift/TCreateSentryRoleResponse.java       |   391 -
 .../service/thrift/TDropPrivilegesRequest.java  |   697 -
 .../service/thrift/TDropPrivilegesResponse.java |   391 -
 .../service/thrift/TDropSentryRoleRequest.java  |   692 -
 .../service/thrift/TDropSentryRoleResponse.java |   391 -
 .../TListSentryPrivilegesByAuthRequest.java     |  1112 --
 .../TListSentryPrivilegesByAuthResponse.java    |   569 -
 ...TListSentryPrivilegesForProviderRequest.java |  1011 -
 ...ListSentryPrivilegesForProviderResponse.java |   541 -
 .../thrift/TListSentryPrivilegesRequest.java    |   957 -
 .../thrift/TListSentryPrivilegesResponse.java   |   555 -
 .../service/thrift/TListSentryRolesRequest.java |   701 -
 .../thrift/TListSentryRolesResponse.java        |   555 -
 .../thrift/TRenamePrivilegesRequest.java        |  1002 -
 .../thrift/TRenamePrivilegesResponse.java       |   391 -
 .../service/thrift/TSentryActiveRoleSet.java    |   537 -
 .../service/thrift/TSentryGrantOption.java      |    48 -
 .../service/thrift/TSentryPrivilege.java        |  1080 --
 .../service/thrift/TSentryPrivilegeMap.java     |   490 -
 .../db/generic/service/thrift/TSentryRole.java  |   539 -
 .../db/service/thrift/SentryPolicyService.java  | 16422 -----------------
 .../TAlterSentryRoleAddGroupsRequest.java       |   746 -
 .../TAlterSentryRoleAddGroupsResponse.java      |   394 -
 .../thrift/TAlterSentryRoleAddUsersRequest.java |   741 -
 .../TAlterSentryRoleAddUsersResponse.java       |   394 -
 .../TAlterSentryRoleDeleteGroupsRequest.java    |   746 -
 .../TAlterSentryRoleDeleteGroupsResponse.java   |   394 -
 .../TAlterSentryRoleDeleteUsersRequest.java     |   741 -
 .../TAlterSentryRoleDeleteUsersResponse.java    |   394 -
 .../TAlterSentryRoleGrantPrivilegeRequest.java  |   866 -
 .../TAlterSentryRoleGrantPrivilegeResponse.java |   669 -
 .../TAlterSentryRoleRevokePrivilegeRequest.java |   866 -
 ...TAlterSentryRoleRevokePrivilegeResponse.java |   394 -
 .../thrift/TCreateSentryRoleRequest.java        |   591 -
 .../thrift/TCreateSentryRoleResponse.java       |   394 -
 .../service/thrift/TDropPrivilegesRequest.java  |   596 -
 .../service/thrift/TDropPrivilegesResponse.java |   394 -
 .../service/thrift/TDropSentryRoleRequest.java  |   591 -
 .../service/thrift/TDropSentryRoleResponse.java |   394 -
 .../TListSentryPrivilegesByAuthRequest.java     |   915 -
 .../TListSentryPrivilegesByAuthResponse.java    |   571 -
 ...TListSentryPrivilegesForProviderRequest.java |   915 -
 ...ListSentryPrivilegesForProviderResponse.java |   544 -
 .../thrift/TListSentryPrivilegesRequest.java    |   706 -
 .../thrift/TListSentryPrivilegesResponse.java   |   558 -
 .../thrift/TListSentryRolesForUserRequest.java  |   591 -
 .../service/thrift/TListSentryRolesRequest.java |   600 -
 .../thrift/TListSentryRolesResponse.java        |   558 -
 .../thrift/TRenamePrivilegesRequest.java        |   702 -
 .../thrift/TRenamePrivilegesResponse.java       |   394 -
 .../db/service/thrift/TSentryActiveRoleSet.java |   537 -
 .../db/service/thrift/TSentryAuthorizable.java  |   817 -
 .../thrift/TSentryConfigValueRequest.java       |   600 -
 .../thrift/TSentryConfigValueResponse.java      |   504 -
 .../thrift/TSentryExportMappingDataRequest.java |   600 -
 .../TSentryExportMappingDataResponse.java       |   500 -
 .../db/service/thrift/TSentryGrantOption.java   |    48 -
 .../db/service/thrift/TSentryGroup.java         |   389 -
 .../thrift/TSentryImportMappingDataRequest.java |   693 -
 .../TSentryImportMappingDataResponse.java       |   394 -
 .../db/service/thrift/TSentryMappingData.java   |   898 -
 .../db/service/thrift/TSentryPrivilege.java     |  1258 --
 .../db/service/thrift/TSentryPrivilegeMap.java  |   490 -
 .../provider/db/service/thrift/TSentryRole.java |   645 -
 .../db/service/thrift/TSentrySyncIDRequest.java |   484 -
 .../service/thrift/TSentrySyncIDResponse.java   |   493 -
 .../service/thrift/TSentryResponseStatus.java   |   598 -
 .../thrift/sentry_common_serviceConstants.java  |    57 -
 .../thrift/SentryGenericPolicyProcessor.java    |   829 +
 .../SentryGenericPolicyProcessorFactory.java    |    44 +
 .../sentry/api/service/thrift/ConfServlet.java  |    71 +
 .../api/service/thrift/LogLevelServlet.java     |   122 +
 .../api/service/thrift/PubSubServlet.java       |   128 +
 .../api/service/thrift/SentryAdminServlet.java  |   132 +
 .../api/service/thrift/SentryAuthFilter.java    |    89 +
 ...SentryHealthCheckServletContextListener.java |    35 +
 .../api/service/thrift/SentryMetrics.java       |   413 +
 .../SentryMetricsServletContextListener.java    |    32 +
 .../thrift/SentryPolicyStoreProcessor.java      |  1236 ++
 .../SentryPolicyStoreProcessorFactory.java      |    43 +
 .../api/service/thrift/SentryWebServer.java     |   240 +
 .../provider/db/SentryPolicyStorePlugin.java    |    16 +-
 .../provider/db/SimpleDBProviderBackend.java    |     8 +-
 .../generic/SentryGenericProviderBackend.java   |    24 +-
 .../provider/db/generic/UpdatableCache.java     |    10 +-
 .../service/persistent/DelegateSentryStore.java |     8 +-
 .../persistent/PrivilegeOperatePersistence.java |     2 +-
 .../service/thrift/NotificationHandler.java     |    45 -
 .../thrift/NotificationHandlerInvoker.java      |   163 -
 .../thrift/SentryGenericPolicyProcessor.java    |   831 -
 .../SentryGenericPolicyProcessorFactory.java    |    43 -
 .../SentryGenericPolicyProcessorWrapper.java    |    39 -
 .../thrift/SentryGenericServiceClient.java      |   194 -
 .../SentryGenericServiceClientDefaultImpl.java  |   559 -
 .../SentryGenericServiceClientFactory.java      |   123 -
 .../tools/GenericPrivilegeConverter.java        |     6 +-
 .../tools/TSentryPrivilegeConverter.java        |     2 +-
 .../db/log/entity/JsonLogEntityFactory.java     |    66 +-
 .../provider/db/log/util/CommandUtil.java       |    20 +-
 .../sentry/provider/db/log/util/Constants.java  |    26 +-
 .../db/service/persistent/HAContext.java        |     2 +-
 .../db/service/persistent/HMSFollower.java      |     2 +-
 .../service/persistent/LeaderStatusMonitor.java |     2 +-
 .../persistent/NotificationProcessor.java       |     6 +-
 .../db/service/persistent/SentryStore.java      |    22 +-
 .../service/persistent/TransactionManager.java  |     4 +-
 .../provider/db/service/thrift/ConfServlet.java |    71 -
 .../db/service/thrift/LogLevelServlet.java      |   122 -
 .../db/service/thrift/NotificationHandler.java  |    73 -
 .../thrift/NotificationHandlerInvoker.java      |   164 -
 .../db/service/thrift/PubSubServlet.java        |   128 -
 .../db/service/thrift/SentryAdminServlet.java   |   132 -
 .../db/service/thrift/SentryAuthFilter.java     |    89 -
 ...SentryHealthCheckServletContextListener.java |    35 -
 .../db/service/thrift/SentryMetrics.java        |   413 -
 .../SentryMetricsServletContextListener.java    |    32 -
 .../thrift/SentryPolicyServiceClient.java       |   227 -
 .../SentryPolicyServiceClientDefaultImpl.java   |  1081 --
 .../thrift/SentryPolicyStoreProcessor.java      |  1238 --
 .../SentryPolicyStoreProcessorFactory.java      |    42 -
 .../service/thrift/SentryProcessorWrapper.java  |    38 -
 .../db/service/thrift/SentryWebServer.java      |   240 -
 .../GrantPrivilegeRequestValidator.java         |    91 -
 .../RevokePrivilegeRequestValidator.java        |    46 -
 .../service/thrift/FullUpdateInitializer.java   |     2 +-
 .../sentry/service/thrift/GSSCallback.java      |     2 +-
 .../thrift/HiveSimpleConnectionFactory.java     |     2 +-
 .../sentry/service/thrift/SentryHMSClient.java  |     2 +-
 .../sentry/service/thrift/SentryService.java    |    14 +-
 .../thrift/SentryServiceClientFactory.java      |     4 +-
 .../service/thrift/SentryServiceUtil.java       |   316 -
 .../sentry/service/thrift/ServiceConstants.java |   316 -
 .../apache/sentry/service/thrift/Status.java    |   132 -
 .../main/resources/sentry_common_service.thrift |    44 -
 .../sentry_generic_policy_service.thrift        |   278 -
 .../main/resources/sentry_policy_service.thrift |   364 -
 .../SentryGenericServiceIntegrationBase.java    |    73 +
 .../TestAuditLogForSentryGenericService.java    |   296 +
 .../TestSentryGenericPolicyProcessor.java       |   364 +
 .../thrift/TestSentryGenericServiceClient.java  |    61 +
 .../TestSentryGenericServiceIntegration.java    |   503 +
 .../service/thrift/SentryMiniKdcTestcase.java   |    68 +
 .../TestAuthorizingDDLAuditLogWithKerberos.java |   295 +
 .../thrift/TestConnectionWithTicketTimeout.java |    57 +
 .../thrift/TestNotificationHandlerInvoker.java  |   102 +
 .../thrift/TestSentryPolicyServiceClient.java   |    64 +
 .../thrift/TestSentryPolicyStoreProcessor.java  |    81 +
 .../TestSentryServerForPoolWithoutKerberos.java |    35 +
 .../thrift/TestSentryServerLogLevel.java        |   100 +
 .../service/thrift/TestSentryServerPubSub.java  |   181 +
 .../thrift/TestSentryServerWithoutKerberos.java |   214 +
 .../thrift/TestSentryServiceClientPool.java     |   111 +
 .../thrift/TestSentryServiceFailureCase.java    |    75 +
 .../TestSentryServiceForPoolWithKerberos.java   |    35 +
 .../thrift/TestSentryServiceImportExport.java   |   751 +
 .../thrift/TestSentryServiceIntegration.java    |  1102 ++
 .../thrift/TestSentryServiceMetrics.java        |    86 +
 .../TestSentryServiceWithInvalidMsgSize.java    |   122 +
 .../thrift/TestSentryServiceWithKerberos.java   |    58 +
 .../thrift/TestSentryWebServerWithKerberos.java |   175 +
 .../thrift/TestSentryWebServerWithSSL.java      |    64 +
 .../TestSentryWebServerWithoutSecurity.java     |    95 +
 .../TestSentryGenericProviderBackend.java       |     8 +-
 .../persistent/SentryStoreIntegrationBase.java  |     2 +-
 .../TestPrivilegeOperatePersistence.java        |     2 +-
 .../service/persistent/TestSentryRole.java      |     2 +-
 .../SentryGenericServiceIntegrationBase.java    |    73 -
 .../TestAuditLogForSentryGenericService.java    |   296 -
 .../TestSentryGenericPolicyProcessor.java       |   364 -
 .../thrift/TestSentryGenericServiceClient.java  |    61 -
 .../TestSentryGenericServiceIntegration.java    |   503 -
 .../db/log/entity/TestJsonLogEntityFactory.java |    34 +-
 .../log/entity/TestJsonLogEntityFactoryGM.java  |    32 +-
 .../provider/db/log/util/TestCommandUtil.java   |    38 +-
 .../db/service/persistent/TestHMSFollower.java  |     4 +-
 .../TestHMSFollowerSentryStoreIntegration.java  |     4 +-
 .../persistent/TestLeaderStatusMonitor.java     |     2 +-
 .../persistent/TestNotificationProcessor.java   |     4 +-
 .../db/service/persistent/TestSentryStore.java  |    18 +-
 .../persistent/TestSentryStoreImportExport.java |    12 +-
 .../service/persistent/TestSentryVersion.java   |     4 +-
 .../service/thrift/SentryMiniKdcTestcase.java   |    68 -
 .../TestAuthorizingDDLAuditLogWithKerberos.java |   295 -
 .../thrift/TestConnectionWithTicketTimeout.java |    57 -
 .../thrift/TestNotificationHandlerInvoker.java  |   102 -
 .../thrift/TestSentryPolicyServiceClient.java   |    64 -
 .../thrift/TestSentryPolicyStoreProcessor.java  |    81 -
 .../TestSentryServerForPoolWithoutKerberos.java |    35 -
 .../thrift/TestSentryServerLogLevel.java        |   100 -
 .../service/thrift/TestSentryServerPubSub.java  |   181 -
 .../thrift/TestSentryServerWithoutKerberos.java |   214 -
 .../thrift/TestSentryServiceClientPool.java     |   111 -
 .../thrift/TestSentryServiceFailureCase.java    |    75 -
 .../TestSentryServiceForPoolWithKerberos.java   |    35 -
 .../thrift/TestSentryServiceImportExport.java   |   751 -
 .../thrift/TestSentryServiceIntegration.java    |  1102 --
 .../thrift/TestSentryServiceMetrics.java        |    86 -
 .../TestSentryServiceWithInvalidMsgSize.java    |   121 -
 .../thrift/TestSentryServiceWithKerberos.java   |    58 -
 .../thrift/TestSentryWebServerWithKerberos.java |   175 -
 .../thrift/TestSentryWebServerWithSSL.java      |    64 -
 .../TestSentryWebServerWithoutSecurity.java     |    95 -
 .../thrift/SentryServiceIntegrationBase.java    |    17 +-
 sentry-service/pom.xml                          |    36 +
 sentry-service/sentry-service-api/pom.xml       |   200 +
 .../thrift/SentryGenericPolicyService.java      | 10416 +++++++++++
 .../TAlterSentryRoleAddGroupsRequest.java       |   842 +
 .../TAlterSentryRoleAddGroupsResponse.java      |   391 +
 .../TAlterSentryRoleDeleteGroupsRequest.java    |   842 +
 .../TAlterSentryRoleDeleteGroupsResponse.java   |   391 +
 .../TAlterSentryRoleGrantPrivilegeRequest.java  |   798 +
 .../TAlterSentryRoleGrantPrivilegeResponse.java |   391 +
 .../TAlterSentryRoleRevokePrivilegeRequest.java |   798 +
 ...TAlterSentryRoleRevokePrivilegeResponse.java |   391 +
 .../api/generic/thrift/TAuthorizable.java       |   490 +
 .../thrift/TCreateSentryRoleRequest.java        |   692 +
 .../thrift/TCreateSentryRoleResponse.java       |   391 +
 .../generic/thrift/TDropPrivilegesRequest.java  |   697 +
 .../generic/thrift/TDropPrivilegesResponse.java |   391 +
 .../generic/thrift/TDropSentryRoleRequest.java  |   692 +
 .../generic/thrift/TDropSentryRoleResponse.java |   391 +
 .../TListSentryPrivilegesByAuthRequest.java     |  1112 ++
 .../TListSentryPrivilegesByAuthResponse.java    |   569 +
 ...TListSentryPrivilegesForProviderRequest.java |  1011 +
 ...ListSentryPrivilegesForProviderResponse.java |   541 +
 .../thrift/TListSentryPrivilegesRequest.java    |   957 +
 .../thrift/TListSentryPrivilegesResponse.java   |   555 +
 .../generic/thrift/TListSentryRolesRequest.java |   701 +
 .../thrift/TListSentryRolesResponse.java        |   555 +
 .../thrift/TRenamePrivilegesRequest.java        |  1002 +
 .../thrift/TRenamePrivilegesResponse.java       |   391 +
 .../generic/thrift/TSentryActiveRoleSet.java    |   537 +
 .../api/generic/thrift/TSentryGrantOption.java  |    48 +
 .../api/generic/thrift/TSentryPrivilege.java    |  1080 ++
 .../api/generic/thrift/TSentryPrivilegeMap.java |   490 +
 .../sentry/api/generic/thrift/TSentryRole.java  |   539 +
 .../api/service/thrift/SentryPolicyService.java | 16422 +++++++++++++++++
 .../TAlterSentryRoleAddGroupsRequest.java       |   746 +
 .../TAlterSentryRoleAddGroupsResponse.java      |   394 +
 .../thrift/TAlterSentryRoleAddUsersRequest.java |   741 +
 .../TAlterSentryRoleAddUsersResponse.java       |   394 +
 .../TAlterSentryRoleDeleteGroupsRequest.java    |   746 +
 .../TAlterSentryRoleDeleteGroupsResponse.java   |   394 +
 .../TAlterSentryRoleDeleteUsersRequest.java     |   741 +
 .../TAlterSentryRoleDeleteUsersResponse.java    |   394 +
 .../TAlterSentryRoleGrantPrivilegeRequest.java  |   866 +
 .../TAlterSentryRoleGrantPrivilegeResponse.java |   669 +
 .../TAlterSentryRoleRevokePrivilegeRequest.java |   866 +
 ...TAlterSentryRoleRevokePrivilegeResponse.java |   394 +
 .../thrift/TCreateSentryRoleRequest.java        |   591 +
 .../thrift/TCreateSentryRoleResponse.java       |   394 +
 .../service/thrift/TDropPrivilegesRequest.java  |   596 +
 .../service/thrift/TDropPrivilegesResponse.java |   394 +
 .../service/thrift/TDropSentryRoleRequest.java  |   591 +
 .../service/thrift/TDropSentryRoleResponse.java |   394 +
 .../TListSentryPrivilegesByAuthRequest.java     |   915 +
 .../TListSentryPrivilegesByAuthResponse.java    |   571 +
 ...TListSentryPrivilegesForProviderRequest.java |   915 +
 ...ListSentryPrivilegesForProviderResponse.java |   544 +
 .../thrift/TListSentryPrivilegesRequest.java    |   706 +
 .../thrift/TListSentryPrivilegesResponse.java   |   558 +
 .../thrift/TListSentryRolesForUserRequest.java  |   591 +
 .../service/thrift/TListSentryRolesRequest.java |   600 +
 .../thrift/TListSentryRolesResponse.java        |   558 +
 .../thrift/TRenamePrivilegesRequest.java        |   702 +
 .../thrift/TRenamePrivilegesResponse.java       |   394 +
 .../service/thrift/TSentryActiveRoleSet.java    |   537 +
 .../api/service/thrift/TSentryAuthorizable.java |   817 +
 .../thrift/TSentryConfigValueRequest.java       |   600 +
 .../thrift/TSentryConfigValueResponse.java      |   504 +
 .../thrift/TSentryExportMappingDataRequest.java |   600 +
 .../TSentryExportMappingDataResponse.java       |   500 +
 .../api/service/thrift/TSentryGrantOption.java  |    48 +
 .../sentry/api/service/thrift/TSentryGroup.java |   389 +
 .../thrift/TSentryImportMappingDataRequest.java |   693 +
 .../TSentryImportMappingDataResponse.java       |   394 +
 .../api/service/thrift/TSentryMappingData.java  |   898 +
 .../api/service/thrift/TSentryPrivilege.java    |  1258 ++
 .../api/service/thrift/TSentryPrivilegeMap.java |   490 +
 .../sentry/api/service/thrift/TSentryRole.java  |   645 +
 .../service/thrift/TSentrySyncIDRequest.java    |   484 +
 .../service/thrift/TSentrySyncIDResponse.java   |   493 +
 .../service/thrift/TSentryResponseStatus.java   |   598 +
 .../thrift/sentry_common_serviceConstants.java  |    57 +
 .../sentry/api/common/SentryServiceUtil.java    |   322 +
 .../org/apache/sentry/api/common/Status.java    |   133 +
 .../sentry/api/common/ThriftConstants.java      |    30 +
 .../api/generic/thrift/NotificationHandler.java |    45 +
 .../thrift/NotificationHandlerInvoker.java      |   163 +
 .../SentryGenericPolicyProcessorWrapper.java    |    39 +
 .../thrift/SentryGenericServiceClient.java      |   194 +
 .../SentryGenericServiceClientDefaultImpl.java  |   560 +
 .../SentryGenericServiceClientFactory.java      |   123 +
 .../api/service/thrift/NotificationHandler.java |    73 +
 .../thrift/NotificationHandlerInvoker.java      |   164 +
 .../thrift/SentryPolicyServiceClient.java       |   227 +
 .../SentryPolicyServiceClientDefaultImpl.java   |  1082 ++
 .../service/thrift/SentryProcessorWrapper.java  |    38 +
 .../GrantPrivilegeRequestValidator.java         |    91 +
 .../RevokePrivilegeRequestValidator.java        |    46 +
 .../api/tools/GenericPrivilegeConverter.java    |   190 +
 .../api/tools/TSentryPrivilegeConverter.java    |    34 +
 .../main/resources/sentry_common_service.thrift |    44 +
 .../sentry_generic_policy_service.thrift        |   278 +
 .../main/resources/sentry_policy_service.thrift |   364 +
 .../TestSentryWebServiceForAuthTypeNone.java    |     2 +-
 .../e2e/dbprovider/TestConcurrentClients.java   |     2 +-
 .../tests/e2e/hdfs/TestHDFSIntegration.java     |     2 +-
 .../AbstractTestWithStaticConfiguration.java    |     2 +-
 .../metastore/SentryPolicyProviderForDb.java    |     4 +-
 .../dbprovider/AbstractTestWithDbProvider.java  |     4 +-
 .../e2e/dbprovider/TestConcurrentClients.java   |     6 +-
 .../tests/e2e/hdfs/TestHDFSIntegrationBase.java |     4 +-
 .../hdfs/TestHDFSIntegrationTogglingConf.java   |     2 +-
 .../AbstractTestWithStaticConfiguration.java    |     6 +-
 .../metastore/SentryPolicyProviderForDb.java    |     4 +-
 .../tests/e2e/minisentry/InternalSentrySrv.java |     2 +-
 .../e2e/kafka/AbstractKafkaSentryTestBase.java  |    12 +-
 .../sentry/tests/e2e/kafka/TestAuthorize.java   |     8 +-
 .../e2e/solr/SolrSentryServiceTestBase.java     |     8 +-
 .../sentry/tests/e2e/solr/TestSentryServer.java |    12 +-
 .../e2e/sqoop/AbstractSqoopSentryTestBase.java  |    16 +-
 .../tools/PermissionsMigrationToolCommon.java   |    10 +-
 .../cli/tools/SentryConfigToolIndexer.java      |    10 +-
 .../sentry/cli/tools/SentryConfigToolSolr.java  |     6 +-
 .../sentry/cli/tools/SentrySchemaTool.java      |     2 +-
 .../sentry/cli/tools/SentryShellGeneric.java    |     8 +-
 .../sentry/cli/tools/SentryShellHive.java       |     2 +-
 .../sentry/cli/tools/SentryShellIndexer.java    |     4 +-
 .../cli/tools/command/GenericShellCommand.java  |     8 +-
 .../cli/tools/command/hive/CommandUtil.java     |    14 +-
 .../tools/command/hive/HiveShellCommand.java    |    10 +-
 .../java/org/apache/sentry/shell/SentryCli.java |    14 +-
 .../org/apache/sentry/shell/TopLevelShell.java  |     8 +-
 .../tools/TestPermissionsMigrationToolSolr.java |    11 +-
 .../cli/tools/TestSentryConfigToolIndexer.java  |    12 +-
 .../cli/tools/TestSentryConfigToolSolr.java     |     9 +-
 .../sentry/cli/tools/TestSentrySchemaTool.java  |     2 +-
 .../sentry/cli/tools/TestSentryShellHive.java   |     4 +-
 .../cli/tools/TestSentryShellIndexer.java       |    10 +-
 .../sentry/cli/tools/TestSentryShellKafka.java  |     6 +-
 .../sentry/cli/tools/TestSentryShellSolr.java   |     6 +-
 .../sentry/cli/tools/TestSentryShellSqoop.java  |     6 +-
 375 files changed, 86699 insertions(+), 86260 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 262a9d8..3b80e03 100644
--- a/pom.xml
+++ b/pom.xml
@@ -756,6 +756,7 @@ limitations under the License.
     <module>sentry-tests</module>
     <module>sentry-hdfs</module>
     <module>sentry-tools</module>
+    <module>sentry-service</module>
     <module>sentry-dist</module>
   </modules>
 
@@ -1045,9 +1046,9 @@ limitations under the License.
               <excludes combine.children="append">
                 <exclude>%regex[org.apache.sentry.tests.e2e.*.class]</exclude>
                 <exclude>%regex[org.apache.sentry.binding.hive.TestURI.class]</exclude>
-                <exclude>%regex[org.apache.sentry.provider.db.service.thrift.*.class]</exclude>
+                <exclude>%regex[org.apache.sentry.api.service.thrift.*.class]</exclude>
                 <exclude>%regex[org.apache.solr.handler.admin.*.class]</exclude>
-                <exclude>%regex[org.apache.sentry.provider.db.generic.service.thrift.*.class]</exclude>
+                <exclude>%regex[org.apache.sentry.api.generic.thrift.*.class]</exclude>
                 <exclude>%regex[org.apache.sentry.cli.tools.*.class]</exclude>
               </excludes>
             </configuration>

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/authz/HBaseIndexerAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/authz/HBaseIndexerAuthzBinding.java b/sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/authz/HBaseIndexerAuthzBinding.java
index 71d1225..3e57cd4 100644
--- a/sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/authz/HBaseIndexerAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hbase-indexer/src/main/java/org/apache/sentry/binding/hbaseindexer/authz/HBaseIndexerAuthzBinding.java
@@ -33,7 +33,7 @@ import org.apache.sentry.policy.common.PolicyEngine;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.common.ProviderBackend;
 import org.apache.sentry.provider.common.ProviderBackendContext;
-import org.apache.sentry.service.thrift.ServiceConstants;
+import org.apache.sentry.api.common.ApiConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -107,7 +107,7 @@ public class HBaseIndexerAuthzBinding {
     }
 
     // For SentryGenericProviderBackend
-    authzConf.set(ServiceConstants.ClientConfig.COMPONENT_TYPE, HBASE_INDEXER);
+    authzConf.set(ApiConstants.ClientConfig.COMPONENT_TYPE, HBASE_INDEXER);
 
     providerBackend =
       (ProviderBackend) providerBackendConstructor.newInstance(new Object[] {authzConf, resourceName});

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
index 7565a34..f1cbbb6 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
@@ -48,7 +48,7 @@ import org.apache.sentry.provider.cache.SimpleCacheProviderBackend;
 import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.common.ProviderBackend;
 import org.apache.sentry.provider.common.ProviderBackendContext;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
+import org.apache.sentry.api.service.thrift.TSentryRole;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
index 1dc8f01..f6b4518 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
@@ -53,7 +53,7 @@ import org.apache.sentry.core.common.exception.SentryConfigurationException;
 import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.provider.common.AuthorizationProvider;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
 
 /**

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java
index 13ee2cf..f21f920 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryAccessController.java
@@ -49,9 +49,9 @@ import org.apache.sentry.core.common.exception.SentryUserException;
 import org.apache.sentry.core.model.db.AccessConstants;
 import org.apache.sentry.core.model.db.DBModelAuthorizable;
 import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.service.thrift.TSentryRole;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerBaseV2.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerBaseV2.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerBaseV2.java
index 567e9fa..642e873 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerBaseV2.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerBaseV2.java
@@ -44,7 +44,7 @@ import org.apache.sentry.core.model.db.Database;
 import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.core.model.db.Table;
 import org.apache.sentry.provider.db.SentryMetastoreListenerPlugin;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
 import org.apache.sentry.service.thrift.ServiceConstants.ConfUtilties;
 import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAuthorizerUtil.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAuthorizerUtil.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAuthorizerUtil.java
index 35bd68c..32479d8 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAuthorizerUtil.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/util/SentryAuthorizerUtil.java
@@ -49,9 +49,9 @@ import org.apache.sentry.core.model.db.DBModelAuthorizable;
 import org.apache.sentry.core.model.db.Database;
 import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
+import org.apache.sentry.api.service.thrift.TSentryGrantOption;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.service.thrift.TSentryRole;
 import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java
index 2abe37e..fc2427c 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/DefaultSentryAccessController.java
@@ -50,9 +50,9 @@ import org.apache.sentry.core.common.exception.SentryUserException;
 import org.apache.sentry.core.model.db.AccessConstants;
 import org.apache.sentry.core.model.db.DBModelAuthorizable;
 import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.service.thrift.TSentryRole;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
index c23547a..5f1e3e9 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
@@ -43,7 +43,7 @@ import org.apache.sentry.core.common.Subject;
 import org.apache.sentry.core.common.exception.SentryConfigurationException;
 import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.provider.common.AuthorizationProvider;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
 
 import java.security.CodeSource;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentrySyncHMSNotificationsPostEventListener.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentrySyncHMSNotificationsPostEventListener.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentrySyncHMSNotificationsPostEventListener.java
index 24d7763..7b2d8be 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentrySyncHMSNotificationsPostEventListener.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentrySyncHMSNotificationsPostEventListener.java
@@ -33,7 +33,7 @@ import org.apache.hadoop.hive.metastore.events.DropPartitionEvent;
 import org.apache.hadoop.hive.metastore.events.DropTableEvent;
 import org.apache.hadoop.hive.metastore.events.ListenerEvent;
 import org.apache.sentry.binding.hive.conf.HiveAuthzConf;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
 import org.apache.sentry.service.thrift.SentryServiceClientFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/util/SentryAuthorizerUtil.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/util/SentryAuthorizerUtil.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/util/SentryAuthorizerUtil.java
index 1c41639..dd6936c 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/util/SentryAuthorizerUtil.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/util/SentryAuthorizerUtil.java
@@ -50,10 +50,10 @@ import org.apache.sentry.core.model.db.DBModelAuthorizable;
 import org.apache.sentry.core.model.db.Database;
 import org.apache.sentry.core.model.db.Server;
 import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
+import org.apache.sentry.api.common.ApiConstants;
+import org.apache.sentry.api.service.thrift.TSentryGrantOption;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.service.thrift.TSentryRole;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -239,7 +239,7 @@ public class SentryAuthorizerUtil {
    */
   public static HivePrivilegeObject convert2HivePrivilegeObject(TSentryPrivilege tSentryPrivilege) {
     HivePrivilegeObject privilege = null;
-    switch (PrivilegeScope.valueOf(tSentryPrivilege.getPrivilegeScope())) {
+    switch (ApiConstants.PrivilegeScope.valueOf(tSentryPrivilege.getPrivilegeScope())) {
       case SERVER:
         privilege = new HivePrivilegeObject(HivePrivilegeObjectType.GLOBAL, "*", null);
         break;
@@ -271,7 +271,7 @@ public class SentryAuthorizerUtil {
         }
       default:
         LOG.warn("Unknown PrivilegeScope: "
-            + PrivilegeScope.valueOf(tSentryPrivilege.getPrivilegeScope()));
+            + ApiConstants.PrivilegeScope.valueOf(tSentryPrivilege.getPrivilegeScope()));
         break;
     }
     return privilege;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/metastore/TestSentrySyncHMSNotificationsPostEventListener.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/metastore/TestSentrySyncHMSNotificationsPostEventListener.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/metastore/TestSentrySyncHMSNotificationsPostEventListener.java
index cca326b..fc1c3d5 100644
--- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/metastore/TestSentrySyncHMSNotificationsPostEventListener.java
+++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/metastore/TestSentrySyncHMSNotificationsPostEventListener.java
@@ -27,7 +27,7 @@ import org.apache.hadoop.hive.metastore.events.DropTableEvent;
 import org.apache.hadoop.hive.metastore.events.ListenerEvent;
 import org.apache.sentry.binding.hive.conf.HiveAuthzConf;
 import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
+import org.apache.sentry.api.service.thrift.SentryPolicyServiceClient;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
index e4abdc7..07b21b9 100644
--- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
+++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
@@ -56,13 +56,14 @@ import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.common.ProviderBackend;
 import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-import org.apache.sentry.provider.db.generic.tools.GenericPrivilegeConverter;
-import org.apache.sentry.service.thrift.ServiceConstants;
+import org.apache.sentry.api.generic.thrift.SentryGenericServiceClient;
+import org.apache.sentry.api.generic.thrift.SentryGenericServiceClientFactory;
+import org.apache.sentry.api.generic.thrift.TAuthorizable;
+import org.apache.sentry.api.generic.thrift.TSentryPrivilege;
+import org.apache.sentry.api.generic.thrift.TSentryRole;
+import org.apache.sentry.api.common.ApiConstants;
+import org.apache.sentry.api.tools.GenericPrivilegeConverter;
+import org.apache.sentry.service.common.ServiceConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import scala.Option;
@@ -159,23 +160,23 @@ public class KafkaAuthBinding {
     if (enableCachingConfig != null) {
       String enableCaching = enableCachingConfig.toString();
       if (Boolean.parseBoolean(enableCaching)) {
-        authConf.set(ServiceConstants.ClientConfig.ENABLE_CACHING, enableCaching);
+        authConf.set(ApiConstants.ClientConfig.ENABLE_CACHING, enableCaching);
 
         final Object cacheTtlMsConfig = kafkaConfigs
             .get(AuthzConfVars.AUTHZ_CACHING_TTL_MS_NAME.getVar());
         if (cacheTtlMsConfig != null) {
-          authConf.set(ServiceConstants.ClientConfig.CACHE_TTL_MS, cacheTtlMsConfig.toString());
+          authConf.set(ApiConstants.ClientConfig.CACHE_TTL_MS, cacheTtlMsConfig.toString());
         }
 
         final Object cacheUpdateFailuresCountConfig = kafkaConfigs
             .get(AuthzConfVars.AUTHZ_CACHING_UPDATE_FAILURES_COUNT_NAME.getVar());
         if (cacheUpdateFailuresCountConfig != null) {
-          authConf.set(ServiceConstants.ClientConfig.CACHE_UPDATE_FAILURES_BEFORE_PRIV_REVOKE,
+          authConf.set(ApiConstants.ClientConfig.CACHE_UPDATE_FAILURES_BEFORE_PRIV_REVOKE,
               cacheUpdateFailuresCountConfig.toString());
         }
 
-        if (authConf.get(ServiceConstants.ClientConfig.PRIVILEGE_CONVERTER) == null) {
-          authConf.set(ServiceConstants.ClientConfig.PRIVILEGE_CONVERTER,
+        if (authConf.get(ApiConstants.ClientConfig.PRIVILEGE_CONVERTER) == null) {
+          authConf.set(ApiConstants.ClientConfig.PRIVILEGE_CONVERTER,
               GenericPrivilegeConverter.class.getName());
         }
       }

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
index 5c2a301..32a1fc1 100644
--- a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
+++ b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
@@ -48,10 +48,10 @@ import org.apache.sentry.provider.common.ProviderBackend;
 import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.apache.sentry.provider.common.GroupMappingService;
 import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
-import org.apache.sentry.provider.db.generic.tools.GenericPrivilegeConverter;
-import org.apache.sentry.service.thrift.ServiceConstants;
+import org.apache.sentry.api.generic.thrift.SentryGenericServiceClient;
+import org.apache.sentry.api.generic.thrift.SentryGenericServiceClientFactory;
+import org.apache.sentry.api.common.ApiConstants;
+import org.apache.sentry.api.tools.GenericPrivilegeConverter;
 import org.apache.solr.security.AuthorizationResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -110,8 +110,8 @@ public class SolrAuthzBinding implements Closeable {
         + policyEngineName + ", provider backend " + providerBackendName);
 
     // for convenience, set the PrivilegeConverter.
-    if (authzConf.get(ServiceConstants.ClientConfig.PRIVILEGE_CONVERTER) == null) {
-      authzConf.set(ServiceConstants.ClientConfig.PRIVILEGE_CONVERTER,
+    if (authzConf.get(ApiConstants.ClientConfig.PRIVILEGE_CONVERTER) == null) {
+      authzConf.set(ApiConstants.ClientConfig.PRIVILEGE_CONVERTER,
                        GenericPrivilegeConverter.class.getName());
     }
 

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
index b7cbd32..539ccc1 100644
--- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
+++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
@@ -37,14 +37,14 @@ import org.apache.sentry.provider.common.AuthorizationProvider;
 import org.apache.sentry.provider.common.ProviderBackend;
 import org.apache.sentry.provider.common.ProviderBackendContext;
 import org.apache.sentry.provider.db.generic.SentryGenericProviderBackend;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-import org.apache.sentry.provider.db.generic.tools.GenericPrivilegeConverter;
-import org.apache.sentry.service.thrift.ServiceConstants;
+import org.apache.sentry.api.generic.thrift.SentryGenericServiceClient;
+import org.apache.sentry.api.generic.thrift.SentryGenericServiceClientFactory;
+import org.apache.sentry.api.generic.thrift.TAuthorizable;
+import org.apache.sentry.api.generic.thrift.TSentryGrantOption;
+import org.apache.sentry.api.generic.thrift.TSentryPrivilege;
+import org.apache.sentry.api.generic.thrift.TSentryRole;
+import org.apache.sentry.api.common.ApiConstants;
+import org.apache.sentry.api.tools.GenericPrivilegeConverter;
 import org.apache.sentry.sqoop.conf.SqoopAuthConf.AuthzConfVars;
 import org.apache.sqoop.common.SqoopException;
 import org.apache.sqoop.model.MPrivilege;
@@ -112,8 +112,8 @@ public class SqoopAuthBinding {
     }
 
     // for convenience, set the PrivilegeConverter.
-    if (authConf.get(ServiceConstants.ClientConfig.PRIVILEGE_CONVERTER) == null) {
-      authConf.set(ServiceConstants.ClientConfig.PRIVILEGE_CONVERTER, GenericPrivilegeConverter.class.getName());
+    if (authConf.get(ApiConstants.ClientConfig.PRIVILEGE_CONVERTER) == null) {
+      authConf.set(ApiConstants.ClientConfig.PRIVILEGE_CONVERTER, GenericPrivilegeConverter.class.getName());
     }
 
     //Instantiate the configured providerBackend

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/api/common/ApiConstants.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/api/common/ApiConstants.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/api/common/ApiConstants.java
new file mode 100644
index 0000000..6fcf8ab
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/api/common/ApiConstants.java
@@ -0,0 +1,90 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.api.common;
+
+
+import org.apache.sentry.service.common.ServiceConstants;
+
+public class ApiConstants {
+
+  public static class SentryPolicyServiceConstants {
+    //from SentryPolicyStoreProcessor and SentryGenericPolicyProcessor
+    public static final String SENTRY_GENERIC_SERVICE_NAME = "SentryGenericPolicyService";
+    public static final String SENTRY_POLICY_SERVICE_NAME = "SentryPolicyService";
+  }
+
+  public static class ClientConfig {
+    public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port";
+    public static final int SERVER_RPC_PORT_DEFAULT = ServiceConstants.ServerConfig.RPC_PORT_DEFAULT;
+    public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-addresses";
+    public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout";
+
+    // HA configuration
+    public static final String SENTRY_HA_ZOOKEEPER_QUORUM = ServiceConstants.ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM;
+    public static final String SENTRY_HA_ZOOKEEPER_NAMESPACE = ServiceConstants.ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE;
+    public static final String SERVER_HA_ZOOKEEPER_NAMESPACE_DEFAULT = ServiceConstants.ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE_DEFAULT;
+
+    // connection pool configuration
+    public static final String SENTRY_POOL_ENABLED = "sentry.service.client.connection.pool.enabled";
+    public static final boolean SENTRY_POOL_ENABLED_DEFAULT = false;
+
+    // commons-pool configuration for pool size
+    public static final String SENTRY_POOL_MAX_TOTAL = "sentry.service.client.connection.pool.max-total";
+    public static final int SENTRY_POOL_MAX_TOTAL_DEFAULT = 8;
+    public static final String SENTRY_POOL_MAX_IDLE = "sentry.service.client.connection.pool.max-idle";
+    public static final int SENTRY_POOL_MAX_IDLE_DEFAULT = 8;
+    public static final String SENTRY_POOL_MIN_IDLE = "sentry.service.client.connection.pool.min-idle";
+    public static final int SENTRY_POOL_MIN_IDLE_DEFAULT = 0;
+
+    // retry num for getting the connection from connection pool
+    public static final String SENTRY_POOL_RETRY_TOTAL = "sentry.service.client.connection.pool.retry-total";
+    public static final int SENTRY_POOL_RETRY_TOTAL_DEFAULT = 3;
+
+    // max message size for thrift messages
+    public static final String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size";
+    public static final long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
+
+    // client retry settings
+    public static final String RETRY_COUNT_CONF = "sentry.provider.backend.db.retry.count";
+    public static final int RETRY_COUNT_DEFAULT = 3;
+    public static final String RETRY_INTERVAL_SEC_CONF = "sentry.provider.backend.db.retry.interval.seconds";
+    public static final int RETRY_INTERVAL_SEC_DEFAULT = 30;
+
+    // provider backend cache settings
+    public static final String ENABLE_CACHING = "sentry.provider.backend.generic.cache.enabled";
+    public static final boolean ENABLE_CACHING_DEFAULT = false;
+    public static final String CACHE_TTL_MS = "sentry.provider.backend.generic.cache.ttl.ms";
+    public static final long CACHING_TTL_MS_DEFAULT = 30000;
+    public static final String CACHE_UPDATE_FAILURES_BEFORE_PRIV_REVOKE = "sentry.provider.backend.generic.cache.update.failures.count";
+    public static final int CACHE_UPDATE_FAILURES_BEFORE_PRIV_REVOKE_DEFAULT = 3;
+    public static final String PRIVILEGE_CONVERTER = "sentry.provider.backend.generic.privilege.converter";
+
+    public static final String COMPONENT_TYPE = "sentry.provider.backend.generic.component-type";
+    public static final String SERVICE_NAME = "sentry.provider.backend.generic.service-name";
+  }
+
+  /* Privilege operation scope */
+  public enum PrivilegeScope {
+    SERVER,
+    URI,
+    DATABASE,
+    TABLE,
+    COLUMN
+  }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/service/common/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/service/common/ServiceConstants.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/service/common/ServiceConstants.java
new file mode 100644
index 0000000..71e9585
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/service/common/ServiceConstants.java
@@ -0,0 +1,251 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.service.common;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.sasl.Sasl;
+
+import com.google.common.base.Splitter;
+import com.google.common.collect.ImmutableMap;
+
+public class ServiceConstants {
+
+  private static final ImmutableMap<String, String> SASL_PROPERTIES;
+
+  static {
+    Map<String, String> saslProps = new HashMap<String, String>();
+    saslProps.put(Sasl.SERVER_AUTH, "true");
+    saslProps.put(Sasl.QOP, "auth-conf");
+    SASL_PROPERTIES = ImmutableMap.copyOf(saslProps);
+  }
+
+  public static class ConfUtilties {
+    public static final Splitter CLASS_SPLITTER = Splitter.onPattern("[\\s,]")
+        .trimResults().omitEmptyStrings();
+  }
+  public static class ServiceArgs {
+    public static final String CONFIG_FILE_SHORT = "c";
+    public static final String CONFIG_FILE_LONG = "conffile";
+  }
+
+  public static class ServerConfig {
+    public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES;
+    /**
+     * This configuration parameter is only meant to be used for testing purposes.
+     */
+    public static final String SECURITY_MODE = "sentry.service.security.mode";
+    public static final String SECURITY_MODE_KERBEROS = "kerberos";
+    public static final String SECURITY_MODE_NONE = "none";
+    public static final String SECURITY_USE_UGI_TRANSPORT = "sentry.service.security.use.ugi";
+    public static final String ADMIN_GROUPS = "sentry.service.admin.group";
+    public static final String PRINCIPAL = "sentry.service.server.principal";
+    public static final String KEY_TAB = "sentry.service.server.keytab";
+    public static final String RPC_PORT = "sentry.service.server.rpc-port";
+    public static final int RPC_PORT_DEFAULT = 8038;
+    public static final String RPC_ADDRESS = "sentry.service.server.rpc-address";
+    public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0"; //NOPMD
+    public static final String RPC_MAX_THREADS = "sentry.service.server-max-threads";
+    public static final int RPC_MAX_THREADS_DEFAULT = 500;
+    public static final String RPC_MIN_THREADS = "sentry.service.server-min-threads";
+    public static final int RPC_MIN_THREADS_DEFAULT = 10;
+    public static final String ALLOW_CONNECT = "sentry.service.allow.connect";
+
+    public static final String SENTRY_POLICY_STORE_PLUGINS = "sentry.policy.store.plugins";
+    public static final String SENTRY_POLICY_STORE_PLUGINS_DEFAULT = "";
+
+    public static final String SENTRY_METASTORE_PLUGINS = "sentry.metastore.plugins";
+    public static final String SENTRY_METASTORE_PLUGINS_DEFAULT = "";
+
+    public static final String PROCESSOR_FACTORIES = "sentry.service.processor.factories";
+    public static final String PROCESSOR_FACTORIES_DEFAULT =
+        "org.apache.sentry.api.service.thrift.SentryPolicyStoreProcessorFactory" +
+            ",org.apache.sentry.api.generic.thrift.SentryGenericPolicyProcessorFactory";
+    public static final String SENTRY_STORE_JDBC_URL = "sentry.store.jdbc.url";
+    public static final String SENTRY_STORE_JDBC_USER = "sentry.store.jdbc.user";
+    public static final String SENTRY_STORE_JDBC_USER_DEFAULT = "Sentry";
+    public static final String SENTRY_STORE_JDBC_PASS = "sentry.store.jdbc.password";
+    public static final String SENTRY_STORE_JDBC_DRIVER = "sentry.store.jdbc.driver";
+    public static final String SENTRY_STORE_JDBC_DRIVER_DEFAULT = "org.apache.derby.jdbc.EmbeddedDriver";
+    // The configuration for the maximum number of retries per db transaction,
+    // the default value is 3 times
+    public static final String SENTRY_STORE_TRANSACTION_RETRY = "sentry.store.transaction.retry";
+    public static final int SENTRY_STORE_TRANSACTION_RETRY_DEFAULT = 10;
+    // The configuration for the delay (in milliseconds) between retries,
+    // the default value is 500 ms
+    public static final String SENTRY_STORE_TRANSACTION_RETRY_WAIT_TIME_MILLIS =
+        "sentry.store.transaction.retry.wait.time.millis";
+    public static final int SENTRY_STORE_TRANSACTION_RETRY_WAIT_TIME_MILLIS_DEFAULT = 250;
+
+    public static final String JAVAX_JDO_URL = "javax.jdo.option.ConnectionURL";
+    public static final String JAVAX_JDO_USER = "javax.jdo.option.ConnectionUserName";
+    public static final String JAVAX_JDO_PASS = "javax.jdo.option.ConnectionPassword";
+    public static final String JAVAX_JDO_DRIVER_NAME = "javax.jdo.option.ConnectionDriverName";
+
+    public static final String DATANUCLEUS_ISOLATION_LEVEL = "datanucleus.transactionIsolation";
+    public static final String DATANUCLEUS_REPEATABLE_READ = "repeatable-read";
+
+    public static final String SENTRY_DB_PROPERTY_PREFIX = "sentry.";
+    public static final String SENTRY_JAVAX_JDO_PROPERTY_PREFIX = SENTRY_DB_PROPERTY_PREFIX + "javax.jdo";
+    public static final String SENTRY_DATANUCLEUS_PROPERTY_PREFIX = SENTRY_DB_PROPERTY_PREFIX + "datanucleus";
+
+    public static final String SENTRY_VERIFY_SCHEM_VERSION = "sentry.verify.schema.version";
+    public static final String SENTRY_VERIFY_SCHEM_VERSION_DEFAULT = "true";
+
+    public static final String SENTRY_SERVICE_NAME = "sentry.service.name";
+    public static final String SENTRY_SERVICE_NAME_DEFAULT = "Sentry-Service";
+
+    public static final String SENTRY_STORE_GROUP_MAPPING = "sentry.store.group.mapping";
+    public static final String SENTRY_STORE_GROUP_MAPPING_RESOURCE = "sentry.store.group.mapping.resource";
+    public static final String SENTRY_STORE_HADOOP_GROUP_MAPPING = "org.apache.sentry.provider.common.HadoopGroupMappingService";
+    public static final String SENTRY_STORE_LOCAL_GROUP_MAPPING = "org.apache.sentry.provider.file.LocalGroupMappingService";
+    public static final String SENTRY_STORE_GROUP_MAPPING_DEFAULT = SENTRY_STORE_HADOOP_GROUP_MAPPING;
+
+    public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL = "sentry.store.orphaned.privilege.removal";
+    public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL_DEFAULT = "false";
+    public static final String SENTRY_STORE_CLEAN_PERIOD_SECONDS =
+        "sentry.store.clean.period.seconds";
+    public static final long SENTRY_STORE_CLEAN_PERIOD_SECONDS_DEFAULT = 43200; // 12 hours.
+    public static final String SENTRY_HA_ZK_PROPERTY_PREFIX = "sentry.ha.zookeeper.";
+    public static final String SENTRY_HA_ZOOKEEPER_SECURITY = SENTRY_HA_ZK_PROPERTY_PREFIX + "security";
+    public static final boolean SENTRY_HA_ZOOKEEPER_SECURITY_DEFAULT = false;
+    public static final String SENTRY_HA_ZOOKEEPER_QUORUM = SENTRY_HA_ZK_PROPERTY_PREFIX + "quorum";
+    public static final String SENTRY_HA_ZOOKEEPER_RETRIES_MAX_COUNT = SENTRY_HA_ZK_PROPERTY_PREFIX + "session.retries.max.count";
+    public static final int SENTRY_HA_ZOOKEEPER_RETRIES_MAX_COUNT_DEFAULT = 3;
+    public static final String SENTRY_HA_ZOOKEEPER_SLEEP_BETWEEN_RETRIES_MS = SENTRY_HA_ZK_PROPERTY_PREFIX + "session.sleep.between.retries.ms";
+    public static final int SENTRY_HA_ZOOKEEPER_SLEEP_BETWEEN_RETRIES_MS_DEFAULT = 100;
+    public static final String SENTRY_HA_ZOOKEEPER_NAMESPACE = SENTRY_HA_ZK_PROPERTY_PREFIX + "namespace";
+    public static final String SENTRY_HA_ZOOKEEPER_NAMESPACE_DEFAULT = "sentry";
+    // principal and keytab for client to be able to connect to secure ZK. Needed for Sentry HA with secure ZK
+    public static final String SERVER_HA_ZOOKEEPER_CLIENT_PRINCIPAL = "sentry.zookeeper.client.principal";
+    public static final String SERVER_HA_ZOOKEEPER_CLIENT_KEYTAB = "sentry.zookeeper.client.keytab";
+    public static final String SERVER_HA_ZOOKEEPER_CLIENT_TICKET_CACHE = "sentry.zookeeper.client.ticketcache";
+    public static final String SERVER_HA_ZOOKEEPER_CLIENT_TICKET_CACHE_DEFAULT = "false";
+    public static final String SERVER_HA_STANDBY_SIG = "sentry.ha.standby.signal";
+
+    // Timeout value in seconds for HMS notificationID synchronization
+    // Should match the value for RPC timeout in HMS client config
+    public static final String SENTRY_NOTIFICATION_SYNC_TIMEOUT_MS = "sentry.notification.sync.timeout.ms";
+    public static final int SENTRY_NOTIFICATION_SYNC_TIMEOUT_DEFAULT = 200000;
+
+    public static final ImmutableMap<String, String> SENTRY_STORE_DEFAULTS =
+        ImmutableMap.<String, String>builder()
+        .put("datanucleus.connectionPoolingType", "BoneCP")
+        .put("datanucleus.schema.validateTables", "false")
+        .put("datanucleus.schema.validateColumns", "false")
+        .put("datanucleus.schema.validateConstraints", "false")
+        .put("datanucleus.storeManagerType", "rdbms")
+        .put("datanucleus.schema.autoCreateAll", "false")
+        .put("datanucleus.autoStartMechanismMode", "checked")
+        .put(DATANUCLEUS_ISOLATION_LEVEL, DATANUCLEUS_REPEATABLE_READ)
+        .put("datanucleus.cache.level2", "false")
+        .put("datanucleus.cache.level2.type", "none")
+        .put("datanucleus.query.sql.allowAll", "true")
+        .put("datanucleus.identifierFactory", "datanucleus1")
+        .put("datanucleus.rdbms.useLegacyNativeValueStrategy", "true")
+        .put("datanucleus.plugin.pluginRegistryBundleCheck", "LOG")
+        .put("javax.jdo.PersistenceManagerFactoryClass",
+            "org.datanucleus.api.jdo.JDOPersistenceManagerFactory")
+            .put("javax.jdo.option.DetachAllOnCommit", "true")
+            .put("javax.jdo.option.NonTransactionalRead", "false")
+            .put("javax.jdo.option.NonTransactionalWrite", "false")
+            .put("javax.jdo.option.Multithreaded", "true")
+            .build();
+
+    // InitialDelay and period time for HMSFollower thread.
+    public static final String SENTRY_HMSFOLLOWER_INIT_DELAY_MILLS = "sentry.hmsfollower.init.delay.mills";
+    public static final long SENTRY_HMSFOLLOWER_INIT_DELAY_MILLS_DEFAULT = 0;
+    public static final String SENTRY_HMSFOLLOWER_INTERVAL_MILLS = "sentry.hmsfollower.interval.mills";
+    public static final long SENTRY_HMSFOLLOWER_INTERVAL_MILLS_DEFAULT = 500;
+
+    public static final String SENTRY_WEB_ENABLE = "sentry.service.web.enable";
+    public static final Boolean SENTRY_WEB_ENABLE_DEFAULT = false;
+    public static final String SENTRY_WEB_PORT = "sentry.service.web.port";
+    public static final int SENTRY_WEB_PORT_DEFAULT = 29000;
+    // Reporter is either "console", "log" or "jmx"
+    public static final String SENTRY_REPORTER = "sentry.service.reporter";
+//    SENTRY-2206, doesn't look like either 2 are being used.
+//    public static final String SENTRY_REPORTER_JMX = SentryMetrics.Reporting.JMX.name(); //case insensitive
+//    public static final String SENTRY_REPORTER_CONSOLE = SentryMetrics.Reporting.CONSOLE.name();//case insensitive
+
+    // for console reporter, reporting interval in seconds
+    public static final String SENTRY_REPORTER_INTERVAL_SEC =
+            "sentry.service.reporter.interval.sec";
+    public static final String SENTRY_JSON_REPORTER_FILE = "sentry.service.reporter.file";
+    public static final String SENTRY_JSON_REPORTER_FILE_DEFAULT = "/tmp/sentry-metrics.json";
+
+    // Report every 5 minutes by default
+    public static final int SENTRY_REPORTER_INTERVAL_DEFAULT = 300;
+
+    // Web SSL
+    public static final String SENTRY_WEB_USE_SSL = "sentry.web.use.ssl";
+    public static final String SENTRY_WEB_SSL_KEYSTORE_PATH = "sentry.web.ssl.keystore.path";
+    public static final String SENTRY_WEB_SSL_KEYSTORE_PASSWORD = "sentry.web.ssl.keystore.password";
+    public static final String SENTRY_SSL_PROTOCOL_BLACKLIST = "sentry.ssl.protocol.blacklist";
+    // Blacklist SSL protocols that are not secure (e.g., POODLE vulnerability)
+    public static final String[] SENTRY_SSL_PROTOCOL_BLACKLIST_DEFAULT = {"SSLv2", "SSLv2Hello", "SSLv3"};
+
+    // Web Security
+    public static final String SENTRY_WEB_SECURITY_PREFIX = "sentry.service.web.authentication";
+    public static final String SENTRY_WEB_SECURITY_TYPE = SENTRY_WEB_SECURITY_PREFIX + ".type";
+    public static final String SENTRY_WEB_SECURITY_TYPE_NONE = "NONE";
+    public static final String SENTRY_WEB_SECURITY_TYPE_KERBEROS = "KERBEROS";
+    public static final String SENTRY_WEB_SECURITY_PRINCIPAL = SENTRY_WEB_SECURITY_PREFIX + ".kerberos.principal";
+    public static final String SENTRY_WEB_SECURITY_KEYTAB = SENTRY_WEB_SECURITY_PREFIX + ".kerberos.keytab";
+    public static final String SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS = SENTRY_WEB_SECURITY_PREFIX + ".allow.connect.users";
+
+    // Flag to enable admin servlet
+    public static final String SENTRY_WEB_ADMIN_SERVLET_ENABLED = "sentry.web.admin.servlet.enabled";
+    public static final boolean SENTRY_WEB_ADMIN_SERVLET_ENABLED_DEFAULT = false;
+
+    public static final String SENTRY_WEB_PUBSUB_SERVLET_ENABLED = "sentry.web.pubsub.servlet.enabled";
+    public static final boolean SENTRY_WEB_PUBSUB_SERVLET_ENABLED_DEFAULT = false;
+
+    // max message size for thrift messages
+    public static final String SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.server.thrift.max.message.size";
+    public static final long SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
+
+    // action factories for external components
+    public static final String SENTRY_COMPONENT_ACTION_FACTORY_FORMAT = "sentry.%s.action.factory";
+
+    // Sentry is never a client to other Kerberos Services, it should not be required to renew the TGT
+    @Deprecated
+    public static final String SENTRY_KERBEROS_TGT_AUTORENEW = "sentry.service.kerberos.tgt.autorenew";
+    @Deprecated
+    public static final Boolean SENTRY_KERBEROS_TGT_AUTORENEW_DEFAULT = false;
+
+    /**
+     * Number of path/priv deltas to keep around during cleaning
+     * The value which is too small may cause unnecessary full snapshots sent to the Name Node
+     * A value which is too large may cause slowdown due to too many deltas lying around in the DB.
+     */
+    public static final String SENTRY_DELTA_KEEP_COUNT = "sentry.server.delta.keep.count";
+    public static final int SENTRY_DELTA_KEEP_COUNT_DEFAULT = 200;
+
+    /**
+     * Number of notification id's to keep around during cleaning
+     */
+    public static final String SENTRY_HMS_NOTIFICATION_ID_KEEP_COUNT = "sentry.server.delta.keep.count";
+    public static final int SENTRY_HMS_NOTIFICATION_ID_KEEP_COUNT_DEFAULT = 100;
+  }
+
+  public static final String SENTRY_ZK_JAAS_NAME = "Sentry";
+  public static final String CURRENT_INCARNATION_ID_KEY = "current.incarnation.key";
+}

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-dist/src/license/THIRD-PARTY.properties
----------------------------------------------------------------------
diff --git a/sentry-dist/src/license/THIRD-PARTY.properties b/sentry-dist/src/license/THIRD-PARTY.properties
index 2f9f0b0..b39e1b6 100644
--- a/sentry-dist/src/license/THIRD-PARTY.properties
+++ b/sentry-dist/src/license/THIRD-PARTY.properties
@@ -19,6 +19,7 @@
 # - MIT License
 # - Mozilla Public License Version 1.1
 # - Public Domain
+# - Revised BSD
 # - The Apache License, Version 2.0
 # - The Apache Software License, Version 1.1
 # - The Apache Software License, Version 2.0
@@ -28,7 +29,7 @@
 # Please fill the missing licenses for dependencies :
 #
 #
-#Wed Mar 28 16:37:41 IST 2018
+#Mon Apr 30 16:44:05 CDT 2018
 ant--ant--1.5=The Apache Software License, Version 2.0
 asm--asm--3.1=BSD
 dom4j--dom4j--1.6.1=BSD

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
index 932a5c0..03ccb44 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
@@ -22,7 +22,7 @@ import com.codahale.metrics.Counter;
 import com.codahale.metrics.Histogram;
 import com.codahale.metrics.MetricRegistry;
 import com.codahale.metrics.Timer;
-import org.apache.sentry.provider.db.service.thrift.SentryMetrics;
+import org.apache.sentry.api.service.thrift.SentryMetrics;
 
 /**
  * Util class to support metrics.

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
index 420d4aa..b5e01e4 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
@@ -24,6 +24,7 @@ import java.util.Set;
 import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.api.common.ApiConstants.PrivilegeScope;
 import org.apache.sentry.core.common.exception.SentryInvalidInputException;
 import org.apache.sentry.core.common.utils.PubSub;
 import org.apache.sentry.core.common.utils.SigUtils;
@@ -34,19 +35,18 @@ import org.apache.sentry.hdfs.service.thrift.TPrivilegeEntityType;
 import org.apache.sentry.hdfs.service.thrift.TRoleChanges;
 import org.apache.sentry.provider.db.SentryPolicyStorePlugin;
 import org.apache.sentry.provider.db.service.persistent.SentryStore;
-import org.apache.sentry.service.thrift.SentryServiceUtil;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropPrivilegesRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TRenamePrivilegesRequest;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.common.SentryServiceUtil;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddGroupsRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
+import org.apache.sentry.api.service.thrift.TDropPrivilegesRequest;
+import org.apache.sentry.api.service.thrift.TDropSentryRoleRequest;
+import org.apache.sentry.api.service.thrift.TRenamePrivilegesRequest;
+import org.apache.sentry.api.service.thrift.TSentryGroup;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
 import org.apache.sentry.provider.db.service.persistent.HMSFollower;
 import com.google.common.base.Preconditions;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 

http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml
index 369e262..48a187a 100644
--- a/sentry-provider/sentry-provider-db/pom.xml
+++ b/sentry-provider/sentry-provider-db/pom.xml
@@ -149,6 +149,11 @@ limitations under the License.
       <artifactId>sentry-hdfs-common</artifactId>
     </dependency>
     <dependency>
+      <groupId>org.apache.sentry</groupId>
+      <artifactId>sentry-service-api</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
       <groupId>org.apache.hive</groupId>
       <artifactId>hive-shims</artifactId>
       <scope>provided</scope>
@@ -305,24 +310,6 @@ limitations under the License.
         </configuration>
       </plugin>
       <plugin>
-        <groupId>org.codehaus.mojo</groupId>
-        <artifactId>build-helper-maven-plugin</artifactId>
-        <executions>
-          <execution>
-            <id>add-source</id>
-            <phase>generate-sources</phase>
-            <goals>
-              <goal>add-source</goal>
-            </goals>
-            <configuration>
-              <sources>
-                <source>src/gen/thrift/gen-javabean</source>
-              </sources>
-            </configuration>
-          </execution>
-        </executions>
-      </plugin>
-      <plugin>
         <groupId>org.datanucleus</groupId>
         <artifactId>datanucleus-maven-plugin</artifactId>
         <version>${datanucleus.maven.plugin.version}</version>
@@ -412,82 +399,5 @@ limitations under the License.
         </executions>
       </plugin>
     </plugins>
-    <pluginManagement>
-      <plugins>
-        <plugin>
-          <groupId>org.apache.maven.plugins</groupId>
-          <artifactId>maven-javadoc-plugin</artifactId>
-          <configuration>
-            <sourcepath>${project.build.sourceDirectory}:${basedir}/src/gen/thrift/gen-javabean</sourcepath>
-            <sourceFileExcludes>
-              <exclude>${project.build.sourceDirectory}:${basedir}/src/gen/thrift/gen-javabean</exclude>
-            </sourceFileExcludes>
-          </configuration>
-        </plugin>
-      </plugins>
-    </pluginManagement>
   </build>
-  <profiles>
-    <profile>
-      <id>thriftif</id>
-      <build>
-        <plugins>
-          <plugin>
-            <groupId>org.apache.maven.plugins</groupId>
-            <artifactId>maven-antrun-plugin</artifactId>
-            <executions>
-              <execution>
-                <id>generate-thrift-sources</id>
-                <phase>generate-sources</phase>
-                <configuration>
-                  <target>
-                    <taskdef name="for" classname="net.sf.antcontrib.logic.ForTask"
-                      classpathref="maven.plugin.classpath" />
-                    <property name="thrift.args" value="-I ${thrift.home} --gen java:beans,hashcode,generated_annotations=undated"/>
-                    <property name="thrift.gen.dir" value="${basedir}/src/gen/thrift"/>
-                    <delete dir="${thrift.gen.dir}"/>
-                    <mkdir dir="${thrift.gen.dir}"/>
-                    <for param="thrift.file">
-                      <path>
-                        <fileset dir="${basedir}/src/main/resources/" includes="**/*.thrift" />
-                      </path>
-                      <sequential>
-                        <echo message="Generating Thrift code for @{thrift.file}"/>
-                        <exec executable="${thrift.home}/bin/thrift"  failonerror="true" dir=".">
-                          <arg line="${thrift.args} -I ${basedir}/src/main/resources/ -o ${thrift.gen.dir} @{thrift.file} " />
-                        </exec>
-                      </sequential>
-                    </for>
-                  </target>
-                </configuration>
-                <goals>
-                  <goal>run</goal>
-                </goals>
-              </execution>
-            </executions>
-          </plugin>
-          <plugin>
-            <groupId>org.apache.maven.plugins</groupId>
-            <artifactId>maven-enforcer-plugin</artifactId>
-            <executions>
-              <execution>
-                <id>enforce-property</id>
-                <goals>
-                  <goal>enforce</goal>
-                </goals>
-                <configuration>
-                  <rules>
-                    <requireProperty>
-                      <property>thrift.home</property>
-                    </requireProperty>
-                  </rules>
-                  <fail>true</fail>
-                </configuration>
-              </execution>
-            </executions>
-          </plugin>
-        </plugins>
-      </build>
-    </profile>
-  </profiles>
 </project>


Mime
View raw message