You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2013/07/27 01:58:52 UTC
[4/6] ACCUMULO-1312 use Credentials object to avoid serializing as
long as possible
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java
index 934e369..4858c7b 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchDeleter.java
@@ -32,16 +32,16 @@ import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.iterators.SortedKeyIterator;
import org.apache.accumulo.core.security.Authorizations;
import org.apache.accumulo.core.security.ColumnVisibility;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
public class TabletServerBatchDeleter extends TabletServerBatchReader implements BatchDeleter {
private Instance instance;
- private TCredentials credentials;
+ private Credentials credentials;
private String tableId;
private BatchWriterConfig bwConfig;
- public TabletServerBatchDeleter(Instance instance, TCredentials credentials, String tableId, Authorizations authorizations, int numQueryThreads,
+ public TabletServerBatchDeleter(Instance instance, Credentials credentials, String tableId, Authorizations authorizations, int numQueryThreads,
BatchWriterConfig bwConfig) throws TableNotFoundException {
super(instance, credentials, tableId, authorizations, numQueryThreads);
this.instance = instance;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java
index f31cad2..aee8c21 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReader.java
@@ -28,7 +28,7 @@ import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.Range;
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.util.ArgumentChecker;
import org.apache.accumulo.core.util.SimpleThreadPool;
import org.apache.log4j.Logger;
@@ -43,7 +43,7 @@ public class TabletServerBatchReader extends ScannerOptions implements BatchScan
private Instance instance;
private ArrayList<Range> ranges;
- private TCredentials credentials;
+ private Credentials credentials;
private Authorizations authorizations = Authorizations.EMPTY;
private Throwable ex = null;
@@ -55,7 +55,7 @@ public class TabletServerBatchReader extends ScannerOptions implements BatchScan
private final int batchReaderInstance = getNextBatchReaderInstance();
- public TabletServerBatchReader(Instance instance, TCredentials credentials, String table, Authorizations authorizations, int numQueryThreads) {
+ public TabletServerBatchReader(Instance instance, Credentials credentials, String table, Authorizations authorizations, int numQueryThreads) {
ArgumentChecker.notNull(instance, credentials, table, authorizations);
this.instance = instance;
this.credentials = credentials;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java
index a8ce55e..0376304 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java
@@ -56,7 +56,7 @@ import org.apache.accumulo.core.data.thrift.TKeyValue;
import org.apache.accumulo.core.data.thrift.TRange;
import org.apache.accumulo.core.master.state.tables.TableState;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException;
import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
import org.apache.accumulo.core.util.ByteBufferUtil;
@@ -78,7 +78,7 @@ public class TabletServerBatchReaderIterator implements Iterator<Entry<Key,Value
private static final Logger log = Logger.getLogger(TabletServerBatchReaderIterator.class);
private final Instance instance;
- private final TCredentials credentials;
+ private final Credentials credentials;
private final String table;
private Authorizations authorizations = Authorizations.EMPTY;
private final int numThreads;
@@ -132,7 +132,7 @@ public class TabletServerBatchReaderIterator implements Iterator<Entry<Key,Value
}
- public TabletServerBatchReaderIterator(Instance instance, TCredentials credentials, String table, Authorizations authorizations, ArrayList<Range> ranges,
+ public TabletServerBatchReaderIterator(Instance instance, Credentials credentials, String table, Authorizations authorizations, ArrayList<Range> ranges,
int numThreads, ExecutorService queryThreadPool, ScannerOptions scannerOptions, long timeout) {
this.instance = instance;
@@ -254,7 +254,7 @@ public class TabletServerBatchReaderIterator implements Iterator<Entry<Key,Value
while (true) {
binnedRanges.clear();
- List<Range> failures = tabletLocator.binRanges(ranges, binnedRanges, credentials);
+ List<Range> failures = tabletLocator.binRanges(credentials, ranges, binnedRanges);
if (failures.size() > 0) {
// tried to only do table state checks when failures.size() == ranges.size(), however this did
@@ -361,8 +361,8 @@ public class TabletServerBatchReaderIterator implements Iterator<Entry<Key,Value
timeoutTracker = new TimeoutTracker(tsLocation, timedoutServers, timeout);
timeoutTrackers.put(tsLocation, timeoutTracker);
}
- doLookup(tsLocation, tabletsRanges, tsFailures, unscanned, receiver, columns, credentials, options, authorizations, instance.getConfiguration(),
- timeoutTracker);
+ doLookup(instance, credentials, tsLocation, tabletsRanges, tsFailures, unscanned, receiver, columns, options, authorizations,
+ instance.getConfiguration(), timeoutTracker);
if (tsFailures.size() > 0) {
locator.invalidateCache(tsFailures.keySet());
synchronized (failures) {
@@ -604,14 +604,15 @@ public class TabletServerBatchReaderIterator implements Iterator<Entry<Key,Value
}
}
- public static void doLookup(String server, Map<KeyExtent,List<Range>> requested, Map<KeyExtent,List<Range>> failures, Map<KeyExtent,List<Range>> unscanned,
- ResultReceiver receiver, List<Column> columns, TCredentials credentials, ScannerOptions options, Authorizations authorizations, AccumuloConfiguration conf)
- throws IOException, AccumuloSecurityException, AccumuloServerException {
- doLookup(server, requested, failures, unscanned, receiver, columns, credentials, options, authorizations, conf, new TimeoutTracker(Long.MAX_VALUE));
+ public static void doLookup(Instance instance, Credentials credentials, String server, Map<KeyExtent,List<Range>> requested,
+ Map<KeyExtent,List<Range>> failures, Map<KeyExtent,List<Range>> unscanned, ResultReceiver receiver, List<Column> columns, ScannerOptions options,
+ Authorizations authorizations, AccumuloConfiguration conf) throws IOException, AccumuloSecurityException, AccumuloServerException {
+ doLookup(instance, credentials, server, requested, failures, unscanned, receiver, columns, options, authorizations, conf,
+ new TimeoutTracker(Long.MAX_VALUE));
}
- static void doLookup(String server, Map<KeyExtent,List<Range>> requested, Map<KeyExtent,List<Range>> failures, Map<KeyExtent,List<Range>> unscanned,
- ResultReceiver receiver, List<Column> columns, TCredentials credentials, ScannerOptions options, Authorizations authorizations,
+ static void doLookup(Instance instance, Credentials credentials, String server, Map<KeyExtent,List<Range>> requested, Map<KeyExtent,List<Range>> failures,
+ Map<KeyExtent,List<Range>> unscanned, ResultReceiver receiver, List<Column> columns, ScannerOptions options, Authorizations authorizations,
AccumuloConfiguration conf, TimeoutTracker timeoutTracker) throws IOException, AccumuloSecurityException, AccumuloServerException {
if (requested.size() == 0) {
@@ -646,8 +647,9 @@ public class TabletServerBatchReaderIterator implements Iterator<Entry<Key,Value
Map<TKeyExtent,List<TRange>> thriftTabletRanges = Translator.translate(requested, Translator.KET, new Translator.ListTranslator<Range,TRange>(
Translator.RT));
- InitialMultiScan imsr = client.startMultiScan(Tracer.traceInfo(), credentials, thriftTabletRanges, Translator.translate(columns, Translator.CT),
- options.serverSideIteratorList, options.serverSideIteratorOptions, ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()), waitForWrites);
+ InitialMultiScan imsr = client.startMultiScan(Tracer.traceInfo(), credentials.toThrift(instance), thriftTabletRanges,
+ Translator.translate(columns, Translator.CT), options.serverSideIteratorList, options.serverSideIteratorOptions,
+ ByteBufferUtil.toByteBuffers(authorizations.getAuthorizations()), waitForWrites);
if (waitForWrites)
ThriftScanner.serversWaitedForWrites.get(ttype).add(server);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java
index 12f5243..caecd00 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java
@@ -56,7 +56,7 @@ import org.apache.accumulo.core.data.thrift.TMutation;
import org.apache.accumulo.core.data.thrift.UpdateErrors;
import org.apache.accumulo.core.master.state.tables.TableState;
import org.apache.accumulo.core.metadata.MetadataTable;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException;
import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException;
import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
@@ -111,7 +111,7 @@ public class TabletServerBatchWriter {
private FailedMutations failedMutations;
private Instance instance;
- private TCredentials credentials;
+ private Credentials credentials;
private Violations violations;
private Map<KeyExtent,Set<SecurityErrorCode>> authorizationFailures;
@@ -187,7 +187,7 @@ public class TabletServerBatchWriter {
}
}
- public TabletServerBatchWriter(Instance instance, TCredentials credentials, BatchWriterConfig config) {
+ public TabletServerBatchWriter(Instance instance, Credentials credentials, BatchWriterConfig config) {
this.instance = instance;
this.maxMem = config.getMaxMemory();
this.maxLatency = config.getMaxLatency(TimeUnit.MILLISECONDS) <= 0 ? Long.MAX_VALUE : config.getMaxLatency(TimeUnit.MILLISECONDS);
@@ -650,7 +650,7 @@ public class TabletServerBatchWriter {
if (tableMutations != null) {
ArrayList<Mutation> tableFailures = new ArrayList<Mutation>();
- locator.binMutations(tableMutations, binnedMutations, tableFailures, credentials);
+ locator.binMutations(credentials, tableMutations, binnedMutations, tableFailures);
if (tableFailures.size() > 0) {
failedMutations.add(table, tableFailures);
@@ -867,7 +867,7 @@ public class TabletServerBatchWriter {
Entry<KeyExtent,List<Mutation>> entry = tabMuts.entrySet().iterator().next();
try {
- client.update(tinfo, credentials, entry.getKey().toThrift(), entry.getValue().get(0).toThrift());
+ client.update(tinfo, credentials.toThrift(instance), entry.getKey().toThrift(), entry.getValue().get(0).toThrift());
} catch (NotServingTabletException e) {
allFailures.addAll(entry.getKey().getTableId().toString(), entry.getValue());
TabletLocator.getLocator(instance, new Text(entry.getKey().getTableId())).invalidateCache(entry.getKey());
@@ -877,7 +877,7 @@ public class TabletServerBatchWriter {
timeoutTracker.madeProgress();
} else {
- long usid = client.startUpdate(tinfo, credentials);
+ long usid = client.startUpdate(tinfo, credentials.toThrift(instance));
List<TMutation> updates = new ArrayList<TMutation>();
for (Entry<KeyExtent,List<Mutation>> entry : tabMuts.entrySet()) {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java b/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java
index 584b56c..efdd142 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftScanner.java
@@ -49,7 +49,7 @@ import org.apache.accumulo.core.data.thrift.ScanResult;
import org.apache.accumulo.core.data.thrift.TKeyValue;
import org.apache.accumulo.core.master.state.tables.TableState;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.tabletserver.thrift.NoSuchScanIDException;
import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
@@ -78,9 +78,10 @@ public class ThriftScanner {
}
}
- public static boolean getBatchFromServer(TCredentials credentials, Range range, KeyExtent extent, String server, SortedMap<Key,Value> results,
- SortedSet<Column> fetchedColumns, List<IterInfo> serverSideIteratorList, Map<String,Map<String,String>> serverSideIteratorOptions, int size,
- Authorizations authorizations, boolean retry, AccumuloConfiguration conf) throws AccumuloException, AccumuloSecurityException, NotServingTabletException {
+ public static boolean getBatchFromServer(Instance instance, Credentials credentials, Range range, KeyExtent extent, String server,
+ SortedMap<Key,Value> results, SortedSet<Column> fetchedColumns, List<IterInfo> serverSideIteratorList,
+ Map<String,Map<String,String>> serverSideIteratorOptions, int size, Authorizations authorizations, boolean retry, AccumuloConfiguration conf)
+ throws AccumuloException, AccumuloSecurityException, NotServingTabletException {
if (server == null)
throw new AccumuloException(new IOException());
@@ -89,12 +90,12 @@ public class ThriftScanner {
TabletClientService.Client client = ThriftUtil.getTServerClient(server, conf);
try {
// not reading whole rows (or stopping on row boundries) so there is no need to enable isolation below
- ScanState scanState = new ScanState(credentials, extent.getTableId(), authorizations, range, fetchedColumns, size, serverSideIteratorList,
+ ScanState scanState = new ScanState(instance, credentials, extent.getTableId(), authorizations, range, fetchedColumns, size, serverSideIteratorList,
serverSideIteratorOptions, false);
TabletType ttype = TabletType.type(extent);
boolean waitForWrites = !serversWaitedForWrites.get(ttype).contains(server);
- InitialScan isr = client.startScan(tinfo, scanState.credentials, extent.toThrift(), scanState.range.toThrift(),
+ InitialScan isr = client.startScan(tinfo, scanState.credentials.toThrift(instance), extent.toThrift(), scanState.range.toThrift(),
Translator.translate(scanState.columns, Translator.CT), scanState.size, scanState.serverSideIteratorList, scanState.serverSideIteratorOptions,
scanState.authorizations.getAuthorizationsBB(), waitForWrites, scanState.isolated);
if (waitForWrites)
@@ -136,7 +137,8 @@ public class ThriftScanner {
int size;
- TCredentials credentials;
+ Instance instance;
+ Credentials credentials;
Authorizations authorizations;
List<Column> columns;
@@ -149,8 +151,9 @@ public class ThriftScanner {
Map<String,Map<String,String>> serverSideIteratorOptions;
- public ScanState(TCredentials credentials, Text tableId, Authorizations authorizations, Range range, SortedSet<Column> fetchedColumns, int size,
- List<IterInfo> serverSideIteratorList, Map<String,Map<String,String>> serverSideIteratorOptions, boolean isolated) {
+ public ScanState(Instance instance, Credentials credentials, Text tableId, Authorizations authorizations, Range range, SortedSet<Column> fetchedColumns,
+ int size, List<IterInfo> serverSideIteratorList, Map<String,Map<String,String>> serverSideIteratorOptions, boolean isolated) {
+ this.instance = instance;
this.credentials = credentials;
this.authorizations = authorizations;
@@ -186,7 +189,7 @@ public class ThriftScanner {
}
- public static List<KeyValue> scan(Instance instance, TCredentials credentials, ScanState scanState, int timeOut, AccumuloConfiguration conf)
+ public static List<KeyValue> scan(Instance instance, Credentials credentials, ScanState scanState, int timeOut, AccumuloConfiguration conf)
throws ScanTimedOutException, AccumuloException, AccumuloSecurityException, TableNotFoundException {
TabletLocation loc = null;
@@ -211,7 +214,7 @@ public class ThriftScanner {
Span locateSpan = Trace.start("scan:locateTablet");
try {
- loc = TabletLocator.getLocator(instance, scanState.tableId).locateTablet(scanState.startRow, scanState.skipStartRow, false, credentials);
+ loc = TabletLocator.getLocator(instance, scanState.tableId).locateTablet(credentials, scanState.startRow, scanState.skipStartRow, false);
if (loc == null) {
if (!Tables.exists(instance, scanState.tableId.toString()))
@@ -384,7 +387,7 @@ public class ThriftScanner {
TabletType ttype = TabletType.type(loc.tablet_extent);
boolean waitForWrites = !serversWaitedForWrites.get(ttype).contains(loc.tablet_location);
- InitialScan is = client.startScan(tinfo, scanState.credentials, loc.tablet_extent.toThrift(), scanState.range.toThrift(),
+ InitialScan is = client.startScan(tinfo, scanState.credentials.toThrift(scanState.instance), loc.tablet_extent.toThrift(), scanState.range.toThrift(),
Translator.translate(scanState.columns, Translator.CT), scanState.size, scanState.serverSideIteratorList, scanState.serverSideIteratorOptions,
scanState.authorizations.getAuthorizationsBB(), waitForWrites, scanState.isolated);
if (waitForWrites)
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/TimeoutTabletLocator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/TimeoutTabletLocator.java b/core/src/main/java/org/apache/accumulo/core/client/impl/TimeoutTabletLocator.java
index e8cd678..bcbe561 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/TimeoutTabletLocator.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/TimeoutTabletLocator.java
@@ -27,7 +27,7 @@ import org.apache.accumulo.core.client.TimedOutException;
import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.Mutation;
import org.apache.accumulo.core.data.Range;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.hadoop.io.Text;
/**
@@ -57,11 +57,11 @@ public class TimeoutTabletLocator extends TabletLocator {
}
@Override
- public TabletLocation locateTablet(Text row, boolean skipRow, boolean retry, TCredentials credentials) throws AccumuloException, AccumuloSecurityException,
+ public TabletLocation locateTablet(Credentials credentials, Text row, boolean skipRow, boolean retry) throws AccumuloException, AccumuloSecurityException,
TableNotFoundException {
try {
- TabletLocation ret = locator.locateTablet(row, skipRow, retry, credentials);
+ TabletLocation ret = locator.locateTablet(credentials, row, skipRow, retry);
if (ret == null)
failed();
@@ -76,10 +76,10 @@ public class TimeoutTabletLocator extends TabletLocator {
}
@Override
- public <T extends Mutation> void binMutations(List<T> mutations, Map<String,TabletServerMutations<T>> binnedMutations, List<T> failures,
- TCredentials credentials) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
+ public <T extends Mutation> void binMutations(Credentials credentials, List<T> mutations, Map<String,TabletServerMutations<T>> binnedMutations, List<T> failures)
+ throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
try {
- locator.binMutations(mutations, binnedMutations, failures, credentials);
+ locator.binMutations(credentials, mutations, binnedMutations, failures);
if (failures.size() == mutations.size())
failed();
@@ -97,11 +97,11 @@ public class TimeoutTabletLocator extends TabletLocator {
*/
@Override
- public List<Range> binRanges(List<Range> ranges, Map<String,Map<KeyExtent,List<Range>>> binnedRanges, TCredentials credentials) throws AccumuloException,
+ public List<Range> binRanges(Credentials credentials, List<Range> ranges, Map<String,Map<KeyExtent,List<Range>>> binnedRanges) throws AccumuloException,
AccumuloSecurityException, TableNotFoundException {
try {
- List<Range> ret = locator.binRanges(ranges, binnedRanges, credentials);
+ List<Range> ret = locator.binRanges(credentials, ranges, binnedRanges);
if (ranges.size() == ret.size())
failed();
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java b/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java
index 85b1869..11c67ca 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/Writer.java
@@ -16,7 +16,6 @@
*/
package org.apache.accumulo.core.client.impl;
-import org.apache.accumulo.trace.instrument.Tracer;
import org.apache.accumulo.core.client.AccumuloException;
import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.client.Instance;
@@ -26,13 +25,14 @@ import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
import org.apache.accumulo.core.conf.AccumuloConfiguration;
import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.Mutation;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException;
import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
import org.apache.accumulo.core.util.ArgumentChecker;
import org.apache.accumulo.core.util.ThriftUtil;
import org.apache.accumulo.core.util.UtilWaitThread;
+import org.apache.accumulo.trace.instrument.Tracer;
import org.apache.hadoop.io.Text;
import org.apache.log4j.Logger;
import org.apache.thrift.TException;
@@ -44,28 +44,28 @@ public class Writer {
private static final Logger log = Logger.getLogger(Writer.class);
private Instance instance;
- private TCredentials credentials;
+ private Credentials credentials;
private Text table;
- public Writer(Instance instance, TCredentials credentials, Text table) {
+ public Writer(Instance instance, Credentials credentials, Text table) {
ArgumentChecker.notNull(instance, credentials, table);
this.instance = instance;
this.credentials = credentials;
this.table = table;
}
- public Writer(Instance instance, TCredentials credentials, String table) {
+ public Writer(Instance instance, Credentials credentials, String table) {
this(instance, credentials, new Text(table));
}
- private static void updateServer(Mutation m, KeyExtent extent, String server, TCredentials ai, AccumuloConfiguration configuration) throws TException,
- NotServingTabletException, ConstraintViolationException, AccumuloSecurityException {
+ private static void updateServer(Instance instance, Mutation m, KeyExtent extent, String server, Credentials ai, AccumuloConfiguration configuration)
+ throws TException, NotServingTabletException, ConstraintViolationException, AccumuloSecurityException {
ArgumentChecker.notNull(m, extent, server, ai);
TabletClientService.Iface client = null;
try {
client = ThriftUtil.getTServerClient(server, configuration);
- client.update(Tracer.traceInfo(), ai, extent.toThrift(), m.toThrift());
+ client.update(Tracer.traceInfo(), ai.toThrift(instance), extent.toThrift(), m.toThrift());
return;
} catch (ThriftSecurityException e) {
throw new AccumuloSecurityException(e.user, e.code);
@@ -84,7 +84,7 @@ public class Writer {
throw new IllegalArgumentException("Can not add empty mutations");
while (true) {
- TabletLocation tabLoc = TabletLocator.getLocator(instance, table).locateTablet(new Text(m.getRow()), false, true, credentials);
+ TabletLocation tabLoc = TabletLocator.getLocator(instance, table).locateTablet(credentials, new Text(m.getRow()), false, true);
if (tabLoc == null) {
log.trace("No tablet location found for row " + new String(m.getRow()));
@@ -93,7 +93,7 @@ public class Writer {
}
try {
- updateServer(m, tabLoc.tablet_extent, tabLoc.tablet_location, credentials, instance.getConfiguration());
+ updateServer(instance, m, tabLoc.tablet_extent, tabLoc.tablet_location, credentials, instance.getConfiguration());
return;
} catch (NotServingTabletException e) {
log.trace("Not serving tablet, server = " + tabLoc.tablet_location);
@@ -101,7 +101,7 @@ public class Writer {
} catch (TException e) {
log.error("error sending update to " + tabLoc.tablet_location + ": " + e);
TabletLocator.getLocator(instance, table).invalidateCache(tabLoc.tablet_extent);
- }
+ }
UtilWaitThread.sleep(500);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java b/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
index cbf1ab0..a91386f 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
@@ -37,11 +37,11 @@ import org.apache.accumulo.core.client.mapreduce.lib.util.OutputConfigurator;
import org.apache.accumulo.core.client.mock.MockInstance;
import org.apache.accumulo.core.client.security.SecurityErrorCode;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.data.ColumnUpdate;
import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.Mutation;
import org.apache.accumulo.core.security.ColumnVisibility;
-import org.apache.accumulo.core.security.CredentialHelper;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.mapred.JobConf;
@@ -60,7 +60,7 @@ import org.apache.log4j.Logger;
*
* <ul>
* <li>{@link AccumuloOutputFormat#setConnectorInfo(JobConf, String, AuthenticationToken)}
- * <li>{@link AccumuloOutputFormat#setConnectorInfo(JobConf, String)}
+ * <li>{@link AccumuloOutputFormat#setConnectorInfo(JobConf, String, String)}
* <li>{@link AccumuloOutputFormat#setZooKeeperInstance(JobConf, String, String)} OR {@link AccumuloOutputFormat#setMockInstance(JobConf, String)}
* </ul>
*
@@ -375,7 +375,7 @@ public class AccumuloOutputFormat implements OutputFormat<Text,Mutation> {
this.defaultTableName = (tname == null) ? null : new Text(tname);
if (!simulate) {
- this.conn = getInstance(job).getConnector(getPrincipal(job), CredentialHelper.extractToken(getTokenClass(job), getToken(job)));
+ this.conn = getInstance(job).getConnector(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job)));
mtbw = conn.createMultiTableBatchWriter(getBatchWriterOptions(job));
}
}
@@ -509,8 +509,8 @@ public class AccumuloOutputFormat implements OutputFormat<Text,Mutation> {
throw new IOException("Connector info has not been set.");
try {
// if the instance isn't configured, it will complain here
- Connector c = getInstance(job).getConnector(getPrincipal(job), CredentialHelper.extractToken(getTokenClass(job), getToken(job)));
- if (!c.securityOperations().authenticateUser(getPrincipal(job), CredentialHelper.extractToken(getTokenClass(job), getToken(job))))
+ Connector c = getInstance(job).getConnector(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job)));
+ if (!c.securityOperations().authenticateUser(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job))))
throw new IOException("Unable to authenticate user");
} catch (AccumuloException e) {
throw new IOException(e);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java b/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java
index e5829af..9f16ab8 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapred/InputFormatBase.java
@@ -18,7 +18,6 @@ package org.apache.accumulo.core.client.mapred;
import java.io.IOException;
import java.net.InetAddress;
-import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -47,6 +46,7 @@ import org.apache.accumulo.core.client.impl.TabletLocator;
import org.apache.accumulo.core.client.mapreduce.lib.util.InputConfigurator;
import org.apache.accumulo.core.client.mock.MockInstance;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.PartialKey;
@@ -56,8 +56,7 @@ import org.apache.accumulo.core.master.state.tables.TableState;
import org.apache.accumulo.core.metadata.MetadataTable;
import org.apache.accumulo.core.metadata.schema.MetadataSchema.TabletsSection;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.CredentialHelper;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.util.Pair;
import org.apache.accumulo.core.util.UtilWaitThread;
import org.apache.hadoop.io.Text;
@@ -602,11 +601,11 @@ public abstract class InputFormatBase<K,V> implements InputFormat<K,V> {
try {
log.debug("Creating connector with user: " + user);
- Connector conn = instance.getConnector(user, CredentialHelper.extractToken(tokenClass, password));
+ Connector conn = instance.getConnector(user, AuthenticationTokenSerializer.deserialize(tokenClass, password));
log.debug("Creating scanner for table: " + getInputTableName(job));
log.debug("Authorizations are: " + authorizations);
if (isOfflineScan(job)) {
- scanner = new OfflineScanner(instance, new TCredentials(user, tokenClass, ByteBuffer.wrap(password), instance.getInstanceID()), Tables.getTableId(
+ scanner = new OfflineScanner(instance, new Credentials(user, AuthenticationTokenSerializer.deserialize(tokenClass, password)), Tables.getTableId(
instance, getInputTableName(job)), authorizations);
} else {
scanner = conn.createScanner(getInputTableName(job), authorizations);
@@ -668,7 +667,7 @@ public abstract class InputFormatBase<K,V> implements InputFormat<K,V> {
Map<String,Map<KeyExtent,List<Range>>> binnedRanges = new HashMap<String,Map<KeyExtent,List<Range>>>();
Instance instance = getInstance(job);
- Connector conn = instance.getConnector(getPrincipal(job), CredentialHelper.extractToken(getTokenClass(job), getToken(job)));
+ Connector conn = instance.getConnector(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job)));
String tableId = Tables.getTableId(instance, tableName);
if (Tables.getTableState(instance, tableId) != TableState.OFFLINE) {
@@ -794,8 +793,8 @@ public abstract class InputFormatBase<K,V> implements InputFormat<K,V> {
tl = getTabletLocator(job);
// its possible that the cache could contain complete, but old information about a tables tablets... so clear it
tl.invalidateCache();
- while (!tl.binRanges(ranges, binnedRanges,
- new TCredentials(getPrincipal(job), getTokenClass(job), ByteBuffer.wrap(getToken(job)), getInstance(job).getInstanceID())).isEmpty()) {
+ while (!tl.binRanges(new Credentials(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job))), ranges,
+ binnedRanges).isEmpty()) {
if (!(instance instanceof MockInstance)) {
if (tableId == null)
tableId = Tables.getTableId(instance, tableName);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
index 49bd3e1..cefb634 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
@@ -37,11 +37,11 @@ import org.apache.accumulo.core.client.mapreduce.lib.util.OutputConfigurator;
import org.apache.accumulo.core.client.mock.MockInstance;
import org.apache.accumulo.core.client.security.SecurityErrorCode;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.data.ColumnUpdate;
import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.Mutation;
import org.apache.accumulo.core.security.ColumnVisibility;
-import org.apache.accumulo.core.security.CredentialHelper;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.mapreduce.Job;
import org.apache.hadoop.mapreduce.JobContext;
@@ -375,7 +375,8 @@ public class AccumuloOutputFormat extends OutputFormat<Text,Mutation> {
this.defaultTableName = (tname == null) ? null : new Text(tname);
if (!simulate) {
- this.conn = getInstance(context).getConnector(getPrincipal(context), CredentialHelper.extractToken(getTokenClass(context), getToken(context)));
+ this.conn = getInstance(context).getConnector(getPrincipal(context),
+ AuthenticationTokenSerializer.deserialize(getTokenClass(context), getToken(context)));
mtbw = conn.createMultiTableBatchWriter(getBatchWriterOptions(context));
}
}
@@ -509,8 +510,8 @@ public class AccumuloOutputFormat extends OutputFormat<Text,Mutation> {
throw new IOException("Connector info has not been set.");
try {
// if the instance isn't configured, it will complain here
- Connector c = getInstance(job).getConnector(getPrincipal(job), CredentialHelper.extractToken(getTokenClass(job), getToken(job)));
- if (!c.securityOperations().authenticateUser(getPrincipal(job), CredentialHelper.extractToken(getTokenClass(job), getToken(job))))
+ Connector c = getInstance(job).getConnector(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job)));
+ if (!c.securityOperations().authenticateUser(getPrincipal(job), AuthenticationTokenSerializer.deserialize(getTokenClass(job), getToken(job))))
throw new IOException("Unable to authenticate user");
} catch (AccumuloException e) {
throw new IOException(e);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java
index 8308a63..f70f6e2 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/InputFormatBase.java
@@ -22,7 +22,6 @@ import java.io.IOException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.net.InetAddress;
-import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -51,6 +50,7 @@ import org.apache.accumulo.core.client.impl.TabletLocator;
import org.apache.accumulo.core.client.mapreduce.lib.util.InputConfigurator;
import org.apache.accumulo.core.client.mock.MockInstance;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.data.ByteSequence;
import org.apache.accumulo.core.data.Key;
import org.apache.accumulo.core.data.KeyExtent;
@@ -61,14 +61,12 @@ import org.apache.accumulo.core.master.state.tables.TableState;
import org.apache.accumulo.core.metadata.MetadataTable;
import org.apache.accumulo.core.metadata.schema.MetadataSchema.TabletsSection;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.CredentialHelper;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.util.Pair;
import org.apache.accumulo.core.util.UtilWaitThread;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.io.Text;
import org.apache.hadoop.io.Writable;
-import org.apache.hadoop.mapred.JobConf;
import org.apache.hadoop.mapreduce.InputFormat;
import org.apache.hadoop.mapreduce.InputSplit;
import org.apache.hadoop.mapreduce.Job;
@@ -188,11 +186,11 @@ public abstract class InputFormatBase<K,V> extends InputFormat<K,V> {
/**
* Gets the password file from the configuration.
*
- * @param job
+ * @param context
* the Hadoop context for the configured job
* @return path to the password file as a String
* @since 1.6.0
- * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
+ * @see #setConnectorInfo(Job, String, AuthenticationToken)
*/
protected static String getTokenFile(JobContext context) {
return InputConfigurator.getTokenFile(CLASS, getConfiguration(context));
@@ -613,11 +611,11 @@ public abstract class InputFormatBase<K,V> extends InputFormat<K,V> {
try {
log.debug("Creating connector with user: " + principal);
- Connector conn = instance.getConnector(principal, CredentialHelper.extractToken(tokenClass, token));
+ Connector conn = instance.getConnector(principal, AuthenticationTokenSerializer.deserialize(tokenClass, token));
log.debug("Creating scanner for table: " + getInputTableName(attempt));
log.debug("Authorizations are: " + authorizations);
if (isOfflineScan(attempt)) {
- scanner = new OfflineScanner(instance, new TCredentials(principal, tokenClass, ByteBuffer.wrap(token), instance.getInstanceID()), Tables.getTableId(
+ scanner = new OfflineScanner(instance, new Credentials(principal, AuthenticationTokenSerializer.deserialize(tokenClass, token)), Tables.getTableId(
instance, getInputTableName(attempt)), authorizations);
} else {
scanner = conn.createScanner(getInputTableName(attempt), authorizations);
@@ -686,7 +684,7 @@ public abstract class InputFormatBase<K,V> extends InputFormat<K,V> {
Map<String,Map<KeyExtent,List<Range>>> binnedRanges = new HashMap<String,Map<KeyExtent,List<Range>>>();
Instance instance = getInstance(context);
- Connector conn = instance.getConnector(getPrincipal(context), CredentialHelper.extractToken(getTokenClass(context), getToken(context)));
+ Connector conn = instance.getConnector(getPrincipal(context), AuthenticationTokenSerializer.deserialize(getTokenClass(context), getToken(context)));
String tableId = Tables.getTableId(instance, tableName);
if (Tables.getTableState(instance, tableId) != TableState.OFFLINE) {
@@ -812,9 +810,8 @@ public abstract class InputFormatBase<K,V> extends InputFormat<K,V> {
tl = getTabletLocator(context);
// its possible that the cache could contain complete, but old information about a tables tablets... so clear it
tl.invalidateCache();
- while (!tl.binRanges(ranges, binnedRanges,
- new TCredentials(getPrincipal(context), getTokenClass(context), ByteBuffer.wrap(getToken(context)), getInstance(context).getInstanceID()))
- .isEmpty()) {
+ while (!tl.binRanges(new Credentials(getPrincipal(context), AuthenticationTokenSerializer.deserialize(getTokenClass(context), getToken(context))),
+ ranges, binnedRanges).isEmpty()) {
if (!(instance instanceof MockInstance)) {
if (tableId == null)
tableId = Tables.getTableId(instance, tableName);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
index b15b6a2..6204236 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
@@ -26,7 +26,7 @@ import org.apache.accumulo.core.client.Instance;
import org.apache.accumulo.core.client.ZooKeeperInstance;
import org.apache.accumulo.core.client.mock.MockInstance;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
-import org.apache.accumulo.core.security.CredentialHelper;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.util.ArgumentChecker;
import org.apache.commons.codec.binary.Base64;
import org.apache.hadoop.conf.Configuration;
@@ -34,7 +34,6 @@ import org.apache.hadoop.filecache.DistributedCache;
import org.apache.hadoop.fs.FSDataInputStream;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.mapred.JobConf;
import org.apache.hadoop.util.StringUtils;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
@@ -45,7 +44,7 @@ import org.apache.log4j.Logger;
public class ConfiguratorBase {
/**
- * Configuration keys for {@link Instance#getConnector(String, byte[])}.
+ * Configuration keys for {@link Instance#getConnector(String, AuthenticationToken)}.
*
* @since 1.5.0
*/
@@ -112,7 +111,7 @@ public class ConfiguratorBase {
conf.setBoolean(enumToConfKey(implementingClass, ConnectorInfo.IS_CONFIGURED), true);
conf.set(enumToConfKey(implementingClass, ConnectorInfo.PRINCIPAL), principal);
conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN_CLASS), token.getClass().getName());
- conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN), CredentialHelper.tokenAsBase64(token));
+ conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN), Base64.encodeBase64String(AuthenticationTokenSerializer.serialize(token)));
}
/**
@@ -226,11 +225,11 @@ public class ConfiguratorBase {
/**
* Grabs the token file's path out of the Configuration.
*
- * @param job
+ * @param conf
* the Hadoop context for the configured job
* @return path to the token file as a String
* @since 1.6.0
- * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
+ * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken)
*/
public static String getTokenFile(Class<?> implementingClass, Configuration conf) {
return conf.get(enumToConfKey(implementingClass, ConnectorInfo.TOKEN_FILE), "");
@@ -239,11 +238,11 @@ public class ConfiguratorBase {
/**
* Reads from the token file in distributed cache. Currently, the token file stores data separated by colons e.g. principal:token_class:token
*
- * @param job
+ * @param conf
* the Hadoop context for the configured job
* @return path to the token file as a String
* @since 1.6.0
- * @see #setConnectorInfo(JobConf, String, AuthenticationToken)
+ * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken)
*/
public static String readTokenFile(Class<?> implementingClass, Configuration conf) {
String tokenFile = getTokenFile(implementingClass, conf);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/InputConfigurator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/InputConfigurator.java b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/InputConfigurator.java
index 61792e0..9d7c878 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/InputConfigurator.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/InputConfigurator.java
@@ -41,10 +41,10 @@ import org.apache.accumulo.core.client.TableNotFoundException;
import org.apache.accumulo.core.client.impl.Tables;
import org.apache.accumulo.core.client.impl.TabletLocator;
import org.apache.accumulo.core.client.mock.MockTabletLocator;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.data.Range;
import org.apache.accumulo.core.iterators.SortedKeyValueIterator;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.CredentialHelper;
import org.apache.accumulo.core.security.TablePermission;
import org.apache.accumulo.core.util.ArgumentChecker;
import org.apache.accumulo.core.util.Pair;
@@ -503,9 +503,9 @@ public class InputConfigurator extends ConfiguratorBase {
// validate that we can connect as configured
try {
Connector c = getInstance(implementingClass, conf).getConnector(getPrincipal(implementingClass, conf),
- CredentialHelper.extractToken(getTokenClass(implementingClass, conf), getToken(implementingClass, conf)));
+ AuthenticationTokenSerializer.deserialize(getTokenClass(implementingClass, conf), getToken(implementingClass, conf)));
if (!c.securityOperations().authenticateUser(getPrincipal(implementingClass, conf),
- CredentialHelper.extractToken(getTokenClass(implementingClass, conf), getToken(implementingClass, conf))))
+ AuthenticationTokenSerializer.deserialize(getTokenClass(implementingClass, conf), getToken(implementingClass, conf))))
throw new IOException("Unable to authenticate user");
if (!c.securityOperations().hasTablePermission(getPrincipal(implementingClass, conf), getInputTableName(implementingClass, conf), TablePermission.READ))
throw new IOException("Unable to access table");
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mock/MockTableOperations.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mock/MockTableOperations.java b/core/src/main/java/org/apache/accumulo/core/client/mock/MockTableOperations.java
index 2c416c6..91021e0 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mock/MockTableOperations.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mock/MockTableOperations.java
@@ -108,11 +108,13 @@ public class MockTableOperations extends TableOperationsHelper {
acu.addSplits(tableName, partitionKeys);
}
+ @Deprecated
@Override
public Collection<Text> getSplits(String tableName) throws TableNotFoundException {
return listSplits(tableName);
}
+ @Deprecated
@Override
public Collection<Text> getSplits(String tableName, int maxSplits) throws TableNotFoundException {
return listSplits(tableName);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/mock/MockTabletLocator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/mock/MockTabletLocator.java b/core/src/main/java/org/apache/accumulo/core/client/mock/MockTabletLocator.java
index 8d91d5d..b3458ca 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/mock/MockTabletLocator.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/mock/MockTabletLocator.java
@@ -28,20 +28,21 @@ import org.apache.accumulo.core.client.impl.TabletLocator;
import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.Mutation;
import org.apache.accumulo.core.data.Range;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.hadoop.io.Text;
public class MockTabletLocator extends TabletLocator {
public MockTabletLocator() {}
@Override
- public TabletLocation locateTablet(Text row, boolean skipRow, boolean retry, TCredentials credentials) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
+ public TabletLocation locateTablet(Credentials credentials, Text row, boolean skipRow, boolean retry) throws AccumuloException, AccumuloSecurityException,
+ TableNotFoundException {
throw new UnsupportedOperationException();
}
@Override
- public <T extends Mutation> void binMutations(List<T> mutations, Map<String,TabletServerMutations<T>> binnedMutations, List<T> failures,
- TCredentials credentials) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
+ public <T extends Mutation> void binMutations(Credentials credentials, List<T> mutations, Map<String,TabletServerMutations<T>> binnedMutations, List<T> failures)
+ throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
TabletServerMutations<T> tsm = new TabletServerMutations<T>();
for (T m : mutations)
tsm.addMutation(new KeyExtent(), m);
@@ -49,8 +50,8 @@ public class MockTabletLocator extends TabletLocator {
}
@Override
- public List<Range> binRanges(List<Range> ranges, Map<String,Map<KeyExtent,List<Range>>> binnedRanges, TCredentials credentials) throws AccumuloException, AccumuloSecurityException,
- TableNotFoundException {
+ public List<Range> binRanges(Credentials credentials, List<Range> ranges, Map<String,Map<KeyExtent,List<Range>>> binnedRanges) throws AccumuloException,
+ AccumuloSecurityException, TableNotFoundException {
binnedRanges.put("", Collections.singletonMap(new KeyExtent(new Text(), null, null), ranges));
return Collections.emptyList();
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java b/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java
index c6e2bca..a8e847f 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/security/tokens/AuthenticationToken.java
@@ -16,6 +16,11 @@
*/
package org.apache.accumulo.core.client.security.tokens;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
@@ -25,12 +30,108 @@ import java.util.Set;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;
+import org.apache.accumulo.core.client.AccumuloSecurityException;
+import org.apache.accumulo.core.client.impl.thrift.SecurityErrorCode;
import org.apache.hadoop.io.Writable;
/**
+ *
* @since 1.5.0
*/
public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
+
+ /**
+ * A utility class to serialize/deserialize {@link AuthenticationToken} objects.<br/>
+ * Unfortunately, these methods are provided in an inner-class, to avoid breaking the interface API.
+ *
+ * @since 1.6.0
+ */
+ public static class AuthenticationTokenSerializer {
+ /**
+ * A convenience method to create tokens from serialized bytes, created by {@link #serialize(AuthenticationToken)}
+ * <p>
+ * The specified tokenType will be instantiated, and used to deserialize the decoded bytes. The resulting object will then be returned to the caller.
+ *
+ * @param tokenType
+ * the token class to use to deserialize the bytes
+ * @param tokenBytes
+ * the token-specific serialized bytes
+ * @return an {@link AuthenticationToken} instance of the type specified by tokenType
+ * @throws AccumuloSecurityException
+ * if there is any error during deserialization
+ * @see #serialize(AuthenticationToken)
+ */
+ public static <T extends AuthenticationToken> T deserialize(Class<T> tokenType, byte[] tokenBytes) throws AccumuloSecurityException {
+ T type = null;
+ try {
+ type = tokenType.newInstance();
+ } catch (Exception e) {
+ throw new AccumuloSecurityException(null, SecurityErrorCode.SERIALIZATION_ERROR, e);
+ }
+ ByteArrayInputStream bais = new ByteArrayInputStream(tokenBytes);
+ DataInputStream in = new DataInputStream(bais);
+ try {
+ type.readFields(in);
+ } catch (IOException e) {
+ throw new AccumuloSecurityException(null, SecurityErrorCode.SERIALIZATION_ERROR, e);
+ }
+ try {
+ in.close();
+ } catch (IOException e) {
+ throw new IllegalStateException("Shouldn't happen", e);
+ }
+ return type;
+ }
+
+ /**
+ * An alternate version of {@link #deserialize(Class, byte[])} that accepts a token class name rather than a token class.
+ *
+ * @param tokenClassName
+ * the fully-qualified class name to be returned
+ * @see #serialize(AuthenticationToken)
+ */
+ public static AuthenticationToken deserialize(String tokenClassName, byte[] tokenBytes) throws AccumuloSecurityException {
+ Class<? extends AuthenticationToken> tokenType = null;
+ try {
+ @SuppressWarnings("unchecked")
+ Class<? extends AuthenticationToken> tmpTokenType = (Class<? extends AuthenticationToken>) Class.forName(tokenClassName);
+ tokenType = tmpTokenType;
+ } catch (ClassNotFoundException e) {
+ throw new AccumuloSecurityException(null, SecurityErrorCode.INVALID_TOKEN, e);
+ }
+ return deserialize(tokenType, tokenBytes);
+ }
+
+ /**
+ * A convenience method to serialize tokens.
+ * <p>
+ * The provided {@link AuthenticationToken} will be serialized to bytes by its own implementation and returned to the caller.
+ *
+ * @param token
+ * the token to serialize
+ * @return a serialized representation of the provided {@link AuthenticationToken}
+ * @throws AccumuloSecurityException
+ * if there is any error during serialization
+ * @see #deserialize(Class, byte[])
+ */
+ public static byte[] serialize(AuthenticationToken token) throws AccumuloSecurityException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ DataOutputStream out = new DataOutputStream(baos);
+ try {
+ token.write(out);
+ } catch (IOException e) {
+ throw new AccumuloSecurityException(null, SecurityErrorCode.SERIALIZATION_ERROR, e);
+ }
+ byte[] bytes = baos.toByteArray();
+ try {
+ out.close();
+ } catch (IOException e) {
+ throw new IllegalStateException("Shouldn't happen with ByteArrayOutputStream", e);
+ }
+ return bytes;
+ }
+ }
+
public class Properties implements Destroyable, Map<String,char[]> {
private boolean destroyed = false;
@@ -49,13 +150,13 @@ public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
return map.put(key, toPut);
}
- public void putAllStrings(Map<String, ? extends CharSequence> map) {
+ public void putAllStrings(Map<String,? extends CharSequence> map) {
checkDestroyed();
for (Map.Entry<String,? extends CharSequence> entry : map.entrySet()) {
put(entry.getKey(), entry.getValue());
}
}
-
+
@Override
public void destroy() throws DestroyFailedException {
for (String key : this.keySet()) {
@@ -65,7 +166,7 @@ public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
this.clear();
destroyed = true;
}
-
+
@Override
public boolean isDestroyed() {
return destroyed;
@@ -154,6 +255,7 @@ public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
this.masked = mask;
}
+ @Override
public String toString() {
return this.key + " - " + description;
}
@@ -170,10 +272,12 @@ public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
return this.masked;
}
+ @Override
public int hashCode() {
return key.hashCode();
}
+ @Override
public boolean equals(Object o) {
if (o instanceof TokenProperty)
return ((TokenProperty) o).key.equals(key);
@@ -189,5 +293,6 @@ public interface AuthenticationToken extends Writable, Destroyable, Cloneable {
public void init(Properties properties);
public Set<TokenProperty> getProperties();
+
public AuthenticationToken clone();
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/client/security/tokens/NullToken.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/security/tokens/NullToken.java b/core/src/main/java/org/apache/accumulo/core/client/security/tokens/NullToken.java
index c2e74c3..8673963 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/security/tokens/NullToken.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/security/tokens/NullToken.java
@@ -49,10 +49,12 @@ public class NullToken implements AuthenticationToken {
return false;
}
+ @Override
public NullToken clone() {
return new NullToken();
}
+ @Override
public boolean equals(Object obj) {
return obj instanceof NullToken;
}
@@ -64,4 +66,9 @@ public class NullToken implements AuthenticationToken {
public Set<TokenProperty> getProperties() {
return Collections.emptySet();
}
+
+ @Override
+ public int hashCode() {
+ return 0;
+ }
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/MetadataLocationObtainer.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/MetadataLocationObtainer.java b/core/src/main/java/org/apache/accumulo/core/metadata/MetadataLocationObtainer.java
index 237cacc..def9507 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/MetadataLocationObtainer.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/MetadataLocationObtainer.java
@@ -51,7 +51,7 @@ import org.apache.accumulo.core.data.thrift.IterInfo;
import org.apache.accumulo.core.iterators.user.WholeRowIterator;
import org.apache.accumulo.core.metadata.schema.MetadataSchema.TabletsSection;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException;
import org.apache.accumulo.core.util.OpTimer;
import org.apache.accumulo.core.util.Pair;
@@ -77,7 +77,7 @@ public class MetadataLocationObtainer implements TabletLocationObtainer {
}
@Override
- public TabletLocations lookupTablet(TabletLocation src, Text row, Text stopRow, TabletLocator parent, TCredentials credentials)
+ public TabletLocations lookupTablet(Credentials credentials, TabletLocation src, Text row, Text stopRow, TabletLocator parent)
throws AccumuloSecurityException, AccumuloException {
try {
@@ -99,7 +99,7 @@ public class MetadataLocationObtainer implements TabletLocationObtainer {
serverSideIteratorList.add(new IterInfo(10000, WholeRowIterator.class.getName(), "WRI"));
Map<String,Map<String,String>> serverSideIteratorOptions = Collections.emptyMap();
- boolean more = ThriftScanner.getBatchFromServer(credentials, range, src.tablet_extent, src.tablet_location, encodedResults, locCols,
+ boolean more = ThriftScanner.getBatchFromServer(instance, credentials, range, src.tablet_extent, src.tablet_location, encodedResults, locCols,
serverSideIteratorList, serverSideIteratorOptions, Constants.SCAN_BATCH_SIZE, Authorizations.EMPTY, false, instance.getConfiguration());
decodeRows(encodedResults, results);
@@ -107,8 +107,8 @@ public class MetadataLocationObtainer implements TabletLocationObtainer {
if (more && results.size() == 1) {
range = new Range(results.lastKey().followingKey(PartialKey.ROW_COLFAM_COLQUAL_COLVIS_TIME), true, new Key(stopRow).followingKey(PartialKey.ROW), false);
encodedResults.clear();
- more = ThriftScanner.getBatchFromServer(credentials, range, src.tablet_extent, src.tablet_location, encodedResults, locCols, serverSideIteratorList,
- serverSideIteratorOptions, Constants.SCAN_BATCH_SIZE, Authorizations.EMPTY, false, instance.getConfiguration());
+ more = ThriftScanner.getBatchFromServer(instance, credentials, range, src.tablet_extent, src.tablet_location, encodedResults, locCols,
+ serverSideIteratorList, serverSideIteratorOptions, Constants.SCAN_BATCH_SIZE, Authorizations.EMPTY, false, instance.getConfiguration());
decodeRows(encodedResults, results);
}
@@ -154,7 +154,7 @@ public class MetadataLocationObtainer implements TabletLocationObtainer {
}
@Override
- public List<TabletLocation> lookupTablets(String tserver, Map<KeyExtent,List<Range>> tabletsRanges, TabletLocator parent, TCredentials credentials)
+ public List<TabletLocation> lookupTablets(Credentials credentials, String tserver, Map<KeyExtent,List<Range>> tabletsRanges, TabletLocator parent)
throws AccumuloSecurityException, AccumuloException {
final TreeMap<Key,Value> results = new TreeMap<Key,Value>();
@@ -188,7 +188,7 @@ public class MetadataLocationObtainer implements TabletLocationObtainer {
Map<KeyExtent,List<Range>> unscanned = new HashMap<KeyExtent,List<Range>>();
Map<KeyExtent,List<Range>> failures = new HashMap<KeyExtent,List<Range>>();
try {
- TabletServerBatchReaderIterator.doLookup(tserver, tabletsRanges, failures, unscanned, rr, columns, credentials, opts, Authorizations.EMPTY,
+ TabletServerBatchReaderIterator.doLookup(instance, credentials, tserver, tabletsRanges, failures, unscanned, rr, columns, opts, Authorizations.EMPTY,
instance.getConfiguration());
if (failures.size() > 0) {
// invalidate extents in parents cache
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/MetadataServicer.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/MetadataServicer.java b/core/src/main/java/org/apache/accumulo/core/metadata/MetadataServicer.java
index 7473fcf..67f1d8a 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/MetadataServicer.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/MetadataServicer.java
@@ -24,8 +24,7 @@ import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.Instance;
import org.apache.accumulo.core.client.TableNotFoundException;
import org.apache.accumulo.core.data.KeyExtent;
-import org.apache.accumulo.core.security.CredentialHelper;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.util.ArgumentChecker;
/**
@@ -33,14 +32,13 @@ import org.apache.accumulo.core.util.ArgumentChecker;
*/
public abstract class MetadataServicer {
- public static MetadataServicer forTableName(Instance instance, TCredentials credentials, String tableName) throws AccumuloException,
- AccumuloSecurityException {
+ public static MetadataServicer forTableName(Instance instance, Credentials credentials, String tableName) throws AccumuloException, AccumuloSecurityException {
ArgumentChecker.notNull(tableName);
- Connector conn = instance.getConnector(credentials.getPrincipal(), CredentialHelper.extractToken(credentials));
+ Connector conn = instance.getConnector(credentials.getPrincipal(), credentials.getToken());
return forTableId(instance, credentials, conn.tableOperations().tableIdMap().get(tableName));
}
- public static MetadataServicer forTableId(Instance instance, TCredentials credentials, String tableId) {
+ public static MetadataServicer forTableId(Instance instance, Credentials credentials, String tableId) {
ArgumentChecker.notNull(tableId);
if (RootTable.ID.equals(tableId))
return new ServicerForRootTable(instance, credentials);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForMetadataTable.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForMetadataTable.java b/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForMetadataTable.java
index 64e49ef..0802994 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForMetadataTable.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForMetadataTable.java
@@ -17,7 +17,7 @@
package org.apache.accumulo.core.metadata;
import org.apache.accumulo.core.client.Instance;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
/**
* A metadata servicer for the metadata table (which holds metadata for user tables).<br />
@@ -25,7 +25,7 @@ import org.apache.accumulo.core.security.thrift.TCredentials;
*/
class ServicerForMetadataTable extends TableMetadataServicer {
- public ServicerForMetadataTable(Instance instance, TCredentials credentials) {
+ public ServicerForMetadataTable(Instance instance, Credentials credentials) {
super(instance, credentials, RootTable.NAME, MetadataTable.ID);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForRootTable.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForRootTable.java b/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForRootTable.java
index 4366991..4da517c 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForRootTable.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForRootTable.java
@@ -23,7 +23,7 @@ import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.client.Instance;
import org.apache.accumulo.core.client.TableNotFoundException;
import org.apache.accumulo.core.data.KeyExtent;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
/**
* A metadata servicer for the root table.<br />
@@ -33,7 +33,7 @@ class ServicerForRootTable extends MetadataServicer {
private Instance instance;
- public ServicerForRootTable(Instance instance, TCredentials credentials) {
+ public ServicerForRootTable(Instance instance, Credentials credentials) {
this.instance = instance;
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForUserTables.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForUserTables.java b/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForUserTables.java
index 7e15bc0..fd64e05 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForUserTables.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/ServicerForUserTables.java
@@ -17,7 +17,7 @@
package org.apache.accumulo.core.metadata;
import org.apache.accumulo.core.client.Instance;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
/**
* A metadata servicer for user tables.<br />
@@ -25,7 +25,7 @@ import org.apache.accumulo.core.security.thrift.TCredentials;
*/
class ServicerForUserTables extends TableMetadataServicer {
- public ServicerForUserTables(Instance instance, TCredentials credentials, String tableId) {
+ public ServicerForUserTables(Instance instance, Credentials credentials, String tableId) {
super(instance, credentials, MetadataTable.NAME, tableId);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/TableMetadataServicer.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/TableMetadataServicer.java b/core/src/main/java/org/apache/accumulo/core/metadata/TableMetadataServicer.java
index 0b088f5..a3800ed 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/TableMetadataServicer.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/TableMetadataServicer.java
@@ -31,8 +31,7 @@ import org.apache.accumulo.core.data.KeyExtent;
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.metadata.schema.MetadataSchema.TabletsSection;
import org.apache.accumulo.core.security.Authorizations;
-import org.apache.accumulo.core.security.CredentialHelper;
-import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.accumulo.core.security.Credentials;
import org.apache.hadoop.io.Text;
/**
@@ -41,11 +40,11 @@ import org.apache.hadoop.io.Text;
abstract class TableMetadataServicer extends MetadataServicer {
private Instance instance;
- private TCredentials credentials;
+ private Credentials credentials;
private String tableIdBeingServiced;
private String serviceTableName;
- public TableMetadataServicer(Instance instance, TCredentials credentials, String serviceTableName, String tableIdBeingServiced) {
+ public TableMetadataServicer(Instance instance, Credentials credentials, String serviceTableName, String tableIdBeingServiced) {
this.instance = instance;
this.credentials = credentials;
this.serviceTableName = serviceTableName;
@@ -64,8 +63,7 @@ abstract class TableMetadataServicer extends MetadataServicer {
@Override
public void getTabletLocations(SortedMap<KeyExtent,String> tablets) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
- Scanner scanner = instance.getConnector(credentials.getPrincipal(), CredentialHelper.extractToken(credentials)).createScanner(getServicingTableName(),
- Authorizations.EMPTY);
+ Scanner scanner = instance.getConnector(credentials.getPrincipal(), credentials.getToken()).createScanner(getServicingTableName(), Authorizations.EMPTY);
TabletsSection.TabletColumnFamily.PREV_ROW_COLUMN.fetch(scanner);
scanner.fetchColumnFamily(TabletsSection.CurrentLocationColumnFamily.NAME);
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/metadata/schema/MetadataSchema.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/metadata/schema/MetadataSchema.java b/core/src/main/java/org/apache/accumulo/core/metadata/schema/MetadataSchema.java
index 4c2b6f8..06eae23 100644
--- a/core/src/main/java/org/apache/accumulo/core/metadata/schema/MetadataSchema.java
+++ b/core/src/main/java/org/apache/accumulo/core/metadata/schema/MetadataSchema.java
@@ -74,8 +74,8 @@ public class MetadataSchema {
*/
public static class TabletColumnFamily {
/**
- * This needs to sort after all other column families for that tablet, because the {@link PREV_ROW_COLUMN} sits in this and that needs to sort last
- * because the {@link SimpleGarbageCollector} relies on this.
+ * This needs to sort after all other column families for that tablet, because the {@link #PREV_ROW_COLUMN} sits in this and that needs to sort last
+ * because the SimpleGarbageCollector relies on this.
*/
public static final Text NAME = new Text("~tab");
/**
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/security/Authorizations.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/Authorizations.java b/core/src/main/java/org/apache/accumulo/core/security/Authorizations.java
index 9fcdfc3..47a5475 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/Authorizations.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/Authorizations.java
@@ -195,8 +195,6 @@ public class Authorizations implements Iterable<byte[]>, Serializable {
/**
* Retrieve authorizations as a list of strings that have been encoded as UTF-8 bytes.
- *
- * @see #Authorizations(List)
*/
public List<ByteBuffer> getAuthorizationsBB() {
return ByteBufferUtil.toImmutableByteBufferList(getAuthorizations());
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java b/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
index 24f72cf..ca149a8 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java
@@ -34,6 +34,7 @@ import org.apache.thrift.TDeserializer;
import org.apache.thrift.TException;
import org.apache.thrift.TSerializer;
+@Deprecated
public class CredentialHelper {
static Logger log = Logger.getLogger(CredentialHelper.class);
@@ -42,10 +43,6 @@ public class CredentialHelper {
return new TCredentials(principal, className, ByteBuffer.wrap(toBytes(token)), instanceID);
}
- public static String asBase64String(TCredentials cred) throws AccumuloSecurityException {
- return new String(Base64.encodeBase64(asByteArray(cred)), Constants.UTF8);
- }
-
public static byte[] asByteArray(TCredentials cred) throws AccumuloSecurityException {
TSerializer ts = new TSerializer();
try {
@@ -57,10 +54,6 @@ public class CredentialHelper {
}
}
- public static TCredentials fromBase64String(String string) throws AccumuloSecurityException {
- return fromByteArray(Base64.decodeBase64(string.getBytes(Constants.UTF8)));
- }
-
public static TCredentials fromByteArray(byte[] serializedCredential) throws AccumuloSecurityException {
if (serializedCredential == null)
return null;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/security/Credentials.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/security/Credentials.java b/core/src/main/java/org/apache/accumulo/core/security/Credentials.java
index 2c1dd8b..51222da 100644
--- a/core/src/main/java/org/apache/accumulo/core/security/Credentials.java
+++ b/core/src/main/java/org/apache/accumulo/core/security/Credentials.java
@@ -16,10 +16,17 @@
*/
package org.apache.accumulo.core.security;
+import java.nio.ByteBuffer;
+
+import org.apache.accumulo.core.Constants;
+import org.apache.accumulo.core.client.AccumuloSecurityException;
import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.Instance;
+import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.security.thrift.TCredentials;
+import org.apache.commons.codec.binary.Base64;
/**
* A wrapper for internal use. This class carries the instance, principal, and authentication token for use in the public API, in a non-serialized form. This is
@@ -47,8 +54,64 @@ public class Credentials {
return token;
}
- public TCredentials toThrift(Instance instance) {
- return CredentialHelper.createSquelchError(principal, token, instance.getInstanceID());
+ /**
+ * Converts the current object to the relevant thrift type. The object returned from this contains a non-destroyable version of the
+ * {@link AuthenticationToken}, so this should be used just before placing on the wire, and references to it should be tightly controlled.
+ */
+ public TCredentials toThrift(Instance instance) throws ThriftSecurityException {
+ try {
+ String className = token.getClass().getName();
+ return new TCredentials(principal, className, ByteBuffer.wrap(AuthenticationTokenSerializer.serialize(token)), instance.getInstanceID());
+ } catch (AccumuloSecurityException e) {
+
+ return null;
+ }
+ }
+
+ /**
+ * Converts the current object to a serialized form. The object returned from this contains a non-destroyable version of the {@link AuthenticationToken}, so
+ * references to it should be tightly controlled.
+ */
+ public String serialize() throws AccumuloSecurityException {
+ return (getPrincipal() == null ? "-" : Base64.encodeBase64String(getPrincipal().getBytes(Constants.UTF8))) + ":"
+ + (getToken() == null ? "-" : Base64.encodeBase64String(getToken().getClass().getName().getBytes(Constants.UTF8))) + ":"
+ + (getToken() == null ? "-" : Base64.encodeBase64String(AuthenticationTokenSerializer.serialize(getToken())));
+ }
+
+ /**
+ * Converts the serialized form to an instance of {@link Credentials}. The original serialized form will not be affected.
+ */
+ public static Credentials deserialize(String serializedForm) throws AccumuloSecurityException {
+ String[] split = serializedForm.split(":", 3);
+ String principal = split[0].equals("-") ? null : new String(Base64.decodeBase64(split[0]), Constants.UTF8);
+ String tokenType = split[1].equals("-") ? null : new String(Base64.decodeBase64(split[1]), Constants.UTF8);
+ AuthenticationToken token = null;
+ if (!split[2].equals("-")) {
+ byte[] tokenBytes = Base64.decodeBase64(split[2]);
+ token = AuthenticationTokenSerializer.deserialize(tokenType, tokenBytes);
+ }
+ return new Credentials(principal, token);
}
+ @Override
+ public int hashCode() {
+ return getPrincipal() == null ? 0 : getPrincipal().hashCode();
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (obj == null || !(obj instanceof Credentials))
+ return false;
+ Credentials other = Credentials.class.cast(obj);
+ boolean pEq = getPrincipal() == null ? (other.getPrincipal() == null) : (getPrincipal().equals(other.getPrincipal()));
+ if (!pEq)
+ return false;
+ boolean tEq = getToken() == null ? (other.getToken() == null) : (getToken().equals(other.getToken()));
+ return tEq;
+ }
+
+ @Override
+ public String toString() {
+ return getClass().getName() + ":" + getPrincipal() + ":" + (getToken() == null ? null : getToken().getClass().getName()) + ":<hidden>";
+ }
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java b/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
index d8e6d94..083720b 100644
--- a/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
+++ b/core/src/main/java/org/apache/accumulo/core/util/CreateToken.java
@@ -28,10 +28,11 @@ import org.apache.accumulo.core.cli.ClientOpts.Password;
import org.apache.accumulo.core.cli.ClientOpts.PasswordConverter;
import org.apache.accumulo.core.cli.Help;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
+import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.AuthenticationTokenSerializer;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties;
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.TokenProperty;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
-import org.apache.accumulo.core.security.CredentialHelper;
+import org.apache.commons.codec.binary.Base64;
import com.beust.jcommander.Parameter;
@@ -94,7 +95,7 @@ public class CreateToken {
props.put(tp.getKey(), input);
token.init(props);
}
- String tokenBase64 = CredentialHelper.tokenAsBase64(token);
+ String tokenBase64 = Base64.encodeBase64String(AuthenticationTokenSerializer.serialize(token));
String tokenFile = opts.tokenFile;
if (tokenFile == null) {
http://git-wip-us.apache.org/repos/asf/accumulo/blob/99da5641/core/src/test/java/org/apache/accumulo/core/client/admin/TableOperationsHelperTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/accumulo/core/client/admin/TableOperationsHelperTest.java b/core/src/test/java/org/apache/accumulo/core/client/admin/TableOperationsHelperTest.java
index c0a8748..913c2a8 100644
--- a/core/src/test/java/org/apache/accumulo/core/client/admin/TableOperationsHelperTest.java
+++ b/core/src/test/java/org/apache/accumulo/core/client/admin/TableOperationsHelperTest.java
@@ -69,11 +69,13 @@ public class TableOperationsHelperTest {
@Override
public void addSplits(String tableName, SortedSet<Text> partitionKeys) throws TableNotFoundException, AccumuloException, AccumuloSecurityException {}
+ @Deprecated
@Override
public Collection<Text> getSplits(String tableName) throws TableNotFoundException {
return null;
}
+ @Deprecated
@Override
public Collection<Text> getSplits(String tableName, int maxSplits) throws TableNotFoundException {
return null;
@@ -184,12 +186,12 @@ public class TableOperationsHelperTest {
public Map<String,String> tableIdMap() {
return null;
}
-
+
@Override
public List<DiskUsage> getDiskUsage(Set<String> tables) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
return null;
}
-
+
void check(String tablename, String[] values) {
Map<String,String> expected = new TreeMap<String,String>();
for (String value : values) {