You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sp...@apache.org on 2018/12/04 22:03:55 UTC
[11/11] sentry git commit: SENTRY-2458: Separate Web UI and service
from service-server to prevent circular dependencies (Brian Towels,
reviewed by Na Li, Stephen Moist, kalyan kumar kalvagadda)
SENTRY-2458: Separate Web UI and service from service-server to prevent circular dependencies (Brian Towels, reviewed by Na Li, Stephen Moist, kalyan kumar kalvagadda)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/ea7a33b7
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/ea7a33b7
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/ea7a33b7
Branch: refs/heads/master
Commit: ea7a33b77cb5ea6a26477289f594358c780a6e4b
Parents: aeeb8ab
Author: Sergio Pena <se...@cloudera.com>
Authored: Tue Dec 4 16:03:05 2018 -0600
Committer: Sergio Pena <se...@cloudera.com>
Committed: Tue Dec 4 16:03:05 2018 -0600
----------------------------------------------------------------------
pom.xml | 3 +
sentry-dist/pom.xml | 45 +
sentry-dist/src/license/THIRD-PARTY.properties | 9 +-
sentry-dist/src/main/assembly/bin.xml | 1 +
sentry-provider/sentry-provider-db/pom.xml | 6 +
sentry-service/pom.xml | 2 +
sentry-service/sentry-service-providers/pom.xml | 58 +
.../provider/webservice/AttributeDesc.java | 33 +
.../server/provider/webservice/FilterDesc.java | 37 +
.../server/provider/webservice/ServletDesc.java | 34 +
.../provider/webservice/WebServiceProvider.java | 47 +
.../webservice/WebServiceProviderFactory.java | 30 +
.../provider/webservice/WebServiceSpi.java | 48 +
.../META-INF/services/org.apache.sentry.spi.Spi | 20 +
sentry-service/sentry-service-server/pom.xml | 38 +-
.../sentry/api/service/thrift/ConfServlet.java | 71 -
.../api/service/thrift/LogLevelServlet.java | 122 -
.../api/service/thrift/PubSubServlet.java | 128 -
.../sentry/api/service/thrift/RolesServlet.java | 64 +
.../api/service/thrift/SentryAdminServlet.java | 132 -
.../api/service/thrift/SentryAuthFilter.java | 89 -
.../thrift/SentryServiceWebServiceProvider.java | 89 +
.../api/service/thrift/SentryWebServer.java | 240 -
.../sentry/service/thrift/SentryService.java | 19 +-
...rovider.webservice.WebServiceProviderFactory | 20 +
.../src/main/webapp/css/bootstrap-theme.min.css | 10 -
.../src/main/webapp/css/bootstrap.min.css | 9 -
.../src/main/webapp/css/sentry.css | 52 -
.../src/main/webapp/sentry.png | Bin 3223 -> 0 bytes
.../TestSentryWebServerWithoutSecurity.java | 1 +
sentry-service/sentry-service-web/pom.xml | 118 +
.../apache/sentry/service/web/ConfServlet.java | 72 +
.../service/web/DefaultWebServicesProvider.java | 168 +
.../sentry/service/web/LogLevelServlet.java | 123 +
.../sentry/service/web/PubSubServlet.java | 129 +
.../sentry/service/web/SentryAuthFilter.java | 90 +
.../sentry/service/web/SentryWebServer.java | 180 +
...rovider.webservice.WebServiceProviderFactory | 20 +
.../src/main/webapp/index.html | 84 +
.../bootstrap/css/bootstrap-3.3.7.min.css | 19 +
.../bootstrap/css/bootstrap-theme-3.3.7.min.css | 19 +
.../fonts/glyphicons-halflings-regular.svg | 288 +
.../static/bootstrap/js/bootstrap-3.3.7.js | 2390 +++++
.../static/bootstrap/js/bootstrap-3.3.7.min.js | 20 +
.../src/main/webapp/static/bootstrap/js/npm.js | 32 +
.../src/main/webapp/static/css/sentry.css | 52 +
.../src/main/webapp/static/images/sentry.png | Bin 0 -> 3223 bytes
.../css/materialdesignicons.min.css | 21 +
.../fonts/materialdesignicons-webfont.svg | 9129 ++++++++++++++++++
49 files changed, 13508 insertions(+), 903 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 46ca38e..f28be5a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1192,6 +1192,9 @@ limitations under the License.
<exclude>**/THIRD-PARTY.properties</exclude>
<exclude>**/THIRD-PARTY.ftl</exclude>
<exclude>**/resources/licences/*</exclude>
+ <exclude>**/*.svg</exclude>
+ <exclude>**/*.woff</exclude>
+ <exclude>**/*.woff2</exclude>
<!-- Lombok Config File -->
<exclude>lombok.config</exclude>
</excludes>
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-dist/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-dist/pom.xml b/sentry-dist/pom.xml
index 62558d2..d6429bd 100644
--- a/sentry-dist/pom.xml
+++ b/sentry-dist/pom.xml
@@ -41,6 +41,12 @@ limitations under the License.
<dependency>
<groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-model-solr</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
@@ -57,6 +63,40 @@ limitations under the License.
<dependency>
<groupId>org.apache.sentry</groupId>
<artifactId>sentry-binding-solr</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-continuation</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-io</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-jmx</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-deploy</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-rewrite</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-security</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-servlets</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-xml</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
@@ -120,6 +160,11 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-web</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
<artifactId>sentry-policy-engine</artifactId>
<version>${project.version}</version>
</dependency>
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-dist/src/license/THIRD-PARTY.properties
----------------------------------------------------------------------
diff --git a/sentry-dist/src/license/THIRD-PARTY.properties b/sentry-dist/src/license/THIRD-PARTY.properties
index a1084db..aecd1b8 100644
--- a/sentry-dist/src/license/THIRD-PARTY.properties
+++ b/sentry-dist/src/license/THIRD-PARTY.properties
@@ -8,6 +8,7 @@
# - CDDL 1.0
# - CDDL 1.1
# - CDDL 2
+# - CDDL License
# - CDDL_1.0
# - Common Public License Version 1.0
# - Eclipse Public License - Version 1.0
@@ -23,22 +24,20 @@
# - The Apache License, Version 2.0
# - The Apache Software License, Version 1.1
# - The Apache Software License, Version 2.0
-# - The BSD 3-Clause License
+# - The Go license
# - http://ant-contrib.sourceforge.net/tasks/LICENSE.txt
#-------------------------------------------------------------------------------
# Please fill the missing licenses for dependencies :
#
#
-#Mon Jul 09 14:15:21 CDT 2018
+#Thu Nov 29 13:14:54 CST 2018
ant--ant--1.5=The Apache Software License, Version 2.0
-asm--asm--3.1=BSD
dom4j--dom4j--1.6.1=BSD
javax.servlet--jsp-api--2.0=CDDL 2
-javax.servlet--servlet-api--2.5=CDDL 1.0
+javax.servlet--servlet-api--2.4=
javax.servlet.jsp--jsp-api--2.1=CDDL 1.0
javax.transaction--transaction-api--1.1=CDDL 2
org.apache.zookeeper--zookeeper--3.4.5=The Apache Software License, Version 2.0
-org.apache.zookeeper--zookeeper--3.4.6=The Apache Software License, Version 2.0
org.codehaus.jettison--jettison--1.1=Apache 2.0
org.restlet.jee--org.restlet--2.3.0=
org.restlet.jee--org.restlet.ext.servlet--2.3.0=
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-dist/src/main/assembly/bin.xml
----------------------------------------------------------------------
diff --git a/sentry-dist/src/main/assembly/bin.xml b/sentry-dist/src/main/assembly/bin.xml
index 986530c..7c359fa 100644
--- a/sentry-dist/src/main/assembly/bin.xml
+++ b/sentry-dist/src/main/assembly/bin.xml
@@ -46,6 +46,7 @@
<exclude>org.apache.derby:derby</exclude>
<!-- SENTRY-2283 multiple versions of metrics cause failures on startup -->
<exclude>io.dropwizard.metrics:*</exclude>
+ <exclude>org.mortbay.jetty:*</exclude>
<!-- exclude the original jars, we'll add them in later with the shaded versions. -->
<exclude>org.apache.sentry:sentry-service-server</exclude>
<exclude>org.apache.sentry:sentry-hdfs-service</exclude>
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-provider/sentry-provider-db/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml
index df56947..4321639 100644
--- a/sentry-provider/sentry-provider-db/pom.xml
+++ b/sentry-provider/sentry-provider-db/pom.xml
@@ -173,6 +173,12 @@ limitations under the License.
<groupId>org.apache.hive</groupId>
<artifactId>hive-service</artifactId>
<version>${hive.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.mortbay.jetty</groupId>
+ <artifactId>jetty*</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.apache.hive.hcatalog</groupId>
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/pom.xml b/sentry-service/pom.xml
index e653189..b3b5477 100644
--- a/sentry-service/pom.xml
+++ b/sentry-service/pom.xml
@@ -33,6 +33,8 @@ limitations under the License.
<module>sentry-service-api</module>
<module>sentry-service-server</module>
<module>sentry-service-client</module>
+ <module>sentry-service-web</module>
+ <module>sentry-service-providers</module>
</modules>
</project>
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/pom.xml b/sentry-service/sentry-service-providers/pom.xml
new file mode 100644
index 0000000..2fca392
--- /dev/null
+++ b/sentry-service/sentry-service-providers/pom.xml
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ ~
+ -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <parent>
+ <artifactId>sentry-service</artifactId>
+ <groupId>org.apache.sentry</groupId>
+ <version>2.2.0-SNAPSHOT</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-providers</artifactId>
+ <name>Sentry Service Providers</name>
+
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-spi</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-servlet</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-common</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.projectlombok</groupId>
+ <artifactId>lombok</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/AttributeDesc.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/AttributeDesc.java b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/AttributeDesc.java
new file mode 100644
index 0000000..e2222c4
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/AttributeDesc.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.server.provider.webservice;
+
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+
+/**
+ * Bean for definition of Servlet Attributes to be defined by WebServiceProvider
+ */
+@Data
+@RequiredArgsConstructor(staticName = "of")
+public class AttributeDesc {
+ private final String name;
+ private final Object attribute;
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/FilterDesc.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/FilterDesc.java b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/FilterDesc.java
new file mode 100644
index 0000000..66d35c7
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/FilterDesc.java
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.server.provider.webservice;
+
+import java.util.EnumSet;
+import javax.servlet.DispatcherType;
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+import org.eclipse.jetty.servlet.FilterHolder;
+
+/**
+ * Bean for definition of Servlet Filters to be defined by WebServiceProvider
+ */
+@Data
+@RequiredArgsConstructor(staticName = "of")
+public class FilterDesc {
+ private final String pathSpec;
+ private final FilterHolder filterHolder;
+ private final EnumSet<DispatcherType> dispatcherTypes;
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/ServletDesc.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/ServletDesc.java b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/ServletDesc.java
new file mode 100644
index 0000000..ed9356b
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/ServletDesc.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.server.provider.webservice;
+
+import lombok.Data;
+import lombok.RequiredArgsConstructor;
+import org.eclipse.jetty.servlet.ServletHolder;
+
+/**
+ * Bean for definition of Servlets to be defined by WebServiceProvider
+ */
+@Data
+@RequiredArgsConstructor(staticName = "of")
+public class ServletDesc {
+ private final String pathSpec;
+ private final ServletHolder servletHolder;
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProvider.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProvider.java b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProvider.java
new file mode 100644
index 0000000..206876e
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProvider.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.server.provider.webservice;
+
+import java.util.Collections;
+import java.util.EventListener;
+import java.util.List;
+import org.apache.sentry.spi.Provider;
+
+/**
+ * Sentry Web Service Provider interface
+ */
+public interface WebServiceProvider extends Provider {
+
+ default List<EventListener> getListeners() {
+ return Collections.emptyList();
+ }
+
+ default List<ServletDesc> getServlets() {
+ return Collections.emptyList();
+ }
+
+ default List<AttributeDesc> getAttributes() {
+ return Collections.emptyList();
+ }
+
+ default List<FilterDesc> getFilters() {
+ return Collections.emptyList();
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProviderFactory.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProviderFactory.java b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProviderFactory.java
new file mode 100644
index 0000000..6101e5a
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProviderFactory.java
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.server.provider.webservice;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.spi.ProviderFactory;
+
+/**
+ * Sentry Web Service Provider Factory interface
+ */
+public interface WebServiceProviderFactory extends ProviderFactory<WebServiceProvider> {
+ void init(Configuration config);
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceSpi.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceSpi.java b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceSpi.java
new file mode 100644
index 0000000..8b4e7f9
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceSpi.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.server.provider.webservice;
+
+
+import org.apache.sentry.spi.Provider;
+import org.apache.sentry.spi.ProviderFactory;
+import org.apache.sentry.spi.Spi;
+
+/**
+ * Service Provider definition for Sentry Web Services
+ */
+public class WebServiceSpi implements Spi {
+
+ public static final String ID = "sentry-web-service";
+
+ @Override
+ public String getName() {
+ return ID;
+ }
+
+ @Override
+ public Class<? extends Provider> getProviderClass() {
+ return WebServiceProvider.class;
+ }
+
+ @Override
+ public Class<? extends ProviderFactory> getProviderFactoryClass() {
+ return WebServiceProviderFactory.class;
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-providers/src/main/resources/META-INF/services/org.apache.sentry.spi.Spi
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-providers/src/main/resources/META-INF/services/org.apache.sentry.spi.Spi b/sentry-service/sentry-service-providers/src/main/resources/META-INF/services/org.apache.sentry.spi.Spi
new file mode 100644
index 0000000..bea3802
--- /dev/null
+++ b/sentry-service/sentry-service-providers/src/main/resources/META-INF/services/org.apache.sentry.spi.Spi
@@ -0,0 +1,20 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+
+org.apache.sentry.server.provider.webservice.WebServiceSpi
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/pom.xml b/sentry-service/sentry-service-server/pom.xml
index 44540ad..7f034f3 100644
--- a/sentry-service/sentry-service-server/pom.xml
+++ b/sentry-service/sentry-service-server/pom.xml
@@ -76,6 +76,11 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-web</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-common</artifactId>
<version>${project.version}</version>
</dependency>
@@ -222,39 +227,12 @@ limitations under the License.
<include>package.jdo</include>
</includes>
</resource>
- <resource>
- <directory>${basedir}/src/main</directory>
- <includes>
- <include>webapp/*</include>
- <include>webapp/css/*</include>
- </includes>
- </resource>
+ <resource>
+ <directory>${basedir}/src/main/resources</directory>
+ </resource>
</resources>
<plugins>
<plugin>
- <groupId>com.google.code.maven-replacer-plugin</groupId>
- <artifactId>replacer</artifactId>
- <version>1.5.2</version>
- <executions>
- <execution>
- <id>replaceTokens</id>
- <phase>clean</phase>
- <goals>
- <goal>replace</goal>
- </goals>
- </execution>
- </executions>
- <configuration>
- <file>${basedir}/src/main/webapp/SentryService.html</file>
- <replacements>
- <replacement>
- <token>%PROJECT_VERSION%</token>
- <value>${project.version}</value>
- </replacement>
- </replacements>
- </configuration>
- </plugin>
- <plugin>
<groupId>org.datanucleus</groupId>
<artifactId>datanucleus-maven-plugin</artifactId>
<configuration>
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/ConfServlet.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/ConfServlet.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/ConfServlet.java
deleted file mode 100644
index 8625487..0000000
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/ConfServlet.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package org.apache.sentry.api.service.thrift;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import java.io.IOException;
-import java.io.Writer;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.hadoop.conf.Configuration;
-
-import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
-
-/**
- * Servlet to print out all sentry configuration.
- */
-public class ConfServlet extends HttpServlet {
- public static final String CONF_CONTEXT_ATTRIBUTE = "sentry.conf";
- public static final String FORMAT_JSON = "json";
- public static final String FORMAT_XML = "xml";
- public static final String FORMAT_PARAM = "format";
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String format = request.getParameter(FORMAT_PARAM);
- if (format == null) {
- format = FORMAT_XML;
- }
-
- if (FORMAT_XML.equals(format)) {
- response.setContentType("text/xml; charset=utf-8");
- } else if (FORMAT_JSON.equals(format)) {
- response.setContentType("application/json; charset=utf-8");
- }
-
- Configuration conf = (Configuration)getServletContext().getAttribute(
- CONF_CONTEXT_ATTRIBUTE);
- assert conf != null;
-
- Writer out = response.getWriter();
- if (FORMAT_JSON.equals(format)) {
- Configuration.dumpConfiguration(conf, out);
- } else if (FORMAT_XML.equals(format)) {
- conf.writeXml(out);
- } else {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad format: " + escapeHtml(format));
- }
- out.close();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/LogLevelServlet.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/LogLevelServlet.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/LogLevelServlet.java
deleted file mode 100644
index af81d6f..0000000
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/LogLevelServlet.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.api.service.thrift;
-
-import org.apache.log4j.Level;
-import org.apache.log4j.LogManager;
-import org.apache.log4j.Logger;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
-
-public class LogLevelServlet extends HttpServlet {
- private static final String LF = "\n";
- private static final String BR = "<br />";
- private static final String B_BR = "<b>%s</b><br />";
- private static final String FORMS_HEAD =
- "<h1>" + "Log Level" + "</h1>"
- + LF + BR + "<hr /><h3>Results</h3>"
- + LF + " Submitted Log Name: " + B_BR;
- private static final String FORMS_CONTENT_GET =
- LF + " Effective level: " + B_BR;
- private static final String FORMS_CONTENT_SET =
- LF + " Submitted Level: " + B_BR
- + LF + " Setting Level to %s" + BR
- + LF + " Effective level: " + B_BR;
- private static final String FORMS_END =
- LF + BR + "<hr /><h3>Get / Set</h3>"
- + LF + "<form>Log: <input type='text' size='50' name='log' /> "
- + "<input type='submit' value='Get Log Level' />" + "</form>"
- + LF + "<form>Log: <input type='text' size='50' name='log' /> "
- + "Level: <input type='text' name='level' /> "
- + "<input type='submit' value='Set Log Level' />" + "</form>";
- private static final String FORMS_GET = FORMS_HEAD + FORMS_CONTENT_GET;
- private static final String FORMS_SET = FORMS_HEAD + FORMS_CONTENT_SET;
-
- /**
- * Return parameter on servlet request for the given name
- *
- * @param request: Servlet request
- * @param name: Name of parameter in servlet request
- * @return Parameter in servlet request for the given name, return null if can't find parameter.
- */
- private String getParameter(ServletRequest request, String name) {
- String s = request.getParameter(name);
- if (s == null) {
- return null;
- }
- s = s.trim();
- return s.length() == 0 ? null : s;
- }
-
- /**
- * Check the validity of the log level.
- * @param level: The log level to be checked
- * @return
- * true: The log level is valid
- * false: The log level is invalid
- */
- private boolean isLogLevelValid(String level) {
- return level.equals(Level.toLevel(level).toString());
- }
-
- /**
- * Parse the class name and log level in the http servlet request.
- * If the request contains only class name, return the log level in the response message.
- * If the request contains both class name and level, set the log level to the requested level
- * and return the setting result in the response message.
- */
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String logName = getParameter(request, "log");
- String level = getParameter(request, "level");
- response.setContentType("text/html;charset=utf-8");
- response.setStatus(HttpServletResponse.SC_OK);
- PrintWriter out = response.getWriter();
-
- if (logName != null) {
- Logger logInstance = LogManager.getLogger(logName);
- if (level == null) {
- out.write(String.format(FORMS_GET,
- escapeHtml(logName),
- logInstance.getEffectiveLevel().toString()));
- } else if (isLogLevelValid(level)) {
- logInstance.setLevel(Level.toLevel(level));
- out.write(String.format(FORMS_SET,
- escapeHtml(logName),
- escapeHtml(level),
- escapeHtml(level),
- logInstance.getEffectiveLevel().toString()));
- } else {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Invalid log level: " + escapeHtml(level));
- return;
- }
- }
- out.write(FORMS_END);
- out.close();
- response.flushBuffer();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/PubSubServlet.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/PubSubServlet.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/PubSubServlet.java
deleted file mode 100644
index 8da35f1..0000000
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/PubSubServlet.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.api.service.thrift;
-
-import org.apache.sentry.core.common.utils.PubSub;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
-
-/**
- * This servlet facilitates sending {topic, message } tuples to Servlet components
- * subscribed to specific topics.
- * <p>
- * It uses publish-subscribe mechanism implemented by PubSub class.
- * The form generated by this servlet consists of the following elements:
- * <p>
- * a) Topic: pull-down menu of existing topics, i.e. the topics registered with
- * PubSub by calling PubSub.subscribe() API. This prevents entering invalid topic.
- * <p>
- * b) Message: text field for entering a message
- * <p>
- * c) Submit: button to submit (topic, message) tuple
- * <p>
- * d) Status: text area printing status of the request or help information.
- */
-public class PubSubServlet extends HttpServlet {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(PubSubServlet.class);
-
- private static final String FORM_GET =
- "<!DOCTYPE html>" +
- "<html>" +
- "<body>" +
- "<form>" +
- "<br><br><b>Topic:</b><br><br>" +
- "<select name='topic'/>%s</select>" +
- "<br><br><b>Message:</b><br><br>" +
- "<input type='text' size='50' name='message'/>" +
- "<br><br>" +
- "<input type='submit' value='Submit'/>" +
- "</form>" +
- "<br><br><b>Status:</b><br><br>" +
- "<textarea rows='4' cols='50'>%s</textarea>" +
- "</body>" +
- "</html>";
-
- /**
- * Return parameter on servlet request for the given name
- *
- * @param request: Servlet request
- * @param name: Name of parameter in servlet request
- * @return Parameter in servlet request for the given name, return null if can't find parameter.
- */
- private static String getParameter(ServletRequest request, String name) {
- String s = request.getParameter(name);
- if (s == null) {
- return null;
- }
- s = s.trim();
- return s.isEmpty() ? null : s;
- }
-
- /**
- * Parse the topic and message values and submit them via PubSub.submit() API.
- * Reject request for unknown topic, i.e. topic no one is subscribed to.
- */
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String topic = getParameter(request, "topic");
- String message = getParameter(request, "message");
- response.setContentType("text/html;charset=utf-8");
- response.setStatus(HttpServletResponse.SC_OK);
- PrintWriter out = response.getWriter();
-
- String msg = "Topic is required, Message is optional.\nValid topics: " + PubSub.getInstance().getTopics();
- if (topic != null) {
- LOGGER.info("Submitting topic " + topic + ", message " + message);
- try {
- PubSub.getInstance().publish(PubSub.Topic.fromString(topic), message);
- msg = "Submitted topic " + topic + ", message " + message;
- } catch (Exception e) {
- msg = "Failed to submit topic " + topic + ", message " + message + " - " + e.getMessage();
- LOGGER.error(msg);
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, msg);
- return;
- }
- }
-
- StringBuilder topics = new StringBuilder();
- for (PubSub.Topic t : PubSub.getInstance().getTopics()) {
- topics.append("<option>").append(t.getName()).append("</option>");
- }
-
- String output = String.format(FORM_GET, topics.toString(), escapeHtml(msg));
- if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("HTML Page: " + output);
- }
- out.write(output);
- out.close();
- response.flushBuffer();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/RolesServlet.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/RolesServlet.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/RolesServlet.java
new file mode 100644
index 0000000..9ed2bf3
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/RolesServlet.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import com.google.gson.Gson;
+import java.io.IOException;
+import java.io.Writer;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.provider.db.service.persistent.SentryStore;
+import org.apache.sentry.service.web.ConfServlet;
+
+/**
+ * Servlet for the presentation of the list of roles in the Sentry system.
+ */
+public class RolesServlet extends HttpServlet {
+
+ public void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ Configuration conf = (Configuration)getServletContext().getAttribute(
+ ConfServlet.CONF_CONTEXT_ATTRIBUTE);
+ assert conf != null;
+
+ Writer out = response.getWriter();
+ try {
+ SentryStore sentrystore = new SentryStore(conf);
+ Map<String, Set<TSentryPrivilege>> roleMap = new HashMap<>();
+ Set<String> roleSet = sentrystore.getAllRoleNames();
+ for (String roleName: roleSet) {
+ roleMap.put(roleName, sentrystore.getAllTSentryPrivilegesByRoleName(roleName));
+ }
+ String json = new Gson().toJson(roleMap);
+ response.setContentType("application/json");
+ response.setCharacterEncoding("UTF-8");
+ out.write(json);
+ } catch (Exception e) {
+ response.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage());
+ }
+ out.close();
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAdminServlet.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAdminServlet.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAdminServlet.java
deleted file mode 100644
index 5dc6cd6..0000000
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAdminServlet.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.api.service.thrift;
-
-import com.google.gson.Gson;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.Writer;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * Admin Servlet is only used when SENTRY_WEB_ADMIN_SERVLET_ENABLED is true.
- */
-public class SentryAdminServlet extends HttpServlet {
- private static final String SHOW_ALL = "/showAll";
- // Here we use the same way as in com.codahale.metrics.servlets.AdminServlet, and just
- // use the TEMPLATE as a static html with some links referenced to other debug pages.
- private static final String TEMPLATE = "<!DOCTYPE HTML>\n"+
- "<html lang=\"en\">\n"+
- "<head>\n"+
- " <meta charset=\"utf-8\">\n"+
- " <title>Sentry Service Admin</title>\n"+
- " <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n"+
- " <meta name=\"description\" content=\"\">\n"+
- " <link href=\"css/bootstrap.min.css\" rel=\"stylesheet\">\n"+
- " <link href=\"css/bootstrap-theme.min.css\" rel=\"stylesheet\">\n"+
- " <link href=\"css/sentry.css\" rel=\"stylesheet\">\n"+
- "</head>\n"+
- "<body>\n"+
- "<nav class=\"navbar navbar-default navbar-fixed-top\">\n"+
- " <div class=\"container\">\n"+
- " <div class=\"navbar-header\">\n"+
- " <a class=\"navbar-brand\" href=\"#\"><img src=\"sentry.png\" alt=\"Sentry Logo\"/></a>\n"+
- " </div>\n"+
- " <div class=\"collapse navbar-collapse\">\n"+
- " <ul class=\"nav navbar-nav\">\n"+
- " <li class=\"active\"><a href=\"#\">Admin</a></li>\n"+
- " <li><a href=\"/metrics?pretty=true\">Metrics</a></li>\n"+
- " <li><a href=\"/threads\">Threads</a></li>\n"+
- " <li><a href=\"/conf\">Configuration</a></li>\n"+
- " <li><a href=\"/admin/showAll\">ShowAllRoles</a></li>\n"+
- " </ul>\n"+
- " </div>\n"+
- " </div>\n"+
- "</nav>\n"+
- "<div class=\"container\">\n"+
- " <ul>\n"+
- " <li><a href=\"/metrics?pretty=true\">Metrics</a></li>\n"+
- " <li><a href=\"/threads\">Threads</a></li>\n"+
- " <li><a href=\"/conf\">Configuration</a></li>\n"+
- " <li><a href=\"/admin/showAll\">ShowAllRoles</a></li>\n"+
- " </ul>\n"+
- "</div>\n"+
- "</body>\n"+
- "</html>";
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String uri = request.getPathInfo();
- if(uri != null && !uri.equals("/")) {
- if (uri.equals(SHOW_ALL)) {
- showAll(response);
- } else {
- response.sendError(404);
- }
- } else {
- response.setStatus(200);
- response.setHeader("Cache-Control", "must-revalidate,no-cache,no-store");
- response.setHeader("Pragma", "no-cache");
- response.setDateHeader("Expires", 0);
- response.setContentType("text/html");
- PrintWriter writer = response.getWriter();
- try {
- writer.println(TEMPLATE);
- } finally {
- writer.close();
- }
- }
- }
-
- /**
- * Print out all the roles and privileges information as json format.
- */
- private void showAll(HttpServletResponse response)
- throws ServletException, IOException {
- Configuration conf = (Configuration)getServletContext().getAttribute(
- ConfServlet.CONF_CONTEXT_ATTRIBUTE);
- assert conf != null;
-
- Writer out = response.getWriter();
- try {
- SentryStore sentrystore = new SentryStore(conf);
- Map<String, Set<TSentryPrivilege>> roleMap = new HashMap<>();
- Set<String> roleSet = sentrystore.getAllRoleNames();
- for (String roleName: roleSet) {
- roleMap.put(roleName, sentrystore.getAllTSentryPrivilegesByRoleName(roleName));
- }
- String json = new Gson().toJson(roleMap);
- response.setContentType("application/json");
- response.setCharacterEncoding("UTF-8");
- out.write(json);
- } catch (Exception e) {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage());
- }
- out.close();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAuthFilter.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAuthFilter.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAuthFilter.java
deleted file mode 100644
index 23121ec..0000000
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryAuthFilter.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.api.service.thrift;
-
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.Properties;
-import java.util.Set;
-
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
-import org.apache.hadoop.util.StringUtils;
-import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Sets;
-
-/**
- * SentryAuthFilter is a subclass of AuthenticationFilter,
- * add authorization: Only allowed users could connect the web server.
- */
-public class SentryAuthFilter extends AuthenticationFilter {
-
- private static final Logger LOG = LoggerFactory.getLogger(SentryAuthFilter.class);
-
- public static final String ALLOW_WEB_CONNECT_USERS = ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS;
-
- private Set<String> allowUsers;
-
- @Override
- protected void doFilter(FilterChain filterChain, HttpServletRequest request,
- HttpServletResponse response) throws IOException, ServletException {
- String userName = request.getRemoteUser();
- LOG.debug("Authenticating user: " + userName + " from request.");
- if (!allowUsers.contains(userName)) {
- response.sendError(HttpServletResponse.SC_FORBIDDEN,
- "Unauthorized user status code: " + HttpServletResponse.SC_FORBIDDEN);
- throw new ServletException(userName + " is unauthorized. status code: " + HttpServletResponse.SC_FORBIDDEN);
- }
- super.doFilter(filterChain, request, response);
- }
-
- /**
- * Override <code>getConfiguration<code> to get <code>ALLOW_WEB_CONNECT_USERS<code>.
- */
- @Override
- protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) throws ServletException {
- Properties props = new Properties();
- Enumeration<?> names = filterConfig.getInitParameterNames();
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
- if (name.startsWith(configPrefix)) {
- String value = filterConfig.getInitParameter(name);
- if (ALLOW_WEB_CONNECT_USERS.equals(name)) {
- allowUsers = parseConnectUsersFromConf(value);
- } else {
- props.put(name.substring(configPrefix.length()), value);
- }
- }
- }
- return props;
- }
-
- private static Set<String> parseConnectUsersFromConf(String value) {
- //Removed the logic to convert the allowed users to lower case, as user names need to be case sensitive
- return Sets.newHashSet(StringUtils.getStrings(value));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryServiceWebServiceProvider.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryServiceWebServiceProvider.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryServiceWebServiceProvider.java
new file mode 100644
index 0000000..a6c140d
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryServiceWebServiceProvider.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.sentry.api.service.thrift;
+
+import com.codahale.metrics.servlets.HealthCheckServlet;
+import com.codahale.metrics.servlets.MetricsServlet;
+import com.codahale.metrics.servlets.PingServlet;
+import com.codahale.metrics.servlets.ThreadDumpServlet;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.EventListener;
+import java.util.List;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.server.provider.webservice.WebServiceProvider;
+import org.apache.sentry.server.provider.webservice.WebServiceProviderFactory;
+import org.apache.sentry.server.provider.webservice.ServletDesc;
+import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
+import org.eclipse.jetty.servlet.ServletHolder;
+
+/**
+ * WebServiceProvider instance to add base Service functions to the web interface
+ */
+public class SentryServiceWebServiceProvider implements WebServiceProvider,
+ WebServiceProviderFactory {
+
+ public static final String ID = "sentry-admin";
+
+ private Configuration config;
+
+ @Override
+ public List<EventListener> getListeners() {
+ return Arrays.asList(
+ new SentryHealthCheckServletContextListener(),
+ new SentryMetricsServletContextListener());
+ }
+
+ @Override
+ public List<ServletDesc> getServlets() {
+ List<ServletDesc> servlets = new ArrayList<>();
+ servlets.add(ServletDesc.of("/metrics", new ServletHolder(MetricsServlet.class)));
+ servlets.add(ServletDesc.of("/threads", new ServletHolder(ThreadDumpServlet.class)));
+ servlets.add(ServletDesc.of("/healthcheck", new ServletHolder(HealthCheckServlet.class)));
+ servlets.add(ServletDesc.of("/ping", new ServletHolder(PingServlet.class)));
+
+ if (config.getBoolean(ServerConfig.SENTRY_WEB_ADMIN_SERVLET_ENABLED,
+ ServerConfig.SENTRY_WEB_ADMIN_SERVLET_ENABLED_DEFAULT)) {
+ servlets.add(ServletDesc.of("/admin/showAll", new ServletHolder(RolesServlet.class)));
+ servlets.add(ServletDesc.of("/admin/roles", new ServletHolder(RolesServlet.class)));
+ }
+ return servlets;
+ }
+
+ @Override
+ public void init(Configuration config) {
+ this.config = config;
+ }
+
+ @Override
+ public WebServiceProvider create() {
+ return this;
+ }
+
+ @Override
+ public String getId() {
+ return ID;
+ }
+
+ @Override
+ public void close() {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryWebServer.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryWebServer.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryWebServer.java
deleted file mode 100644
index befe6c3..0000000
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryWebServer.java
+++ /dev/null
@@ -1,240 +0,0 @@
-package org.apache.sentry.api.service.thrift;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import com.codahale.metrics.servlets.AdminServlet;
-import com.google.common.base.Preconditions;
-
-import java.io.IOException;
-import java.net.URL;
-import java.util.EnumSet;
-import java.util.EventListener;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import com.google.common.base.Splitter;
-import com.google.common.base.Strings;
-import com.google.common.collect.Sets;
-import javax.servlet.DispatcherType;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
-import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
-import org.eclipse.jetty.security.ConstraintMapping;
-import org.eclipse.jetty.security.ConstraintSecurityHandler;
-import org.eclipse.jetty.server.Connector;
-import org.eclipse.jetty.server.Handler;
-import org.eclipse.jetty.server.HttpConfiguration;
-import org.eclipse.jetty.server.HttpConnectionFactory;
-import org.eclipse.jetty.server.SecureRequestCustomizer;
-import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.SslConnectionFactory;
-import org.eclipse.jetty.server.handler.ContextHandler;
-import org.eclipse.jetty.server.handler.ContextHandlerCollection;
-import org.eclipse.jetty.server.handler.ResourceHandler;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.servlet.FilterHolder;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.resource.Resource;
-import org.eclipse.jetty.util.security.Constraint;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class SentryWebServer {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryWebServer.class);
- private static final String RESOURCE_DIR = "/webapp";
- private static final String WELCOME_PAGE = "SentryService.html";
-
- private Server server;
-
- public SentryWebServer(List<EventListener> listeners, int port, Configuration conf) {
- server = new Server();
-
- // Create a channel connector for "http/https" requests
- ServerConnector connector;
- if (conf.getBoolean(ServerConfig.SENTRY_WEB_USE_SSL, false)) {
- SslContextFactory sslContextFactory = new SslContextFactory();
- sslContextFactory.setKeyStorePath(conf.get(ServerConfig.SENTRY_WEB_SSL_KEYSTORE_PATH, ""));
- sslContextFactory.setKeyStorePassword(
- conf.get(ServerConfig.SENTRY_WEB_SSL_KEYSTORE_PASSWORD, ""));
- // Exclude SSL blacklist protocols
- sslContextFactory.setExcludeProtocols(ServerConfig.SENTRY_SSL_PROTOCOL_BLACKLIST_DEFAULT);
- Set<String> moreExcludedSSLProtocols =
- Sets.newHashSet(Splitter.on(",").trimResults().omitEmptyStrings()
- .split(Strings.nullToEmpty(conf.get(ServerConfig.SENTRY_SSL_PROTOCOL_BLACKLIST))));
- sslContextFactory.addExcludeProtocols(moreExcludedSSLProtocols.toArray(
- new String[moreExcludedSSLProtocols.size()]));
-
- HttpConfiguration httpConfiguration = new HttpConfiguration();
- httpConfiguration.setSecurePort(port);
- httpConfiguration.setSecureScheme("https");
- httpConfiguration.addCustomizer(new SecureRequestCustomizer());
-
- connector = new ServerConnector(
- server,
- new SslConnectionFactory(sslContextFactory, "http/1.1"),
- new HttpConnectionFactory(httpConfiguration));
-
- LOGGER.info("Now using SSL mode.");
- } else {
- connector = new ServerConnector(server, new HttpConnectionFactory());
- }
-
- connector.setPort(port);
- server.setConnectors(new Connector[] { connector });
-
- ServletContextHandler servletContextHandler = new ServletContextHandler();
- ServletHolder servletHolder = new ServletHolder(AdminServlet.class);
- servletContextHandler.addServlet(servletHolder, "/*");
-
- for(EventListener listener:listeners) {
- servletContextHandler.addEventListener(listener);
- }
-
- servletContextHandler.addServlet(new ServletHolder(ConfServlet.class), "/conf");
-
- if (conf.getBoolean(ServerConfig.SENTRY_WEB_ADMIN_SERVLET_ENABLED,
- ServerConfig.SENTRY_WEB_ADMIN_SERVLET_ENABLED_DEFAULT)) {
- servletContextHandler.addServlet(
- new ServletHolder(SentryAdminServlet.class), "/admin/*");
- }
- servletContextHandler.getServletContext()
- .setAttribute(ConfServlet.CONF_CONTEXT_ATTRIBUTE, conf);
-
- servletContextHandler.addServlet(new ServletHolder(LogLevelServlet.class), "/admin/logLevel");
-
- if (conf.getBoolean(ServerConfig.SENTRY_WEB_PUBSUB_SERVLET_ENABLED,
- ServerConfig.SENTRY_WEB_PUBSUB_SERVLET_ENABLED_DEFAULT)) {
- servletContextHandler.addServlet(new ServletHolder(PubSubServlet.class), "/admin/publishMessage");
- }
-
- ResourceHandler resourceHandler = new ResourceHandler();
- resourceHandler.setDirectoriesListed(true);
- URL url = this.getClass().getResource(RESOURCE_DIR);
- try {
- resourceHandler.setBaseResource(Resource.newResource(url.toString()));
- } catch (IOException e) {
- LOGGER.error("Got exception while setBaseResource for Sentry Service web UI", e);
- }
- resourceHandler.setWelcomeFiles(new String[]{WELCOME_PAGE});
- ContextHandler contextHandler= new ContextHandler();
- contextHandler.setHandler(resourceHandler);
-
- ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection();
- contextHandlerCollection.setHandlers(new Handler[]{contextHandler, servletContextHandler});
-
- String authMethod = conf.get(ServerConfig.SENTRY_WEB_SECURITY_TYPE);
- if (!ServerConfig.SENTRY_WEB_SECURITY_TYPE_NONE.equalsIgnoreCase(authMethod)) {
- /**
- * SentryAuthFilter is a subclass of AuthenticationFilter and
- * AuthenticationFilter tagged as private and unstable interface:
- * While there are not guarantees that this interface will not change,
- * it is fairly stable and used by other projects (ie - Oozie)
- */
- FilterHolder filterHolder = servletContextHandler.addFilter(SentryAuthFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
- filterHolder.setInitParameters(loadWebAuthenticationConf(conf));
- }
-
- server.setHandler(disableTraceMethod(contextHandlerCollection));
- }
-
- /**
- * Disables the HTTP TRACE method request which leads to Cross-Site Tracking (XST) problems.
- *
- * To disable it, we need to wrap the Handler (which has the HTTP TRACE enabled) with
- * a constraint that denies access to the HTTP TRACE method.
- *
- * @param handler The Handler which has the HTTP TRACE enabled.
- * @return A new Handler wrapped with the HTTP TRACE constraint and the Handler passed as parameter.
- */
- private Handler disableTraceMethod(Handler handler) {
- Constraint disableTraceConstraint = new Constraint();
- disableTraceConstraint.setName("Disable TRACE");
- disableTraceConstraint.setAuthenticate(true);
-
- ConstraintMapping mapping = new ConstraintMapping();
- mapping.setConstraint(disableTraceConstraint);
- mapping.setMethod("TRACE");
- mapping.setPathSpec("/");
-
- ConstraintSecurityHandler constraintSecurityHandler = new ConstraintSecurityHandler();
- constraintSecurityHandler.addConstraintMapping(mapping);
- constraintSecurityHandler.setHandler(handler);
-
- return constraintSecurityHandler;
- }
-
- public void start() throws Exception{
- server.start();
- }
- public void stop() throws Exception{
- server.stop();
- }
- public boolean isAlive() {
- return server != null && server.isStarted();
- }
- private static Map<String, String> loadWebAuthenticationConf(Configuration conf) {
- Map<String,String> prop = new HashMap<String, String>();
- prop.put(AuthenticationFilter.CONFIG_PREFIX, ServerConfig.SENTRY_WEB_SECURITY_PREFIX);
- String allowUsers = conf.get(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS);
- if (allowUsers == null || allowUsers.equals("")) {
- allowUsers = conf.get(ServerConfig.ALLOW_CONNECT);
- conf.set(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS, allowUsers);
- }
- validateConf(conf);
- for (Map.Entry<String, String> entry : conf) {
- String name = entry.getKey();
- if (name.startsWith(ServerConfig.SENTRY_WEB_SECURITY_PREFIX)) {
- String value = conf.get(name);
- prop.put(name, value);
- }
- }
- return prop;
- }
-
- private static void validateConf(Configuration conf) {
- String authHandlerName = conf.get(ServerConfig.SENTRY_WEB_SECURITY_TYPE);
- Preconditions.checkNotNull(authHandlerName, "Web authHandler should not be null.");
- String allowUsers = conf.get(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS);
- Preconditions.checkNotNull(allowUsers, "Allow connect user(s) should not be null.");
- if (ServerConfig.SENTRY_WEB_SECURITY_TYPE_KERBEROS.equalsIgnoreCase(authHandlerName)) {
- String principal = conf.get(ServerConfig.SENTRY_WEB_SECURITY_PRINCIPAL);
- Preconditions.checkNotNull(principal, "Kerberos principal should not be null.");
- Preconditions.checkArgument(principal.length() != 0, "Kerberos principal is not right.");
- String keytabFile = conf.get(ServerConfig.SENTRY_WEB_SECURITY_KEYTAB);
- Preconditions.checkNotNull(keytabFile, "Keytab File should not be null.");
- Preconditions.checkArgument(keytabFile.length() != 0, "Keytab File is not right.");
- try {
- UserGroupInformation.setConfiguration(conf);
- String hostPrincipal = SecurityUtil.getServerPrincipal(principal, ServerConfig.RPC_ADDRESS_DEFAULT);
- UserGroupInformation.loginUserFromKeytab(hostPrincipal, keytabFile);
- } catch (IOException ex) {
- throw new IllegalArgumentException("Can't use Kerberos authentication, principal ["
- + principal + "] keytab [" + keytabFile + "]", ex);
- }
- LOGGER.info("Using Kerberos authentication, principal [{}] keytab [{}]", principal, keytabFile);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryService.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryService.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryService.java
index b3a4934..1ebb62f 100644
--- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryService.java
+++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryService.java
@@ -25,9 +25,6 @@ import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.ServerSocket;
import java.security.PrivilegedExceptionAction;
-import java.util.ArrayList;
-import java.util.EventListener;
-import java.util.List;
import java.util.concurrent.*;
import javax.security.auth.Subject;
@@ -52,10 +49,8 @@ import org.apache.sentry.core.common.utils.SigUtils;
import org.apache.sentry.provider.db.service.persistent.HMSFollower;
import org.apache.sentry.provider.db.service.persistent.LeaderStatusMonitor;
import org.apache.sentry.provider.db.service.persistent.SentryStoreInterface;
-import org.apache.sentry.api.service.thrift.SentryHealthCheckServletContextListener;
import org.apache.sentry.api.service.thrift.SentryMetrics;
-import org.apache.sentry.api.service.thrift.SentryMetricsServletContextListener;
-import org.apache.sentry.api.service.thrift.SentryWebServer;
+import org.apache.sentry.service.web.SentryWebServer;
import org.apache.sentry.service.common.ServiceConstants;
import org.apache.sentry.service.common.ServiceConstants.ConfUtilties;
import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
@@ -106,7 +101,6 @@ public class SentryService implements Callable, SigUtils.SigListener {
private Future serviceStatus;
private TServer thriftServer;
private Status status;
- private final int webServerPort;
private SentryWebServer sentryWebServer;
private final long maxMessageSize;
/*
@@ -168,7 +162,6 @@ public class SentryService implements Callable, SigUtils.SigListener {
this.sentryStore = getSentryStore(conf);
sentryStore.setPersistUpdateDeltas(SentryServiceUtil.isHDFSSyncEnabled(conf));
this.leaderMonitor = LeaderStatusMonitor.getLeaderStatusMonitor(conf);
- webServerPort = conf.getInt(ServerConfig.SENTRY_WEB_PORT, ServerConfig.SENTRY_WEB_PORT_DEFAULT);
status = Status.NOT_STARTED;
@@ -445,13 +438,9 @@ public class SentryService implements Callable, SigUtils.SigListener {
}
private void startSentryWebServer() throws Exception{
- Boolean sentryReportingEnable = conf.getBoolean(ServerConfig.SENTRY_WEB_ENABLE,
- ServerConfig.SENTRY_WEB_ENABLE_DEFAULT);
- if(sentryReportingEnable) {
- List<EventListener> listenerList = new ArrayList<>();
- listenerList.add(new SentryHealthCheckServletContextListener());
- listenerList.add(new SentryMetricsServletContextListener());
- sentryWebServer = new SentryWebServer(listenerList, webServerPort, conf);
+ if(conf.getBoolean(ServerConfig.SENTRY_WEB_ENABLE,
+ ServerConfig.SENTRY_WEB_ENABLE_DEFAULT)) {
+ sentryWebServer = new SentryWebServer(conf);
sentryWebServer.start();
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/ea7a33b7/sentry-service/sentry-service-server/src/main/resources/META-INF/services/org.apache.sentry.server.provider.webservice.WebServiceProviderFactory
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-server/src/main/resources/META-INF/services/org.apache.sentry.server.provider.webservice.WebServiceProviderFactory b/sentry-service/sentry-service-server/src/main/resources/META-INF/services/org.apache.sentry.server.provider.webservice.WebServiceProviderFactory
new file mode 100644
index 0000000..2200a79
--- /dev/null
+++ b/sentry-service/sentry-service-server/src/main/resources/META-INF/services/org.apache.sentry.server.provider.webservice.WebServiceProviderFactory
@@ -0,0 +1,20 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+
+org.apache.sentry.api.service.thrift.SentryServiceWebServiceProvider
\ No newline at end of file