You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by kt...@apache.org on 2012/01/10 01:38:53 UTC
svn commit: r1229428 - in
/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server:
master/Master.java security/Auditor.java security/Authenticator.java
security/ZKAuthenticator.java
Author: kturner
Date: Tue Jan 10 00:38:53 2012
New Revision: 1229428
URL: http://svn.apache.org/viewvc?rev=1229428&view=rev
Log:
ACCUMULO-297 cleared master permission/authenticaction zoocache before doing checks against it
Modified:
incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java
incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java
incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java
Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java Tue Jan 10 00:38:53 2012
@@ -516,6 +516,8 @@ public class Master implements LiveTServ
private boolean check(AuthInfo credentials, SystemPermission permission) throws ThriftSecurityException {
try {
+ // clear the cache so the check is done using current info
+ authenticator.clearCache(credentials.user);
return authenticator.hasSystemPermission(credentials, credentials.user, permission);
} catch (AccumuloSecurityException e) {
throw e.asThriftException();
@@ -524,6 +526,8 @@ public class Master implements LiveTServ
private boolean check(AuthInfo credentials, String tableId, TablePermission permission) throws ThriftSecurityException {
try {
+ // clear the cache so the check is done using current info
+ authenticator.clearCache(credentials.user, tableId);
return authenticator.hasTablePermission(credentials, credentials.user, tableId, permission);
} catch (AccumuloSecurityException e) {
throw e.asThriftException();
Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java Tue Jan 10 00:38:53 2012
@@ -221,4 +221,14 @@ public class Auditor implements Authenti
throw ex;
}
}
+
+ @Override
+ public void clearCache(String user) {
+ impl.clearCache(user);
+ }
+
+ @Override
+ public void clearCache(String user, String tableId) {
+ impl.clearCache(user, tableId);
+ }
}
Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java Tue Jan 10 00:38:53 2012
@@ -57,4 +57,8 @@ public interface Authenticator {
public void revokeTablePermission(AuthInfo credentials, String user, String table, TablePermission permission) throws AccumuloSecurityException;
public void deleteTable(AuthInfo credentials, String table) throws AccumuloSecurityException;
+
+ public void clearCache(String user);
+
+ public void clearCache(String user, String tableId);
}
Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java Tue Jan 10 00:38:53 2012
@@ -683,4 +683,14 @@ public final class ZKAuthenticator imple
return toReturn;
}
}
+
+ @Override
+ public void clearCache(String user) {
+ zooCache.clear(ZKUserPath + "/" + user);
+ }
+
+ @Override
+ public void clearCache(String user, String tableId) {
+ zooCache.clear(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + tableId);
+ }
}