AMBARI-10236. Principal and Keytab configuration specifications are ignored when disabling Kerberos (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/fe39b646 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/fe39b646 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/fe39b646 Branch: refs/heads/trunk Commit: fe39b6460b1f0ad50ece5a5cdc8bfede688956fa Parents: 3508f08 Author: Robert Levas <rle...@hortonworks.com> Authored: Tue Mar 31 10:40:36 2015 -0400 Committer: Robert Levas <rle...@hortonworks.com> Committed: Tue Mar 31 10:40:36 2015 -0400 ---------------------------------------------------------------------- .../ambari/server/agent/HeartBeatHandler.java | 54 ++--- .../server/controller/KerberosHelper.java | 190 +++++++++++------ .../AbstractKerberosDataFileBuilder.java | 124 ----------- .../AbstractKerberosDataFileReader.java | 2 +- .../AbstractKerberosDataFileWriter.java | 124 +++++++++++ .../kerberos/CreateKeytabFilesServerAction.java | 14 +- .../kerberos/CreatePrincipalsServerAction.java | 2 +- .../kerberos/KerberosActionDataFile.java | 41 ---- .../kerberos/KerberosActionDataFileBuilder.java | 115 ---------- .../kerberos/KerberosActionDataFileReader.java | 44 ---- .../kerberos/KerberosConfigDataFile.java | 2 +- .../kerberos/KerberosConfigDataFileBuilder.java | 66 ------ .../kerberos/KerberosConfigDataFileReader.java | 6 +- .../KerberosConfigDataFileReaderFactory.java | 44 ++++ .../kerberos/KerberosConfigDataFileWriter.java | 64 ++++++ .../KerberosConfigDataFileWriterFactory.java | 44 ++++ .../serveraction/kerberos/KerberosDataFile.java | 48 +++++ .../kerberos/KerberosIdentityDataFile.java | 41 ++++ .../KerberosIdentityDataFileReader.java | 44 ++++ .../KerberosIdentityDataFileReaderFactory.java | 45 ++++ .../KerberosIdentityDataFileWriter.java | 100 +++++++++ .../KerberosIdentityDataFileWriterFactory.java | 44 ++++ .../kerberos/KerberosServerAction.java | 39 ++-- .../UpdateKerberosConfigsServerAction.java | 69 ++---- .../server/agent/TestHeartbeatHandler.java | 56 +++-- .../server/controller/KerberosHelperTest.java | 43 ++++ .../kerberos/KerberosActionDataFileTest.java | 212 ------------------- .../kerberos/KerberosConfigDataFileTest.java | 57 ++--- .../kerberos/KerberosIdentityDataFileTest.java | 207 ++++++++++++++++++ .../kerberos/KerberosServerActionTest.java | 16 +- .../UpdateKerberosConfigsServerActionTest.java | 96 +++------ 31 files changed, 1154 insertions(+), 899 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java index 9f39049..51d6bc1 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java @@ -53,8 +53,8 @@ import org.apache.ambari.server.events.publishers.AmbariEventPublisher; import org.apache.ambari.server.events.publishers.VersionEventPublisher; import org.apache.ambari.server.metadata.ActionMetadata; import org.apache.ambari.server.orm.dao.KerberosPrincipalHostDAO; -import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile; -import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFileReader; +import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReader; +import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReaderFactory; import org.apache.ambari.server.serveraction.kerberos.KerberosServerAction; import org.apache.ambari.server.state.AgentVersion; import org.apache.ambari.server.state.Alert; @@ -162,6 +162,12 @@ public class HeartBeatHandler { @Inject private KerberosPrincipalHostDAO kerberosPrincipalHostDAO; + /** + * KerberosIdentityDataFileReaderFactory used to create KerberosIdentityDataFileReader instances + */ + @Inject + private KerberosIdentityDataFileReaderFactory kerberosIdentityDataFileReaderFactory; + private Map<String, Long> hostResponseIds = new ConcurrentHashMap<String, Long>(); private Map<String, HeartBeatResponse> hostResponses = new ConcurrentHashMap<String, HeartBeatResponse>(); @@ -1050,18 +1056,18 @@ public class HeartBeatHandler { void injectKeytab(ExecutionCommand ec, String command, String targetHost) throws AmbariException { List<Map<String, String>> kcp = ec.getKerberosCommandParams(); String dataDir = ec.getCommandParams().get(KerberosServerAction.DATA_DIRECTORY); - KerberosActionDataFileReader reader = null; + KerberosIdentityDataFileReader reader = null; try { - reader = new KerberosActionDataFileReader(new File(dataDir, KerberosActionDataFile.DATA_FILE_NAME)); + reader = kerberosIdentityDataFileReaderFactory.createKerberosIdentityDataFileReader(new File(dataDir, KerberosIdentityDataFileReader.DATA_FILE_NAME)); for (Map<String, String> record : reader) { - String hostName = record.get(KerberosActionDataFile.HOSTNAME); + String hostName = record.get(KerberosIdentityDataFileReader.HOSTNAME); if (targetHost.equalsIgnoreCase(hostName)) { if ("SET_KEYTAB".equalsIgnoreCase(command)) { - String keytabFilePath = record.get(KerberosActionDataFile.KEYTAB_FILE_PATH); + String keytabFilePath = record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH); if (keytabFilePath != null) { @@ -1070,20 +1076,18 @@ public class HeartBeatHandler { if (keytabFile.canRead()) { Map<String, String> keytabMap = new HashMap<String, String>(); - String principal = record.get(KerberosActionDataFile.PRINCIPAL); - String isService = record.get(KerberosActionDataFile.SERVICE); - - keytabMap.put(KerberosActionDataFile.HOSTNAME, hostName); - keytabMap.put(KerberosActionDataFile.SERVICE, isService); - keytabMap.put(KerberosActionDataFile.COMPONENT, record.get(KerberosActionDataFile.COMPONENT)); - keytabMap.put(KerberosActionDataFile.PRINCIPAL, principal); - keytabMap.put(KerberosActionDataFile.PRINCIPAL_CONFIGURATION, record.get(KerberosActionDataFile.PRINCIPAL_CONFIGURATION)); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_PATH, keytabFilePath); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_OWNER_NAME, record.get(KerberosActionDataFile.KEYTAB_FILE_OWNER_NAME)); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_OWNER_ACCESS, record.get(KerberosActionDataFile.KEYTAB_FILE_OWNER_ACCESS)); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_GROUP_NAME, record.get(KerberosActionDataFile.KEYTAB_FILE_GROUP_NAME)); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_GROUP_ACCESS, record.get(KerberosActionDataFile.KEYTAB_FILE_GROUP_ACCESS)); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_CONFIGURATION, record.get(KerberosActionDataFile.KEYTAB_FILE_CONFIGURATION)); + String principal = record.get(KerberosIdentityDataFileReader.PRINCIPAL); + String isService = record.get(KerberosIdentityDataFileReader.SERVICE); + + keytabMap.put(KerberosIdentityDataFileReader.HOSTNAME, hostName); + keytabMap.put(KerberosIdentityDataFileReader.SERVICE, isService); + keytabMap.put(KerberosIdentityDataFileReader.COMPONENT, record.get(KerberosIdentityDataFileReader.COMPONENT)); + keytabMap.put(KerberosIdentityDataFileReader.PRINCIPAL, principal); + keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH, keytabFilePath); + keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_NAME, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_NAME)); + keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_ACCESS, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_ACCESS)); + keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_NAME, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_NAME)); + keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_ACCESS, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_ACCESS)); BufferedInputStream bufferedIn = new BufferedInputStream(new FileInputStream(keytabFile)); byte[] keytabContent = IOUtils.toByteArray(bufferedIn); @@ -1096,11 +1100,11 @@ public class HeartBeatHandler { } else if ("REMOVE_KEYTAB".equalsIgnoreCase(command)) { Map<String, String> keytabMap = new HashMap<String, String>(); - keytabMap.put(KerberosActionDataFile.HOSTNAME, hostName); - keytabMap.put(KerberosActionDataFile.SERVICE, record.get(KerberosActionDataFile.SERVICE)); - keytabMap.put(KerberosActionDataFile.COMPONENT, record.get(KerberosActionDataFile.COMPONENT)); - keytabMap.put(KerberosActionDataFile.PRINCIPAL, record.get(KerberosActionDataFile.PRINCIPAL)); - keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_PATH, record.get(KerberosActionDataFile.KEYTAB_FILE_PATH)); + keytabMap.put(KerberosIdentityDataFileReader.HOSTNAME, hostName); + keytabMap.put(KerberosIdentityDataFileReader.SERVICE, record.get(KerberosIdentityDataFileReader.SERVICE)); + keytabMap.put(KerberosIdentityDataFileReader.COMPONENT, record.get(KerberosIdentityDataFileReader.COMPONENT)); + keytabMap.put(KerberosIdentityDataFileReader.PRINCIPAL, record.get(KerberosIdentityDataFileReader.PRINCIPAL)); + keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH)); kcp.add(keytabMap); } http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java index 75062a1..e8a6c0a 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java @@ -51,12 +51,12 @@ import org.apache.ambari.server.serveraction.kerberos.CreatePrincipalsServerActi import org.apache.ambari.server.serveraction.kerberos.DestroyPrincipalsServerAction; import org.apache.ambari.server.serveraction.kerberos.FinalizeKerberosServerAction; import org.apache.ambari.server.serveraction.kerberos.KDCType; -import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile; -import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFileBuilder; +import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileWriter; +import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileWriterFactory; +import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileWriter; import org.apache.ambari.server.serveraction.kerberos.KerberosAdminAuthenticationException; -import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFile; -import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileBuilder; import org.apache.ambari.server.serveraction.kerberos.KerberosCredential; +import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileWriterFactory; import org.apache.ambari.server.serveraction.kerberos.KerberosInvalidConfigurationException; import org.apache.ambari.server.serveraction.kerberos.KerberosKDCConnectionException; import org.apache.ambari.server.serveraction.kerberos.KerberosLDAPContainerException; @@ -164,6 +164,12 @@ public class KerberosHelper { @Inject private KerberosDescriptorFactory kerberosDescriptorFactory; + @Inject + private KerberosIdentityDataFileWriterFactory kerberosIdentityDataFileWriterFactory; + + @Inject + private KerberosConfigDataFileWriterFactory kerberosConfigDataFileWriterFactory; + /** * Used to get kerberos descriptors associated with the cluster or stack. * Currently not available via injection. @@ -686,7 +692,7 @@ public class KerberosHelper { if ((hosts != null) && !hosts.isEmpty()) { List<ServiceComponentHost> serviceComponentHostsToProcess = new ArrayList<ServiceComponentHost>(); KerberosDescriptor kerberosDescriptor = getKerberosDescriptor(cluster); - KerberosActionDataFileBuilder kerberosActionDataFileBuilder = null; + KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter = null; Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties(); Map<String, Map<String, String>> kerberosConfigurations = new HashMap<String, Map<String, String>>(); @@ -708,7 +714,7 @@ public class KerberosHelper { File dataDirectory = createTemporaryDirectory(); // Create the file used to store details about principals and keytabs to create - File indexFile = new File(dataDirectory, KerberosActionDataFile.DATA_FILE_NAME); + File identityDataFile = new File(dataDirectory, KerberosIdentityDataFileWriter.DATA_FILE_NAME); try { // Iterate over the hosts in the cluster to find the components installed in each. For each @@ -750,14 +756,14 @@ public class KerberosHelper { int identitiesAdded = 0; List<KerberosIdentityDescriptor> serviceIdentities = serviceDescriptor.getIdentities(true); - // Lazily create the KerberosActionDataFileBuilder instance... - if (kerberosActionDataFileBuilder == null) { - kerberosActionDataFileBuilder = new KerberosActionDataFileBuilder(indexFile); + // Lazily create the KerberosIdentityDataFileWriter instance... + if (kerberosIdentityDataFileWriter == null) { + kerberosIdentityDataFileWriter = kerberosIdentityDataFileWriterFactory.createKerberosIdentityDataFileWriter(identityDataFile); } // Add service-level principals (and keytabs) - identitiesAdded += addIdentities(kerberosActionDataFileBuilder, serviceIdentities, - identityFilter, hostname, serviceName, componentName, configurations); + identitiesAdded += addIdentities(kerberosIdentityDataFileWriter, serviceIdentities, + identityFilter, hostname, serviceName, componentName, kerberosConfigurations, configurations); // If there is no filter or the filter contains the current component name, // test to see if this component should be process by querying the handler... @@ -773,8 +779,8 @@ public class KerberosHelper { componentDescriptor.getConfigurations(true), configurations); // Add component-level principals (and keytabs) - identitiesAdded += addIdentities(kerberosActionDataFileBuilder, componentIdentities, - identityFilter, hostname, serviceName, componentName, configurations); + identitiesAdded += addIdentities(kerberosIdentityDataFileWriter, componentIdentities, + identityFilter, hostname, serviceName, componentName, kerberosConfigurations, configurations); } } @@ -787,14 +793,14 @@ public class KerberosHelper { } } } catch (IOException e) { - String message = String.format("Failed to write index file - %s", indexFile.getAbsolutePath()); + String message = String.format("Failed to write index file - %s", identityDataFile.getAbsolutePath()); LOG.error(message); throw new AmbariException(message, e); } finally { - if (kerberosActionDataFileBuilder != null) { + if (kerberosIdentityDataFileWriter != null) { // Make sure the data file is closed try { - kerberosActionDataFileBuilder.close(); + kerberosIdentityDataFileWriter.close(); } catch (IOException e) { LOG.warn("Failed to close the index file writer", e); } @@ -930,7 +936,7 @@ public class KerberosHelper { if ((hosts != null) && !hosts.isEmpty()) { List<ServiceComponentHost> serviceComponentHostsToProcess = new ArrayList<ServiceComponentHost>(); KerberosDescriptor kerberosDescriptor = getKerberosDescriptor(cluster); - KerberosActionDataFileBuilder kerberosActionDataFileBuilder = null; + KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter = null; Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties(); // While iterating over all the ServiceComponentHosts find hosts that have KERBEROS_CLIENT @@ -945,7 +951,7 @@ public class KerberosHelper { File dataDirectory = createTemporaryDirectory(); // Create the file used to store details about principals and keytabs to create - File indexFile = new File(dataDirectory, KerberosActionDataFile.DATA_FILE_NAME); + File identityDataFile = new File(dataDirectory, KerberosIdentityDataFileWriter.DATA_FILE_NAME); // Create a special identity for the test user KerberosIdentityDescriptor identity = new KerberosIdentityDescriptor(new HashMap<String, Object>() { @@ -1016,14 +1022,14 @@ public class KerberosHelper { int identitiesAdded = 0; - // Lazily create the KerberosActionDataFileBuilder instance... - if (kerberosActionDataFileBuilder == null) { - kerberosActionDataFileBuilder = new KerberosActionDataFileBuilder(indexFile); + // Lazily create the KerberosIdentityDataFileWriter instance... + if (kerberosIdentityDataFileWriter == null) { + kerberosIdentityDataFileWriter = kerberosIdentityDataFileWriterFactory.createKerberosIdentityDataFileWriter(identityDataFile); } // Add service-level principals (and keytabs) - identitiesAdded += addIdentities(kerberosActionDataFileBuilder, Collections.singleton(identity), - null, hostname, serviceName, componentName, configurations); + identitiesAdded += addIdentities(kerberosIdentityDataFileWriter, Collections.singleton(identity), + null, hostname, serviceName, componentName, null, configurations); if (identitiesAdded > 0) { // Add the relevant principal name and keytab file data to the command params state @@ -1041,14 +1047,14 @@ public class KerberosHelper { } } } catch (IOException e) { - String message = String.format("Failed to write index file - %s", indexFile.getAbsolutePath()); + String message = String.format("Failed to write index file - %s", identityDataFile.getAbsolutePath()); LOG.error(message); throw new AmbariException(message, e); } finally { - if (kerberosActionDataFileBuilder != null) { + if (kerberosIdentityDataFileWriter != null) { // Make sure the data file is closed try { - kerberosActionDataFileBuilder.close(); + kerberosIdentityDataFileWriter.close(); } catch (IOException e) { LOG.warn("Failed to close the index file writer", e); } @@ -1369,6 +1375,48 @@ public class KerberosHelper { return configurations; } + /** + * Merges the specified configuration property in a map of configuration types. + * The supplied property is processed to replace variables using the replacement Map. + * <p/> + * See {@link org.apache.ambari.server.state.kerberos.KerberosDescriptor#replaceVariables(String, java.util.Map)} + * for information on variable replacement. + * + * @param configurations the Map of configuration types to update + * @param configurationSpecification the config-type/property_name value specifying the property to set + * @param value the value of the property to set + * @param replacements a Map of (grouped) replacement values + * @throws AmbariException + */ + private void mergeConfiguration(Map<String, Map<String, String>> configurations, + String configurationSpecification, + String value, + Map<String, Map<String, String>> replacements) throws AmbariException { + + if (configurationSpecification != null) { + String[] parts = configurationSpecification.split("/"); + if (parts.length == 2) { + String type = parts[0]; + String property = parts[1]; + + mergeConfigurations(configurations, type, Collections.singletonMap(property, value), replacements); + } + } + } + + /** + * Merges configuration from a Map of configuration updates into a main configurations Map. Each + * property in the updates Map is processed to replace variables using the replacement Map. + * <p/> + * See {@link org.apache.ambari.server.state.kerberos.KerberosDescriptor#replaceVariables(String, java.util.Map)} + * for information on variable replacement. + * + * @param configurations a Map of configurations + * @param type the configuration type + * @param updates a Map of property updates + * @param replacements a Map of (grouped) replacement values + * @throws AmbariException + */ private void mergeConfigurations(Map<String, Map<String, String>> configurations, String type, Map<String, String> updates, Map<String, Map<String, String>> replacements) throws AmbariException { @@ -1389,27 +1437,30 @@ public class KerberosHelper { } /** - * Adds identities to the KerberosActionDataFileBuilder. + * Adds identities to the KerberosIdentityDataFileWriter. * - * @param kerberosActionDataFileBuilder a KerberosActionDataFileBuilder to use for storing identity - * records - * @param identities a List of KerberosIdentityDescriptors to add to the data - * file - * @param identityFilter a Collection of identity names indicating the relevant identities - - * if null, no filter is relevant; if empty, the filter indicates no - * relevant identities - * @param hostname the relevant hostname - * @param serviceName the relevant service name - * @param componentName the relevant component name - * @param configurations a Map of configurations to use a replacements for variables - * in identity fields + * @param kerberosIdentityDataFileWriter a KerberosIdentityDataFileWriter to use for storing identity + * records + * @param identities a List of KerberosIdentityDescriptors to add to the data + * file + * @param identityFilter a Collection of identity names indicating the relevant identities - + * if null, no filter is relevant; if empty, the filter indicates no + * relevant identities + * @param hostname the relevant hostname + * @param serviceName the relevant service name + * @param componentName the relevant component name + * @param kerberosConfigurations a map of the configurations to update with identity-specific + * values + * @param configurations a Map of configurations to use a replacements for variables + * in identity fields * @return an integer indicating the number of identities added to the data file * @throws java.io.IOException if an error occurs while writing a record to the data file */ - private int addIdentities(KerberosActionDataFileBuilder kerberosActionDataFileBuilder, + private int addIdentities(KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter, Collection<KerberosIdentityDescriptor> identities, Collection<String> identityFilter, String hostname, String serviceName, - String componentName, Map<String, Map<String, String>> configurations) + String componentName, Map<String, Map<String, String>> kerberosConfigurations, + Map<String, Map<String, String>> configurations) throws IOException { int identitiesAdded = 0; @@ -1436,6 +1487,7 @@ public class KerberosHelper { String keytabFileGroupName = null; String keytabFileGroupAccess = null; String keytabFileConfiguration = null; + boolean keytabIsCachable = false; if (keytabDescriptor != null) { keytabFilePath = KerberosDescriptor.replaceVariables(keytabDescriptor.getFile(), configurations); @@ -1444,23 +1496,28 @@ public class KerberosHelper { keytabFileGroupName = KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupName(), configurations); keytabFileGroupAccess = KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupAccess(), configurations); keytabFileConfiguration = KerberosDescriptor.replaceVariables(keytabDescriptor.getConfiguration(), configurations); + keytabIsCachable = keytabDescriptor.isCachable(); } // Append an entry to the action data file builder... - kerberosActionDataFileBuilder.addRecord( + kerberosIdentityDataFileWriter.writeRecord( hostname, serviceName, componentName, principal, principalType, - principalConfiguration, keytabFilePath, keytabFileOwnerName, keytabFileOwnerAccess, keytabFileGroupName, keytabFileGroupAccess, - keytabFileConfiguration, - (keytabDescriptor.isCachable()) ? "true" : "false"); + (keytabIsCachable) ? "true" : "false"); + + // Add the principal-related configuration to the map of configurations + mergeConfiguration(kerberosConfigurations, principalConfiguration, principal, null); + + // Add the keytab-related configuration to the map of configurations + mergeConfiguration(kerberosConfigurations, keytabFileConfiguration, keytabFilePath, null); identitiesAdded++; } @@ -2240,10 +2297,10 @@ public class KerberosHelper { // If there are configurations to set, create a (temporary) data file to store the configuration // updates and fill it will the relevant configurations. if (!kerberosConfigurations.isEmpty()) { - File configFile = new File(dataDirectory, KerberosConfigDataFile.DATA_FILE_NAME); - KerberosConfigDataFileBuilder kerberosConfDataFileBuilder = null; + File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME); + KerberosConfigDataFileWriter kerberosConfDataFileWriter = null; try { - kerberosConfDataFileBuilder = new KerberosConfigDataFileBuilder(configFile); + kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile); for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) { String type = entry.getKey(); @@ -2251,10 +2308,10 @@ public class KerberosHelper { if (properties != null) { for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) { - kerberosConfDataFileBuilder.addRecord(type, + kerberosConfDataFileWriter.addRecord(type, configTypeEntry.getKey(), configTypeEntry.getValue(), - KerberosConfigDataFile.OPERATION_TYPE_SET); + KerberosConfigDataFileWriter.OPERATION_TYPE_SET); } } } @@ -2263,9 +2320,9 @@ public class KerberosHelper { LOG.error(message); throw new AmbariException(message, e); } finally { - if (kerberosConfDataFileBuilder != null) { + if (kerberosConfDataFileWriter != null) { try { - kerberosConfDataFileBuilder.close(); + kerberosConfDataFileWriter.close(); } catch (IOException e) { LOG.warn("Failed to close the kerberos configurations file writer", e); } @@ -2375,8 +2432,8 @@ public class KerberosHelper { // updates and fill it will the relevant configurations. if (!kerberosConfigurations.isEmpty()) { Map<String, Collection<String>> configurationsToRemove = new HashMap<String, Collection<String>>(); - File configFile = new File(dataDirectory, KerberosConfigDataFile.DATA_FILE_NAME); - KerberosConfigDataFileBuilder kerberosConfDataFileBuilder = null; + File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME); + KerberosConfigDataFileWriter kerberosConfDataFileWriter = null; // Fill the configurationsToRemove map with all Kerberos-related configurations. Values // needed to be kept will have new values from the stack definition and thus pruned from @@ -2430,21 +2487,26 @@ public class KerberosHelper { } try { - kerberosConfDataFileBuilder = new KerberosConfigDataFileBuilder(configFile); + kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile); for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) { String type = entry.getKey(); Map<String, String> properties = entry.getValue(); + Collection<String> propertiesToRemove = configurationsToRemove.get(type); if (properties != null) { for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) { - String value = configTypeEntry.getValue(); + String propertyName = configTypeEntry.getKey(); - kerberosConfDataFileBuilder.addRecord(type, - configTypeEntry.getKey(), - value, - (value == null) ? KerberosConfigDataFile.OPERATION_TYPE_REMOVE : KerberosConfigDataFile.OPERATION_TYPE_SET - ); + // Ignore properties that should be removed + if ((propertiesToRemove == null) || !propertiesToRemove.contains(propertyName)) { + String value = configTypeEntry.getValue(); + String operation = (value == null) + ? KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE + : KerberosConfigDataFileWriter.OPERATION_TYPE_SET; + + kerberosConfDataFileWriter.addRecord(type, propertyName, value, operation); + } } } } @@ -2456,7 +2518,7 @@ public class KerberosHelper { if (properties != null) { for (String propertyName : properties) { - kerberosConfDataFileBuilder.addRecord(type, propertyName, null, KerberosConfigDataFile.OPERATION_TYPE_REMOVE); + kerberosConfDataFileWriter.addRecord(type, propertyName, null, KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE); } } } @@ -2465,9 +2527,9 @@ public class KerberosHelper { LOG.error(message); throw new AmbariException(message, e); } finally { - if (kerberosConfDataFileBuilder != null) { + if (kerberosConfDataFileWriter != null) { try { - kerberosConfDataFileBuilder.close(); + kerberosConfDataFileWriter.close(); } catch (IOException e) { LOG.warn("Failed to close the kerberos configurations file writer", e); } http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java deleted file mode 100644 index cc2e2ff..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.serveraction.kerberos; - -import org.apache.commons.csv.CSVFormat; -import org.apache.commons.csv.CSVPrinter; - -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; - -/** - * AbstractKerberosDataFileBuilder provides a generic facility to write a data file using some - * underlying record-based file writer. - * <p/> - * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file. - */ -public abstract class AbstractKerberosDataFileBuilder { - - private File file; - private CSVPrinter csvPrinter; - - /** - * Creates a new KerberosConfigDataFileBuilder - * <p/> - * The file is opened upon creation, so there is no need to manually open it unless manually - * closed before using. - * - * @param file a File declaring where to write the data - * @throws java.io.IOException - */ - public AbstractKerberosDataFileBuilder(File file) throws IOException { - this.file = file; - open(); - } - - - /** - * Opens the data file for writing. - * <p/> - * This may be called multiple times and the appropriate action will occur depending on if the - * file has been previously opened or closed. - * - * @throws java.io.IOException - */ - public void open() throws IOException { - if (isClosed()) { - if (file == null) { - throw new IOException("Missing file path"); - } else { - csvPrinter = new CSVPrinter(new FileWriter(file, true), CSVFormat.DEFAULT); - - // If the file is empty, write the header; else don't write the header. - if (file.length() == 0) { - // Write the header.... - Iterable<?> headerRecord = getHeaderRecord(); - csvPrinter.printRecord(headerRecord); - } - } - } - } - - /** - * Tests this KerberosConfigDataFileBuilder to see if the data file is closed. - * - * @return true if closed; otherwise false - */ - public boolean isClosed() { - return csvPrinter == null; - } - - /** - * Closes the data file - * - * @throws java.io.IOException - */ - public void close() throws IOException { - if (csvPrinter != null) { - csvPrinter.close(); - csvPrinter = null; - } - } - - /** - * Appends a new record to the data file - * - * @param record a collection of Strings declaring values for the columns of the file - * @throws java.io.IOException - */ - protected void appendRecord(String... record) throws IOException { - - if (csvPrinter == null) { - throw new IOException("Data file is not open"); - } - - csvPrinter.printRecord(record); - } - - - /** - * Gets the header record for the CSV file - * - * @return an Iterable containing the (ordered) list of Strings declaring the columns names - */ - protected abstract Iterable<String> getHeaderRecord(); - - -} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java index 2d9f98a..63c53f5 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java @@ -58,7 +58,7 @@ public abstract class AbstractKerberosDataFileReader implements Iterable<Map<Str * This may be called multiple times and the appropriate action will occur depending on if the * file has been previously opened or closed. * - * @throws java.io.IOException + * @throws java.io.IOException if an error occurs while accessing the file */ public void open() throws IOException { if (isClosed()) { http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java new file mode 100644 index 0000000..8f1883f --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java @@ -0,0 +1,124 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import org.apache.commons.csv.CSVFormat; +import org.apache.commons.csv.CSVPrinter; + +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; + +/** + * AbstractKerberosDataFileWriter provides a generic facility to write a data file using some + * underlying record-based file writer. + * <p/> + * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file. + */ +public abstract class AbstractKerberosDataFileWriter { + + private File file; + private CSVPrinter csvPrinter; + + /** + * Creates a new KerberosConfigDataFileWriter + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @throws java.io.IOException + */ + public AbstractKerberosDataFileWriter(File file) throws IOException { + this.file = file; + open(); + } + + + /** + * Opens the data file for writing. + * <p/> + * This may be called multiple times and the appropriate action will occur depending on if the + * file has been previously opened or closed. + * + * @throws java.io.IOException + */ + public void open() throws IOException { + if (isClosed()) { + if (file == null) { + throw new IOException("Missing file path"); + } else { + csvPrinter = new CSVPrinter(new FileWriter(file, true), CSVFormat.DEFAULT); + + // If the file is empty, write the header; else don't write the header. + if (file.length() == 0) { + // Write the header.... + Iterable<?> headerRecord = getHeaderRecord(); + csvPrinter.printRecord(headerRecord); + } + } + } + } + + /** + * Tests this KerberosConfigDataFileWriter to see if the data file is closed. + * + * @return true if closed; otherwise false + */ + public boolean isClosed() { + return csvPrinter == null; + } + + /** + * Closes the data file + * + * @throws java.io.IOException + */ + public void close() throws IOException { + if (csvPrinter != null) { + csvPrinter.close(); + csvPrinter = null; + } + } + + /** + * Appends a new record to the data file + * + * @param record a collection of Strings declaring values for the columns of the file + * @throws java.io.IOException + */ + protected void appendRecord(String... record) throws IOException { + + if (csvPrinter == null) { + throw new IOException("Data file is not open"); + } + + csvPrinter.printRecord(record); + } + + + /** + * Gets the header record for the CSV file + * + * @return an Iterable containing the (ordered) list of Strings declaring the columns names + */ + protected abstract Iterable<String> getHeaderRecord(); + + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java index 3e94cd6..a1ff364 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java @@ -39,10 +39,6 @@ import java.util.Map; import java.util.Set; import java.util.concurrent.ConcurrentMap; -import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.HOSTNAME; -import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.KEYTAB_FILE_IS_CACHABLE; -import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.KEYTAB_FILE_PATH; - /** * CreateKeytabFilesServerAction is a ServerAction implementation that creates keytab files as * instructed. @@ -111,9 +107,9 @@ public class CreateKeytabFilesServerAction extends KerberosServerAction { * {@link org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandler} to generate * the keytab file. To help avoid filename collisions and to build a structure that is easy to * discover, each keytab file is stored in host-specific - * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile#HOSTNAME}) + * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReader#HOSTNAME}) * directory using the SHA1 hash of its destination file path - * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile#KEYTAB_FILE_PATH}) + * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReader#KEYTAB_FILE_PATH}) * <p/> * <pre> * data_directory @@ -154,8 +150,8 @@ public class CreateKeytabFilesServerAction extends KerberosServerAction { Map<String, String> principalPasswordMap = getPrincipalPasswordMap(requestSharedDataContext); Map<String, Integer> principalKeyNumberMap = getPrincipalKeyNumberMap(requestSharedDataContext); - String host = identityRecord.get(HOSTNAME); - String keytabFilePath = identityRecord.get(KEYTAB_FILE_PATH); + String host = identityRecord.get(KerberosIdentityDataFileReader.HOSTNAME); + String keytabFilePath = identityRecord.get(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH); if ((host != null) && !host.isEmpty() && (keytabFilePath != null) && !keytabFilePath.isEmpty()) { Set<String> visitedPrincipalKeys = visitedIdentities.get(evaluatedPrincipal); @@ -246,7 +242,7 @@ public class CreateKeytabFilesServerAction extends KerberosServerAction { // and store that location so it can be reused rather than recreate it. KerberosPrincipalEntity principalEntity = kerberosPrincipalDAO.find(evaluatedPrincipal); if (principalEntity != null) { - if (!principalEntity.isService() && ("true".equalsIgnoreCase(identityRecord.get(KEYTAB_FILE_IS_CACHABLE)))) { + if (!principalEntity.isService() && ("true".equalsIgnoreCase(identityRecord.get(KerberosIdentityDataFileReader.KEYTAB_FILE_IS_CACHABLE)))) { File cachedKeytabFile = cacheKeytab(evaluatedPrincipal, keytab); String previousCachedFilePath = principalEntity.getCachedKeytabPath(); String cachedKeytabFilePath = ((cachedKeytabFile == null) || !cachedKeytabFile.exists()) http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java index e8918e1..13fb49b 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java @@ -117,7 +117,7 @@ public class CreatePrincipalsServerAction extends KerberosServerAction { password = operationHandler.createSecurePassword(); try { - boolean servicePrincipal = "service".equalsIgnoreCase(identityRecord.get(KerberosActionDataFile.PRINCIPAL_TYPE)); + boolean servicePrincipal = "service".equalsIgnoreCase(identityRecord.get(KerberosIdentityDataFileReader.PRINCIPAL_TYPE)); if (operationHandler.principalExists(evaluatedPrincipal)) { // Create a new password since we need to know what it is. http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java deleted file mode 100644 index e85048d..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.serveraction.kerberos; - -/** - * KerberosActionDataFile declares the default data file name and the common record column names - * for the Kerberos action (metadata) data files. - */ -public class KerberosActionDataFile { - public static final String DATA_FILE_NAME = "index.dat"; - - public static final String HOSTNAME = "hostname"; - public static final String SERVICE = "service"; - public static final String COMPONENT = "component"; - public static final String PRINCIPAL = "principal"; - public static final String PRINCIPAL_TYPE = "principal_type"; - public static final String PRINCIPAL_CONFIGURATION = "principal_configuration"; - public static final String KEYTAB_FILE_PATH = "keytab_file_path"; - public static final String KEYTAB_FILE_OWNER_NAME = "keytab_file_owner_name"; - public static final String KEYTAB_FILE_OWNER_ACCESS = "keytab_file_owner_access"; - public static final String KEYTAB_FILE_GROUP_NAME = "keytab_file_group_name"; - public static final String KEYTAB_FILE_GROUP_ACCESS = "keytab_file_group_access"; - public static final String KEYTAB_FILE_CONFIGURATION = "keytab_file_configuration"; - public static final String KEYTAB_FILE_IS_CACHABLE = "keytab_file_is_cachable"; -} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java deleted file mode 100644 index 31e62be..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.serveraction.kerberos; - -import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.*; - -import java.io.File; -import java.io.IOException; -import java.util.Arrays; - -/** - * KerberosActionDataFileBuilder is an implementation of a KerberosActionDataFile that is used to - * create a new KerberosActionDataFile. - * <p/> - * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file. - */ -public class KerberosActionDataFileBuilder extends AbstractKerberosDataFileBuilder { - - /** - * Creates a new KerberosActionDataFileBuilder - * <p/> - * The file is opened upon creation, so there is no need to manually open it unless manually - * closed before using. - * - * @param file a File declaring where to write the data - * @throws IOException - */ - public KerberosActionDataFileBuilder(File file) throws IOException { - super(file); - } - - - /** - * Appends a new record to the data file - * - * @param hostName a String containing the hostname column data - * @param serviceName a String containing the service name column data - * @param serviceComponentName a String containing the component name column data - * @param principal a String containing the (raw, non-evaluated) principal "pattern" - * column data - * @param principalType a String declaring the principal type - expecting "service" or "user" - * @param principalConfiguration a String containing the principal's configuration property column data - * (expected to be the type and name of the configuration property - * to use to store the evaluated principal data in - * - i.e., config-type/property) - * @param keytabFilePath a String containing the destination keytab file path column data - * @param keytabFileOwnerName a String containing the keytab file owner name column data - * @param keytabFileOwnerAccess a String containing the keytab file owner access column data - * (expected to be "r" or "rw") - * @param keytabFileGroupName a String containing the keytab file group name column data - * @param keytabFileGroupAccess a String containing the keytab file group access column data - * (expected to be "r", "rw", or "") - * @param keytabFileConfiguration a String containing the keytab's configuration property column data - * (expected to be the type and name of the configuration property - * to use to store the keytab file's absolute path in - * - i.e., config-type/property) - * @param keytabFileCanCache a String containing a boolean value (true, false) indicating - * whether the generated keytab can be cached or not - * @throws IOException - */ - public void addRecord(String hostName, String serviceName, String serviceComponentName, - String principal, String principalType, String principalConfiguration, - String keytabFilePath, String keytabFileOwnerName, - String keytabFileOwnerAccess, String keytabFileGroupName, - String keytabFileGroupAccess, String keytabFileConfiguration, - String keytabFileCanCache) - throws IOException { - super.appendRecord(hostName, - serviceName, - serviceComponentName, - principal, - principalType, - principalConfiguration, - keytabFilePath, - keytabFileOwnerName, - keytabFileOwnerAccess, - keytabFileGroupName, - keytabFileGroupAccess, - keytabFileConfiguration, - keytabFileCanCache); - } - - @Override - protected Iterable<String> getHeaderRecord() { - return Arrays.asList(HOSTNAME, - SERVICE, - COMPONENT, - PRINCIPAL, - PRINCIPAL_TYPE, - PRINCIPAL_CONFIGURATION, - KEYTAB_FILE_PATH, - KEYTAB_FILE_OWNER_NAME, - KEYTAB_FILE_OWNER_ACCESS, - KEYTAB_FILE_GROUP_NAME, - KEYTAB_FILE_GROUP_ACCESS, - KEYTAB_FILE_CONFIGURATION, - KEYTAB_FILE_IS_CACHABLE); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java deleted file mode 100644 index cf872ca..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.serveraction.kerberos; - -import java.io.File; -import java.io.IOException; - -/** - * KerberosActionDataFileReader is an implementation of a KerberosActionDataFile that is used to - * read existing KerberosActionDataFiles. - * <p/> - * This class encapsulates a {@link org.apache.commons.csv.CSVParser} to read a CSV-formatted file. - */ -public class KerberosActionDataFileReader extends AbstractKerberosDataFileReader { - - /** - * Creates a new KerberosActionDataFileReader - * <p/> - * The file is opened upon creation, so there is no need to manually open it unless manually - * closed before using. - * - * @param file a File declaring where to write the data - * @throws IOException - */ - public KerberosActionDataFileReader(File file) throws IOException { - super(file); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java index bbd0f66..82b9225 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java @@ -22,7 +22,7 @@ package org.apache.ambari.server.serveraction.kerberos; * KerberosConfigDataFile declares the default data file name and the common record column names * for the Kerberos configuration data files. */ -public class KerberosConfigDataFile { +public interface KerberosConfigDataFile extends KerberosDataFile { public static final String DATA_FILE_NAME = "configs.dat"; public static final String CONFIGURATION_TYPE = "config"; http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java deleted file mode 100644 index a10f38e..0000000 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.ambari.server.serveraction.kerberos; - -import static org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFile.*; - -import java.io.File; -import java.io.IOException; -import java.util.Arrays; - -/** - * KerberosConfigDataFileBuilder is an implementation of a KerberosConfigDataFile that is used to - * create a new KerberosConfigDataFile. - * <p/> - * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file. - */ -public class KerberosConfigDataFileBuilder extends AbstractKerberosDataFileBuilder { - - /** - * Creates a new KerberosConfigDataFileBuilder - * <p/> - * The file is opened upon creation, so there is no need to manually open it unless manually - * closed before using. - * - * @param file a File declaring where to write the data - * @throws java.io.IOException - */ - public KerberosConfigDataFileBuilder(File file) throws IOException { - super(file); - } - - - /** - * Appends a new record to the data file - * - * @param config a String declaring the relevant configuration type for the key and value - * @param key a String declaring the key (or property name) with in the relevant configuration type - * @param value a String containing the value of the configuration property - * @param operation a String containing the operation to perform, expected "SET" or "REMOVE" - * @throws java.io.IOException - */ - public void addRecord(String config, String key, String value, String operation) throws IOException { - super.appendRecord(config, key, value, operation); - } - - @Override - protected Iterable<String> getHeaderRecord() { - return Arrays.asList(CONFIGURATION_TYPE, KEY, VALUE, OPERATION); - } -} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java index a230814..0c57cdc 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java @@ -27,7 +27,7 @@ import java.io.IOException; * <p/> * This class encapsulates a {@link org.apache.commons.csv.CSVParser} to read a CSV-formatted file. */ -public class KerberosConfigDataFileReader extends AbstractKerberosDataFileReader { +public class KerberosConfigDataFileReader extends AbstractKerberosDataFileReader implements KerberosConfigDataFile{ /** * Creates a new KerberosConfigDataFileReader @@ -36,9 +36,9 @@ public class KerberosConfigDataFileReader extends AbstractKerberosDataFileReader * closed before using. * * @param file a File declaring where to write the data - * @throws java.io.IOException + * @throws java.io.IOException if an error occurs while accessing the file */ - public KerberosConfigDataFileReader(File file) throws IOException { + KerberosConfigDataFileReader(File file) throws IOException { super(file); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java new file mode 100644 index 0000000..8abc7f4 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import com.google.inject.Singleton; + +import java.io.File; +import java.io.IOException; + +/** + * KerberosConfigDataFileReaderFactory creates KerberosConfigDataFileReader instances. + */ +@Singleton +public class KerberosConfigDataFileReaderFactory { + /** + * Creates a new KerberosConfigDataFileReader + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @return the created KerberosConfigDataFileReader + * @throws java.io.IOException if an error occurs while accessing the file + */ + public KerberosConfigDataFileReader createKerberosConfigDataFileReader(File file) throws IOException { + return new KerberosConfigDataFileReader(file); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java new file mode 100644 index 0000000..3b63269 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java @@ -0,0 +1,64 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import java.io.File; +import java.io.IOException; +import java.util.Arrays; + +/** + * KerberosConfigDataFileWriter is an implementation of a KerberosConfigDataFile that is used to + * create a new KerberosConfigDataFileWriter. + * <p/> + * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file. + */ +public class KerberosConfigDataFileWriter extends AbstractKerberosDataFileWriter implements KerberosConfigDataFile { + + /** + * Creates a new KerberosConfigDataFileWriter + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @throws java.io.IOException + */ + KerberosConfigDataFileWriter(File file) throws IOException { + super(file); + } + + + /** + * Appends a new record to the data file + * + * @param config a String declaring the relevant configuration type for the key and value + * @param key a String declaring the key (or property name) with in the relevant configuration type + * @param value a String containing the value of the configuration property + * @param operation a String containing the operation to perform, expected "SET" or "REMOVE" + * @throws java.io.IOException + */ + public void addRecord(String config, String key, String value, String operation) throws IOException { + super.appendRecord(config, key, value, operation); + } + + @Override + protected Iterable<String> getHeaderRecord() { + return Arrays.asList(CONFIGURATION_TYPE, KEY, VALUE, OPERATION); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java new file mode 100644 index 0000000..89b5669 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import com.google.inject.Singleton; + +import java.io.File; +import java.io.IOException; + +/** + * KerberosConfigDataFileWriterFactory creates KerberosConfigDataFileWriter instances. + */ +@Singleton +public class KerberosConfigDataFileWriterFactory { + /** + * Creates a new KerberosConfigDataFileWriter + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @return the created KerberosConfigDataFileWriter + * @throws java.io.IOException if an error occurs while accessing the file + */ + public KerberosConfigDataFileWriter createKerberosConfigDataFileWriter(File file) throws IOException { + return new KerberosConfigDataFileWriter(file); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java new file mode 100644 index 0000000..0863982 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import java.io.IOException; + +/** + * KerberosDataFile is an interfaced expected to be implemented by all Kerberos data file + * implementations + */ +public interface KerberosDataFile { + + /** + * Opens the data file. + * <p/> + * This may be called multiple times and the appropriate action should occur depending on if the + * file has been previously opened or closed. + * + * @throws java.io.IOException if an error occurs while opening the file + */ + void open() throws IOException; + + /** + * Closes the data file. + * <p/> + * This may be called multiple times and the appropriate action should occur depending on if the + * file has been previously opened or closed. + * + * @throws java.io.IOException if an error occurs while closing the file + */ + void close() throws IOException; +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java new file mode 100644 index 0000000..3c14627 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +/** + * KerberosIdentityDataFile declares the default data file name and the common record column names + * for the Kerberos action (metadata) data files. + */ +public interface KerberosIdentityDataFile extends KerberosDataFile { + public static final String DATA_FILE_NAME = "identity.dat"; + + public static final String HOSTNAME = "hostname"; + public static final String SERVICE = "service"; + public static final String COMPONENT = "component"; + public static final String PRINCIPAL = "principal"; + public static final String PRINCIPAL_TYPE = "principal_type"; + public static final String KEYTAB_FILE_PATH = "keytab_file_path"; + public static final String KEYTAB_FILE_OWNER_NAME = "keytab_file_owner_name"; + public static final String KEYTAB_FILE_OWNER_ACCESS = "keytab_file_owner_access"; + public static final String KEYTAB_FILE_GROUP_NAME = "keytab_file_group_name"; + public static final String KEYTAB_FILE_GROUP_ACCESS = "keytab_file_group_access"; + public static final String KEYTAB_FILE_IS_CACHABLE = "keytab_file_is_cachable"; + + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java new file mode 100644 index 0000000..0a49407 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import java.io.File; +import java.io.IOException; + +/** + * KerberosIdentityDataFileReader is an implementation of an AbstractKerberosDataFileReader that is + * used to read existing Kerberos identity data files. + * <p/> + * This class encapsulates a {@link org.apache.commons.csv.CSVParser} to read a CSV-formatted file. + */ +public class KerberosIdentityDataFileReader extends AbstractKerberosDataFileReader implements KerberosIdentityDataFile { + + /** + * Creates a new KerberosIdentityDataFileReader + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @throws java.io.IOException if an error occurs while accessing the file + */ + KerberosIdentityDataFileReader(File file) throws IOException { + super(file); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java new file mode 100644 index 0000000..3c75466 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java @@ -0,0 +1,45 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import com.google.inject.Singleton; + +import java.io.File; +import java.io.IOException; + +/** + * KerberosIdentityDataFileReaderFactory creates KerberosIdentityDataFileReader instances. + */ +@Singleton +public class KerberosIdentityDataFileReaderFactory { + + /** + * Creates a new KerberosIdentityDataFileReader + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @return the created KerberosIdentityDataFileReader + * @throws java.io.IOException if an error occurs while accessing the file + */ + public KerberosIdentityDataFileReader createKerberosIdentityDataFileReader(File file) throws IOException { + return new KerberosIdentityDataFileReader(file); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java new file mode 100644 index 0000000..f55c6f4 --- /dev/null +++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java @@ -0,0 +1,100 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.serveraction.kerberos; + +import java.io.File; +import java.io.IOException; +import java.util.Arrays; + +/** + * KerberosIdentityDataFileWriter is an implementation of an AbstractKerberosDataFileWriter that + * is used to create a new Kerberos identity data file. + * <p/> + * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file. + */ +public class KerberosIdentityDataFileWriter extends AbstractKerberosDataFileWriter implements KerberosIdentityDataFile { + + /** + * Creates a new KerberosIdentityDataFileWriter + * <p/> + * The file is opened upon creation, so there is no need to manually open it unless manually + * closed before using. + * + * @param file a File declaring where to write the data + * @throws IOException + */ + KerberosIdentityDataFileWriter(File file) throws IOException { + super(file); + } + + + /** + * Appends a new record to the data file + * + * @param hostName a String containing the hostname column data + * @param serviceName a String containing the service name column data + * @param serviceComponentName a String containing the component name column data + * @param principal a String containing the (raw, non-evaluated) principal "pattern" + * column data + * @param principalType a String declaring the principal type - expecting "service" or "user" + * @param keytabFilePath a String containing the destination keytab file path column data + * @param keytabFileOwnerName a String containing the keytab file owner name column data + * @param keytabFileOwnerAccess a String containing the keytab file owner access column data + * (expected to be "r" or "rw") + * @param keytabFileGroupName a String containing the keytab file group name column data + * @param keytabFileGroupAccess a String containing the keytab file group access column data + * (expected to be "r", "rw", or "") + * @param keytabFileCanCache a String containing a boolean value (true, false) indicating + * whether the generated keytab can be cached or not + * @throws IOException + */ + public void writeRecord(String hostName, String serviceName, String serviceComponentName, + String principal, String principalType, + String keytabFilePath, String keytabFileOwnerName, + String keytabFileOwnerAccess, String keytabFileGroupName, + String keytabFileGroupAccess, String keytabFileCanCache) + throws IOException { + super.appendRecord(hostName, + serviceName, + serviceComponentName, + principal, + principalType, + keytabFilePath, + keytabFileOwnerName, + keytabFileOwnerAccess, + keytabFileGroupName, + keytabFileGroupAccess, + keytabFileCanCache); + } + + @Override + protected Iterable<String> getHeaderRecord() { + return Arrays.asList(HOSTNAME, + SERVICE, + COMPONENT, + PRINCIPAL, + PRINCIPAL_TYPE, + KEYTAB_FILE_PATH, + KEYTAB_FILE_OWNER_NAME, + KEYTAB_FILE_OWNER_ACCESS, + KEYTAB_FILE_GROUP_NAME, + KEYTAB_FILE_GROUP_ACCESS, + KEYTAB_FILE_IS_CACHABLE); + } +}