You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2013/11/01 01:55:47 UTC
[08/54] [partial] ACCUMULO-658,
ACCUMULO-656 Split server into separate modules
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java b/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
deleted file mode 100644
index 666d3e7..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
+++ /dev/null
@@ -1,646 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security;
-
-import java.nio.ByteBuffer;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.accumulo.core.Constants;
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.TableNotFoundException;
-import org.apache.accumulo.core.client.admin.SecurityOperationsImpl;
-import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
-import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
-import org.apache.accumulo.core.conf.Property;
-import org.apache.accumulo.core.data.thrift.IterInfo;
-import org.apache.accumulo.core.data.thrift.TColumn;
-import org.apache.accumulo.core.data.thrift.TKeyExtent;
-import org.apache.accumulo.core.data.thrift.TRange;
-import org.apache.accumulo.core.master.thrift.TableOperation;
-import org.apache.accumulo.core.metadata.MetadataTable;
-import org.apache.accumulo.core.metadata.RootTable;
-import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.Credentials;
-import org.apache.accumulo.core.security.SystemPermission;
-import org.apache.accumulo.core.security.TablePermission;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-import org.apache.accumulo.server.client.HdfsZooInstance;
-import org.apache.accumulo.server.conf.ServerConfiguration;
-import org.apache.accumulo.server.security.handler.Authenticator;
-import org.apache.accumulo.server.security.handler.Authorizor;
-import org.apache.accumulo.server.security.handler.PermissionHandler;
-import org.apache.accumulo.server.security.handler.ZKAuthenticator;
-import org.apache.accumulo.server.security.handler.ZKAuthorizor;
-import org.apache.accumulo.server.security.handler.ZKPermHandler;
-import org.apache.accumulo.server.zookeeper.ZooCache;
-import org.apache.hadoop.io.Text;
-import org.apache.log4j.Logger;
-
-/**
- * Utility class for performing various security operations with the appropriate checks
- */
-public class SecurityOperation {
- private static final Logger log = Logger.getLogger(SecurityOperationsImpl.class);
-
- protected Authorizor authorizor;
- protected Authenticator authenticator;
- protected PermissionHandler permHandle;
- private static String rootUserName = null;
- private final ZooCache zooCache;
- private final String ZKUserPath;
-
- protected static SecurityOperation instance;
-
- public static synchronized SecurityOperation getInstance() {
- String instanceId = HdfsZooInstance.getInstance().getInstanceID();
- return getInstance(instanceId, false);
- }
-
- public static synchronized SecurityOperation getInstance(String instanceId, boolean initialize) {
- if (instance == null) {
- instance = new SecurityOperation(getAuthorizor(instanceId, initialize), getAuthenticator(instanceId, initialize), getPermHandler(instanceId, initialize),
- instanceId);
- }
- return instance;
- }
-
- protected static Authorizor getAuthorizor(String instanceId, boolean initialize) {
- Authorizor toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(), Property.INSTANCE_SECURITY_AUTHORIZOR,
- Authorizor.class, ZKAuthorizor.getInstance());
- toRet.initialize(instanceId, initialize);
- return toRet;
- }
-
- protected static Authenticator getAuthenticator(String instanceId, boolean initialize) {
- Authenticator toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(), Property.INSTANCE_SECURITY_AUTHENTICATOR,
- Authenticator.class, ZKAuthenticator.getInstance());
- toRet.initialize(instanceId, initialize);
- return toRet;
- }
-
- protected static PermissionHandler getPermHandler(String instanceId, boolean initialize) {
- PermissionHandler toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
- Property.INSTANCE_SECURITY_PERMISSION_HANDLER, PermissionHandler.class, ZKPermHandler.getInstance());
- toRet.initialize(instanceId, initialize);
- return toRet;
- }
-
- protected SecurityOperation(String instanceId) {
- ZKUserPath = Constants.ZROOT + "/" + instanceId + "/users";
- zooCache = new ZooCache();
- }
-
- public SecurityOperation(Authorizor author, Authenticator authent, PermissionHandler pm, String instanceId) {
- this(instanceId);
- authorizor = author;
- authenticator = authent;
- permHandle = pm;
-
- if (!authorizor.validSecurityHandlers(authenticator, pm) || !authenticator.validSecurityHandlers(authorizor, pm)
- || !permHandle.validSecurityHandlers(authent, author))
- throw new RuntimeException(authorizor + ", " + authenticator + ", and " + pm
- + " do not play nice with eachother. Please choose authentication and authorization mechanisms that are compatible with one another.");
- }
-
- public void initializeSecurity(TCredentials credentials, String rootPrincipal, byte[] token) throws AccumuloSecurityException, ThriftSecurityException {
- authenticate(credentials);
-
- if (!isSystemUser(credentials))
- throw new AccumuloSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- authenticator.initializeSecurity(credentials, rootPrincipal, token);
- authorizor.initializeSecurity(credentials, rootPrincipal);
- permHandle.initializeSecurity(credentials, rootPrincipal);
- try {
- permHandle.grantTablePermission(rootPrincipal, MetadataTable.ID, TablePermission.ALTER_TABLE);
- } catch (TableNotFoundException e) {
- // Shouldn't happen
- throw new RuntimeException(e);
- }
- }
-
- public synchronized String getRootUsername() {
- if (rootUserName == null)
- rootUserName = new String(zooCache.get(ZKUserPath));
- return rootUserName;
- }
-
- public boolean isSystemUser(TCredentials credentials) {
- return SystemCredentials.get().getToken().getClass().getName().equals(credentials.getTokenClassName());
- }
-
- private void authenticate(TCredentials credentials) throws ThriftSecurityException {
- if (!credentials.getInstanceId().equals(HdfsZooInstance.getInstance().getInstanceID()))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.INVALID_INSTANCEID);
-
- if (isSystemUser(credentials)) {
- authenticateSystemUser(credentials);
- } else {
- try {
- AuthenticationToken token = AuthenticationTokenSerializer.deserialize(credentials.getTokenClassName(), credentials.getToken());
- if (!authenticator.authenticateUser(credentials.getPrincipal(), token)) {
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
- }
- } catch (AccumuloSecurityException e) {
- log.debug(e);
- throw e.asThriftException();
- }
- }
- }
-
- private void authenticateSystemUser(TCredentials credentials) throws ThriftSecurityException {
- if (SystemCredentials.get().getToken().equals(credentials.getToken()))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
- }
-
- public boolean canAskAboutUser(TCredentials credentials, String user) throws ThriftSecurityException {
- // Authentication done in canPerformSystemActions
- if (!(canPerformSystemActions(credentials) || credentials.getPrincipal().equals(user)))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- return true;
- }
-
- public boolean authenticateUser(TCredentials credentials, TCredentials toAuth) throws ThriftSecurityException {
- canAskAboutUser(credentials, toAuth.getPrincipal());
- // User is already authenticated from canAskAboutUser
- if (credentials.equals(toAuth))
- return true;
- try {
- AuthenticationToken token = reassembleToken(toAuth);
- return authenticator.authenticateUser(toAuth.getPrincipal(), token);
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- private AuthenticationToken reassembleToken(TCredentials toAuth) throws AccumuloSecurityException {
- String tokenClass = toAuth.getTokenClassName();
- if (authenticator.validTokenClass(tokenClass)) {
- return AuthenticationTokenSerializer.deserialize(toAuth.getTokenClassName(), toAuth.getToken());
- }
- throw new AccumuloSecurityException(toAuth.getPrincipal(), SecurityErrorCode.INVALID_TOKEN);
- }
-
- public Authorizations getUserAuthorizations(TCredentials credentials, String user) throws ThriftSecurityException {
- authenticate(credentials);
-
- targetUserExists(user);
-
- if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials, SystemPermission.SYSTEM, false))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- try {
- return authorizor.getCachedUserAuthorizations(user);
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public Authorizations getUserAuthorizations(TCredentials credentials) throws ThriftSecurityException {
- // system user doesn't need record-level authorizations for the tables it reads
- if (isSystemUser(credentials)) {
- authenticate(credentials);
- return Authorizations.EMPTY;
- }
- return getUserAuthorizations(credentials, credentials.getPrincipal());
- }
-
- public boolean userHasAuthorizations(TCredentials credentials, List<ByteBuffer> list) throws ThriftSecurityException {
- authenticate(credentials);
-
- if (isSystemUser(credentials)) {
- // system user doesn't need record-level authorizations for the tables it reads (for now)
- return list.isEmpty();
- }
-
- try {
- return authorizor.isValidAuthorizations(credentials.getPrincipal(), list);
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- /**
- * Checks if a user has a system permission
- *
- * @return true if a user exists and has permission; false otherwise
- */
- private boolean hasSystemPermission(TCredentials credentials, SystemPermission permission, boolean useCached) throws ThriftSecurityException {
- if (isSystemUser(credentials))
- return true;
- return _hasSystemPermission(credentials.getPrincipal(), permission, useCached);
- }
-
- /**
- * Checks if a user has a system permission<br/>
- * This cannot check if a system user has permission.
- *
- * @return true if a user exists and has permission; false otherwise
- */
- private boolean _hasSystemPermission(String user, SystemPermission permission, boolean useCached) throws ThriftSecurityException {
- if (user.equals(getRootUsername()))
- return true;
-
- targetUserExists(user);
-
- try {
- if (useCached)
- return permHandle.hasCachedSystemPermission(user, permission);
- return permHandle.hasSystemPermission(user, permission);
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- /**
- * Checks if a user has a table permission
- *
- * @return true if a user exists and has permission; false otherwise
- */
- protected boolean hasTablePermission(TCredentials credentials, String table, TablePermission permission, boolean useCached) throws ThriftSecurityException {
- if (isSystemUser(credentials))
- return true;
- return _hasTablePermission(credentials.getPrincipal(), table, permission, useCached);
- }
-
- /**
- * Checks if a user has a table permission<br/>
- * This cannot check if a system user has permission.
- *
- * @return true if a user exists and has permission; false otherwise
- */
- protected boolean _hasTablePermission(String user, String table, TablePermission permission, boolean useCached) throws ThriftSecurityException {
- targetUserExists(user);
-
- if ((table.equals(MetadataTable.ID) || table.equals(RootTable.ID)) && permission.equals(TablePermission.READ))
- return true;
-
- try {
- if (useCached)
- return permHandle.hasCachedTablePermission(user, table, permission);
- return permHandle.hasTablePermission(user, table, permission);
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- } catch (TableNotFoundException e) {
- throw new ThriftSecurityException(user, SecurityErrorCode.TABLE_DOESNT_EXIST);
- }
- }
-
- // some people just aren't allowed to ask about other users; here are those who can ask
- private boolean canAskAboutOtherUsers(TCredentials credentials, String user) throws ThriftSecurityException {
- authenticate(credentials);
- return credentials.getPrincipal().equals(user) || hasSystemPermission(credentials, SystemPermission.SYSTEM, false)
- || hasSystemPermission(credentials, SystemPermission.CREATE_USER, false) || hasSystemPermission(credentials, SystemPermission.ALTER_USER, false)
- || hasSystemPermission(credentials, SystemPermission.DROP_USER, false);
- }
-
- private void targetUserExists(String user) throws ThriftSecurityException {
- if (user.equals(getRootUsername()))
- return;
- try {
- if (!authenticator.userExists(user))
- throw new ThriftSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST);
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public boolean canScan(TCredentials credentials, String table) throws ThriftSecurityException {
- authenticate(credentials);
- return hasTablePermission(credentials, table, TablePermission.READ, true);
- }
-
- public boolean canScan(TCredentials credentials, String table, TRange range, List<TColumn> columns, List<IterInfo> ssiList,
- Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException {
- return canScan(credentials, table);
- }
-
- public boolean canScan(TCredentials credentials, String table, Map<TKeyExtent,List<TRange>> tbatch, List<TColumn> tcolumns, List<IterInfo> ssiList,
- Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException {
- return canScan(credentials, table);
- }
-
- public boolean canWrite(TCredentials credentials, String table) throws ThriftSecurityException {
- authenticate(credentials);
- return hasTablePermission(credentials, table, TablePermission.WRITE, true);
- }
-
- public boolean canConditionallyUpdate(TCredentials credentials, String tableID, List<ByteBuffer> authorizations) throws ThriftSecurityException {
-
- authenticate(credentials);
-
- return hasTablePermission(credentials, tableID, TablePermission.WRITE, true) && hasTablePermission(credentials, tableID, TablePermission.READ, true);
- }
-
- public boolean canSplitTablet(TCredentials credentials, String table) throws ThriftSecurityException {
- authenticate(credentials);
- return hasSystemPermission(credentials, SystemPermission.ALTER_TABLE, false) || hasSystemPermission(credentials, SystemPermission.SYSTEM, false)
- || hasTablePermission(credentials, table, TablePermission.ALTER_TABLE, false);
- }
-
- /**
- * This is the check to perform any system action. This includes tserver's loading of a tablet, shutting the system down, or altering system properties.
- */
- public boolean canPerformSystemActions(TCredentials credentials) throws ThriftSecurityException {
- authenticate(credentials);
- return hasSystemPermission(credentials, SystemPermission.SYSTEM, false);
- }
-
- public boolean canFlush(TCredentials c, String tableId) throws ThriftSecurityException {
- authenticate(c);
- return hasTablePermission(c, tableId, TablePermission.WRITE, false) || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false);
- }
-
- public boolean canAlterTable(TCredentials c, String tableId) throws ThriftSecurityException {
- authenticate(c);
- return hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false) || hasSystemPermission(c, SystemPermission.ALTER_TABLE, false);
- }
-
- public boolean canCreateTable(TCredentials c, String tableName) throws ThriftSecurityException {
- return canCreateTable(c);
- }
-
- public boolean canCreateTable(TCredentials c) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.CREATE_TABLE, false);
- }
-
- public boolean canRenameTable(TCredentials c, String tableId, String oldTableName, String newTableName) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false);
- }
-
- public boolean canCloneTable(TCredentials c, String tableId, String tableName) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.CREATE_TABLE, false) && hasTablePermission(c, tableId, TablePermission.READ, false);
- }
-
- public boolean canDeleteTable(TCredentials c, String tableId) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.DROP_TABLE, false) || hasTablePermission(c, tableId, TablePermission.DROP_TABLE, false);
- }
-
- public boolean canOnlineOfflineTable(TCredentials c, String tableId, TableOperation op) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.SYSTEM, false) || hasSystemPermission(c, SystemPermission.ALTER_TABLE, false)
- || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false);
- }
-
- public boolean canMerge(TCredentials c, String tableId) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.SYSTEM, false) || hasSystemPermission(c, SystemPermission.ALTER_TABLE, false)
- || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false);
- }
-
- public boolean canDeleteRange(TCredentials c, String tableId, String tableName, Text startRow, Text endRow) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.SYSTEM, false) || hasTablePermission(c, tableId, TablePermission.WRITE, false);
- }
-
- public boolean canBulkImport(TCredentials c, String tableId, String tableName, String dir, String failDir) throws ThriftSecurityException {
- return canBulkImport(c, tableId);
- }
-
- public boolean canBulkImport(TCredentials c, String tableId) throws ThriftSecurityException {
- authenticate(c);
- return hasTablePermission(c, tableId, TablePermission.BULK_IMPORT, false);
- }
-
- public boolean canCompact(TCredentials c, String tableId) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false)
- || hasTablePermission(c, tableId, TablePermission.WRITE, false);
- }
-
- public boolean canChangeAuthorizations(TCredentials c, String user) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.ALTER_USER, false);
- }
-
- public boolean canChangePassword(TCredentials c, String user) throws ThriftSecurityException {
- authenticate(c);
- return c.getPrincipal().equals(user) || hasSystemPermission(c, SystemPermission.ALTER_USER, false);
- }
-
- public boolean canCreateUser(TCredentials c, String user) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.CREATE_USER, false);
- }
-
- public boolean canDropUser(TCredentials c, String user) throws ThriftSecurityException {
- authenticate(c);
- if (user.equals(getRootUsername()))
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- return hasSystemPermission(c, SystemPermission.DROP_USER, false);
- }
-
- public boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException {
- authenticate(c);
- // can't grant GRANT
- if (sysPerm.equals(SystemPermission.GRANT))
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);
- return hasSystemPermission(c, SystemPermission.GRANT, false);
- }
-
- public boolean canGrantTable(TCredentials c, String user, String table) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c, table, TablePermission.GRANT, false);
- }
-
- public boolean canRevokeSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException {
- authenticate(c);
- // can't modify root user
- if (user.equals(getRootUsername()))
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- // can't revoke GRANT
- if (sysPerm.equals(SystemPermission.GRANT))
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);
-
- return hasSystemPermission(c, SystemPermission.GRANT, false);
- }
-
- public boolean canRevokeTable(TCredentials c, String user, String table) throws ThriftSecurityException {
- authenticate(c);
- return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c, table, TablePermission.GRANT, false);
- }
-
- public void changeAuthorizations(TCredentials credentials, String user, Authorizations authorizations) throws ThriftSecurityException {
- if (!canChangeAuthorizations(credentials, user))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- targetUserExists(user);
-
- try {
- authorizor.changeAuthorizations(user, authorizations);
- log.info("Changed authorizations for user " + user + " at the request of user " + credentials.getPrincipal());
- } catch (AccumuloSecurityException ase) {
- throw ase.asThriftException();
- }
- }
-
- public void changePassword(TCredentials credentials, Credentials toChange) throws ThriftSecurityException {
- if (!canChangePassword(credentials, toChange.getPrincipal()))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- try {
- AuthenticationToken token = toChange.getToken();
- authenticator.changePassword(toChange.getPrincipal(), token);
- log.info("Changed password for user " + toChange.getPrincipal() + " at the request of user " + credentials.getPrincipal());
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public void createUser(TCredentials credentials, Credentials newUser, Authorizations authorizations) throws ThriftSecurityException {
- if (!canCreateUser(credentials, newUser.getPrincipal()))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- try {
- AuthenticationToken token = newUser.getToken();
- authenticator.createUser(newUser.getPrincipal(), token);
- authorizor.initUser(newUser.getPrincipal());
- permHandle.initUser(newUser.getPrincipal());
- log.info("Created user " + newUser.getPrincipal() + " at the request of user " + credentials.getPrincipal());
- if (canChangeAuthorizations(credentials, newUser.getPrincipal()))
- authorizor.changeAuthorizations(newUser.getPrincipal(), authorizations);
- } catch (AccumuloSecurityException ase) {
- throw ase.asThriftException();
- }
- }
-
- public void dropUser(TCredentials credentials, String user) throws ThriftSecurityException {
- if (!canDropUser(credentials, user))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- try {
- authorizor.dropUser(user);
- authenticator.dropUser(user);
- permHandle.cleanUser(user);
- log.info("Deleted user " + user + " at the request of user " + credentials.getPrincipal());
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public void grantSystemPermission(TCredentials credentials, String user, SystemPermission permissionById) throws ThriftSecurityException {
- if (!canGrantSystem(credentials, user, permissionById))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- targetUserExists(user);
-
- try {
- permHandle.grantSystemPermission(user, permissionById);
- log.info("Granted system permission " + permissionById + " for user " + user + " at the request of user " + credentials.getPrincipal());
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public void grantTablePermission(TCredentials c, String user, String tableId, TablePermission permission) throws ThriftSecurityException {
- if (!canGrantTable(c, user, tableId))
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- targetUserExists(user);
-
- try {
- permHandle.grantTablePermission(user, tableId, permission);
- log.info("Granted table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.getPrincipal());
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- } catch (TableNotFoundException e) {
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST);
- }
- }
-
- public void revokeSystemPermission(TCredentials credentials, String user, SystemPermission permission) throws ThriftSecurityException {
- if (!canRevokeSystem(credentials, user, permission))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- targetUserExists(user);
-
- try {
- permHandle.revokeSystemPermission(user, permission);
- log.info("Revoked system permission " + permission + " for user " + user + " at the request of user " + credentials.getPrincipal());
-
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public void revokeTablePermission(TCredentials c, String user, String tableId, TablePermission permission) throws ThriftSecurityException {
- if (!canRevokeTable(c, user, tableId))
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-
- targetUserExists(user);
-
- try {
- permHandle.revokeTablePermission(user, tableId, permission);
- log.info("Revoked table permission " + permission + " for user " + user + " on the table " + tableId + " at the request of user " + c.getPrincipal());
-
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- } catch (TableNotFoundException e) {
- throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST);
- }
- }
-
- public boolean hasSystemPermission(TCredentials credentials, String user, SystemPermission permissionById) throws ThriftSecurityException {
- if (!canAskAboutOtherUsers(credentials, user))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- return _hasSystemPermission(user, permissionById, false);
- }
-
- public boolean hasTablePermission(TCredentials credentials, String user, String tableId, TablePermission permissionById) throws ThriftSecurityException {
- if (!canAskAboutOtherUsers(credentials, user))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- return _hasTablePermission(user, tableId, permissionById, false);
- }
-
- public Set<String> listUsers(TCredentials credentials) throws ThriftSecurityException {
- authenticate(credentials);
- try {
- return authenticator.listUsers();
- } catch (AccumuloSecurityException e) {
- throw e.asThriftException();
- }
- }
-
- public void deleteTable(TCredentials credentials, String tableId) throws ThriftSecurityException {
- if (!canDeleteTable(credentials, tableId))
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
- try {
- permHandle.cleanTablePermissions(tableId);
- } catch (AccumuloSecurityException e) {
- e.setUser(credentials.getPrincipal());
- throw e.asThriftException();
- } catch (TableNotFoundException e) {
- throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST);
- }
- }
-
- public boolean canExport(TCredentials credentials, String tableId, String tableName, String exportDir) throws ThriftSecurityException {
- authenticate(credentials);
- return hasTablePermission(credentials, tableId, TablePermission.READ, false);
- }
-
- public boolean canImport(TCredentials credentials, String tableName, String importDir) throws ThriftSecurityException {
- authenticate(credentials);
- return hasSystemPermission(credentials, SystemPermission.CREATE_TABLE, false);
- }
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java b/server/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
deleted file mode 100644
index 9b4931d..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
+++ /dev/null
@@ -1,135 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security;
-
-import java.io.ByteArrayOutputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecurityPermission;
-import java.util.Map.Entry;
-
-import org.apache.accumulo.core.Constants;
-import org.apache.accumulo.core.client.Instance;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.PasswordToken;
-import org.apache.accumulo.core.conf.Property;
-import org.apache.accumulo.core.security.Credentials;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-import org.apache.accumulo.server.ServerConstants;
-import org.apache.accumulo.server.client.HdfsZooInstance;
-import org.apache.accumulo.server.conf.ServerConfiguration;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.hadoop.io.Writable;
-
-/**
- * Credentials for the system services.
- *
- * @since 1.6.0
- */
-public final class SystemCredentials extends Credentials {
-
- private static final SecurityPermission SYSTEM_CREDENTIALS_PERMISSION = new SecurityPermission("systemCredentialsPermission");
-
- private static SystemCredentials SYSTEM_CREDS = null;
- private static final String SYSTEM_PRINCIPAL = "!SYSTEM";
- private static final SystemToken SYSTEM_TOKEN = SystemToken.get();
-
- private final TCredentials AS_THRIFT;
-
- private SystemCredentials() {
- super(SYSTEM_PRINCIPAL, SYSTEM_TOKEN);
- AS_THRIFT = super.toThrift(HdfsZooInstance.getInstance());
- }
-
- public static SystemCredentials get() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(SYSTEM_CREDENTIALS_PERMISSION);
- }
- if (SYSTEM_CREDS == null) {
- SYSTEM_CREDS = new SystemCredentials();
- }
- return SYSTEM_CREDS;
- }
-
- @Override
- public TCredentials toThrift(Instance instance) {
- if (!AS_THRIFT.getInstanceId().equals(instance.getInstanceID()))
- throw new IllegalArgumentException("Unexpected instance used for " + SystemCredentials.class.getSimpleName() + ": " + instance.getInstanceID());
- return AS_THRIFT;
- }
-
- /**
- * An {@link AuthenticationToken} type for Accumulo servers for inter-server communication.
- *
- * @since 1.6.0
- */
- public static final class SystemToken extends PasswordToken {
-
- /**
- * A Constructor for {@link Writable}.
- */
- public SystemToken() {}
-
- private SystemToken(byte[] systemPassword) {
- super(systemPassword);
- }
-
- private static SystemToken get() {
- byte[] confChecksum;
- MessageDigest md;
- try {
- md = MessageDigest.getInstance(Constants.PW_HASH_ALGORITHM);
- } catch (NoSuchAlgorithmException e) {
- throw new RuntimeException("Failed to compute configuration checksum", e);
- }
-
- // seed the config with the version and instance id, so at least it's not empty
- md.update(ServerConstants.WIRE_VERSION.toString().getBytes(Constants.UTF8));
- md.update(HdfsZooInstance.getInstance().getInstanceID().getBytes(Constants.UTF8));
-
- for (Entry<String,String> entry : ServerConfiguration.getSiteConfiguration()) {
- // only include instance properties
- if (entry.getKey().startsWith(Property.INSTANCE_PREFIX.toString())) {
- md.update(entry.getKey().getBytes(Constants.UTF8));
- md.update(entry.getValue().getBytes(Constants.UTF8));
- }
- }
- confChecksum = md.digest();
-
- int wireVersion = ServerConstants.WIRE_VERSION;
- byte[] inst = HdfsZooInstance.getInstance().getInstanceID().getBytes(Constants.UTF8);
-
- ByteArrayOutputStream bytes = new ByteArrayOutputStream(3 * (Integer.SIZE / Byte.SIZE) + inst.length + confChecksum.length);
- DataOutputStream out = new DataOutputStream(bytes);
- try {
- out.write(wireVersion * -1);
- out.write(inst.length);
- out.write(inst);
- out.write(confChecksum.length);
- out.write(confChecksum);
- } catch (IOException e) {
- // this is impossible with ByteArrayOutputStream; crash hard if this happens
- throw new RuntimeException(e);
- }
- return new SystemToken(Base64.encodeBase64(bytes.toByteArray()));
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java b/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java
deleted file mode 100644
index 7012065..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import java.util.Set;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-
-/**
- * This interface is used for the system which will be used for authenticating a user. If the implementation does not support configuration through Accumulo, it
- * should throw an AccumuloSecurityException with the error code UNSUPPORTED_OPERATION
- */
-
-public interface Authenticator {
-
- public void initialize(String instanceId, boolean initialize);
-
- public boolean validSecurityHandlers(Authorizor auth, PermissionHandler pm);
-
- public void initializeSecurity(TCredentials credentials, String principal, byte[] token) throws AccumuloSecurityException, ThriftSecurityException;
-
- public boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloSecurityException;
-
- public Set<String> listUsers() throws AccumuloSecurityException;
-
- public void createUser(String principal, AuthenticationToken token) throws AccumuloSecurityException;
-
- public void dropUser(String user) throws AccumuloSecurityException;
-
- public void changePassword(String principal, AuthenticationToken token) throws AccumuloSecurityException;
-
- public boolean userExists(String user) throws AccumuloSecurityException;
-
- public Set<Class<? extends AuthenticationToken>> getSupportedTokenTypes();
-
- /**
- * Returns true if the given token is appropriate for this Authenticator
- */
- public boolean validTokenClass(String tokenClass);
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java b/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java
deleted file mode 100644
index 569d893..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/Authorizor.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import java.nio.ByteBuffer;
-import java.util.List;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
-import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-
-/**
- * This interface is used for the system which will be used for getting a users Authorizations. If the implementation does not support configuration through
- * Accumulo, it should throw an AccumuloSecurityException with the error code UNSUPPORTED_OPERATION
- */
-public interface Authorizor {
-
- /**
- * Sets up the authorizor for a new instance of Accumulo
- */
- public void initialize(String instanceId, boolean initialize);
-
- /**
- * Used to validate that the Authorizor, Authenticator, and permission handler can coexist
- */
- public boolean validSecurityHandlers(Authenticator auth, PermissionHandler pm);
-
- /**
- * Used to initialize security for the root user
- */
- public void initializeSecurity(TCredentials credentials, String rootuser) throws AccumuloSecurityException, ThriftSecurityException;
-
- /**
- * Used to change the authorizations for the user
- */
- public void changeAuthorizations(String user, Authorizations authorizations) throws AccumuloSecurityException;
-
- /**
- * Used to get the authorizations for the user
- */
- public Authorizations getCachedUserAuthorizations(String user) throws AccumuloSecurityException;
-
- /**
- * Used to check if a user has valid auths.
- */
- public boolean isValidAuthorizations(String user, List<ByteBuffer> list) throws AccumuloSecurityException;
-
- /**
- * Initializes a new user
- */
- public void initUser(String user) throws AccumuloSecurityException;
-
- /**
- * Deletes a user
- */
- public void dropUser(String user) throws AccumuloSecurityException;
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java b/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java
deleted file mode 100644
index 38574fa..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.NullToken;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-
-/**
- * This is an Authenticator implementation that doesn't actually do any security. Any principal will authenticate if a NullToken is provided. It's existence is
- * primarily for testing, but can also be used for any system where user space management is not a concern.
- */
-public class InsecureAuthenticator implements Authenticator {
-
- @Override
- public void initialize(String instanceId, boolean initialize) {
- return;
- }
-
- @Override
- public boolean validSecurityHandlers(Authorizor auth, PermissionHandler pm) {
- return true;
- }
-
- @Override
- public void initializeSecurity(TCredentials credentials, String principal, byte[] token) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public boolean authenticateUser(String principal, AuthenticationToken token) {
- return token instanceof NullToken;
- }
-
- @Override
- public Set<String> listUsers() throws AccumuloSecurityException {
- return Collections.emptySet();
- }
-
- @Override
- public void createUser(String principal, AuthenticationToken token) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public void dropUser(String user) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public void changePassword(String user, AuthenticationToken token) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public boolean userExists(String user) {
- return true;
- }
-
- @Override
- public boolean validTokenClass(String tokenClass) {
- return tokenClass.equals(NullToken.class.getName());
- }
-
- @Override
- public Set<Class<? extends AuthenticationToken>> getSupportedTokenTypes() {
- Set<Class<? extends AuthenticationToken>> cs = new HashSet<Class<? extends AuthenticationToken>>();
- cs.add(NullToken.class);
- return cs;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java b/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java
deleted file mode 100644
index b57abfe..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.TableNotFoundException;
-import org.apache.accumulo.core.security.SystemPermission;
-import org.apache.accumulo.core.security.TablePermission;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-
-/**
- * This is a Permission Handler implementation that doesn't actually do any security. Use at your own risk.
- */
-public class InsecurePermHandler implements PermissionHandler {
-
- @Override
- public void initialize(String instanceId, boolean initialize) {
- return;
- }
-
- @Override
- public boolean validSecurityHandlers(Authenticator authent, Authorizor author) {
- return true;
- }
-
- @Override
- public void initializeSecurity(TCredentials token, String rootuser) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public boolean hasSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- return true;
- }
-
- @Override
- public boolean hasCachedSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- return true;
- }
-
- @Override
- public boolean hasTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
- return true;
- }
-
- @Override
- public boolean hasCachedTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
- return true;
- }
-
- @Override
- public void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
- return;
- }
-
- @Override
- public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
- return;
- }
-
- @Override
- public void cleanTablePermissions(String table) throws AccumuloSecurityException, TableNotFoundException {
- return;
- }
-
- @Override
- public void initUser(String user) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public void cleanUser(String user) throws AccumuloSecurityException {
- return;
- }
-
- @Override
- public void initTable(String table) throws AccumuloSecurityException {}
-
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java b/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java
deleted file mode 100644
index 72c64b5..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.TableNotFoundException;
-import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
-import org.apache.accumulo.core.security.SystemPermission;
-import org.apache.accumulo.core.security.TablePermission;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-
-/**
- * This interface is used for the system which will be used for getting a users permissions. If the implementation does not support configuration through
- * Accumulo, it should throw an AccumuloSecurityException with the error code UNSUPPORTED_OPERATION
- */
-public interface PermissionHandler {
-
- /**
- * Sets up the permission handler for a new instance of Accumulo
- */
- public void initialize(String instanceId, boolean initialize);
-
- /**
- * Used to validate that the Authorizor, Authenticator, and permission handler can coexist
- */
- public boolean validSecurityHandlers(Authenticator authent, Authorizor author);
-
- /**
- * Used to initialize security for the root user
- */
- public void initializeSecurity(TCredentials credentials, String rootuser) throws AccumuloSecurityException, ThriftSecurityException;
-
- /**
- * Used to get the system permission for the user
- */
- public boolean hasSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException;
-
- /**
- * Used to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included
- * just in case we need it in the future.
- */
- public boolean hasCachedSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException;
-
- /**
- * Used to get the table permission of a user for a table
- */
- public boolean hasTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException;
-
- /**
- * Used to get the table permission of a user for a table, with caching. This method is for high frequency operations
- */
- public boolean hasCachedTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException;
-
- /**
- * Gives the user the given system permission
- */
- public void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException;
-
- /**
- * Denies the user the given system permission
- */
- public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException;
-
- /**
- * Gives the user the given table permission
- */
- public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException;
-
- /**
- * Denies the user the given table permission.
- */
- public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException;
-
- /**
- * Cleans up the permissions for a table. Used when a table gets deleted.
- */
- public void cleanTablePermissions(String table) throws AccumuloSecurityException, TableNotFoundException;
-
- /**
- * Initializes a new user
- */
- public void initUser(String user) throws AccumuloSecurityException;
-
- /**
- * Initializes a new user
- */
- public void initTable(String table) throws AccumuloSecurityException;
-
- /**
- * Deletes a user
- */
- public void cleanUser(String user) throws AccumuloSecurityException;
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java b/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java
deleted file mode 100644
index 4e327ec..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java
+++ /dev/null
@@ -1,214 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import java.util.HashSet;
-import java.util.Set;
-import java.util.TreeSet;
-
-import org.apache.accumulo.core.Constants;
-import org.apache.accumulo.core.client.AccumuloException;
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
-import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.client.security.tokens.PasswordToken;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-import org.apache.accumulo.fate.zookeeper.IZooReaderWriter;
-import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeExistsPolicy;
-import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeMissingPolicy;
-import org.apache.accumulo.server.zookeeper.ZooCache;
-import org.apache.accumulo.server.zookeeper.ZooReaderWriter;
-import org.apache.log4j.Logger;
-import org.apache.zookeeper.KeeperException;
-
-// Utility class for adding all authentication info into ZK
-public final class ZKAuthenticator implements Authenticator {
- static final Logger log = Logger.getLogger(ZKAuthenticator.class);
- private static Authenticator zkAuthenticatorInstance = null;
-
- private String ZKUserPath;
- private final ZooCache zooCache;
-
- public static synchronized Authenticator getInstance() {
- if (zkAuthenticatorInstance == null)
- zkAuthenticatorInstance = new ZKAuthenticator();
- return zkAuthenticatorInstance;
- }
-
- public ZKAuthenticator() {
- zooCache = new ZooCache();
- }
-
- @Override
- public void initialize(String instanceId, boolean initialize) {
- ZKUserPath = Constants.ZROOT + "/" + instanceId + "/users";
- }
-
- @Override
- public void initializeSecurity(TCredentials credentials, String principal, byte[] token) throws AccumuloSecurityException {
- try {
- // remove old settings from zookeeper first, if any
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- synchronized (zooCache) {
- zooCache.clear();
- if (zoo.exists(ZKUserPath)) {
- zoo.recursiveDelete(ZKUserPath, NodeMissingPolicy.SKIP);
- log.info("Removed " + ZKUserPath + "/" + " from zookeeper");
- }
-
- // prep parent node of users with root username
- zoo.putPersistentData(ZKUserPath, principal.getBytes(), NodeExistsPolicy.FAIL);
-
- constructUser(principal, ZKSecurityTool.createPass(token));
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (AccumuloException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Sets up the user in ZK for the provided user. No checking for existence is done here, it should be done before calling.
- */
- private void constructUser(String user, byte[] pass) throws KeeperException, InterruptedException {
- synchronized (zooCache) {
- zooCache.clear();
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- zoo.putPrivatePersistentData(ZKUserPath + "/" + user, pass, NodeExistsPolicy.FAIL);
- }
- }
-
- @Override
- public Set<String> listUsers() {
- return new TreeSet<String>(zooCache.getChildren(ZKUserPath));
- }
-
- /**
- * Creates a user with no permissions whatsoever
- */
- @Override
- public void createUser(String principal, AuthenticationToken token) throws AccumuloSecurityException {
- try {
- if (!(token instanceof PasswordToken))
- throw new AccumuloSecurityException(principal, SecurityErrorCode.INVALID_TOKEN);
- PasswordToken pt = (PasswordToken) token;
- constructUser(principal, ZKSecurityTool.createPass(pt.getPassword()));
- } catch (KeeperException e) {
- if (e.code().equals(KeeperException.Code.NODEEXISTS))
- throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_EXISTS, e);
- throw new AccumuloSecurityException(principal, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (AccumuloException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(principal, SecurityErrorCode.DEFAULT_SECURITY_ERROR, e);
- }
- }
-
- @Override
- public void dropUser(String user) throws AccumuloSecurityException {
- try {
- synchronized (zooCache) {
- zooCache.clear();
- ZooReaderWriter.getRetryingInstance().recursiveDelete(ZKUserPath + "/" + user, NodeMissingPolicy.FAIL);
- }
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (KeeperException e) {
- if (e.code().equals(KeeperException.Code.NONODE))
- throw new AccumuloSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST, e);
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- }
- }
-
- @Override
- public void changePassword(String principal, AuthenticationToken token) throws AccumuloSecurityException {
- if (!(token instanceof PasswordToken))
- throw new AccumuloSecurityException(principal, SecurityErrorCode.INVALID_TOKEN);
- PasswordToken pt = (PasswordToken) token;
- if (userExists(principal)) {
- try {
- synchronized (zooCache) {
- zooCache.clear(ZKUserPath + "/" + principal);
- ZooReaderWriter.getRetryingInstance().putPrivatePersistentData(ZKUserPath + "/" + principal, ZKSecurityTool.createPass(pt.getPassword()),
- NodeExistsPolicy.OVERWRITE);
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(principal, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (AccumuloException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(principal, SecurityErrorCode.DEFAULT_SECURITY_ERROR, e);
- }
- } else
- throw new AccumuloSecurityException(principal, SecurityErrorCode.USER_DOESNT_EXIST); // user doesn't exist
- }
-
- /**
- * Checks if a user exists
- */
- @Override
- public boolean userExists(String user) {
- return zooCache.get(ZKUserPath + "/" + user) != null;
- }
-
- @Override
- public boolean validSecurityHandlers(Authorizor auth, PermissionHandler pm) {
- return true;
- }
-
- @Override
- public boolean authenticateUser(String principal, AuthenticationToken token) throws AccumuloSecurityException {
- if (!(token instanceof PasswordToken))
- throw new AccumuloSecurityException(principal, SecurityErrorCode.INVALID_TOKEN);
- PasswordToken pt = (PasswordToken) token;
- byte[] pass;
- String zpath = ZKUserPath + "/" + principal;
- pass = zooCache.get(zpath);
- boolean result = ZKSecurityTool.checkPass(pt.getPassword(), pass);
- if (!result) {
- zooCache.clear(zpath);
- pass = zooCache.get(zpath);
- result = ZKSecurityTool.checkPass(pt.getPassword(), pass);
- }
- return result;
- }
-
- @Override
- public Set<Class<? extends AuthenticationToken>> getSupportedTokenTypes() {
- Set<Class<? extends AuthenticationToken>> cs = new HashSet<Class<? extends AuthenticationToken>>();
- cs.add(PasswordToken.class);
- return cs;
- }
-
- @Override
- public boolean validTokenClass(String tokenClass) {
- return tokenClass.equals(PasswordToken.class.getName());
- }
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java b/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java
deleted file mode 100644
index 71274cc..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthorizor.java
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import java.nio.ByteBuffer;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TreeSet;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
-import org.apache.accumulo.core.metadata.MetadataTable;
-import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.SystemPermission;
-import org.apache.accumulo.core.security.TablePermission;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-import org.apache.accumulo.fate.zookeeper.IZooReaderWriter;
-import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeExistsPolicy;
-import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeMissingPolicy;
-import org.apache.accumulo.server.zookeeper.ZooCache;
-import org.apache.accumulo.server.zookeeper.ZooReaderWriter;
-import org.apache.log4j.Logger;
-import org.apache.zookeeper.KeeperException;
-
-public class ZKAuthorizor implements Authorizor {
- private static final Logger log = Logger.getLogger(ZKAuthorizor.class);
- private static Authorizor zkAuthorizorInstance = null;
-
- private final String ZKUserAuths = "/Authorizations";
-
- private String ZKUserPath;
- private final ZooCache zooCache;
-
- public static synchronized Authorizor getInstance() {
- if (zkAuthorizorInstance == null)
- zkAuthorizorInstance = new ZKAuthorizor();
- return zkAuthorizorInstance;
- }
-
- public ZKAuthorizor() {
- zooCache = new ZooCache();
- }
-
- public void initialize(String instanceId, boolean initialize) {
- ZKUserPath = ZKSecurityTool.getInstancePath(instanceId) + "/users";
- }
-
- public Authorizations getCachedUserAuthorizations(String user) {
- byte[] authsBytes = zooCache.get(ZKUserPath + "/" + user + ZKUserAuths);
- if (authsBytes != null)
- return ZKSecurityTool.convertAuthorizations(authsBytes);
- return Authorizations.EMPTY;
- }
-
- @Override
- public boolean validSecurityHandlers(Authenticator auth, PermissionHandler pm) {
- return true;
- }
-
- @Override
- public void initializeSecurity(TCredentials itw, String rootuser) throws AccumuloSecurityException {
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
-
- // create the root user with all system privileges, no table privileges, and no record-level authorizations
- Set<SystemPermission> rootPerms = new TreeSet<SystemPermission>();
- for (SystemPermission p : SystemPermission.values())
- rootPerms.add(p);
- Map<String,Set<TablePermission>> tablePerms = new HashMap<String,Set<TablePermission>>();
- // Allow the root user to flush the !METADATA table
- tablePerms.put(MetadataTable.ID, Collections.singleton(TablePermission.ALTER_TABLE));
-
- try {
- // prep parent node of users with root username
- if (!zoo.exists(ZKUserPath))
- zoo.putPersistentData(ZKUserPath, rootuser.getBytes(), NodeExistsPolicy.FAIL);
-
- initUser(rootuser);
- zoo.putPersistentData(ZKUserPath + "/" + rootuser + ZKUserAuths, ZKSecurityTool.convertAuthorizations(Authorizations.EMPTY), NodeExistsPolicy.FAIL);
- } catch (KeeperException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- /**
- * @param user
- * @throws AccumuloSecurityException
- */
- public void initUser(String user) throws AccumuloSecurityException {
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- try {
- zoo.putPersistentData(ZKUserPath + "/" + user, new byte[0], NodeExistsPolicy.SKIP);
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public void dropUser(String user) throws AccumuloSecurityException {
- try {
- synchronized (zooCache) {
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserAuths, NodeMissingPolicy.SKIP);
- zooCache.clear(ZKUserPath + "/" + user);
- }
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (KeeperException e) {
- log.error(e, e);
- if (e.code().equals(KeeperException.Code.NONODE))
- throw new AccumuloSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
-
- }
- }
-
- @Override
- public void changeAuthorizations(String user, Authorizations authorizations) throws AccumuloSecurityException {
- try {
- synchronized (zooCache) {
- zooCache.clear();
- ZooReaderWriter.getRetryingInstance().putPersistentData(ZKUserPath + "/" + user + ZKUserAuths, ZKSecurityTool.convertAuthorizations(authorizations),
- NodeExistsPolicy.OVERWRITE);
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public boolean isValidAuthorizations(String user, List<ByteBuffer> auths) throws AccumuloSecurityException {
- Collection<ByteBuffer> userauths = getCachedUserAuthorizations(user).getAuthorizationsBB();
- for (ByteBuffer auth : auths)
- if (!userauths.contains(auth))
- return false;
- return true;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/598821cd/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java b/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java
deleted file mode 100644
index f219603..0000000
--- a/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java
+++ /dev/null
@@ -1,369 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.accumulo.server.security.handler;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.Set;
-import java.util.TreeSet;
-
-import org.apache.accumulo.core.client.AccumuloSecurityException;
-import org.apache.accumulo.core.client.TableNotFoundException;
-import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
-import org.apache.accumulo.core.metadata.MetadataTable;
-import org.apache.accumulo.core.metadata.RootTable;
-import org.apache.accumulo.core.security.SystemPermission;
-import org.apache.accumulo.core.security.TablePermission;
-import org.apache.accumulo.core.security.thrift.TCredentials;
-import org.apache.accumulo.fate.zookeeper.IZooReaderWriter;
-import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeExistsPolicy;
-import org.apache.accumulo.fate.zookeeper.ZooUtil.NodeMissingPolicy;
-import org.apache.accumulo.server.zookeeper.ZooCache;
-import org.apache.accumulo.server.zookeeper.ZooReaderWriter;
-import org.apache.log4j.Logger;
-import org.apache.zookeeper.KeeperException;
-import org.apache.zookeeper.KeeperException.Code;
-
-/**
- *
- */
-public class ZKPermHandler implements PermissionHandler {
- private static final Logger log = Logger.getLogger(ZKAuthorizor.class);
- private static PermissionHandler zkPermHandlerInstance = null;
-
- private String ZKUserPath;
- private String ZKTablePath;
- private final ZooCache zooCache;
- private final String ZKUserSysPerms = "/System";
- private final String ZKUserTablePerms = "/Tables";
-
- public static synchronized PermissionHandler getInstance() {
- if (zkPermHandlerInstance == null)
- zkPermHandlerInstance = new ZKPermHandler();
- return zkPermHandlerInstance;
- }
-
- @Override
- public void initialize(String instanceId, boolean initialize) {
- ZKUserPath = ZKSecurityTool.getInstancePath(instanceId) + "/users";
- ZKTablePath = ZKSecurityTool.getInstancePath(instanceId) + "/tables";
- }
-
- public ZKPermHandler() {
- zooCache = new ZooCache();
- }
-
- @Override
- public boolean hasTablePermission(String user, String table, TablePermission permission) throws TableNotFoundException {
- byte[] serializedPerms;
- try {
- String path = ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table;
- ZooReaderWriter.getRetryingInstance().sync(path);
- serializedPerms = ZooReaderWriter.getRetryingInstance().getData(path, null);
- } catch (KeeperException e) {
- if (e.code() == Code.NONODE) {
- // maybe the table was just deleted?
- try {
- // check for existence:
- ZooReaderWriter.getRetryingInstance().getData(ZKTablePath + "/" + table, null);
- // it's there, you don't have permission
- return false;
- } catch (InterruptedException ex) {
- log.warn("Unhandled InterruptedException, failing closed for table permission check", e);
- return false;
- } catch (KeeperException ex) {
- // not there, throw an informative exception
- if (e.code() == Code.NONODE) {
- throw new TableNotFoundException(null, table, "while checking permissions");
- }
- log.warn("Unhandled InterruptedException, failing closed for table permission check", e);
- }
- return false;
- }
- log.warn("Unhandled KeeperException, failing closed for table permission check", e);
- return false;
- } catch (InterruptedException e) {
- log.warn("Unhandled InterruptedException, failing closed for table permission check", e);
- return false;
- }
- if (serializedPerms != null) {
- return ZKSecurityTool.convertTablePermissions(serializedPerms).contains(permission);
- }
- return false;
- }
-
- @Override
- public boolean hasCachedTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
- byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table);
- if (serializedPerms != null) {
- return ZKSecurityTool.convertTablePermissions(serializedPerms).contains(permission);
- }
- return false;
- }
-
- @Override
- public void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- try {
- byte[] permBytes = zooCache.get(ZKUserPath + "/" + user + ZKUserSysPerms);
- Set<SystemPermission> perms;
- if (permBytes == null) {
- perms = new TreeSet<SystemPermission>();
- } else {
- perms = ZKSecurityTool.convertSystemPermissions(permBytes);
- }
-
- if (perms.add(permission)) {
- synchronized (zooCache) {
- zooCache.clear();
- ZooReaderWriter.getRetryingInstance().putPersistentData(ZKUserPath + "/" + user + ZKUserSysPerms, ZKSecurityTool.convertSystemPermissions(perms),
- NodeExistsPolicy.OVERWRITE);
- }
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException {
- Set<TablePermission> tablePerms;
- byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table);
- if (serializedPerms != null)
- tablePerms = ZKSecurityTool.convertTablePermissions(serializedPerms);
- else
- tablePerms = new TreeSet<TablePermission>();
-
- try {
- if (tablePerms.add(permission)) {
- synchronized (zooCache) {
- zooCache.clear(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table);
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, ZKSecurityTool.convertTablePermissions(tablePerms),
- NodeExistsPolicy.OVERWRITE);
- }
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- byte[] sysPermBytes = zooCache.get(ZKUserPath + "/" + user + ZKUserSysPerms);
-
- // User had no system permission, nothing to revoke.
- if (sysPermBytes == null)
- return;
-
- Set<SystemPermission> sysPerms = ZKSecurityTool.convertSystemPermissions(sysPermBytes);
-
- try {
- if (sysPerms.remove(permission)) {
- synchronized (zooCache) {
- zooCache.clear();
- ZooReaderWriter.getRetryingInstance().putPersistentData(ZKUserPath + "/" + user + ZKUserSysPerms, ZKSecurityTool.convertSystemPermissions(sysPerms),
- NodeExistsPolicy.OVERWRITE);
- }
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException {
- byte[] serializedPerms = zooCache.get(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table);
-
- // User had no table permission, nothing to revoke.
- if (serializedPerms == null)
- return;
-
- Set<TablePermission> tablePerms = ZKSecurityTool.convertTablePermissions(serializedPerms);
- try {
- if (tablePerms.remove(permission)) {
- zooCache.clear();
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- if (tablePerms.size() == 0)
- zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, NodeMissingPolicy.SKIP);
- else
- zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, ZKSecurityTool.convertTablePermissions(tablePerms),
- NodeExistsPolicy.OVERWRITE);
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public void cleanTablePermissions(String table) throws AccumuloSecurityException {
- try {
- synchronized (zooCache) {
- zooCache.clear();
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- for (String user : zooCache.getChildren(ZKUserPath))
- zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table, NodeMissingPolicy.SKIP);
- }
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException("unknownUser", SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- @Override
- public void initializeSecurity(TCredentials itw, String rootuser) throws AccumuloSecurityException {
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
-
- // create the root user with all system privileges, no table privileges, and no record-level authorizations
- Set<SystemPermission> rootPerms = new TreeSet<SystemPermission>();
- for (SystemPermission p : SystemPermission.values())
- rootPerms.add(p);
- Map<String,Set<TablePermission>> tablePerms = new HashMap<String,Set<TablePermission>>();
- // Allow the root user to flush the system tables
- tablePerms.put(RootTable.ID, Collections.singleton(TablePermission.ALTER_TABLE));
- tablePerms.put(MetadataTable.ID, Collections.singleton(TablePermission.ALTER_TABLE));
-
- try {
- // prep parent node of users with root username
- if (!zoo.exists(ZKUserPath))
- zoo.putPersistentData(ZKUserPath, rootuser.getBytes(), NodeExistsPolicy.FAIL);
-
- initUser(rootuser);
- zoo.putPersistentData(ZKUserPath + "/" + rootuser + ZKUserSysPerms, ZKSecurityTool.convertSystemPermissions(rootPerms), NodeExistsPolicy.FAIL);
- for (Entry<String,Set<TablePermission>> entry : tablePerms.entrySet())
- createTablePerm(rootuser, entry.getKey(), entry.getValue());
- } catch (KeeperException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- /**
- * @param user
- * @throws AccumuloSecurityException
- */
- @Override
- public void initUser(String user) throws AccumuloSecurityException {
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- try {
- zoo.putPersistentData(ZKUserPath + "/" + user, new byte[0], NodeExistsPolicy.SKIP);
- zoo.putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms, new byte[0], NodeExistsPolicy.SKIP);
- } catch (KeeperException e) {
- log.error(e, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- }
- }
-
- /**
- * Sets up a new table configuration for the provided user/table. No checking for existence is done here, it should be done before calling.
- */
- private void createTablePerm(String user, String table, Set<TablePermission> perms) throws KeeperException, InterruptedException {
- synchronized (zooCache) {
- zooCache.clear();
- ZooReaderWriter.getRetryingInstance().putPersistentData(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + table,
- ZKSecurityTool.convertTablePermissions(perms), NodeExistsPolicy.FAIL);
- }
- }
-
- @Override
- public void cleanUser(String user) throws AccumuloSecurityException {
- try {
- synchronized (zooCache) {
- IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();
- zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserSysPerms, NodeMissingPolicy.SKIP);
- zoo.recursiveDelete(ZKUserPath + "/" + user + ZKUserTablePerms, NodeMissingPolicy.SKIP);
- zooCache.clear(ZKUserPath + "/" + user);
- }
- } catch (InterruptedException e) {
- log.error(e, e);
- throw new RuntimeException(e);
- } catch (KeeperException e) {
- log.error(e, e);
- if (e.code().equals(KeeperException.Code.NONODE))
- throw new AccumuloSecurityException(user, SecurityErrorCode.USER_DOESNT_EXIST, e);
- throw new AccumuloSecurityException(user, SecurityErrorCode.CONNECTION_ERROR, e);
-
- }
- }
-
- @Override
- public boolean hasSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- byte[] perms;
- try {
- String path = ZKUserPath + "/" + user + ZKUserSysPerms;
- ZooReaderWriter.getRetryingInstance().sync(path);
- perms = ZooReaderWriter.getRetryingInstance().getData(path, null);
- } catch (KeeperException e) {
- if (e.code() == Code.NONODE) {
- return false;
- }
- log.warn("Unhandled KeeperException, failing closed for table permission check", e);
- return false;
- } catch (InterruptedException e) {
- log.warn("Unhandled InterruptedException, failing closed for table permission check", e);
- return false;
- }
-
- if (perms == null)
- return false;
- return ZKSecurityTool.convertSystemPermissions(perms).contains(permission);
- }
-
- @Override
- public boolean hasCachedSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
- byte[] perms = zooCache.get(ZKUserPath + "/" + user + ZKUserSysPerms);
- if (perms == null)
- return false;
- return ZKSecurityTool.convertSystemPermissions(perms).contains(permission);
- }
-
- @Override
- public boolean validSecurityHandlers(Authenticator authent, Authorizor author) {
- return true;
- }
-
- @Override
- public void initTable(String table) throws AccumuloSecurityException {
- // All proper housekeeping is done on delete and permission granting, no work needs to be done here
- }
-}