You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by vi...@apache.org on 2012/07/14 00:11:57 UTC
svn commit: r1361418 - in
/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security:
./ handler/
Author: vines
Date: Fri Jul 13 22:11:57 2012
New Revision: 1361418
URL: http://svn.apache.org/viewvc?rev=1361418&view=rev
Log:
ACCUMULO-259 - interface tweak + insecure implementations. Need to do testing with insecures to ensure functionality of all zookeeper implementations
independant from one another
Added:
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java (with props)
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java (with props)
Modified:
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperationImpl.java
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java
accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java
Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperationImpl.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperationImpl.java?rev=1361418&r1=1361417&r2=1361418&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperationImpl.java (original)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/SecurityOperationImpl.java Fri Jul 13 22:11:57 2012
@@ -656,7 +656,7 @@ public class SecurityOperationImpl imple
try {
authorizor.dropUser(user);
authenticator.dropUser(user);
- permHandle.dropUser(user);
+ permHandle.cleanUser(user);
log.info("Deleted user " + user + " at the request of user " + credentials.user);
} catch (AccumuloSecurityException e) {
throw e.asThriftException();
Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java?rev=1361418&r1=1361417&r2=1361418&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java (original)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/Authenticator.java Fri Jul 13 22:11:57 2012
@@ -45,9 +45,5 @@ public interface Authenticator {
public void changePassword(String user, byte[] pass) throws AccumuloSecurityException;
- public void clearCache(String user);
-
- public boolean cachesToClear();
-
public boolean userExists(String user);
}
Added: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java?rev=1361418&view=auto
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java (added)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java Fri Jul 13 22:11:57 2012
@@ -0,0 +1,103 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.accumulo.server.security.handler;
+
+import java.nio.ByteBuffer;
+import java.util.Collections;
+import java.util.Set;
+
+import org.apache.accumulo.core.client.AccumuloSecurityException;
+import org.apache.accumulo.core.security.thrift.AuthInfo;
+
+/**
+ * This is an Authenticator implementation that doesn't actually do any security. Use at your own risk.
+ */
+public class InsecureAuthenticator implements Authenticator {
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#initialize(java.lang.String)
+ */
+ @Override
+ public void initialize(String instanceId) {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#validSecurityHandlers(org.apache.accumulo.server.security.handler.Authorizor, org.apache.accumulo.server.security.handler.PermissionHandler)
+ */
+ @Override
+ public boolean validSecurityHandlers(Authorizor auth, PermissionHandler pm) {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#initializeSecurity(org.apache.accumulo.core.security.thrift.AuthInfo, java.lang.String, byte[])
+ */
+ @Override
+ public void initializeSecurity(AuthInfo credentials, String rootuser, byte[] rootpass) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#authenticateUser(java.lang.String, java.nio.ByteBuffer, java.lang.String)
+ */
+ @Override
+ public boolean authenticateUser(String user, ByteBuffer password, String instanceId) {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#listUsers()
+ */
+ @Override
+ public Set<String> listUsers() throws AccumuloSecurityException {
+ return Collections.emptySet();
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#createUser(java.lang.String, byte[])
+ */
+ @Override
+ public void createUser(String user, byte[] pass) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#dropUser(java.lang.String)
+ */
+ @Override
+ public void dropUser(String user) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#changePassword(java.lang.String, byte[])
+ */
+ @Override
+ public void changePassword(String user, byte[] pass) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.Authenticator#userExists(java.lang.String)
+ */
+ @Override
+ public boolean userExists(String user) {
+ return true;
+ }
+
+}
Propchange: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecureAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java?rev=1361418&view=auto
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java (added)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java Fri Jul 13 22:11:57 2012
@@ -0,0 +1,141 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.accumulo.server.security.handler;
+
+import org.apache.accumulo.core.client.AccumuloSecurityException;
+import org.apache.accumulo.core.client.TableNotFoundException;
+import org.apache.accumulo.core.security.SystemPermission;
+import org.apache.accumulo.core.security.TablePermission;
+
+/**
+ * This is a Permission Handler implementation that doesn't actually do any security. Use at your own risk.
+ */
+public class InsecurePermHandler implements PermissionHandler {
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#initialize(java.lang.String)
+ */
+ @Override
+ public void initialize(String instanceId) {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#validSecurityHandlers(org.apache.accumulo.server.security.handler.Authenticator, org.apache.accumulo.server.security.handler.Authorizor)
+ */
+ @Override
+ public boolean validSecurityHandlers(Authenticator authent, Authorizor author) {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#initializeSecurity(java.lang.String)
+ */
+ @Override
+ public void initializeSecurity(String rootuser) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#hasSystemPermission(java.lang.String, org.apache.accumulo.core.security.SystemPermission)
+ */
+ @Override
+ public boolean hasSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#hasCachedSystemPermission(java.lang.String, org.apache.accumulo.core.security.SystemPermission)
+ */
+ @Override
+ public boolean hasCachedSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#hasTablePermission(java.lang.String, java.lang.String, org.apache.accumulo.core.security.TablePermission)
+ */
+ @Override
+ public boolean hasTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#hasCachedTablePermission(java.lang.String, java.lang.String, org.apache.accumulo.core.security.TablePermission)
+ */
+ @Override
+ public boolean hasCachedTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#grantSystemPermission(java.lang.String, org.apache.accumulo.core.security.SystemPermission)
+ */
+ @Override
+ public void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#revokeSystemPermission(java.lang.String, org.apache.accumulo.core.security.SystemPermission)
+ */
+ @Override
+ public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#grantTablePermission(java.lang.String, java.lang.String, org.apache.accumulo.core.security.TablePermission)
+ */
+ @Override
+ public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#revokeTablePermission(java.lang.String, java.lang.String, org.apache.accumulo.core.security.TablePermission)
+ */
+ @Override
+ public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#cleanTablePermissions(java.lang.String)
+ */
+ @Override
+ public void cleanTablePermissions(String table) throws AccumuloSecurityException, TableNotFoundException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#initUser(java.lang.String)
+ */
+ @Override
+ public void initUser(String user) throws AccumuloSecurityException {
+ return;
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.accumulo.server.security.handler.PermissionHandler#dropUser(java.lang.String)
+ */
+ @Override
+ public void cleanUser(String user) throws AccumuloSecurityException {
+ return;
+ }
+
+}
Propchange: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/InsecurePermHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java?rev=1361418&r1=1361417&r2=1361418&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java (original)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/PermissionHandler.java Fri Jul 13 22:11:57 2012
@@ -157,5 +157,5 @@ public interface PermissionHandler {
* @param user
* @throws AccumuloSecurityException
*/
- public void dropUser(String user) throws AccumuloSecurityException;
+ public void cleanUser(String user) throws AccumuloSecurityException;
}
Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java?rev=1361418&r1=1361417&r2=1361418&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java (original)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKAuthenticator.java Fri Jul 13 22:11:57 2012
@@ -172,11 +172,6 @@ public final class ZKAuthenticator imple
}
@Override
- public void clearCache(String user) {
- zooCache.clear(ZKUserPath + "/" + user);
- }
-
- @Override
public boolean validSecurityHandlers(Authorizor auth, PermissionHandler pm) {
return true;
}
@@ -194,9 +189,4 @@ public final class ZKAuthenticator imple
}
return result;
}
-
- @Override
- public boolean cachesToClear() {
- return true;
- }
}
Modified: accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java
URL: http://svn.apache.org/viewvc/accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java?rev=1361418&r1=1361417&r2=1361418&view=diff
==============================================================================
--- accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java (original)
+++ accumulo/branches/ACCUMULO-259/server/src/main/java/org/apache/accumulo/server/security/handler/ZKPermHandler.java Fri Jul 13 22:11:57 2012
@@ -277,7 +277,7 @@ public class ZKPermHandler implements Pe
}
@Override
- public void dropUser(String user) throws AccumuloSecurityException {
+ public void cleanUser(String user) throws AccumuloSecurityException {
try {
synchronized (zooCache) {
IZooReaderWriter zoo = ZooReaderWriter.getRetryingInstance();