You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2013/02/24 16:18:47 UTC
svn commit: r1449493 [1/2] - in /accumulo/branches/ACCUMULO-259-polishing:
core/src/main/java/org/apache/accumulo/core/client/
core/src/main/java/org/apache/accumulo/core/client/admin/
core/src/main/java/org/apache/accumulo/core/client/impl/ core/src/m...
Author: ctubbsii
Date: Sun Feb 24 15:18:46 2013
New Revision: 1449493
URL: http://svn.apache.org/r1449493
Log:
ACCUMULO-1024 Address user management API for built-in users and clean up broken javadocs associated with security-related commits.
Modified:
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/Instance.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockInstance.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockSecurityOperations.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/AuthenticateCommand.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/CreateUserCommand.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/DropUserCommand.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/PasswdCommand.java
accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/UsersCommand.java
accumulo/branches/ACCUMULO-259-polishing/core/src/test/java/org/apache/accumulo/core/client/impl/TabletLocatorImplTest.java
accumulo/branches/ACCUMULO-259-polishing/core/src/test/java/org/apache/accumulo/core/client/mock/MockConnectorTest.java
accumulo/branches/ACCUMULO-259-polishing/proxy/src/main/java/org/apache/accumulo/proxy/ProxyServer.java
accumulo/branches/ACCUMULO-259-polishing/server/src/main/java/org/apache/accumulo/server/client/HdfsZooInstance.java
accumulo/branches/ACCUMULO-259-polishing/server/src/main/java/org/apache/accumulo/server/tabletserver/log/DfsLogger.java
accumulo/branches/ACCUMULO-259-polishing/server/src/main/java/org/apache/accumulo/server/tabletserver/log/LogSorter.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/functional/PermissionsTest.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/concurrent/CreateUser.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/concurrent/DropUser.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/security/Authenticate.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/security/ChangePass.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/security/CreateUser.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/security/DropUser.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/security/SecurityFixture.java
accumulo/branches/ACCUMULO-259-polishing/test/src/main/java/org/apache/accumulo/test/randomwalk/security/Validate.java
accumulo/branches/ACCUMULO-259-polishing/test/src/test/java/org/apache/accumulo/test/MiniAccumuloClusterTest.java
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/Instance.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/Instance.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/Instance.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/Instance.java Sun Feb 24 15:18:46 2013
@@ -18,8 +18,10 @@ package org.apache.accumulo.core.client;
import java.nio.ByteBuffer;
import java.util.List;
+import java.util.Properties;
import org.apache.accumulo.core.conf.AccumuloConfiguration;
+import org.apache.accumulo.core.security.handler.Authenticator;
import org.apache.accumulo.core.security.thrift.AuthInfo;
import org.apache.accumulo.core.security.thrift.TCredentials;
import org.apache.accumulo.core.security.tokens.AuthenticationToken;
@@ -98,8 +100,9 @@ public interface Instance {
* when a user's credentials are invalid
* @deprecated since 1.5, use {@link #getConnector(String, AuthenticationToken)}
*/
+ @Deprecated
public abstract Connector getConnector(AuthInfo auth) throws AccumuloException, AccumuloSecurityException;
-
+
/**
* Returns a connection to accumulo.
*
@@ -144,26 +147,25 @@ public interface Instance {
* accumulo configuration
*/
public abstract void setConfiguration(AccumuloConfiguration conf);
-
+
/**
- * @return the canonical name of the helper class for the security token from the authenticator, if one exists.
+ * @return the canonical name of the helper class for the security token from the authenticator, if one exists.
* @throws AccumuloException
*/
public abstract String getAuthenticatorClassName() throws AccumuloException;
-
+
/**
* @param principal
* @param token
- * A known SecurityToken type. If uncertain which should be provided, use {@link #getAuthenticatorClassName()} and {@link Authenticator#login(Properties)}
- * @return
+ * A known SecurityToken type. If uncertain which should be provided, use {@link #getAuthenticatorClassName()} and
+ * {@link Authenticator#login(Properties)}
* @throws AccumuloException
* @throws AccumuloSecurityException
*/
Connector getConnector(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException;
-
+
/**
* @param auth
- * @return
* @throws AccumuloException
* @throws AccumuloSecurityException
*/
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java Sun Feb 24 15:18:46 2013
@@ -301,6 +301,7 @@ public class ZooKeeperInstance implement
}
}
+ @Deprecated
@Override
public Connector getConnector(AuthInfo auth) throws AccumuloException, AccumuloSecurityException {
return getConnector(auth.user, auth.password);
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperations.java Sun Feb 24 15:18:46 2013
@@ -24,6 +24,7 @@ import org.apache.accumulo.core.security
import org.apache.accumulo.core.security.SystemPermission;
import org.apache.accumulo.core.security.TablePermission;
import org.apache.accumulo.core.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.security.tokens.PasswordToken;
/**
* Provides a class for managing users and permissions
@@ -43,7 +44,7 @@ public interface SecurityOperations {
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to create a user
- * @deprecated Use {@link #createUser(String, AuthenticationToken)} instead
+ * @deprecated since 1.5.0; use {@link #createLocalUser(String, PasswordToken)} or the user management functions of your configured authenticator instead.
*/
@Deprecated
public void createUser(String user, byte[] password, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException;
@@ -52,15 +53,16 @@ public interface SecurityOperations {
* Create a user
*
* @param principal
- * the principal being created
- * @param token
- * the security token with the information about the user to create
+ * the name of the user to create
+ * @param password
+ * the plaintext password for the user
* @throws AccumuloException
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to create a user
+ * @since 1.5.0
*/
- public void createUser(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException;
+ public void createLocalUser(String principal, PasswordToken password) throws AccumuloException, AccumuloSecurityException;
/**
* Delete a user
@@ -71,10 +73,25 @@ public interface SecurityOperations {
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to delete a user
+ * @deprecated since 1.5.0; use {@link #dropUser(String)} or the user management functions of your configured authenticator instead.
*/
+ @Deprecated
public void dropUser(String user) throws AccumuloException, AccumuloSecurityException;
/**
+ * Delete a user
+ *
+ * @param principal
+ * the user name to delete
+ * @throws AccumuloException
+ * if a general error occurs
+ * @throws AccumuloSecurityException
+ * if the user does not have permission to delete a user
+ * @since 1.5.0
+ */
+ public void dropLocalUser(String principal) throws AccumuloException, AccumuloSecurityException;
+
+ /**
* Verify a username/password combination is valid
*
* @param user
@@ -86,8 +103,9 @@ public interface SecurityOperations {
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to ask
- * @deprecated see {@link #authenticateUser(String, AuthenticationToken)}
+ * @deprecated since 1.5.0; use {@link #authenticateUser(String, AuthenticationToken)} instead.
*/
+ @Deprecated
public boolean authenticateUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException;
/**
@@ -102,9 +120,10 @@ public interface SecurityOperations {
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to ask
+ * @since 1.5.0
*/
- boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException;
-
+ public boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException;
+
/**
* Set the user's password
*
@@ -116,14 +135,31 @@ public interface SecurityOperations {
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to modify a user
- * @deprecated see {@link #changeLoginInfo(String, AuthenticationToken)}
+ * @deprecated since 1.5.0; use {@link #changeLocalUserPassword(String, PasswordToken)} or the user management functions of your configured authenticator
+ * instead.
*/
+ @Deprecated
public void changeUserPassword(String user, byte[] password) throws AccumuloException, AccumuloSecurityException;
/**
+ * Set the user's password
+ *
+ * @param principal
+ * the name of the user to modify
+ * @param token
+ * the plaintext password for the user
+ * @throws AccumuloException
+ * if a general error occurs
+ * @throws AccumuloSecurityException
+ * if the user does not have permission to modify a user
+ * @since 1.5.0
+ */
+ public void changeLocalUserPassword(String principal, PasswordToken token) throws AccumuloException, AccumuloSecurityException;
+
+ /**
* Set the user's record-level authorizations
*
- * @param user
+ * @param principal
* the name of the user to modify
* @param authorizations
* the authorizations that the user has for scanning
@@ -132,12 +168,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to modify a user
*/
- public void changeUserAuthorizations(String user, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException;
+ public void changeUserAuthorizations(String principal, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException;
/**
* Retrieves the user's authorizations for scanning
*
- * @param user
+ * @param principal
* the name of the user to query
* @return the set of authorizations the user has available for scanning
* @throws AccumuloException
@@ -145,12 +181,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to query a user
*/
- public Authorizations getUserAuthorizations(String user) throws AccumuloException, AccumuloSecurityException;
+ public Authorizations getUserAuthorizations(String principal) throws AccumuloException, AccumuloSecurityException;
/**
* Verify the user has a particular system permission
*
- * @param user
+ * @param principal
* the name of the user to query
* @param perm
* the system permission to check for
@@ -160,12 +196,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to query a user
*/
- public boolean hasSystemPermission(String user, SystemPermission perm) throws AccumuloException, AccumuloSecurityException;
+ public boolean hasSystemPermission(String principal, SystemPermission perm) throws AccumuloException, AccumuloSecurityException;
/**
* Verify the user has a particular table permission
*
- * @param user
+ * @param principal
* the name of the user to query
* @param table
* the name of the table to query about
@@ -177,12 +213,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to query a user
*/
- public boolean hasTablePermission(String user, String table, TablePermission perm) throws AccumuloException, AccumuloSecurityException;
+ public boolean hasTablePermission(String principal, String table, TablePermission perm) throws AccumuloException, AccumuloSecurityException;
/**
* Grant a user a system permission
*
- * @param user
+ * @param principal
* the name of the user to modify
* @param permission
* the system permission to grant to the user
@@ -191,12 +227,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to grant a user permissions
*/
- public void grantSystemPermission(String user, SystemPermission permission) throws AccumuloException, AccumuloSecurityException;
+ public void grantSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException;
/**
* Grant a user a specific permission for a specific table
*
- * @param user
+ * @param principal
* the name of the user to modify
* @param table
* the name of the table to modify for the user
@@ -207,12 +243,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to grant a user permissions
*/
- public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException;
+ public void grantTablePermission(String principal, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException;
/**
* Revoke a system permission from a user
*
- * @param user
+ * @param principal
* the name of the user to modify
* @param permission
* the system permission to revoke for the user
@@ -221,12 +257,12 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to revoke a user's permissions
*/
- public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloException, AccumuloSecurityException;
+ public void revokeSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException;
/**
* Revoke a table permission for a specific user on a specific table
*
- * @param user
+ * @param principal
* the name of the user to modify
* @param table
* the name of the table to modify for the user
@@ -237,7 +273,7 @@ public interface SecurityOperations {
* @throws AccumuloSecurityException
* if the user does not have permission to revoke a user's permissions
*/
- public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException;
+ public void revokeTablePermission(String principal, String table, TablePermission permission) throws AccumuloException, AccumuloSecurityException;
/**
* Return a list of users in accumulo
@@ -247,21 +283,21 @@ public interface SecurityOperations {
* if a general error occurs
* @throws AccumuloSecurityException
* if the user does not have permission to query users
+ * @deprecated since 1.5.0; use {@link #listLocalUsers()} or the user management functions of your configured authenticator instead.
*/
+ @Deprecated
public Set<String> listUsers() throws AccumuloException, AccumuloSecurityException;
-
+
/**
- * Set the user's password
+ * Return a list of users in accumulo
*
- * @param principal
- * the principal who's password is to be changed
- * @param token
- * the security token with the information about the user to modify
+ * @return a set of user names
* @throws AccumuloException
* if a general error occurs
* @throws AccumuloSecurityException
- * if the user does not have permission to modify a user
+ * if the user does not have permission to query users
+ * @since 1.5.0
*/
- void changeLoginInfo(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException;
-
+ public Set<String> listLocalUsers() throws AccumuloException, AccumuloSecurityException;
+
}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/admin/SecurityOperationsImpl.java Sun Feb 24 15:18:46 2013
@@ -82,12 +82,6 @@ public class SecurityOperationsImpl impl
}
}
- /**
- * @param instance
- * the connection information
- * @param credentials
- * the user credentials to use for security operations
- */
public SecurityOperationsImpl(Instance instance, TCredentials credentials) {
ArgumentChecker.notNull(instance, credentials);
this.instance = instance;
@@ -96,79 +90,43 @@ public class SecurityOperationsImpl impl
@Deprecated
@Override
- public void createUser(final String user, final byte[] password, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
- createUser(user, new PasswordToken(password));
+ public void createUser(String user, byte[] password, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
+ createLocalUser(user, new PasswordToken(password));
changeUserAuthorizations(user, authorizations);
}
- /**
- * Create a user
- *
- * @param principal
- * the principal to create
- * @param token
- * the security token with the information about the user to create
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to create a user
- */
@Override
- public void createUser(final String principal, final AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
- _createUser(principal, token);
- }
-
- // Private method because the token/authorization constructor is something which is essentially new and depreciated.
- private void _createUser(final String principal, final AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(principal, token);
+ public void createLocalUser(final String principal, final PasswordToken password) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, password);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.createLocalUser(Tracer.traceInfo(), credentials, principal, ByteBuffer.wrap(((PasswordToken) token).getPassword()));
+ client.createLocalUser(Tracer.traceInfo(), credentials, principal, ByteBuffer.wrap(password.getPassword()));
}
});
}
- /**
- * Delete a user
- *
- * @param user
- * the user name to delete
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to delete a user
- */
+ @Deprecated
@Override
public void dropUser(final String user) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user);
+ dropLocalUser(user);
+ }
+
+ @Override
+ public void dropLocalUser(final String principal) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.dropLocalUser(Tracer.traceInfo(), credentials, user);
+ client.dropLocalUser(Tracer.traceInfo(), credentials, principal);
}
});
}
- /**
- * Verify a username/password combination is valid
- *
- * @param principal
- * the name of the user to authenticate
- * @param token
- * the plaintext password for the user
- * @return true if the user asking is allowed to know and the specified user/password is valid, false otherwise
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to ask
- * @deprecated see {@link #authenticateUser(String, AuthenticationToken)}
- */
@Deprecated
@Override
- public boolean authenticateUser(final String principal, final byte[] token) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(token);
- return authenticateUser(principal, new PasswordToken(token));
+ public boolean authenticateUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException {
+ return authenticateUser(user, new PasswordToken(password));
}
@Override
@@ -183,34 +141,20 @@ public class SecurityOperationsImpl impl
});
}
- /**
- * Set the user's password
- *
- * @param principal
- * the principal who's password is to be changed
- * @param token
- * the security token with the information about the user to modify
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to modify a user
- * @deprecated
- */
@Override
@Deprecated
- public void changeUserPassword(final String principal, final byte[] token) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(token);
- changeLoginInfo(principal, new PasswordToken(token));
+ public void changeUserPassword(String user, byte[] password) throws AccumuloException, AccumuloSecurityException {
+ changeLocalUserPassword(user, new PasswordToken(password));
}
@Override
- public void changeLoginInfo(final String principal, final AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
+ public void changeLocalUserPassword(final String principal, final PasswordToken token) throws AccumuloException, AccumuloSecurityException {
ArgumentChecker.notNull(principal, token);
final TCredentials toChange = CredentialHelper.create(principal, token, instance.getInstanceID());
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.changeLocalUserPassword(Tracer.traceInfo(), credentials, principal, ByteBuffer.wrap(((PasswordToken) token).getPassword()));
+ client.changeLocalUserPassword(Tracer.traceInfo(), credentials, principal, ByteBuffer.wrap(token.getPassword()));
}
});
if (this.credentials.principal.equals(principal)) {
@@ -218,209 +162,104 @@ public class SecurityOperationsImpl impl
}
}
- /**
- * Set the user's record-level authorizations
- *
- * @param user
- * the name of the user to modify
- * @param authorizations
- * the authorizations that the user has for scanning
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to modify a user
- */
@Override
- public void changeUserAuthorizations(final String user, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user, authorizations);
+ public void changeUserAuthorizations(final String principal, final Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, authorizations);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.changeAuthorizations(Tracer.traceInfo(), credentials, user, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
+ client.changeAuthorizations(Tracer.traceInfo(), credentials, principal, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()));
}
});
}
- /**
- * Retrieves the user's authorizations for scanning
- *
- * @param user
- * the name of the user to query
- * @return the set of authorizations the user has available for scanning
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to query a user
- */
@Override
- public Authorizations getUserAuthorizations(final String user) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user);
+ public Authorizations getUserAuthorizations(final String principal) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal);
return execute(new ClientExecReturn<Authorizations,ClientService.Client>() {
@Override
public Authorizations execute(ClientService.Client client) throws Exception {
- return new Authorizations(client.getUserAuthorizations(Tracer.traceInfo(), credentials, user));
+ return new Authorizations(client.getUserAuthorizations(Tracer.traceInfo(), credentials, principal));
}
});
}
- /**
- * Verify the user has a particular system permission
- *
- * @param user
- * the name of the user to query
- * @param perm
- * the system permission to check for
- * @return true if user has that permission; false otherwise
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to query a user
- */
@Override
- public boolean hasSystemPermission(final String user, final SystemPermission perm) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user, perm);
+ public boolean hasSystemPermission(final String principal, final SystemPermission perm) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, perm);
return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
@Override
public Boolean execute(ClientService.Client client) throws Exception {
- return client.hasSystemPermission(Tracer.traceInfo(), credentials, user, perm.getId());
+ return client.hasSystemPermission(Tracer.traceInfo(), credentials, principal, perm.getId());
}
});
}
- /**
- * Verify the user has a particular table permission
- *
- * @param user
- * the name of the user to query
- * @param table
- * the name of the table to query about
- * @param perm
- * the table permission to check for
- * @return true if user has that permission; false otherwise
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to query a user
- */
@Override
- public boolean hasTablePermission(final String user, final String table, final TablePermission perm) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user, table, perm);
+ public boolean hasTablePermission(final String principal, final String table, final TablePermission perm) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, table, perm);
return execute(new ClientExecReturn<Boolean,ClientService.Client>() {
@Override
public Boolean execute(ClientService.Client client) throws Exception {
- return client.hasTablePermission(Tracer.traceInfo(), credentials, user, table, perm.getId());
+ return client.hasTablePermission(Tracer.traceInfo(), credentials, principal, table, perm.getId());
}
});
}
- /**
- * Grant a user a system permission
- *
- * @param user
- * the name of the user to modify
- * @param permission
- * the system permission to grant to the user
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to grant a user permissions
- */
@Override
- public void grantSystemPermission(final String user, final SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user, permission);
+ public void grantSystemPermission(final String principal, final SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, permission);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.grantSystemPermission(Tracer.traceInfo(), credentials, user, permission.getId());
+ client.grantSystemPermission(Tracer.traceInfo(), credentials, principal, permission.getId());
}
});
}
- /**
- * Grant a user a specific permission for a specific table
- *
- * @param user
- * the name of the user to modify
- * @param table
- * the name of the table to modify for the user
- * @param permission
- * the table permission to grant to the user
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to grant a user permissions
- */
@Override
- public void grantTablePermission(final String user, final String table, final TablePermission permission) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user, table, permission);
+ public void grantTablePermission(final String principal, final String table, final TablePermission permission) throws AccumuloException,
+ AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, table, permission);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.grantTablePermission(Tracer.traceInfo(), credentials, user, table, permission.getId());
+ client.grantTablePermission(Tracer.traceInfo(), credentials, principal, table, permission.getId());
}
});
}
- /**
- * Revoke a system permission from a user
- *
- * @param user
- * the name of the user to modify
- * @param permission
- * the system permission to revoke for the user
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to revoke a user's permissions
- */
@Override
- public void revokeSystemPermission(final String user, final SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
- ArgumentChecker.notNull(user, permission);
+ public void revokeSystemPermission(final String principal, final SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
+ ArgumentChecker.notNull(principal, permission);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.revokeSystemPermission(Tracer.traceInfo(), credentials, user, permission.getId());
+ client.revokeSystemPermission(Tracer.traceInfo(), credentials, principal, permission.getId());
}
});
}
- /**
- * Revoke a table permission for a specific user on a specific table
- *
- * @param user
- * the name of the user to modify
- * @param table
- * the name of the table to modify for the user
- * @param permission
- * the table permission to revoke for the user
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to revoke a user's permissions
- */
@Override
- public void revokeTablePermission(final String user, final String table, final TablePermission permission) throws AccumuloException,
+ public void revokeTablePermission(final String principal, final String table, final TablePermission permission) throws AccumuloException,
AccumuloSecurityException {
- ArgumentChecker.notNull(user, table, permission);
+ ArgumentChecker.notNull(principal, table, permission);
execute(new ClientExec<ClientService.Client>() {
@Override
public void execute(ClientService.Client client) throws Exception {
- client.revokeTablePermission(Tracer.traceInfo(), credentials, user, table, permission.getId());
+ client.revokeTablePermission(Tracer.traceInfo(), credentials, principal, table, permission.getId());
}
});
}
- /**
- * Return a list of users in accumulo
- *
- * @return a set of user names
- * @throws AccumuloException
- * if a general error occurs
- * @throws AccumuloSecurityException
- * if the user does not have permission to query users
- */
+ @Deprecated
@Override
public Set<String> listUsers() throws AccumuloException, AccumuloSecurityException {
+ return listLocalUsers();
+ }
+
+ @Override
+ public Set<String> listLocalUsers() throws AccumuloException, AccumuloSecurityException {
return execute(new ClientExecReturn<Set<String>,ClientService.Client>() {
@Override
public Set<String> execute(ClientService.Client client) throws Exception {
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/impl/ConnectorImpl.java Sun Feb 24 15:18:46 2013
@@ -55,11 +55,6 @@ public class ConnectorImpl extends Conne
*
* Use {@link Instance#getConnector(String, byte[])}
*
- * @param instance
- * @param user
- * @param password
- * @throws AccumuloException
- * @throws AccumuloSecurityException
* @see Instance#getConnector(String user, byte[] password)
* @deprecated Not for client use
*/
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java Sun Feb 24 15:18:46 2013
@@ -22,6 +22,7 @@ import java.util.Map.Entry;
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.security.Authorizations;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.util.format.DefaultFormatter;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.mapred.InputFormat;
@@ -37,7 +38,7 @@ import org.apache.hadoop.mapred.Reporter
* The user must specify the following via static configurator methods:
*
* <ul>
- * <li>{@link AccumuloInputFormat#setConnectorInfo(JobConf, String, byte[])} OR {@link AccumuloInputFormat#setConnectorInfo(JobConf, Path)}
+ * <li>{@link AccumuloInputFormat#setConnectorInfo(JobConf, String, AuthenticationToken)} OR {@link AccumuloInputFormat#setConnectorInfo(JobConf, Path)}
* <li>{@link AccumuloInputFormat#setInputTableName(JobConf, String)}
* <li>{@link AccumuloInputFormat#setScanAuthorizations(JobConf, Authorizations)}
* <li>{@link AccumuloInputFormat#setZooKeeperInstance(JobConf, String, String)} OR {@link AccumuloInputFormat#setMockInstance(JobConf, String)}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java Sun Feb 24 15:18:46 2013
@@ -61,7 +61,7 @@ import org.apache.log4j.Logger;
* The user must specify the following via static configurator methods:
*
* <ul>
- * <li>{@link AccumuloOutputFormat#setConnectorInfo(JobConf, String, byte[])}
+ * <li>{@link AccumuloOutputFormat#setConnectorInfo(JobConf, String, AuthenticationToken)}
* <li>{@link AccumuloOutputFormat#setZooKeeperInstance(JobConf, String, String)} OR {@link AccumuloOutputFormat#setMockInstance(JobConf, String)}
* </ul>
*
@@ -85,7 +85,7 @@ public class AccumuloOutputFormat implem
* a valid Accumulo user name (user must have Table.CREATE permission if {@link #setCreateTables(JobConf, boolean)} is set to true)
* @param token
* the user's password
- * @throws AccumuloSecurityException
+ * @throws AccumuloSecurityException
* @since 1.5.0
*/
public static void setConnectorInfo(JobConf job, String principal, AuthenticationToken token) throws AccumuloSecurityException {
@@ -96,12 +96,13 @@ public class AccumuloOutputFormat implem
* Sets the connector information needed to communicate with Accumulo in this job. The authentication information will be read from the specified file when
* the job runs. This prevents the user's token from being exposed on the Job Tracker web page. The specified path will be placed in the
* {@link DistributedCache}, for better performance during job execution. Users can create the contents of this file using
- * {@link TokenHelper#asBase64String(AccumuloToken)}.
+ * {@link CredentialHelper#asBase64String(org.apache.accumulo.core.security.thrift.TCredentials)}.
*
* @param job
* the Hadoop job instance to be configured
* @param path
- * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AccumuloToken} with the user's authentication
+ * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AuthenticationToken} with the user's
+ * authentication
* @since 1.5.0
*/
public static void setConnectorInfo(JobConf job, Path path) {
@@ -115,7 +116,7 @@ public class AccumuloOutputFormat implem
* the Hadoop context for the configured job
* @return true if the connector has been configured, false otherwise
* @since 1.5.0
- * @see #setConnectorInfo(JobConf, String, byte[])
+ * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
* @see #setConnectorInfo(JobConf, Path)
*/
protected static Boolean isConnectorInfoSet(JobConf job) {
@@ -158,7 +159,7 @@ public class AccumuloOutputFormat implem
* the Hadoop context for the configured job
* @return the decoded user password
* @since 1.5.0
- * @see #setConnectorInfo(JobConf, String, byte[])
+ * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
*/
protected static byte[] getToken(JobConf job) {
return OutputConfigurator.getToken(CLASS, job);
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java Sun Feb 24 15:18:46 2013
@@ -23,6 +23,7 @@ import org.apache.accumulo.core.client.R
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.security.Authorizations;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.util.PeekingIterator;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.io.Text;
@@ -39,7 +40,7 @@ import org.apache.hadoop.mapred.Reporter
* The user must specify the following via static configurator methods:
*
* <ul>
- * <li>{@link AccumuloRowInputFormat#setConnectorInfo(JobConf, String, byte[])} OR {@link AccumuloRowInputFormat#setConnectorInfo(JobConf, Path)}
+ * <li>{@link AccumuloRowInputFormat#setConnectorInfo(JobConf, String, AuthenticationToken)} OR {@link AccumuloRowInputFormat#setConnectorInfo(JobConf, Path)}
* <li>{@link AccumuloRowInputFormat#setInputTableName(JobConf, String)}
* <li>{@link AccumuloRowInputFormat#setScanAuthorizations(JobConf, Authorizations)}
* <li>{@link AccumuloRowInputFormat#setZooKeeperInstance(JobConf, String, String)} OR {@link AccumuloRowInputFormat#setMockInstance(JobConf, String)}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java Sun Feb 24 15:18:46 2013
@@ -98,7 +98,7 @@ public abstract class InputFormatBase<K,
* a valid Accumulo user name (user must have Table.CREATE permission)
* @param token
* the user's password
- * @throws AccumuloSecurityException
+ * @throws AccumuloSecurityException
* @since 1.5.0
*/
public static void setConnectorInfo(JobConf job, String principal, AuthenticationToken token) throws AccumuloSecurityException {
@@ -109,12 +109,13 @@ public abstract class InputFormatBase<K,
* Sets the connector information needed to communicate with Accumulo in this job. The authentication information will be read from the specified file when
* the job runs. This prevents the user's token from being exposed on the Job Tracker web page. The specified path will be placed in the
* {@link DistributedCache}, for better performance during job execution. Users can create the contents of this file using
- * {@link TokenHelper#asBase64String(AccumuloToken)}.
+ * {@link CredentialHelper#asBase64String(TCredentials)}.
*
* @param job
* the Hadoop job instance to be configured
* @param path
- * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AccumuloToken} with the user's authentication
+ * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AuthenticationToken} with the user's
+ * authentication
* @since 1.5.0
*/
public static void setConnectorInfo(JobConf job, Path path) {
@@ -128,7 +129,7 @@ public abstract class InputFormatBase<K,
* the Hadoop context for the configured job
* @return true if the connector has been configured, false otherwise
* @since 1.5.0
- * @see #setConnectorInfo(JobConf, String, byte[])
+ * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
* @see #setConnectorInfo(JobConf, Path)
*/
protected static Boolean isConnectorInfoSet(JobConf job) {
@@ -171,7 +172,7 @@ public abstract class InputFormatBase<K,
* the Hadoop context for the configured job
* @return the decoded user password
* @since 1.5.0
- * @see #setConnectorInfo(JobConf, String, byte[])
+ * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
*/
protected static byte[] getPassword(JobConf job) {
return InputConfigurator.getToken(CLASS, job);
@@ -593,8 +594,8 @@ public abstract class InputFormatBase<K,
log.debug("Creating scanner for table: " + getInputTableName(job));
log.debug("Authorizations are: " + authorizations);
if (isOfflineScan(job)) {
- scanner = new OfflineScanner(instance, new TCredentials(user, tokenClass, ByteBuffer.wrap(password), instance.getInstanceID()), Tables.getTableId(instance,
- getInputTableName(job)), authorizations);
+ scanner = new OfflineScanner(instance, new TCredentials(user, tokenClass, ByteBuffer.wrap(password), instance.getInstanceID()), Tables.getTableId(
+ instance, getInputTableName(job)), authorizations);
} else {
scanner = conn.createScanner(getInputTableName(job), authorizations);
}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java Sun Feb 24 15:18:46 2013
@@ -22,6 +22,7 @@ import java.util.Map.Entry;
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.security.Authorizations;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.util.format.DefaultFormatter;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.mapreduce.InputFormat;
@@ -37,7 +38,7 @@ import org.apache.hadoop.mapreduce.TaskA
* The user must specify the following via static configurator methods:
*
* <ul>
- * <li>{@link AccumuloInputFormat#setConnectorInfo(Job, String, byte[])} OR {@link AccumuloInputFormat#setConnectorInfo(Job, Path)}
+ * <li>{@link AccumuloInputFormat#setConnectorInfo(Job, String, AuthenticationToken)} OR {@link AccumuloInputFormat#setConnectorInfo(Job, Path)}
* <li>{@link AccumuloInputFormat#setInputTableName(Job, String)}
* <li>{@link AccumuloInputFormat#setScanAuthorizations(Job, Authorizations)}
* <li>{@link AccumuloInputFormat#setZooKeeperInstance(Job, String, String)} OR {@link AccumuloInputFormat#setMockInstance(Job, String)}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java Sun Feb 24 15:18:46 2013
@@ -65,7 +65,7 @@ import org.apache.log4j.Logger;
* The user must specify the following via static configurator methods:
*
* <ul>
- * <li>{@link AccumuloOutputFormat#setConnectorInfo(Job, String, byte[])} OR {@link AccumuloOutputFormat#setConnectorInfo(Job, Path)}
+ * <li>{@link AccumuloOutputFormat#setConnectorInfo(Job, String, AuthenticationToken)} OR {@link AccumuloOutputFormat#setConnectorInfo(Job, Path)}
* <li>{@link AccumuloOutputFormat#setZooKeeperInstance(Job, String, String)} OR {@link AccumuloOutputFormat#setMockInstance(Job, String)}
* </ul>
*
@@ -100,12 +100,13 @@ public class AccumuloOutputFormat extend
* Sets the connector information needed to communicate with Accumulo in this job. The authentication information will be read from the specified file when
* the job runs. This prevents the user's token from being exposed on the Job Tracker web page. The specified path will be placed in the
* {@link DistributedCache}, for better performance during job execution. Users can create the contents of this file using
- * {@link TokenHelper#asBase64String(AccumuloToken)}.
+ * {@link CredentialHelper#asBase64String(org.apache.accumulo.core.security.thrift.TCredentials)}.
*
* @param job
* the Hadoop job instance to be configured
* @param path
- * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AccumuloToken} with the user's authentication
+ * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AuthenticationToken} with the user's
+ * authentication
* @since 1.5.0
*/
public static void setConnectorInfo(Job job, Path path) {
@@ -119,7 +120,7 @@ public class AccumuloOutputFormat extend
* the Hadoop context for the configured job
* @return true if the connector has been configured, false otherwise
* @since 1.5.0
- * @see #setConnectorInfo(Job, AccumuloToken)
+ * @see #setConnectorInfo(Job, String, AuthenticationToken)
* @see #setConnectorInfo(Job, Path)
*/
protected static Boolean isConnectorInfoSet(JobContext context) {
@@ -162,7 +163,7 @@ public class AccumuloOutputFormat extend
* the Hadoop context for the configured job
* @return the decoded user password
* @since 1.5.0
- * @see #setConnectorInfo(Job, String, byte[])
+ * @see #setConnectorInfo(Job, String, AuthenticationToken)
*/
protected static byte[] getToken(JobContext context) {
return OutputConfigurator.getToken(CLASS, context.getConfiguration());
@@ -543,8 +544,8 @@ public class AccumuloOutputFormat extend
// ----------------------------------------------------------------------------------------------------
/**
- * @deprecated since 1.5.0; Use {@link #setConnectorInfo(Job, String, byte[])}, {@link #setConnectorInfo(Job, Path)}, {@link #setCreateTables(Job, boolean)},
- * and {@link #setDefaultTableName(Job, String)} instead.
+ * @deprecated since 1.5.0; Use {@link #setConnectorInfo(Job, String, AuthenticationToken)}, {@link #setConnectorInfo(Job, Path)},
+ * {@link #setCreateTables(Job, boolean)}, and {@link #setDefaultTableName(Job, String)} instead.
*/
@Deprecated
public static void setOutputInfo(Configuration conf, String user, byte[] passwd, boolean createTables, String defaultTable) {
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java Sun Feb 24 15:18:46 2013
@@ -23,6 +23,7 @@ import org.apache.accumulo.core.client.R
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.security.Authorizations;
+import org.apache.accumulo.core.security.tokens.AuthenticationToken;
import org.apache.accumulo.core.util.PeekingIterator;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.io.Text;
@@ -39,7 +40,7 @@ import org.apache.hadoop.mapreduce.TaskA
* The user must specify the following via static configurator methods:
*
* <ul>
- * <li>{@link AccumuloRowInputFormat#setConnectorInfo(Job, String, byte[])} OR {@link AccumuloRowInputFormat#setConnectorInfo(Job, Path)}
+ * <li>{@link AccumuloRowInputFormat#setConnectorInfo(Job, String, AuthenticationToken)} OR {@link AccumuloRowInputFormat#setConnectorInfo(Job, Path)}
* <li>{@link AccumuloRowInputFormat#setInputTableName(Job, String)}
* <li>{@link AccumuloRowInputFormat#setScanAuthorizations(Job, Authorizations)}
* <li>{@link AccumuloRowInputFormat#setZooKeeperInstance(Job, String, String)} OR {@link AccumuloRowInputFormat#setMockInstance(Job, String)}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java Sun Feb 24 15:18:46 2013
@@ -122,12 +122,13 @@ public abstract class InputFormatBase<K,
* Sets the connector information needed to communicate with Accumulo in this job. The authentication information will be read from the specified file when
* the job runs. This prevents the user's token from being exposed on the Job Tracker web page. The specified path will be placed in the
* {@link DistributedCache}, for better performance during job execution. Users can create the contents of this file using
- * {@link TokenHelper#asBase64String(AccumuloToken)}.
+ * {@link CredentialHelper#asBase64String(TCredentials)}.
*
* @param job
* the Hadoop job instance to be configured
* @param path
- * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AccumuloToken} with the user's authentication
+ * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AuthenticationToken} with the user's
+ * authentication
* @since 1.5.0
*/
public static void setConnectorInfo(Job job, Path path) {
@@ -141,7 +142,7 @@ public abstract class InputFormatBase<K,
* the Hadoop context for the configured job
* @return true if the connector has been configured, false otherwise
* @since 1.5.0
- * @see #setConnectorInfo(Job, String, byte[])
+ * @see #setConnectorInfo(Job, String, AuthenticationToken)
* @see #setConnectorInfo(Job, Path)
*/
protected static Boolean isConnectorInfoSet(JobContext context) {
@@ -184,7 +185,7 @@ public abstract class InputFormatBase<K,
* the Hadoop context for the configured job
* @return the decoded user password
* @since 1.5.0
- * @see #setConnectorInfo(Job, String, byte[])
+ * @see #setConnectorInfo(Job, String, AuthenticationToken)
*/
protected static byte[] getToken(JobContext context) {
return InputConfigurator.getToken(CLASS, context.getConfiguration());
@@ -1006,7 +1007,7 @@ public abstract class InputFormatBase<K,
}
/**
- * @deprecated since 1.5.0; Use {@link #setConnectorInfo(Job, String, byte[])}, {@link #setInputTableName(Job, String)}, and
+ * @deprecated since 1.5.0; Use {@link #setConnectorInfo(Job, String, AuthenticationToken)}, {@link #setInputTableName(Job, String)}, and
* {@link #setScanAuthorizations(Job, Authorizations)} instead.
*/
@Deprecated
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java Sun Feb 24 15:18:46 2013
@@ -95,10 +95,11 @@ public class ConfiguratorBase {
* a valid Accumulo user name
* @param token
* the user's password
- * @throws AccumuloSecurityException
+ * @throws AccumuloSecurityException
* @since 1.5.0
*/
- public static void setConnectorInfo(Class<?> implementingClass, Configuration conf, String principal, AuthenticationToken token) throws AccumuloSecurityException {
+ public static void setConnectorInfo(Class<?> implementingClass, Configuration conf, String principal, AuthenticationToken token)
+ throws AccumuloSecurityException {
if (isConnectorInfoSet(implementingClass, conf))
throw new IllegalStateException("Connector info for " + implementingClass.getSimpleName() + " can only be set once per job");
@@ -113,14 +114,15 @@ public class ConfiguratorBase {
* Sets the connector information needed to communicate with Accumulo in this job. The authentication information will be read from the specified file when
* the job runs. This prevents the user's token from being exposed on the Job Tracker web page. The specified path will be placed in the
* {@link DistributedCache}, for better performance during job execution. Users can create the contents of this file using
- * {@link TokenHelper#asBase64String(AccumuloToken)}.
+ * {@link CredentialHelper#asBase64String(org.apache.accumulo.core.security.thrift.TCredentials)}.
*
* @param implementingClass
* the class whose name will be used as a prefix for the property configuration key
* @param conf
* the Hadoop configuration object to configure
* @param path
- * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AccumuloToken} with the user's authentication
+ * the path to a file in the configured file system, containing the serialized, base-64 encoded {@link AuthenticationToken} with the user's
+ * authentication
* @since 1.5.0
*/
public static void setConnectorInfo(Class<?> implementingClass, Configuration conf, Path path) {
@@ -144,7 +146,7 @@ public class ConfiguratorBase {
* the Hadoop configuration object to configure
* @return true if the connector info has already been set, false otherwise
* @since 1.5.0
- * @see #setConnectorInfo(Class, Configuration, String, byte[])
+ * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken)
* @see #setConnectorInfo(Class, Configuration, Path)
*/
public static Boolean isConnectorInfoSet(Class<?> implementingClass, Configuration conf) {
@@ -166,7 +168,7 @@ public class ConfiguratorBase {
public static String getPrincipal(Class<?> implementingClass, Configuration conf) {
return conf.get(enumToConfKey(implementingClass, ConnectorInfo.PRINCIPAL));
}
-
+
/**
* Gets the serialized token class from the configuration.
*
@@ -193,7 +195,7 @@ public class ConfiguratorBase {
* the Hadoop configuration object to configure
* @return the decoded principal's authentication token
* @since 1.5.0
- * @see #setConnectorInfo(Class, Configuration, String, byte[])
+ * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken)
*/
public static byte[] getToken(Class<?> implementingClass, Configuration conf) {
return Base64.decodeBase64(conf.get(enumToConfKey(implementingClass, ConnectorInfo.TOKEN), "").getBytes(Charset.forName("UTF-8")));
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockInstance.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockInstance.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockInstance.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockInstance.java Sun Feb 24 15:18:46 2013
@@ -145,6 +145,7 @@ public class MockInstance implements Ins
this.conf = conf;
}
+ @Deprecated
@Override
public Connector getConnector(AuthInfo auth) throws AccumuloException, AccumuloSecurityException {
return getConnector(auth.user, auth.password);
@@ -159,7 +160,7 @@ public class MockInstance implements Ins
public Connector getConnector(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
Connector conn = new MockConnector(principal, acu, this);
if (!acu.users.containsKey(principal))
- conn.securityOperations().createUser(principal, token);
+ conn.securityOperations().createLocalUser(principal, (PasswordToken) token);
else if (!acu.users.get(principal).token.equals(token))
throw new AccumuloSecurityException(principal, SecurityErrorCode.BAD_CREDENTIALS);
return conn;
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockSecurityOperations.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockSecurityOperations.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockSecurityOperations.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/client/mock/MockSecurityOperations.java Sun Feb 24 15:18:46 2013
@@ -37,139 +37,149 @@ public class MockSecurityOperations impl
this.acu = acu;
}
- /**
- * @deprecated Use {@link #createUser(String,byte[])} instead
- */
@Deprecated
@Override
public void createUser(String user, byte[] password, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
- this.acu.users.put(user, new MockUser(user, new PasswordToken(password), authorizations));
+ createLocalUser(user, new PasswordToken(password));
+ changeUserAuthorizations(user, authorizations);
}
@Override
- public void createUser(String user, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
- this.acu.users.put(user, new MockUser(user, token, new Authorizations()));
+ public void createLocalUser(String principal, PasswordToken password) throws AccumuloException, AccumuloSecurityException {
+ this.acu.users.put(principal, new MockUser(principal, password, new Authorizations()));
}
+ @Deprecated
@Override
public void dropUser(String user) throws AccumuloException, AccumuloSecurityException {
- this.acu.users.remove(user);
+ dropLocalUser(user);
+ }
+
+ @Override
+ public void dropLocalUser(String principal) throws AccumuloException, AccumuloSecurityException {
+ this.acu.users.remove(principal);
}
@Deprecated
@Override
- public boolean authenticateUser(String name, byte[] password) throws AccumuloException, AccumuloSecurityException {
- return authenticateUser(name, new PasswordToken(password));
+ public boolean authenticateUser(String user, byte[] password) throws AccumuloException, AccumuloSecurityException {
+ return authenticateUser(user, new PasswordToken(password));
}
@Override
- public boolean authenticateUser(String name, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
+ public boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
if (user == null)
return false;
return user.token.equals(token);
}
+ @Deprecated
@Override
- public void changeLoginInfo(String name, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
- if (user != null)
- user.token = token.clone();
- else
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ public void changeUserPassword(String user, byte[] password) throws AccumuloException, AccumuloSecurityException {
+ changeLocalUserPassword(user, new PasswordToken(password));
}
- @Deprecated
@Override
- public void changeUserPassword(String name, byte[] password) throws AccumuloException, AccumuloSecurityException {
- changeLoginInfo(name, new PasswordToken(password));
+ public void changeLocalUserPassword(String principal, PasswordToken token) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
+ if (user != null)
+ user.token = token.clone();
+ else
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
}
@Override
- public void changeUserAuthorizations(String name, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
+ public void changeUserAuthorizations(String principal, Authorizations authorizations) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
if (user != null)
user.authorizations = authorizations;
else
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
}
@Override
- public Authorizations getUserAuthorizations(String name) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
+ public Authorizations getUserAuthorizations(String principal) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
if (user != null)
return user.authorizations;
else
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
}
@Override
- public boolean hasSystemPermission(String name, SystemPermission perm) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
+ public boolean hasSystemPermission(String principal, SystemPermission perm) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
if (user != null)
return user.permissions.contains(perm);
else
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
}
@Override
- public boolean hasTablePermission(String name, String tableName, TablePermission perm) throws AccumuloException, AccumuloSecurityException {
+ public boolean hasTablePermission(String principal, String tableName, TablePermission perm) throws AccumuloException, AccumuloSecurityException {
MockTable table = acu.tables.get(tableName);
if (table == null)
throw new AccumuloSecurityException(tableName, SecurityErrorCode.TABLE_DOESNT_EXIST);
- EnumSet<TablePermission> perms = table.userPermissions.get(name);
+ EnumSet<TablePermission> perms = table.userPermissions.get(principal);
if (perms == null)
return false;
return perms.contains(perm);
}
@Override
- public void grantSystemPermission(String name, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
+ public void grantSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
if (user != null)
user.permissions.add(permission);
else
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
}
@Override
- public void grantTablePermission(String name, String tableName, TablePermission permission) throws AccumuloException, AccumuloSecurityException {
- if (acu.users.get(name) == null)
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ public void grantTablePermission(String principal, String tableName, TablePermission permission) throws AccumuloException, AccumuloSecurityException {
+ if (acu.users.get(principal) == null)
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
MockTable table = acu.tables.get(tableName);
if (table == null)
throw new AccumuloSecurityException(tableName, SecurityErrorCode.TABLE_DOESNT_EXIST);
- EnumSet<TablePermission> perms = table.userPermissions.get(name);
+ EnumSet<TablePermission> perms = table.userPermissions.get(principal);
if (perms == null)
- table.userPermissions.put(name, EnumSet.of(permission));
+ table.userPermissions.put(principal, EnumSet.of(permission));
else
perms.add(permission);
}
@Override
- public void revokeSystemPermission(String name, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
- MockUser user = acu.users.get(name);
+ public void revokeSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
+ MockUser user = acu.users.get(principal);
if (user != null)
user.permissions.remove(permission);
else
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
}
@Override
- public void revokeTablePermission(String name, String tableName, TablePermission permission) throws AccumuloException, AccumuloSecurityException {
- if (acu.users.get(name) == null)
- throw new AccumuloSecurityException(name, SecurityErrorCode.USER_DOESNT_EXIST);
+ public void revokeTablePermission(String principal, String tableName, TablePermission permission) throws AccumuloException, AccumuloSecurityException {
+ if (acu.users.get(principal) == null)
+ throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST);
MockTable table = acu.tables.get(tableName);
if (table == null)
throw new AccumuloSecurityException(tableName, SecurityErrorCode.TABLE_DOESNT_EXIST);
- EnumSet<TablePermission> perms = table.userPermissions.get(name);
+ EnumSet<TablePermission> perms = table.userPermissions.get(principal);
if (perms != null)
perms.remove(permission);
}
+ @Deprecated
@Override
public Set<String> listUsers() throws AccumuloException, AccumuloSecurityException {
+ return listLocalUsers();
+ }
+
+ @Override
+ public Set<String> listLocalUsers() throws AccumuloException, AccumuloSecurityException {
return acu.users.keySet();
}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java Sun Feb 24 15:18:46 2013
@@ -519,7 +519,7 @@ public class Shell extends ShellOptions
} // user canceled
try {
- authFailed = !connector.securityOperations().authenticateUser(connector.whoami(), pwd.getBytes());
+ authFailed = !connector.securityOperations().authenticateUser(connector.whoami(), new PasswordToken(pwd));
} catch (Exception e) {
++exitCode;
printException(e);
@@ -601,7 +601,7 @@ public class Shell extends ShellOptions
Set<String> userlist = null;
try {
- userlist = connector.securityOperations().listUsers();
+ userlist = connector.securityOperations().listLocalUsers();
} catch (Exception e) {
log.debug("Unable to obtain list of users", e);
userlist = Collections.emptySet();
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/AuthenticateCommand.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/AuthenticateCommand.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/AuthenticateCommand.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/AuthenticateCommand.java Sun Feb 24 15:18:46 2013
@@ -22,6 +22,7 @@ import java.util.Set;
import org.apache.accumulo.core.client.AccumuloException;
import org.apache.accumulo.core.client.AccumuloSecurityException;
+import org.apache.accumulo.core.security.tokens.PasswordToken;
import org.apache.accumulo.core.util.shell.Shell;
import org.apache.accumulo.core.util.shell.Shell.Command;
import org.apache.accumulo.core.util.shell.Token;
@@ -37,7 +38,7 @@ public class AuthenticateCommand extends
return 0;
} // user canceled
final byte[] password = p.getBytes();
- final boolean valid = shellState.getConnector().securityOperations().authenticateUser(user, password);
+ final boolean valid = shellState.getConnector().securityOperations().authenticateUser(user, new PasswordToken(password));
shellState.getReader().printString((valid ? "V" : "Not v") + "alid\n");
return 0;
}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/CreateUserCommand.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/CreateUserCommand.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/CreateUserCommand.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/CreateUserCommand.java Sun Feb 24 15:18:46 2013
@@ -22,18 +22,18 @@ import org.apache.accumulo.core.client.A
import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.client.TableExistsException;
import org.apache.accumulo.core.client.TableNotFoundException;
-import org.apache.accumulo.core.security.Authorizations;
+import org.apache.accumulo.core.security.tokens.PasswordToken;
import org.apache.accumulo.core.util.shell.Shell;
import org.apache.accumulo.core.util.shell.Shell.Command;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Options;
-public class CreateUserCommand extends Command {
+public class CreateUserCommand extends Command {
@Override
- public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, TableNotFoundException, AccumuloSecurityException,
- TableExistsException, IOException {
+ public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, TableNotFoundException,
+ AccumuloSecurityException, TableExistsException, IOException {
final String user = cl.getArgs()[0];
-
+
final String password = shellState.readMaskedLine("Enter new password for '" + user + "': ", '*');
if (password == null) {
shellState.getReader().printNewline();
@@ -48,7 +48,7 @@ public class CreateUserCommand extends C
if (!password.equals(passwordConfirm)) {
throw new IllegalArgumentException("Passwords do not match");
}
- shellState.getConnector().securityOperations().createUser(user, password.getBytes(), new Authorizations());
+ shellState.getConnector().securityOperations().createLocalUser(user, new PasswordToken(password));
Shell.log.debug("Created user " + user);
return 0;
}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/DropUserCommand.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/DropUserCommand.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/DropUserCommand.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/DropUserCommand.java Sun Feb 24 15:18:46 2013
@@ -34,7 +34,7 @@ public class DropUserCommand extends Com
if (shellState.getConnector().whoami().equals(user)) {
throw new BadArgumentException("You cannot delete yourself", fullCommand, fullCommand.indexOf(user));
}
- shellState.getConnector().securityOperations().dropUser(user);
+ shellState.getConnector().securityOperations().dropLocalUser(user);
Shell.log.debug("Deleted user " + user);
return 0;
}
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/PasswdCommand.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/PasswdCommand.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/PasswdCommand.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/PasswdCommand.java Sun Feb 24 15:18:46 2013
@@ -47,7 +47,7 @@ public class PasswdCommand extends Comma
return 0;
} // user canceled
- if (!shellState.getConnector().securityOperations().authenticateUser(currentUser, oldPassword.getBytes()))
+ if (!shellState.getConnector().securityOperations().authenticateUser(currentUser, new PasswordToken(oldPassword)))
throw new AccumuloSecurityException(user, SecurityErrorCode.BAD_CREDENTIALS);
password = shellState.readMaskedLine("Enter new password for '" + user + "': ", '*');
@@ -65,7 +65,7 @@ public class PasswdCommand extends Comma
throw new IllegalArgumentException("Passwords do not match");
}
byte[] pass = password.getBytes();
- shellState.getConnector().securityOperations().changeUserPassword(user, pass);
+ shellState.getConnector().securityOperations().changeLocalUserPassword(user, new PasswordToken(pass));
// update the current credentials if the password changed was for
// the current user
if (shellState.getConnector().whoami().equals(user)) {
Modified: accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/UsersCommand.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/UsersCommand.java?rev=1449493&r1=1449492&r2=1449493&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/UsersCommand.java (original)
+++ accumulo/branches/ACCUMULO-259-polishing/core/src/main/java/org/apache/accumulo/core/util/shell/commands/UsersCommand.java Sun Feb 24 15:18:46 2013
@@ -27,7 +27,7 @@ import org.apache.commons.cli.CommandLin
public class UsersCommand extends Command {
@Override
public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException, IOException {
- for (String user : shellState.getConnector().securityOperations().listUsers()) {
+ for (String user : shellState.getConnector().securityOperations().listLocalUsers()) {
shellState.getReader().printString(user + "\n");
}
return 0;