You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by ap...@apache.org on 2014/08/04 20:20:25 UTC
[1/3] git commit: HBASE-11318 Classes in security subpackages missing
@InterfaceAudience annotations (Jonathan Hsieh and Andrew Purtell)
Repository: hbase
Updated Branches:
refs/heads/0.98 c5da1cfaf -> 6f4d5d8ec
refs/heads/branch-1 ec5a859b9 -> 2084272d7
refs/heads/master 4d005b70a -> 757b13dea
HBASE-11318 Classes in security subpackages missing @InterfaceAudience annotations (Jonathan Hsieh and Andrew Purtell)
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/757b13de
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/757b13de
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/757b13de
Branch: refs/heads/master
Commit: 757b13dea44b93567d761b2ea5346e79de30dfef
Parents: 4d005b7
Author: Andrew Purtell <ap...@apache.org>
Authored: Mon Aug 4 11:13:58 2014 -0700
Committer: Andrew Purtell <ap...@apache.org>
Committed: Mon Aug 4 11:13:58 2014 -0700
----------------------------------------------------------------------
.../main/java/org/apache/hadoop/hbase/security/AuthMethod.java | 2 ++
.../org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SaslStatus.java | 3 +++
.../src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java | 2 ++
.../org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SecurityInfo.java | 2 ++
.../java/org/apache/hadoop/hbase/security/access/Permission.java | 4 ++++
.../org/apache/hadoop/hbase/security/access/TablePermission.java | 2 ++
.../org/apache/hadoop/hbase/security/access/UserPermission.java | 2 ++
.../hbase/security/token/AuthenticationTokenIdentifier.java | 2 ++
.../hadoop/hbase/security/token/AuthenticationTokenSelector.java | 2 ++
.../apache/hadoop/hbase/security/visibility/Authorizations.java | 2 +-
.../hbase/security/visibility/VisibilityLabelsValidator.java | 1 -
.../main/java/org/apache/hadoop/hbase/security/UserProvider.java | 3 +++
.../org/apache/hadoop/hbase/security/HBasePolicyProvider.java | 2 ++
.../org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SecurityUtil.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessControlFilter.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessControlLists.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessController.java | 2 ++
.../apache/hadoop/hbase/security/access/TableAuthManager.java | 2 ++
.../apache/hadoop/hbase/security/access/ZKPermissionWatcher.java | 2 ++
.../apache/hadoop/hbase/security/token/AuthenticationKey.java | 2 ++
.../hbase/security/token/AuthenticationTokenSecretManager.java | 2 ++
.../org/apache/hadoop/hbase/security/token/TokenProvider.java | 2 ++
.../java/org/apache/hadoop/hbase/security/token/TokenUtil.java | 2 ++
.../org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java | 2 ++
.../hadoop/hbase/security/visibility/expression/Operator.java | 3 +++
.../org/apache/hadoop/hbase/security/HBaseKerberosUtils.java | 2 ++
29 files changed, 60 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
index c223fa5..887d46e 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
@@ -19,6 +19,7 @@
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.security.UserGroupInformation;
import java.io.DataInput;
@@ -26,6 +27,7 @@ import java.io.DataOutput;
import java.io.IOException;
/** Authentication method */
+@InterfaceAudience.Private
public enum AuthMethod {
SIMPLE((byte) 80, "", UserGroupInformation.AuthenticationMethod.SIMPLE),
KERBEROS((byte) 81, "GSSAPI", UserGroupInformation.AuthenticationMethod.KERBEROS),
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
index 95cac0e..48947da 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.io.WritableUtils;
import org.apache.hadoop.ipc.RemoteException;
import org.apache.hadoop.security.SaslInputStream;
@@ -52,6 +53,7 @@ import com.google.common.annotations.VisibleForTesting;
* A utility class that encapsulates SASL logic for RPC client.
* Copied from <code>org.apache.hadoop.security</code>
*/
+@InterfaceAudience.Private
public class HBaseSaslRpcClient {
public static final Log LOG = LogFactory.getLog(HBaseSaslRpcClient.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
index 95ac453..9cfb5cb 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
@@ -19,6 +19,9 @@
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private
public enum SaslStatus {
SUCCESS (0),
ERROR (1);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
index 351052b..2f93329 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
@@ -19,12 +19,14 @@
package org.apache.hadoop.hbase.security;
import org.apache.commons.codec.binary.Base64;
+import org.apache.hadoop.classification.InterfaceAudience;
import java.util.Map;
import java.util.TreeMap;
import javax.security.sasl.Sasl;
+@InterfaceAudience.Private
public class SaslUtil {
public static final String SASL_DEFAULT_REALM = "default";
public static final Map<String, String> SASL_PROPS =
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
index 41b5cb9..75ab68e 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
@@ -18,10 +18,12 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.util.Bytes;
+@InterfaceAudience.Private
public class SecureBulkLoadUtil {
private final static String BULKLOAD_STAGING_DIR = "hbase.bulkload.staging.dir";
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
index 0dbcd42..9f0f150 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.protobuf.generated.AdminProtos;
import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos.TokenIdentifier.Kind;
import org.apache.hadoop.hbase.protobuf.generated.ClientProtos;
@@ -29,6 +30,7 @@ import org.apache.hadoop.hbase.protobuf.generated.RegionServerStatusProtos;
/**
* Maps RPC protocol interfaces to required configuration
*/
+@InterfaceAudience.Private
public class SecurityInfo {
/** Maps RPC service names to authentication information */
private static ConcurrentMap<String,SecurityInfo> infos = new ConcurrentHashMap<String,SecurityInfo>();
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
index 3082526..9c95888 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
@@ -21,6 +21,8 @@ package org.apache.hadoop.hbase.security.access;
import com.google.common.collect.Maps;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.io.VersionedWritable;
@@ -36,6 +38,8 @@ import java.util.Map;
*
* @see TablePermission
*/
+@InterfaceAudience.Public
+@InterfaceStability.Evolving
public class Permission extends VersionedWritable {
protected static final byte VERSION = 0;
public enum Action {
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
index 944ebb1..e38458f 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.KeyValue;
import org.apache.hadoop.hbase.util.Bytes;
@@ -34,6 +35,7 @@ import java.io.IOException;
* given table. If the family property is <code>null</code>, it implies
* full table access.
*/
+@InterfaceAudience.Private
public class TablePermission extends Permission {
private static Log LOG = LogFactory.getLog(TablePermission.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
index eaaa824..fc26eb1 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.util.Bytes;
@@ -31,6 +32,7 @@ import java.io.IOException;
* Represents an authorization for access over the given table, column family
* plus qualifier, for the given user.
*/
+@InterfaceAudience.Private
public class UserPermission extends TablePermission {
private static Log LOG = LogFactory.getLog(UserPermission.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
index 1445e04..b6868d8 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
@@ -19,6 +19,7 @@
package org.apache.hadoop.hbase.security.token;
import com.google.protobuf.ByteString;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.UserGroupInformation;
@@ -31,6 +32,7 @@ import java.io.IOException;
/**
* Represents the identity information stored in an HBase authentication token.
*/
+@InterfaceAudience.Private
public class AuthenticationTokenIdentifier extends TokenIdentifier {
public static final Text AUTH_TOKEN_TYPE = new Text("HBASE_AUTH_TOKEN");
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
index 53e8fb7..83133cd 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.token;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.TokenIdentifier;
@@ -27,6 +28,7 @@ import org.apache.hadoop.security.token.TokenSelector;
import java.util.Collection;
+@InterfaceAudience.Private
public class AuthenticationTokenSelector
implements TokenSelector<AuthenticationTokenIdentifier> {
private static Log LOG = LogFactory.getLog(AuthenticationTokenSelector.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
index 006bd6d..2a07625 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
@@ -29,7 +29,7 @@ import org.apache.hadoop.classification.InterfaceStability;
* current scan/get can access.
*/
@InterfaceAudience.Public
-@InterfaceStability.Stable
+@InterfaceStability.Evolving
public class Authorizations {
private List<String> labels;
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
index 43a927c..9700b55 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
@@ -27,7 +27,6 @@ import org.apache.hadoop.classification.InterfaceAudience;
*/
@InterfaceAudience.Private
public class VisibilityLabelsValidator {
- // We follow Accumulo parity for valid visibility labels.
private static final boolean[] validAuthChars = new boolean[256];
public static final String regex = "[A-Za-z_\\-\\:\\/\\.0-9]+";
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
index 9d04f3a..3ff5def 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
@@ -19,6 +19,7 @@ package org.apache.hadoop.hbase.security;
import java.io.IOException;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.BaseConfigurable;
import org.apache.hadoop.security.UserGroupInformation;
@@ -27,6 +28,8 @@ import org.apache.hadoop.util.ReflectionUtils;
/**
* Provide an instance of a user. Allows custom {@link User} creation.
*/
+
+@InterfaceAudience.Private
public class UserProvider extends BaseConfigurable {
private static final String USER_PROVIDER_CONF_KEY = "hbase.client.userprovider.class";
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
index f151f58..f20079d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
@@ -17,6 +17,7 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.protobuf.generated.AdminProtos.AdminService;
import org.apache.hadoop.hbase.protobuf.generated.ClientProtos.ClientService;
@@ -31,6 +32,7 @@ import org.apache.hadoop.security.authorize.ServiceAuthorizationManager;
* Implementation of secure Hadoop policy provider for mapping
* protocol interfaces to hbase-policy.xml entries.
*/
+@InterfaceAudience.Private
public class HBasePolicyProvider extends PolicyProvider {
protected final static Service[] services = {
new Service("security.client.protocol.acl", ClientService.BlockingInterface.class),
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
index 2dd94d6..3e44f45 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
@@ -32,6 +32,7 @@ import javax.security.sasl.RealmCallback;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.ipc.RpcServer;
import org.apache.hadoop.hbase.security.SaslUtil.QualityOfProtection;
@@ -43,6 +44,7 @@ import org.apache.hadoop.security.token.SecretManager.InvalidToken;
/**
* A utility class for dealing with SASL on RPC server
*/
+@InterfaceAudience.Private
public class HBaseSaslRpcServer {
public static final Log LOG = LogFactory.getLog(HBaseSaslRpcServer.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
index ce16ed1..865fe52 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
@@ -19,11 +19,13 @@
package org.apache.hadoop.hbase.security;
import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
/**
* Security related generic utility methods.
*/
@InterfaceAudience.Private
+@InterfaceStability.Evolving
public class SecurityUtil {
/**
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
index 164c0fd..1fbe06f 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
@@ -21,6 +21,7 @@ package org.apache.hadoop.hbase.security.access;
import java.io.IOException;
import java.util.Map;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
import org.apache.hadoop.hbase.TableName;
@@ -46,6 +47,7 @@ import org.apache.hadoop.hbase.util.SimpleMutableByteRange;
* access succeeds, then there is no need to impose the overhead of this filter.
* </p>
*/
+@InterfaceAudience.Private
class AccessControlFilter extends FilterBase {
public static enum Strategy {
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
index 7dd83e1..c00be7b 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
@@ -33,6 +33,7 @@ import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
@@ -94,6 +95,7 @@ import com.google.protobuf.InvalidProtocolBufferException;
* org.apache.hadoop.hbase.security.access.TablePermission.Action enum.
* </p>
*/
+@InterfaceAudience.Private
public class AccessControlLists {
/** Internal storage table for access control lists */
public static final TableName ACL_TABLE_NAME =
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
index 8f73431..6dabc7d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -29,6 +29,7 @@ import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellScanner;
@@ -144,6 +145,7 @@ import com.google.protobuf.Service;
* commands.
* </p>
*/
+@InterfaceAudience.Private
public class AccessController extends BaseRegionObserver
implements MasterObserver, RegionServerObserver,
AccessControlService.Interface, CoprocessorService, EndpointObserver {
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
index 394d8c1..8b0bb69 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
@@ -26,6 +26,7 @@ import java.util.concurrent.ConcurrentSkipListMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.TableName;
@@ -43,6 +44,7 @@ import com.google.common.collect.Lists;
/**
* Performs authorization checks for a given user's assigned permissions
*/
+@InterfaceAudience.Private
public class TableAuthManager {
private static class PermissionCache<T extends Permission> {
/** Cache of user permissions */
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
index ccec446..380bd73 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.util.Bytes;
@@ -40,6 +41,7 @@ import java.util.List;
* instances on all other cluster hosts watch the znodes for updates, which
* trigger updates in the {@link TableAuthManager} permission cache.
*/
+@InterfaceAudience.Private
public class ZKPermissionWatcher extends ZooKeeperListener {
private static Log LOG = LogFactory.getLog(ZKPermissionWatcher.class);
// parent node for permissions lists
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
index 5f4378f..4637afb 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
@@ -25,6 +25,7 @@ import java.io.DataOutput;
import java.io.IOException;
import java.util.Arrays;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.io.Writable;
import org.apache.hadoop.io.WritableUtils;
@@ -33,6 +34,7 @@ import org.apache.hadoop.io.WritableUtils;
* Represents a secret key used for signing and verifying authentication tokens
* by {@link AuthenticationTokenSecretManager}.
*/
+@InterfaceAudience.Private
public class AuthenticationKey implements Writable {
private int id;
private long expirationDate;
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
index 5985be6..2892c51 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
@@ -27,6 +27,7 @@ import java.util.concurrent.atomic.AtomicLong;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Stoppable;
import org.apache.hadoop.hbase.util.Bytes;
@@ -54,6 +55,7 @@ import org.apache.zookeeper.KeeperException;
* are no longer needed (as any tokens using them have expired).
* </p>
*/
+@InterfaceAudience.Private
public class AuthenticationTokenSecretManager
extends SecretManager<AuthenticationTokenIdentifier> {
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
index af405d3..a632397 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
@@ -25,6 +25,7 @@ import com.google.protobuf.RpcController;
import com.google.protobuf.Service;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.Coprocessor;
import org.apache.hadoop.hbase.CoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.CoprocessorService;
@@ -46,6 +47,7 @@ import org.apache.hadoop.security.token.Token;
* Provides a service for obtaining authentication tokens via the
* {@link AuthenticationProtos} AuthenticationService coprocessor service.
*/
+@InterfaceAudience.Private
public class TokenProvider implements AuthenticationProtos.AuthenticationService.Interface,
Coprocessor, CoprocessorService {
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
index b7b8db6..cdc824d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
@@ -25,6 +25,7 @@ import java.security.PrivilegedExceptionAction;
import com.google.protobuf.ServiceException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.TableName;
@@ -41,6 +42,7 @@ import org.apache.hadoop.security.token.Token;
/**
* Utility methods for obtaining authentication tokens.
*/
+@InterfaceAudience.Private
public class TokenUtil {
private static Log LOG = LogFactory.getLog(TokenUtil.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
index d780d50..41633b8 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
@@ -23,6 +23,7 @@ import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.util.Writables;
import org.apache.hadoop.hbase.zookeeper.ZKUtil;
@@ -33,6 +34,7 @@ import org.apache.zookeeper.KeeperException;
/**
* Synchronizes token encryption keys across cluster nodes.
*/
+@InterfaceAudience.Private
public class ZKSecretWatcher extends ZooKeeperListener {
private static final String DEFAULT_ROOT_NODE = "tokenauth";
private static final String DEFAULT_KEYS_PARENT = "keys";
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
index 6f47b50..40ced81 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
@@ -17,6 +17,9 @@
*/
package org.apache.hadoop.hbase.security.visibility.expression;
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private
public enum Operator {
AND('&'), OR('|'), NOT('!');
http://git-wip-us.apache.org/repos/asf/hbase/blob/757b13de/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
index 27198b3..01099b7 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
@@ -17,12 +17,14 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.CommonConfigurationKeys;
import org.apache.hadoop.hbase.HBaseConfiguration;
import com.google.common.base.Strings;
+@InterfaceAudience.Private
class HBaseKerberosUtils {
public static final String KRB_PRINCIPAL = "hbase.regionserver.kerberos.principal";
public static final String KRB_KEYTAB_FILE = "hbase.regionserver.keytab.file";
[2/3] git commit: HBASE-11318 Classes in security subpackages missing
@InterfaceAudience annotations (Jonathan Hsieh and Andrew Purtell)
Posted by ap...@apache.org.
HBASE-11318 Classes in security subpackages missing @InterfaceAudience annotations (Jonathan Hsieh and Andrew Purtell)
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/2084272d
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/2084272d
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/2084272d
Branch: refs/heads/branch-1
Commit: 2084272d743913989debfad5c9e32d724a97ec09
Parents: ec5a859
Author: Andrew Purtell <ap...@apache.org>
Authored: Mon Aug 4 11:13:58 2014 -0700
Committer: Andrew Purtell <ap...@apache.org>
Committed: Mon Aug 4 11:14:26 2014 -0700
----------------------------------------------------------------------
.../main/java/org/apache/hadoop/hbase/security/AuthMethod.java | 2 ++
.../org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SaslStatus.java | 3 +++
.../src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java | 2 ++
.../org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SecurityInfo.java | 2 ++
.../java/org/apache/hadoop/hbase/security/access/Permission.java | 4 ++++
.../org/apache/hadoop/hbase/security/access/TablePermission.java | 2 ++
.../org/apache/hadoop/hbase/security/access/UserPermission.java | 2 ++
.../hbase/security/token/AuthenticationTokenIdentifier.java | 2 ++
.../hadoop/hbase/security/token/AuthenticationTokenSelector.java | 2 ++
.../apache/hadoop/hbase/security/visibility/Authorizations.java | 2 +-
.../hbase/security/visibility/VisibilityLabelsValidator.java | 1 -
.../main/java/org/apache/hadoop/hbase/security/UserProvider.java | 3 +++
.../org/apache/hadoop/hbase/security/HBasePolicyProvider.java | 2 ++
.../org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SecurityUtil.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessControlFilter.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessControlLists.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessController.java | 2 ++
.../apache/hadoop/hbase/security/access/TableAuthManager.java | 2 ++
.../apache/hadoop/hbase/security/access/ZKPermissionWatcher.java | 2 ++
.../apache/hadoop/hbase/security/token/AuthenticationKey.java | 2 ++
.../hbase/security/token/AuthenticationTokenSecretManager.java | 2 ++
.../org/apache/hadoop/hbase/security/token/TokenProvider.java | 2 ++
.../java/org/apache/hadoop/hbase/security/token/TokenUtil.java | 2 ++
.../org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java | 2 ++
.../hadoop/hbase/security/visibility/expression/Operator.java | 3 +++
.../org/apache/hadoop/hbase/security/HBaseKerberosUtils.java | 2 ++
29 files changed, 60 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
index c223fa5..887d46e 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
@@ -19,6 +19,7 @@
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.security.UserGroupInformation;
import java.io.DataInput;
@@ -26,6 +27,7 @@ import java.io.DataOutput;
import java.io.IOException;
/** Authentication method */
+@InterfaceAudience.Private
public enum AuthMethod {
SIMPLE((byte) 80, "", UserGroupInformation.AuthenticationMethod.SIMPLE),
KERBEROS((byte) 81, "GSSAPI", UserGroupInformation.AuthenticationMethod.KERBEROS),
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
index 95cac0e..48947da 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.io.WritableUtils;
import org.apache.hadoop.ipc.RemoteException;
import org.apache.hadoop.security.SaslInputStream;
@@ -52,6 +53,7 @@ import com.google.common.annotations.VisibleForTesting;
* A utility class that encapsulates SASL logic for RPC client.
* Copied from <code>org.apache.hadoop.security</code>
*/
+@InterfaceAudience.Private
public class HBaseSaslRpcClient {
public static final Log LOG = LogFactory.getLog(HBaseSaslRpcClient.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
index 95ac453..9cfb5cb 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
@@ -19,6 +19,9 @@
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private
public enum SaslStatus {
SUCCESS (0),
ERROR (1);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
index 351052b..2f93329 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
@@ -19,12 +19,14 @@
package org.apache.hadoop.hbase.security;
import org.apache.commons.codec.binary.Base64;
+import org.apache.hadoop.classification.InterfaceAudience;
import java.util.Map;
import java.util.TreeMap;
import javax.security.sasl.Sasl;
+@InterfaceAudience.Private
public class SaslUtil {
public static final String SASL_DEFAULT_REALM = "default";
public static final Map<String, String> SASL_PROPS =
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
index 41b5cb9..75ab68e 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
@@ -18,10 +18,12 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.util.Bytes;
+@InterfaceAudience.Private
public class SecureBulkLoadUtil {
private final static String BULKLOAD_STAGING_DIR = "hbase.bulkload.staging.dir";
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
index 0dbcd42..9f0f150 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.protobuf.generated.AdminProtos;
import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos.TokenIdentifier.Kind;
import org.apache.hadoop.hbase.protobuf.generated.ClientProtos;
@@ -29,6 +30,7 @@ import org.apache.hadoop.hbase.protobuf.generated.RegionServerStatusProtos;
/**
* Maps RPC protocol interfaces to required configuration
*/
+@InterfaceAudience.Private
public class SecurityInfo {
/** Maps RPC service names to authentication information */
private static ConcurrentMap<String,SecurityInfo> infos = new ConcurrentHashMap<String,SecurityInfo>();
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
index 3082526..9c95888 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
@@ -21,6 +21,8 @@ package org.apache.hadoop.hbase.security.access;
import com.google.common.collect.Maps;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.io.VersionedWritable;
@@ -36,6 +38,8 @@ import java.util.Map;
*
* @see TablePermission
*/
+@InterfaceAudience.Public
+@InterfaceStability.Evolving
public class Permission extends VersionedWritable {
protected static final byte VERSION = 0;
public enum Action {
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
index 944ebb1..e38458f 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.KeyValue;
import org.apache.hadoop.hbase.util.Bytes;
@@ -34,6 +35,7 @@ import java.io.IOException;
* given table. If the family property is <code>null</code>, it implies
* full table access.
*/
+@InterfaceAudience.Private
public class TablePermission extends Permission {
private static Log LOG = LogFactory.getLog(TablePermission.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
index eaaa824..fc26eb1 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.util.Bytes;
@@ -31,6 +32,7 @@ import java.io.IOException;
* Represents an authorization for access over the given table, column family
* plus qualifier, for the given user.
*/
+@InterfaceAudience.Private
public class UserPermission extends TablePermission {
private static Log LOG = LogFactory.getLog(UserPermission.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
index 1445e04..b6868d8 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
@@ -19,6 +19,7 @@
package org.apache.hadoop.hbase.security.token;
import com.google.protobuf.ByteString;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.UserGroupInformation;
@@ -31,6 +32,7 @@ import java.io.IOException;
/**
* Represents the identity information stored in an HBase authentication token.
*/
+@InterfaceAudience.Private
public class AuthenticationTokenIdentifier extends TokenIdentifier {
public static final Text AUTH_TOKEN_TYPE = new Text("HBASE_AUTH_TOKEN");
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
index 53e8fb7..83133cd 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.token;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.TokenIdentifier;
@@ -27,6 +28,7 @@ import org.apache.hadoop.security.token.TokenSelector;
import java.util.Collection;
+@InterfaceAudience.Private
public class AuthenticationTokenSelector
implements TokenSelector<AuthenticationTokenIdentifier> {
private static Log LOG = LogFactory.getLog(AuthenticationTokenSelector.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
index 006bd6d..2a07625 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
@@ -29,7 +29,7 @@ import org.apache.hadoop.classification.InterfaceStability;
* current scan/get can access.
*/
@InterfaceAudience.Public
-@InterfaceStability.Stable
+@InterfaceStability.Evolving
public class Authorizations {
private List<String> labels;
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
index 43a927c..9700b55 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
@@ -27,7 +27,6 @@ import org.apache.hadoop.classification.InterfaceAudience;
*/
@InterfaceAudience.Private
public class VisibilityLabelsValidator {
- // We follow Accumulo parity for valid visibility labels.
private static final boolean[] validAuthChars = new boolean[256];
public static final String regex = "[A-Za-z_\\-\\:\\/\\.0-9]+";
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
index 9d04f3a..3ff5def 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
@@ -19,6 +19,7 @@ package org.apache.hadoop.hbase.security;
import java.io.IOException;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.BaseConfigurable;
import org.apache.hadoop.security.UserGroupInformation;
@@ -27,6 +28,8 @@ import org.apache.hadoop.util.ReflectionUtils;
/**
* Provide an instance of a user. Allows custom {@link User} creation.
*/
+
+@InterfaceAudience.Private
public class UserProvider extends BaseConfigurable {
private static final String USER_PROVIDER_CONF_KEY = "hbase.client.userprovider.class";
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
index f151f58..f20079d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
@@ -17,6 +17,7 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.protobuf.generated.AdminProtos.AdminService;
import org.apache.hadoop.hbase.protobuf.generated.ClientProtos.ClientService;
@@ -31,6 +32,7 @@ import org.apache.hadoop.security.authorize.ServiceAuthorizationManager;
* Implementation of secure Hadoop policy provider for mapping
* protocol interfaces to hbase-policy.xml entries.
*/
+@InterfaceAudience.Private
public class HBasePolicyProvider extends PolicyProvider {
protected final static Service[] services = {
new Service("security.client.protocol.acl", ClientService.BlockingInterface.class),
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
index 2dd94d6..3e44f45 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
@@ -32,6 +32,7 @@ import javax.security.sasl.RealmCallback;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.ipc.RpcServer;
import org.apache.hadoop.hbase.security.SaslUtil.QualityOfProtection;
@@ -43,6 +44,7 @@ import org.apache.hadoop.security.token.SecretManager.InvalidToken;
/**
* A utility class for dealing with SASL on RPC server
*/
+@InterfaceAudience.Private
public class HBaseSaslRpcServer {
public static final Log LOG = LogFactory.getLog(HBaseSaslRpcServer.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
index ce16ed1..865fe52 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
@@ -19,11 +19,13 @@
package org.apache.hadoop.hbase.security;
import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
/**
* Security related generic utility methods.
*/
@InterfaceAudience.Private
+@InterfaceStability.Evolving
public class SecurityUtil {
/**
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
index 164c0fd..1fbe06f 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
@@ -21,6 +21,7 @@ package org.apache.hadoop.hbase.security.access;
import java.io.IOException;
import java.util.Map;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
import org.apache.hadoop.hbase.TableName;
@@ -46,6 +47,7 @@ import org.apache.hadoop.hbase.util.SimpleMutableByteRange;
* access succeeds, then there is no need to impose the overhead of this filter.
* </p>
*/
+@InterfaceAudience.Private
class AccessControlFilter extends FilterBase {
public static enum Strategy {
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
index 7dd83e1..c00be7b 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
@@ -33,6 +33,7 @@ import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
@@ -94,6 +95,7 @@ import com.google.protobuf.InvalidProtocolBufferException;
* org.apache.hadoop.hbase.security.access.TablePermission.Action enum.
* </p>
*/
+@InterfaceAudience.Private
public class AccessControlLists {
/** Internal storage table for access control lists */
public static final TableName ACL_TABLE_NAME =
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
index 8f73431..6dabc7d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -29,6 +29,7 @@ import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellScanner;
@@ -144,6 +145,7 @@ import com.google.protobuf.Service;
* commands.
* </p>
*/
+@InterfaceAudience.Private
public class AccessController extends BaseRegionObserver
implements MasterObserver, RegionServerObserver,
AccessControlService.Interface, CoprocessorService, EndpointObserver {
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
index 394d8c1..8b0bb69 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
@@ -26,6 +26,7 @@ import java.util.concurrent.ConcurrentSkipListMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.TableName;
@@ -43,6 +44,7 @@ import com.google.common.collect.Lists;
/**
* Performs authorization checks for a given user's assigned permissions
*/
+@InterfaceAudience.Private
public class TableAuthManager {
private static class PermissionCache<T extends Permission> {
/** Cache of user permissions */
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
index ccec446..380bd73 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.util.Bytes;
@@ -40,6 +41,7 @@ import java.util.List;
* instances on all other cluster hosts watch the znodes for updates, which
* trigger updates in the {@link TableAuthManager} permission cache.
*/
+@InterfaceAudience.Private
public class ZKPermissionWatcher extends ZooKeeperListener {
private static Log LOG = LogFactory.getLog(ZKPermissionWatcher.class);
// parent node for permissions lists
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
index 5f4378f..4637afb 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
@@ -25,6 +25,7 @@ import java.io.DataOutput;
import java.io.IOException;
import java.util.Arrays;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.io.Writable;
import org.apache.hadoop.io.WritableUtils;
@@ -33,6 +34,7 @@ import org.apache.hadoop.io.WritableUtils;
* Represents a secret key used for signing and verifying authentication tokens
* by {@link AuthenticationTokenSecretManager}.
*/
+@InterfaceAudience.Private
public class AuthenticationKey implements Writable {
private int id;
private long expirationDate;
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
index 5985be6..2892c51 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
@@ -27,6 +27,7 @@ import java.util.concurrent.atomic.AtomicLong;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Stoppable;
import org.apache.hadoop.hbase.util.Bytes;
@@ -54,6 +55,7 @@ import org.apache.zookeeper.KeeperException;
* are no longer needed (as any tokens using them have expired).
* </p>
*/
+@InterfaceAudience.Private
public class AuthenticationTokenSecretManager
extends SecretManager<AuthenticationTokenIdentifier> {
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
index af405d3..a632397 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
@@ -25,6 +25,7 @@ import com.google.protobuf.RpcController;
import com.google.protobuf.Service;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.Coprocessor;
import org.apache.hadoop.hbase.CoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.CoprocessorService;
@@ -46,6 +47,7 @@ import org.apache.hadoop.security.token.Token;
* Provides a service for obtaining authentication tokens via the
* {@link AuthenticationProtos} AuthenticationService coprocessor service.
*/
+@InterfaceAudience.Private
public class TokenProvider implements AuthenticationProtos.AuthenticationService.Interface,
Coprocessor, CoprocessorService {
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
index b7b8db6..cdc824d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
@@ -25,6 +25,7 @@ import java.security.PrivilegedExceptionAction;
import com.google.protobuf.ServiceException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.TableName;
@@ -41,6 +42,7 @@ import org.apache.hadoop.security.token.Token;
/**
* Utility methods for obtaining authentication tokens.
*/
+@InterfaceAudience.Private
public class TokenUtil {
private static Log LOG = LogFactory.getLog(TokenUtil.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
index d780d50..41633b8 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
@@ -23,6 +23,7 @@ import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.util.Writables;
import org.apache.hadoop.hbase.zookeeper.ZKUtil;
@@ -33,6 +34,7 @@ import org.apache.zookeeper.KeeperException;
/**
* Synchronizes token encryption keys across cluster nodes.
*/
+@InterfaceAudience.Private
public class ZKSecretWatcher extends ZooKeeperListener {
private static final String DEFAULT_ROOT_NODE = "tokenauth";
private static final String DEFAULT_KEYS_PARENT = "keys";
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
index 6f47b50..40ced81 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
@@ -17,6 +17,9 @@
*/
package org.apache.hadoop.hbase.security.visibility.expression;
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private
public enum Operator {
AND('&'), OR('|'), NOT('!');
http://git-wip-us.apache.org/repos/asf/hbase/blob/2084272d/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
index 27198b3..01099b7 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
@@ -17,12 +17,14 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.CommonConfigurationKeys;
import org.apache.hadoop.hbase.HBaseConfiguration;
import com.google.common.base.Strings;
+@InterfaceAudience.Private
class HBaseKerberosUtils {
public static final String KRB_PRINCIPAL = "hbase.regionserver.kerberos.principal";
public static final String KRB_KEYTAB_FILE = "hbase.regionserver.keytab.file";
[3/3] git commit: HBASE-11318 Classes in security subpackages missing
@InterfaceAudience annotations (Jonathan Hsieh and Andrew Purtell)
Posted by ap...@apache.org.
HBASE-11318 Classes in security subpackages missing @InterfaceAudience annotations (Jonathan Hsieh and Andrew Purtell)
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/6f4d5d8e
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/6f4d5d8e
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/6f4d5d8e
Branch: refs/heads/0.98
Commit: 6f4d5d8ecf9161bfc06406f8a67d2bd5b2d2042e
Parents: c5da1cf
Author: Andrew Purtell <ap...@apache.org>
Authored: Mon Aug 4 11:13:58 2014 -0700
Committer: Andrew Purtell <ap...@apache.org>
Committed: Mon Aug 4 11:14:32 2014 -0700
----------------------------------------------------------------------
.../main/java/org/apache/hadoop/hbase/security/AuthMethod.java | 2 ++
.../org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SaslStatus.java | 3 +++
.../src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java | 2 ++
.../org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SecurityInfo.java | 2 ++
.../java/org/apache/hadoop/hbase/security/access/Permission.java | 4 ++++
.../org/apache/hadoop/hbase/security/access/TablePermission.java | 2 ++
.../org/apache/hadoop/hbase/security/access/UserPermission.java | 2 ++
.../hbase/security/token/AuthenticationTokenIdentifier.java | 2 ++
.../hadoop/hbase/security/token/AuthenticationTokenSelector.java | 2 ++
.../apache/hadoop/hbase/security/visibility/Authorizations.java | 2 +-
.../hbase/security/visibility/VisibilityLabelsValidator.java | 1 -
.../main/java/org/apache/hadoop/hbase/security/UserProvider.java | 3 +++
.../org/apache/hadoop/hbase/security/HBasePolicyProvider.java | 2 ++
.../org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java | 2 ++
.../main/java/org/apache/hadoop/hbase/security/SecurityUtil.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessControlFilter.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessControlLists.java | 2 ++
.../apache/hadoop/hbase/security/access/AccessController.java | 2 ++
.../apache/hadoop/hbase/security/access/TableAuthManager.java | 2 ++
.../apache/hadoop/hbase/security/access/ZKPermissionWatcher.java | 2 ++
.../apache/hadoop/hbase/security/token/AuthenticationKey.java | 2 ++
.../hbase/security/token/AuthenticationTokenSecretManager.java | 2 ++
.../org/apache/hadoop/hbase/security/token/TokenProvider.java | 2 ++
.../java/org/apache/hadoop/hbase/security/token/TokenUtil.java | 2 ++
.../org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java | 2 ++
.../hadoop/hbase/security/visibility/expression/Operator.java | 3 +++
.../org/apache/hadoop/hbase/security/HBaseKerberosUtils.java | 2 ++
29 files changed, 60 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
index c223fa5..887d46e 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/AuthMethod.java
@@ -19,6 +19,7 @@
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.security.UserGroupInformation;
import java.io.DataInput;
@@ -26,6 +27,7 @@ import java.io.DataOutput;
import java.io.IOException;
/** Authentication method */
+@InterfaceAudience.Private
public enum AuthMethod {
SIMPLE((byte) 80, "", UserGroupInformation.AuthenticationMethod.SIMPLE),
KERBEROS((byte) 81, "GSSAPI", UserGroupInformation.AuthenticationMethod.KERBEROS),
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
index 95cac0e..48947da 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcClient.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.io.WritableUtils;
import org.apache.hadoop.ipc.RemoteException;
import org.apache.hadoop.security.SaslInputStream;
@@ -52,6 +53,7 @@ import com.google.common.annotations.VisibleForTesting;
* A utility class that encapsulates SASL logic for RPC client.
* Copied from <code>org.apache.hadoop.security</code>
*/
+@InterfaceAudience.Private
public class HBaseSaslRpcClient {
public static final Log LOG = LogFactory.getLog(HBaseSaslRpcClient.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
index 95ac453..9cfb5cb 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslStatus.java
@@ -19,6 +19,9 @@
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private
public enum SaslStatus {
SUCCESS (0),
ERROR (1);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
index 351052b..2f93329 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SaslUtil.java
@@ -19,12 +19,14 @@
package org.apache.hadoop.hbase.security;
import org.apache.commons.codec.binary.Base64;
+import org.apache.hadoop.classification.InterfaceAudience;
import java.util.Map;
import java.util.TreeMap;
import javax.security.sasl.Sasl;
+@InterfaceAudience.Private
public class SaslUtil {
public static final String SASL_DEFAULT_REALM = "default";
public static final Map<String, String> SASL_PROPS =
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
index 41b5cb9..75ab68e 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecureBulkLoadUtil.java
@@ -18,10 +18,12 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hbase.util.Bytes;
+@InterfaceAudience.Private
public class SecureBulkLoadUtil {
private final static String BULKLOAD_STAGING_DIR = "hbase.bulkload.staging.dir";
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
index 0dbcd42..9f0f150 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/SecurityInfo.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.protobuf.generated.AdminProtos;
import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos.TokenIdentifier.Kind;
import org.apache.hadoop.hbase.protobuf.generated.ClientProtos;
@@ -29,6 +30,7 @@ import org.apache.hadoop.hbase.protobuf.generated.RegionServerStatusProtos;
/**
* Maps RPC protocol interfaces to required configuration
*/
+@InterfaceAudience.Private
public class SecurityInfo {
/** Maps RPC service names to authentication information */
private static ConcurrentMap<String,SecurityInfo> infos = new ConcurrentHashMap<String,SecurityInfo>();
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
index 3082526..9c95888 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/Permission.java
@@ -21,6 +21,8 @@ package org.apache.hadoop.hbase.security.access;
import com.google.common.collect.Maps;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.io.VersionedWritable;
@@ -36,6 +38,8 @@ import java.util.Map;
*
* @see TablePermission
*/
+@InterfaceAudience.Public
+@InterfaceStability.Evolving
public class Permission extends VersionedWritable {
protected static final byte VERSION = 0;
public enum Action {
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
index ae98023..1cdbbc6 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.KeyValue;
import org.apache.hadoop.hbase.util.Bytes;
@@ -34,6 +35,7 @@ import java.io.IOException;
* given table. If the family property is <code>null</code>, it implies
* full table access.
*/
+@InterfaceAudience.Private
public class TablePermission extends Permission {
private static Log LOG = LogFactory.getLog(TablePermission.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
index eaaa824..fc26eb1 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/UserPermission.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.util.Bytes;
@@ -31,6 +32,7 @@ import java.io.IOException;
* Represents an authorization for access over the given table, column family
* plus qualifier, for the given user.
*/
+@InterfaceAudience.Private
public class UserPermission extends TablePermission {
private static Log LOG = LogFactory.getLog(UserPermission.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
index 1445e04..b6868d8 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenIdentifier.java
@@ -19,6 +19,7 @@
package org.apache.hadoop.hbase.security.token;
import com.google.protobuf.ByteString;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.UserGroupInformation;
@@ -31,6 +32,7 @@ import java.io.IOException;
/**
* Represents the identity information stored in an HBase authentication token.
*/
+@InterfaceAudience.Private
public class AuthenticationTokenIdentifier extends TokenIdentifier {
public static final Text AUTH_TOKEN_TYPE = new Text("HBASE_AUTH_TOKEN");
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
index 53e8fb7..83133cd 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSelector.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.token;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.TokenIdentifier;
@@ -27,6 +28,7 @@ import org.apache.hadoop.security.token.TokenSelector;
import java.util.Collection;
+@InterfaceAudience.Private
public class AuthenticationTokenSelector
implements TokenSelector<AuthenticationTokenIdentifier> {
private static Log LOG = LogFactory.getLog(AuthenticationTokenSelector.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
index 006bd6d..2a07625 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java
@@ -29,7 +29,7 @@ import org.apache.hadoop.classification.InterfaceStability;
* current scan/get can access.
*/
@InterfaceAudience.Public
-@InterfaceStability.Stable
+@InterfaceStability.Evolving
public class Authorizations {
private List<String> labels;
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
index 43a927c..9700b55 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsValidator.java
@@ -27,7 +27,6 @@ import org.apache.hadoop.classification.InterfaceAudience;
*/
@InterfaceAudience.Private
public class VisibilityLabelsValidator {
- // We follow Accumulo parity for valid visibility labels.
private static final boolean[] validAuthChars = new boolean[256];
public static final String regex = "[A-Za-z_\\-\\:\\/\\.0-9]+";
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
index 9d04f3a..3ff5def 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/UserProvider.java
@@ -19,6 +19,7 @@ package org.apache.hadoop.hbase.security;
import java.io.IOException;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.BaseConfigurable;
import org.apache.hadoop.security.UserGroupInformation;
@@ -27,6 +28,8 @@ import org.apache.hadoop.util.ReflectionUtils;
/**
* Provide an instance of a user. Allows custom {@link User} creation.
*/
+
+@InterfaceAudience.Private
public class UserProvider extends BaseConfigurable {
private static final String USER_PROVIDER_CONF_KEY = "hbase.client.userprovider.class";
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
index f151f58..f20079d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBasePolicyProvider.java
@@ -17,6 +17,7 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.protobuf.generated.AdminProtos.AdminService;
import org.apache.hadoop.hbase.protobuf.generated.ClientProtos.ClientService;
@@ -31,6 +32,7 @@ import org.apache.hadoop.security.authorize.ServiceAuthorizationManager;
* Implementation of secure Hadoop policy provider for mapping
* protocol interfaces to hbase-policy.xml entries.
*/
+@InterfaceAudience.Private
public class HBasePolicyProvider extends PolicyProvider {
protected final static Service[] services = {
new Service("security.client.protocol.acl", ClientService.BlockingInterface.class),
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
index 2dd94d6..3e44f45 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/HBaseSaslRpcServer.java
@@ -32,6 +32,7 @@ import javax.security.sasl.RealmCallback;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.ipc.RpcServer;
import org.apache.hadoop.hbase.security.SaslUtil.QualityOfProtection;
@@ -43,6 +44,7 @@ import org.apache.hadoop.security.token.SecretManager.InvalidToken;
/**
* A utility class for dealing with SASL on RPC server
*/
+@InterfaceAudience.Private
public class HBaseSaslRpcServer {
public static final Log LOG = LogFactory.getLog(HBaseSaslRpcServer.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
index ce16ed1..865fe52 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/SecurityUtil.java
@@ -19,11 +19,13 @@
package org.apache.hadoop.hbase.security;
import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
/**
* Security related generic utility methods.
*/
@InterfaceAudience.Private
+@InterfaceStability.Evolving
public class SecurityUtil {
/**
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
index d866784..06c4aad 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlFilter.java
@@ -21,6 +21,7 @@ package org.apache.hadoop.hbase.security.access;
import java.io.IOException;
import java.util.Map;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
import org.apache.hadoop.hbase.TableName;
@@ -46,6 +47,7 @@ import org.apache.hadoop.hbase.util.SimpleByteRange;
* access succeeds, then there is no need to impose the overhead of this filter.
* </p>
*/
+@InterfaceAudience.Private
class AccessControlFilter extends FilterBase {
public static enum Strategy {
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
index f7af40f..7206ce5 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
@@ -33,6 +33,7 @@ import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellUtil;
@@ -94,6 +95,7 @@ import com.google.protobuf.InvalidProtocolBufferException;
* org.apache.hadoop.hbase.security.access.TablePermission.Action enum.
* </p>
*/
+@InterfaceAudience.Private
public class AccessControlLists {
/** Internal storage table for access control lists */
public static final TableName ACL_TABLE_NAME =
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
index 0a12d7e..bf94905 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -29,6 +29,7 @@ import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.CellScanner;
@@ -144,6 +145,7 @@ import com.google.protobuf.Service;
* commands.
* </p>
*/
+@InterfaceAudience.Private
public class AccessController extends BaseRegionObserver
implements MasterObserver, RegionServerObserver,
AccessControlService.Interface, CoprocessorService, EndpointObserver {
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
index 394d8c1..8b0bb69 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java
@@ -26,6 +26,7 @@ import java.util.concurrent.ConcurrentSkipListMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Cell;
import org.apache.hadoop.hbase.TableName;
@@ -43,6 +44,7 @@ import com.google.common.collect.Lists;
/**
* Performs authorization checks for a given user's assigned permissions
*/
+@InterfaceAudience.Private
public class TableAuthManager {
private static class PermissionCache<T extends Permission> {
/** Cache of user permissions */
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
index ccec446..380bd73 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/ZKPermissionWatcher.java
@@ -20,6 +20,7 @@ package org.apache.hadoop.hbase.security.access;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.TableName;
import org.apache.hadoop.hbase.util.Bytes;
@@ -40,6 +41,7 @@ import java.util.List;
* instances on all other cluster hosts watch the znodes for updates, which
* trigger updates in the {@link TableAuthManager} permission cache.
*/
+@InterfaceAudience.Private
public class ZKPermissionWatcher extends ZooKeeperListener {
private static Log LOG = LogFactory.getLog(ZKPermissionWatcher.class);
// parent node for permissions lists
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
index c68af4e..296ac57 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationKey.java
@@ -23,6 +23,7 @@ import java.io.DataInput;
import java.io.DataOutput;
import java.io.IOException;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.io.Writable;
import org.apache.hadoop.io.WritableUtils;
@@ -31,6 +32,7 @@ import org.apache.hadoop.io.WritableUtils;
* Represents a secret key used for signing and verifying authentication tokens
* by {@link AuthenticationTokenSecretManager}.
*/
+@InterfaceAudience.Private
public class AuthenticationKey implements Writable {
private int id;
private long expirationDate;
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
index 5985be6..2892c51 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/AuthenticationTokenSecretManager.java
@@ -27,6 +27,7 @@ import java.util.concurrent.atomic.AtomicLong;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.Stoppable;
import org.apache.hadoop.hbase.util.Bytes;
@@ -54,6 +55,7 @@ import org.apache.zookeeper.KeeperException;
* are no longer needed (as any tokens using them have expired).
* </p>
*/
+@InterfaceAudience.Private
public class AuthenticationTokenSecretManager
extends SecretManager<AuthenticationTokenIdentifier> {
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
index af405d3..a632397 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenProvider.java
@@ -25,6 +25,7 @@ import com.google.protobuf.RpcController;
import com.google.protobuf.Service;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.hbase.Coprocessor;
import org.apache.hadoop.hbase.CoprocessorEnvironment;
import org.apache.hadoop.hbase.coprocessor.CoprocessorService;
@@ -46,6 +47,7 @@ import org.apache.hadoop.security.token.Token;
* Provides a service for obtaining authentication tokens via the
* {@link AuthenticationProtos} AuthenticationService coprocessor service.
*/
+@InterfaceAudience.Private
public class TokenProvider implements AuthenticationProtos.AuthenticationService.Interface,
Coprocessor, CoprocessorService {
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
index b7b8db6..cdc824d 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java
@@ -25,6 +25,7 @@ import java.security.PrivilegedExceptionAction;
import com.google.protobuf.ServiceException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.TableName;
@@ -41,6 +42,7 @@ import org.apache.hadoop.security.token.Token;
/**
* Utility methods for obtaining authentication tokens.
*/
+@InterfaceAudience.Private
public class TokenUtil {
private static Log LOG = LogFactory.getLog(TokenUtil.class);
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
index d780d50..41633b8 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/token/ZKSecretWatcher.java
@@ -23,6 +23,7 @@ import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.util.Writables;
import org.apache.hadoop.hbase.zookeeper.ZKUtil;
@@ -33,6 +34,7 @@ import org.apache.zookeeper.KeeperException;
/**
* Synchronizes token encryption keys across cluster nodes.
*/
+@InterfaceAudience.Private
public class ZKSecretWatcher extends ZooKeeperListener {
private static final String DEFAULT_ROOT_NODE = "tokenauth";
private static final String DEFAULT_KEYS_PARENT = "keys";
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
index 6f47b50..40ced81 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/expression/Operator.java
@@ -17,6 +17,9 @@
*/
package org.apache.hadoop.hbase.security.visibility.expression;
+import org.apache.hadoop.classification.InterfaceAudience;
+
+@InterfaceAudience.Private
public enum Operator {
AND('&'), OR('|'), NOT('!');
http://git-wip-us.apache.org/repos/asf/hbase/blob/6f4d5d8e/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
index 27198b3..01099b7 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/HBaseKerberosUtils.java
@@ -17,12 +17,14 @@
*/
package org.apache.hadoop.hbase.security;
+import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.CommonConfigurationKeys;
import org.apache.hadoop.hbase.HBaseConfiguration;
import com.google.common.base.Strings;
+@InterfaceAudience.Private
class HBaseKerberosUtils {
public static final String KRB_PRINCIPAL = "hbase.regionserver.kerberos.principal";
public static final String KRB_KEYTAB_FILE = "hbase.regionserver.keytab.file";