http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/addons/hive-bridge/src/test/java/org/apache/hadoop/metadata/hive/hook/SSLHiveHookIT.java ---------------------------------------------------------------------- diff --git a/addons/hive-bridge/src/test/java/org/apache/hadoop/metadata/hive/hook/SSLHiveHookIT.java b/addons/hive-bridge/src/test/java/org/apache/hadoop/metadata/hive/hook/SSLHiveHookIT.java deleted file mode 100755 index d295d16..0000000 --- a/addons/hive-bridge/src/test/java/org/apache/hadoop/metadata/hive/hook/SSLHiveHookIT.java +++ /dev/null @@ -1,219 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.hadoop.metadata.hive.hook; - -import org.apache.commons.configuration.PropertiesConfiguration; -import org.apache.commons.lang.RandomStringUtils; -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.fs.Path; -import org.apache.hadoop.hive.conf.HiveConf; -import org.apache.hadoop.hive.ql.Driver; -import org.apache.hadoop.hive.ql.session.SessionState; -import org.apache.hadoop.metadata.MetadataException; -import org.apache.hadoop.metadata.MetadataServiceClient; -import org.apache.hadoop.metadata.hive.bridge.HiveMetaStoreBridge; -import org.apache.hadoop.metadata.hive.model.HiveDataTypes; -import org.apache.hadoop.metadata.security.SecurityProperties; -import org.apache.hadoop.metadata.web.service.SecureEmbeddedServer; -import org.apache.hadoop.security.alias.CredentialProvider; -import org.apache.hadoop.security.alias.CredentialProviderFactory; -import org.apache.hadoop.security.alias.JavaKeyStoreProvider; -import org.apache.hadoop.security.ssl.SSLFactory; -import org.apache.hadoop.security.ssl.SSLHostnameVerifier; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONObject; -import org.mortbay.jetty.Server; -import org.mortbay.jetty.webapp.WebAppContext; -import org.testng.Assert; -import org.testng.annotations.AfterClass; -import org.testng.annotations.BeforeClass; -import org.testng.annotations.Test; - -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.net.URL; -import java.nio.file.Files; - -import static org.apache.hadoop.metadata.security.SecurityProperties.*; - -public class SSLHiveHookIT { - private static final String DGI_URL = "https://localhost:21443/";; - private Driver driver; - private MetadataServiceClient dgiCLient; - private SessionState ss; - private Path jksPath; - private String providerUrl; - private TestSecureEmbeddedServer secureEmbeddedServer; - - class TestSecureEmbeddedServer extends SecureEmbeddedServer { - - public TestSecureEmbeddedServer(int port, String path) throws IOException { - super(port, path); - } - - public Server getServer () { return server; } - - @Override - public PropertiesConfiguration getConfiguration() { - return super.getConfiguration(); - } - } - - @BeforeClass - public void setUp() throws Exception { - //Set-up hive session - HiveConf conf = getHiveConf(); - driver = new Driver(conf); - ss = new SessionState(conf, System.getProperty("user.name")); - ss = SessionState.start(ss); - SessionState.setCurrentSessionState(ss); - - jksPath = new Path(Files.createTempDirectory("tempproviders").toString(), "test.jks"); - providerUrl = JavaKeyStoreProvider.SCHEME_NAME + "://file" + jksPath.toUri(); - - String persistDir = null; - URL resource = SSLHiveHookIT.class.getResource("/"); - if (resource != null) { - persistDir = resource.toURI().getPath(); - } - // delete prior ssl-client.xml file - resource = SSLHiveHookIT.class.getResource("/" + SecurityProperties.SSL_CLIENT_PROPERTIES); - if (resource != null) { - File sslClientFile = new File(persistDir, SecurityProperties.SSL_CLIENT_PROPERTIES); - if (sslClientFile != null && sslClientFile.exists()) { - sslClientFile.delete(); - } - } - setupCredentials(); - - final PropertiesConfiguration configuration = new PropertiesConfiguration(); - configuration.setProperty(TLS_ENABLED, true); - configuration.setProperty(TRUSTSTORE_FILE_KEY, "../../webapp/target/metadata.keystore"); - configuration.setProperty(KEYSTORE_FILE_KEY, "../../webapp/target/metadata.keystore"); - configuration.setProperty(CERT_STORES_CREDENTIAL_PROVIDER_PATH, providerUrl); - configuration.setProperty(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, SSLHostnameVerifier.DEFAULT_AND_LOCALHOST.toString()); - - configuration.save(new FileWriter(persistDir + File.separator + "client.properties")); - - dgiCLient = new MetadataServiceClient(DGI_URL) { - @Override - protected PropertiesConfiguration getClientProperties() throws MetadataException { - return configuration; - } - }; - - secureEmbeddedServer = new TestSecureEmbeddedServer(21443, "webapp/target/metadata-governance") { - @Override - public PropertiesConfiguration getConfiguration() { - return configuration; - } - }; - WebAppContext webapp = new WebAppContext(); - webapp.setContextPath("/"); - webapp.setWar(System.getProperty("user.dir") + getWarPath()); - secureEmbeddedServer.getServer().setHandler(webapp); - - secureEmbeddedServer.getServer().start(); - - } - - @AfterClass - public void tearDown() throws Exception { - if (secureEmbeddedServer != null) { - secureEmbeddedServer.getServer().stop(); - } - } - - protected void setupCredentials() throws Exception { - Configuration conf = new Configuration(false); - - File file = new File(jksPath.toUri().getPath()); - file.delete(); - conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, providerUrl); - - CredentialProvider provider = - CredentialProviderFactory.getProviders(conf).get(0); - - // create new aliases - try { - - char[] storepass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - KEYSTORE_PASSWORD_KEY, storepass); - - char[] trustpass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - TRUSTSTORE_PASSWORD_KEY, trustpass); - - char[] trustpass2 = {'k', 'e', 'y', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - "ssl.client.truststore.password", trustpass2); - - char[] certpass = {'k', 'e', 'y', 'p', 'a', 's', 's'}; - provider.createCredentialEntry( - SERVER_CERT_PASSWORD_KEY, certpass); - - // write out so that it can be found in checks - provider.flush(); - } catch (Exception e) { - e.printStackTrace(); - throw e; - } - } - - protected String getWarPath() { - return String.format("/../../webapp/target/metadata-webapp-%s", - System.getProperty("project.version", "0.1-incubating-SNAPSHOT")); - } - - private HiveConf getHiveConf() { - HiveConf hiveConf = new HiveConf(this.getClass()); - hiveConf.setVar(HiveConf.ConfVars.PREEXECHOOKS, ""); - hiveConf.setVar(HiveConf.ConfVars.POSTEXECHOOKS, HiveHook.class.getName()); - hiveConf.setBoolVar(HiveConf.ConfVars.HIVE_SUPPORT_CONCURRENCY, false); - hiveConf.setVar(HiveConf.ConfVars.METASTOREWAREHOUSE, System.getProperty("user.dir") + "/target/metastore"); - hiveConf.set(HiveMetaStoreBridge.DGI_URL_PROPERTY, DGI_URL); - hiveConf.set("javax.jdo.option.ConnectionURL", "jdbc:derby:./target/metastore_db;create=true"); - hiveConf.set("hive.hook.dgi.synchronous", "true"); - return hiveConf; - } - - private void runCommand(String cmd) throws Exception { - ss.setCommandType(null); - driver.run(cmd); - } - - @Test - public void testCreateDatabase() throws Exception { - String dbName = "db" + RandomStringUtils.randomAlphanumeric(5).toLowerCase(); - runCommand("create database " + dbName); - - assertDatabaseIsRegistered(dbName); - } - - private void assertDatabaseIsRegistered(String dbName) throws Exception { - assertInstanceIsRegistered(HiveDataTypes.HIVE_DB.getName(), "name", dbName); - } - - private void assertInstanceIsRegistered(String typeName, String colName, String colValue) throws Exception{ - JSONArray results = dgiCLient.rawSearch(typeName, colName, colValue); - Assert.assertEquals(results.length(), 1); - } -}
http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/atlas/MetadataServiceClient.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/atlas/MetadataServiceClient.java b/client/src/main/java/org/apache/atlas/MetadataServiceClient.java new file mode 100755 index 0000000..675e28a --- /dev/null +++ b/client/src/main/java/org/apache/atlas/MetadataServiceClient.java @@ -0,0 +1,368 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.atlas; + +import com.sun.jersey.api.client.Client; +import com.sun.jersey.api.client.ClientResponse; +import com.sun.jersey.api.client.WebResource; +import com.sun.jersey.api.client.config.DefaultClientConfig; +import com.sun.jersey.client.urlconnection.URLConnectionClientHandler; +import org.apache.atlas.security.SecureClientUtils; +import org.apache.atlas.typesystem.Referenceable; +import org.apache.atlas.typesystem.json.InstanceSerialization; +import org.apache.commons.configuration.PropertiesConfiguration; +import org.codehaus.jettison.json.JSONArray; +import org.codehaus.jettison.json.JSONException; +import org.codehaus.jettison.json.JSONObject; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.ws.rs.HttpMethod; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriBuilder; +import java.util.ArrayList; +import java.util.List; + +import static org.apache.atlas.security.SecurityProperties.TLS_ENABLED; + +/** + * Client for metadata. + */ +public class MetadataServiceClient { + private static final Logger LOG = LoggerFactory.getLogger(MetadataServiceClient.class); + public static final String NAME = "name"; + public static final String GUID = "GUID"; + public static final String TYPENAME = "typeName"; + + public static final String DEFINITION = "definition"; + public static final String ERROR = "error"; + public static final String STACKTRACE = "stackTrace"; + public static final String REQUEST_ID = "requestId"; + public static final String RESULTS = "results"; + public static final String COUNT = "count"; + public static final String ROWS = "rows"; + + public static final String BASE_URI = "api/atlas/"; + public static final String TYPES = "types"; + public static final String URI_ENTITIES = "entities"; + public static final String URI_TRAITS = "traits"; + public static final String URI_SEARCH = "discovery/search"; + public static final String URI_LINEAGE = "lineage/hive/table"; + + public static final String QUERY = "query"; + public static final String QUERY_TYPE = "queryType"; + public static final String ATTRIBUTE_NAME = "property"; + public static final String ATTRIBUTE_VALUE = "value"; + + + public static final String INFRASTRUCTURE_SUPER_TYPE = "Infrastructure"; + public static final String DATA_SET_SUPER_TYPE = "DataSet"; + public static final String PROCESS_SUPER_TYPE = "Process"; + + public static final String JSON_MEDIA_TYPE = MediaType.APPLICATION_JSON + "; charset=UTF-8"; + + private WebResource service; + + public MetadataServiceClient(String baseUrl) { + DefaultClientConfig config = new DefaultClientConfig(); + PropertiesConfiguration clientConfig = null; + try { + clientConfig = getClientProperties(); + if (clientConfig.getBoolean(TLS_ENABLED, false)) { + // create an SSL properties configuration if one doesn't exist. SSLFactory expects a file, so forced to create a + // configuration object, persist it, then subsequently pass in an empty configuration to SSLFactory + SecureClientUtils.persistSSLClientConfiguration(clientConfig); + } + } catch (Exception e) { + LOG.info("Error processing client configuration.", e); + } + + URLConnectionClientHandler handler = SecureClientUtils.getClientConnectionHandler(config, clientConfig); + + Client client = new Client(handler, config); + client.resource(UriBuilder.fromUri(baseUrl).build()); + + service = client.resource(UriBuilder.fromUri(baseUrl).build()); + } + + protected PropertiesConfiguration getClientProperties() throws MetadataException { + return PropertiesUtil.getClientProperties(); + } + + enum API { + + //Type operations + CREATE_TYPE(BASE_URI + TYPES, HttpMethod.POST), + GET_TYPE(BASE_URI + TYPES, HttpMethod.GET), + LIST_TYPES(BASE_URI + TYPES, HttpMethod.GET), + LIST_TRAIT_TYPES(BASE_URI + TYPES + "?type=trait", HttpMethod.GET), + + //Entity operations + CREATE_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.POST), + GET_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.GET), + UPDATE_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.PUT), + LIST_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.GET), + + //Trait operations + ADD_TRAITS(BASE_URI + URI_TRAITS, HttpMethod.POST), + DELETE_TRAITS(BASE_URI + URI_TRAITS, HttpMethod.DELETE), + LIST_TRAITS(BASE_URI + URI_TRAITS, HttpMethod.GET), + + //Search operations + SEARCH(BASE_URI + URI_SEARCH, HttpMethod.GET), + SEARCH_DSL(BASE_URI + URI_SEARCH + "/dsl", HttpMethod.GET), + SEARCH_GREMLIN(BASE_URI + URI_SEARCH + "/gremlin", HttpMethod.GET), + SEARCH_FULL_TEXT(BASE_URI + URI_SEARCH + "/fulltext", HttpMethod.GET), + + //Lineage operations + LINEAGE_INPUTS_GRAPH(BASE_URI + URI_LINEAGE, HttpMethod.GET), + LINEAGE_OUTPUTS_GRAPH(BASE_URI + URI_LINEAGE, HttpMethod.GET), + LINEAGE_SCHEMA(BASE_URI + URI_LINEAGE, HttpMethod.GET); + + private final String method; + private final String path; + + API(String path, String method) { + this.path = path; + this.method = method; + } + + public String getMethod() { + return method; + } + + public String getPath() { + return path; + } + } + + /** + * Register the given type(meta model) + * @param typeAsJson type definition a jaon + * @return result json object + * @throws MetadataServiceException + */ + public JSONObject createType(String typeAsJson) throws MetadataServiceException { + return callAPI(API.CREATE_TYPE, typeAsJson); + } + + public List<String> listTypes() throws MetadataServiceException { + try { + final JSONObject jsonObject = callAPI(API.LIST_TYPES, null); + final JSONArray list = jsonObject.getJSONArray(MetadataServiceClient.RESULTS); + ArrayList<String> types = new ArrayList<>(); + for (int index = 0; index < list.length(); index++) { + types.add(list.getString(index)); + } + + return types; + } catch (JSONException e) { + throw new MetadataServiceException(API.LIST_TYPES, e); + } + } + + public String getType(String typeName) throws MetadataServiceException { + WebResource resource = getResource(API.GET_TYPE, typeName); + try { + JSONObject response = callAPIWithResource(API.GET_TYPE, resource); + return response.getString(DEFINITION); + } catch (MetadataServiceException e) { + if (e.getStatus() == ClientResponse.Status.NOT_FOUND) { + return null; + } + throw e; + } catch (JSONException e) { + throw new MetadataServiceException(e); + } + } + + /** + * Create the given entity + * @param entityAsJson entity(type instance) as json + * @return result json object + * @throws MetadataServiceException + */ + public JSONObject createEntity(String entityAsJson) throws MetadataServiceException { + return callAPI(API.CREATE_ENTITY, entityAsJson); + } + + /** + * Get an entity given the entity id + * @param guid entity id + * @return result json object + * @throws MetadataServiceException + */ + public Referenceable getEntity(String guid) throws MetadataServiceException { + JSONObject jsonResponse = callAPI(API.GET_ENTITY, null, guid); + try { + String entityInstanceDefinition = jsonResponse.getString(MetadataServiceClient.DEFINITION); + return InstanceSerialization.fromJsonReferenceable(entityInstanceDefinition, true); + } catch (JSONException e) { + throw new MetadataServiceException(e); + } + } + + /** + * Updates property for the entity corresponding to guid + * @param guid guid + * @param property property key + * @param value property value + */ + public JSONObject updateEntity(String guid, String property, String value) throws MetadataServiceException { + WebResource resource = getResource(API.UPDATE_ENTITY, guid); + resource = resource.queryParam(ATTRIBUTE_NAME, property); + resource = resource.queryParam(ATTRIBUTE_VALUE, value); + return callAPIWithResource(API.UPDATE_ENTITY, resource); + } + + public JSONObject searchEntity(String searchQuery) throws MetadataServiceException { + WebResource resource = getResource(API.SEARCH); + resource = resource.queryParam(QUERY, searchQuery); + return callAPIWithResource(API.SEARCH, resource); + } + + /** + * Search given type name, an attribute and its value. Uses search dsl + * @param typeName name of the entity type + * @param attributeName attribute name + * @param attributeValue attribute value + * @return result json object + * @throws MetadataServiceException + */ + public JSONArray rawSearch(String typeName, String attributeName, Object attributeValue) throws + MetadataServiceException { +// String gremlinQuery = String.format( +// "g.V.has(\"typeName\",\"%s\").and(_().has(\"%s.%s\", T.eq, \"%s\")).toList()", +// typeName, typeName, attributeName, attributeValue); +// return searchByGremlin(gremlinQuery); + String dslQuery = String.format("%s where %s = \"%s\"", typeName, attributeName, attributeValue); + return searchByDSL(dslQuery); + } + + /** + * Search given query DSL + * @param query DSL query + * @return result json object + * @throws MetadataServiceException + */ + public JSONArray searchByDSL(String query) throws MetadataServiceException { + LOG.debug("DSL query: {}", query); + WebResource resource = getResource(API.SEARCH_DSL); + resource = resource.queryParam(QUERY, query); + JSONObject result = callAPIWithResource(API.SEARCH_DSL, resource); + try { + return result.getJSONObject(RESULTS).getJSONArray(ROWS); + } catch (JSONException e) { + throw new MetadataServiceException(e); + } + } + + /** + * Search given gremlin query + * @param gremlinQuery Gremlin query + * @return result json object + * @throws MetadataServiceException + */ + public JSONObject searchByGremlin(String gremlinQuery) throws MetadataServiceException { + LOG.debug("Gremlin query: " + gremlinQuery); + WebResource resource = getResource(API.SEARCH_GREMLIN); + resource = resource.queryParam(QUERY, gremlinQuery); + return callAPIWithResource(API.SEARCH_GREMLIN, resource); + } + + /** + * Search given full text search + * @param query Query + * @return result json object + * @throws MetadataServiceException + */ + public JSONObject searchByFullText(String query) throws MetadataServiceException { + WebResource resource = getResource(API.SEARCH_FULL_TEXT); + resource = resource.queryParam(QUERY, query); + return callAPIWithResource(API.SEARCH_FULL_TEXT, resource); + } + + public JSONObject getInputGraph(String datasetName) throws MetadataServiceException { + JSONObject response = callAPI(API.LINEAGE_INPUTS_GRAPH, null, datasetName, "/inputs/graph"); + try { + return response.getJSONObject(MetadataServiceClient.RESULTS); + } catch (JSONException e) { + throw new MetadataServiceException(e); + } + } + + public JSONObject getOutputGraph(String datasetName) throws MetadataServiceException { + JSONObject response = callAPI(API.LINEAGE_OUTPUTS_GRAPH, null, datasetName, "/outputs/graph"); + try { + return response.getJSONObject(MetadataServiceClient.RESULTS); + } catch (JSONException e) { + throw new MetadataServiceException(e); + } + } + + public String getRequestId(JSONObject json) throws MetadataServiceException { + try { + return json.getString(REQUEST_ID); + } catch (JSONException e) { + throw new MetadataServiceException(e); + } + } + + private WebResource getResource(API api, String... pathParams) { + WebResource resource = service.path(api.getPath()); + if (pathParams != null) { + for (String pathParam : pathParams) { + resource = resource.path(pathParam); + } + } + return resource; + } + + private JSONObject callAPIWithResource(API api, WebResource resource) throws MetadataServiceException { + return callAPIWithResource(api, resource, null); + } + + private JSONObject callAPIWithResource(API api, WebResource resource, Object requestObject) + throws MetadataServiceException { + ClientResponse clientResponse = resource + .accept(JSON_MEDIA_TYPE) + .type(JSON_MEDIA_TYPE) + .method(api.getMethod(), ClientResponse.class, requestObject); + + Response.Status expectedStatus = HttpMethod.POST.equals(api.getMethod()) + ? Response.Status.CREATED : Response.Status.OK; + if (clientResponse.getStatus() == expectedStatus.getStatusCode()) { + String responseAsString = clientResponse.getEntity(String.class); + try { + return new JSONObject(responseAsString); + } catch (JSONException e) { + throw new MetadataServiceException(api, e); + } + } + + throw new MetadataServiceException(api, clientResponse); + } + + private JSONObject callAPI(API api, Object requestObject, + String... pathParams) throws MetadataServiceException { + WebResource resource = getResource(api, pathParams); + return callAPIWithResource(api, resource, requestObject); + } +} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/atlas/MetadataServiceException.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/atlas/MetadataServiceException.java b/client/src/main/java/org/apache/atlas/MetadataServiceException.java new file mode 100755 index 0000000..89ba89f --- /dev/null +++ b/client/src/main/java/org/apache/atlas/MetadataServiceException.java @@ -0,0 +1,45 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.atlas; + +import com.sun.jersey.api.client.ClientResponse; + +public class MetadataServiceException extends Exception { + private ClientResponse.Status status; + + public MetadataServiceException(MetadataServiceClient.API api, Exception e) { + super("Metadata service API " + api + " failed", e); + } + + public MetadataServiceException(MetadataServiceClient.API api, ClientResponse response) { + super("Metadata service API " + api + " failed with status " + + response.getClientResponseStatus().getStatusCode() + "(" + + response.getClientResponseStatus().getReasonPhrase() + ") Response Body (" + + response.getEntity(String.class) + ")"); + this.status = response.getClientResponseStatus(); + } + + public MetadataServiceException(Exception e) { + super(e); + } + + public ClientResponse.Status getStatus() { + return status; + } +} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/atlas/PropertiesUtil.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/atlas/PropertiesUtil.java b/client/src/main/java/org/apache/atlas/PropertiesUtil.java new file mode 100644 index 0000000..c1e014a --- /dev/null +++ b/client/src/main/java/org/apache/atlas/PropertiesUtil.java @@ -0,0 +1,58 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * <p/> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p/> + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.atlas; + +import org.apache.commons.configuration.PropertiesConfiguration; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.File; +import java.net.URL; + +public class PropertiesUtil { + private static final Logger LOG = LoggerFactory.getLogger(PropertiesUtil.class); + + private static final String APPLICATION_PROPERTIES = "application.properties"; + public static final String CLIENT_PROPERTIES = "client.properties"; + + public static PropertiesConfiguration getApplicationProperties() throws MetadataException { + return getPropertiesConfiguration(APPLICATION_PROPERTIES); + } + + public static PropertiesConfiguration getClientProperties() throws MetadataException { + return getPropertiesConfiguration(CLIENT_PROPERTIES); + } + + private static PropertiesConfiguration getPropertiesConfiguration(String name) throws MetadataException { + String confLocation = System.getProperty("atlas.conf"); + URL url; + try { + if (confLocation == null) { + url = PropertiesUtil.class.getResource("/" + name); + } else { + url = new File(confLocation, name).toURI().toURL(); + } + LOG.info("Loading {} from {}", name, url); + return new PropertiesConfiguration(url); + } catch (Exception e) { + throw new MetadataException("Failed to load application properties", e); + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java b/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java new file mode 100644 index 0000000..608b003 --- /dev/null +++ b/client/src/main/java/org/apache/atlas/security/SecureClientUtils.java @@ -0,0 +1,195 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.atlas.security; + +import com.sun.jersey.api.client.config.DefaultClientConfig; +import com.sun.jersey.client.urlconnection.HttpURLConnectionFactory; +import com.sun.jersey.client.urlconnection.URLConnectionClientHandler; +import org.apache.atlas.MetadataException; +import org.apache.atlas.PropertiesUtil; +import org.apache.commons.configuration.PropertiesConfiguration; +import org.apache.hadoop.conf.Configuration; +import org.apache.hadoop.security.UserGroupInformation; +import org.apache.hadoop.security.alias.CredentialProviderFactory; +import org.apache.hadoop.security.authentication.client.Authenticator; +import org.apache.hadoop.security.authentication.client.ConnectionConfigurator; +import org.apache.hadoop.security.ssl.SSLFactory; +import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL; +import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator; +import org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator; +import org.apache.hadoop.security.token.delegation.web.PseudoDelegationTokenAuthenticator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; +import java.net.HttpURLConnection; +import java.net.URL; +import java.net.URLConnection; +import java.security.GeneralSecurityException; + +import static org.apache.atlas.security.SecurityProperties.CERT_STORES_CREDENTIAL_PROVIDER_PATH; +import static org.apache.atlas.security.SecurityProperties.CLIENT_AUTH_KEY; +import static org.apache.atlas.security.SecurityProperties.KEYSTORE_FILE_KEY; +import static org.apache.atlas.security.SecurityProperties.TRUSTSTORE_FILE_KEY; + +/** + * + */ +public class SecureClientUtils { + + public final static int DEFAULT_SOCKET_TIMEOUT = 1 * 60 * 1000; // 1 minute + private static final Logger LOG = LoggerFactory.getLogger(SecureClientUtils.class); + + + public static URLConnectionClientHandler getClientConnectionHandler(DefaultClientConfig config, + PropertiesConfiguration clientConfig) { + config.getProperties().put( + URLConnectionClientHandler.PROPERTY_HTTP_URL_CONNECTION_SET_METHOD_WORKAROUND, + true); + Configuration conf = new Configuration(false); + conf.addResource(conf.get(SSLFactory.SSL_CLIENT_CONF_KEY, "ssl-client.xml")); + String authType = "simple"; + if (clientConfig != null) { + authType = clientConfig.getString("atlas.http.authentication.type", "simple"); + } + UserGroupInformation.setConfiguration(conf); + final ConnectionConfigurator connConfigurator = newConnConfigurator(conf); + Authenticator authenticator = new PseudoDelegationTokenAuthenticator(); + if (!authType.equals("simple")) { + authenticator = new KerberosDelegationTokenAuthenticator(); + } + authenticator.setConnectionConfigurator(connConfigurator); + final DelegationTokenAuthenticator finalAuthenticator = (DelegationTokenAuthenticator) authenticator; + final DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token(); + HttpURLConnectionFactory httpURLConnectionFactory = new HttpURLConnectionFactory() { + @Override + public HttpURLConnection getHttpURLConnection(final URL url) throws IOException { + try { + return new DelegationTokenAuthenticatedURL(finalAuthenticator, connConfigurator) + .openConnection(url, token, null); + } catch (Exception e) { + throw new IOException(e); + } + } + }; + + return new URLConnectionClientHandler(httpURLConnectionFactory); + } + + private final static ConnectionConfigurator DEFAULT_TIMEOUT_CONN_CONFIGURATOR = + new ConnectionConfigurator() { + @Override + public HttpURLConnection configure(HttpURLConnection conn) + throws IOException { + setTimeouts(conn, DEFAULT_SOCKET_TIMEOUT); + return conn; + } + }; + + private static ConnectionConfigurator newConnConfigurator(Configuration conf) { + try { + return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf); + } catch (Exception e) { + LOG.debug("Cannot load customized ssl related configuration. " + + "Fallback to system-generic settings.", e); + return DEFAULT_TIMEOUT_CONN_CONFIGURATOR; + } + } + + private static ConnectionConfigurator newSslConnConfigurator(final int timeout, + Configuration conf) throws IOException, GeneralSecurityException { + final SSLFactory factory; + final SSLSocketFactory sf; + final HostnameVerifier hv; + + factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); + factory.init(); + sf = factory.createSSLSocketFactory(); + hv = factory.getHostnameVerifier(); + + return new ConnectionConfigurator() { + @Override + public HttpURLConnection configure(HttpURLConnection conn) + throws IOException { + if (conn instanceof HttpsURLConnection) { + HttpsURLConnection c = (HttpsURLConnection) conn; + c.setSSLSocketFactory(sf); + c.setHostnameVerifier(hv); + } + setTimeouts(conn, timeout); + return conn; + } + }; + } + + private static void setTimeouts(URLConnection connection, int socketTimeout) { + connection.setConnectTimeout(socketTimeout); + connection.setReadTimeout(socketTimeout); + } + + private static File getSSLClientFile() throws MetadataException { + String confLocation = System.getProperty("atlas.conf"); + File sslDir; + try { + if (confLocation == null) { + String persistDir = null; + URL resource = PropertiesUtil.class.getResource("/"); + if (resource != null) { + persistDir = resource.toURI().getPath(); + } + assert persistDir != null; + sslDir = new File(persistDir); + } else { + sslDir = new File(confLocation); + } + LOG.info("ssl-client.xml will be created in {}", sslDir); + } catch (Exception e) { + throw new MetadataException("Failed to find client configuration directory", e); + } + return new File(sslDir, SecurityProperties.SSL_CLIENT_PROPERTIES); + } + + public static void persistSSLClientConfiguration(PropertiesConfiguration clientConfig) throws MetadataException, IOException { + //trust settings + Configuration configuration = new Configuration(false); + File sslClientFile = getSSLClientFile(); + if (!sslClientFile.exists()) { + configuration.set("ssl.client.truststore.type", "jks"); + configuration.set("ssl.client.truststore.location", clientConfig.getString(TRUSTSTORE_FILE_KEY)); + if (clientConfig.getBoolean(CLIENT_AUTH_KEY, false)) { + // need to get client key properties + configuration.set("ssl.client.keystore.location", clientConfig.getString(KEYSTORE_FILE_KEY)); + configuration.set("ssl.client.keystore.type", "jks"); + } + // add the configured credential provider + configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, + clientConfig.getString(CERT_STORES_CREDENTIAL_PROVIDER_PATH)); + String hostnameVerifier = clientConfig.getString(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY); + if (hostnameVerifier != null) { + configuration.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, hostnameVerifier); + } + + configuration.writeXml(new FileWriter(sslClientFile)); + } + } + +} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/atlas/security/SecurityProperties.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/atlas/security/SecurityProperties.java b/client/src/main/java/org/apache/atlas/security/SecurityProperties.java new file mode 100644 index 0000000..e03ffcc --- /dev/null +++ b/client/src/main/java/org/apache/atlas/security/SecurityProperties.java @@ -0,0 +1,36 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.atlas.security; + +/** + * + */ +public interface SecurityProperties { + public static final String TLS_ENABLED = "atlas.enableTLS"; + public static final String KEYSTORE_FILE_KEY = "keystore.file"; + public static final String DEFAULT_KEYSTORE_FILE_LOCATION = "target/atlas.keystore"; + public static final String KEYSTORE_PASSWORD_KEY = "keystore.password"; + public static final String TRUSTSTORE_FILE_KEY = "truststore.file"; + public static final String DEFATULT_TRUSTORE_FILE_LOCATION = "target/atlas.keystore"; + public static final String TRUSTSTORE_PASSWORD_KEY = "truststore.password"; + public static final String SERVER_CERT_PASSWORD_KEY = "password"; + public static final String CLIENT_AUTH_KEY = "client.auth.enabled"; + public static final String CERT_STORES_CREDENTIAL_PROVIDER_PATH = "cert.stores.credential.provider.path"; + public static final String SSL_CLIENT_PROPERTIES = "ssl-client.xml"; + public static final String BIND_ADDRESS = "atlas.server.bind.address"; +} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceClient.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceClient.java b/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceClient.java deleted file mode 100755 index 6878ebe..0000000 --- a/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceClient.java +++ /dev/null @@ -1,368 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.hadoop.metadata; - -import com.sun.jersey.api.client.Client; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.api.client.config.DefaultClientConfig; -import com.sun.jersey.client.urlconnection.URLConnectionClientHandler; -import org.apache.commons.configuration.PropertiesConfiguration; -import org.apache.hadoop.metadata.security.SecureClientUtils; -import org.apache.hadoop.metadata.typesystem.Referenceable; -import org.apache.hadoop.metadata.typesystem.json.InstanceSerialization; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.ws.rs.HttpMethod; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriBuilder; -import java.util.ArrayList; -import java.util.List; - -import static org.apache.hadoop.metadata.security.SecurityProperties.TLS_ENABLED; - -/** - * Client for metadata. - */ -public class MetadataServiceClient { - private static final Logger LOG = LoggerFactory.getLogger(MetadataServiceClient.class); - public static final String NAME = "name"; - public static final String GUID = "GUID"; - public static final String TYPENAME = "typeName"; - - public static final String DEFINITION = "definition"; - public static final String ERROR = "error"; - public static final String STACKTRACE = "stackTrace"; - public static final String REQUEST_ID = "requestId"; - public static final String RESULTS = "results"; - public static final String COUNT = "count"; - public static final String ROWS = "rows"; - - public static final String BASE_URI = "api/metadata/"; - public static final String TYPES = "types"; - public static final String URI_ENTITIES = "entities"; - public static final String URI_TRAITS = "traits"; - public static final String URI_SEARCH = "discovery/search"; - public static final String URI_LINEAGE = "lineage/hive/table"; - - public static final String QUERY = "query"; - public static final String QUERY_TYPE = "queryType"; - public static final String ATTRIBUTE_NAME = "property"; - public static final String ATTRIBUTE_VALUE = "value"; - - - public static final String INFRASTRUCTURE_SUPER_TYPE = "Infrastructure"; - public static final String DATA_SET_SUPER_TYPE = "DataSet"; - public static final String PROCESS_SUPER_TYPE = "Process"; - - public static final String JSON_MEDIA_TYPE = MediaType.APPLICATION_JSON + "; charset=UTF-8"; - - private WebResource service; - - public MetadataServiceClient(String baseUrl) { - DefaultClientConfig config = new DefaultClientConfig(); - PropertiesConfiguration clientConfig = null; - try { - clientConfig = getClientProperties(); - if (clientConfig.getBoolean(TLS_ENABLED, false)) { - // create an SSL properties configuration if one doesn't exist. SSLFactory expects a file, so forced to create a - // configuration object, persist it, then subsequently pass in an empty configuration to SSLFactory - SecureClientUtils.persistSSLClientConfiguration(clientConfig); - } - } catch (Exception e) { - LOG.info("Error processing client configuration.", e); - } - - URLConnectionClientHandler handler = SecureClientUtils.getClientConnectionHandler(config, clientConfig); - - Client client = new Client(handler, config); - client.resource(UriBuilder.fromUri(baseUrl).build()); - - service = client.resource(UriBuilder.fromUri(baseUrl).build()); - } - - protected PropertiesConfiguration getClientProperties() throws MetadataException { - return PropertiesUtil.getClientProperties(); - } - - enum API { - - //Type operations - CREATE_TYPE(BASE_URI + TYPES, HttpMethod.POST), - GET_TYPE(BASE_URI + TYPES, HttpMethod.GET), - LIST_TYPES(BASE_URI + TYPES, HttpMethod.GET), - LIST_TRAIT_TYPES(BASE_URI + TYPES + "?type=trait", HttpMethod.GET), - - //Entity operations - CREATE_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.POST), - GET_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.GET), - UPDATE_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.PUT), - LIST_ENTITY(BASE_URI + URI_ENTITIES, HttpMethod.GET), - - //Trait operations - ADD_TRAITS(BASE_URI + URI_TRAITS, HttpMethod.POST), - DELETE_TRAITS(BASE_URI + URI_TRAITS, HttpMethod.DELETE), - LIST_TRAITS(BASE_URI + URI_TRAITS, HttpMethod.GET), - - //Search operations - SEARCH(BASE_URI + URI_SEARCH, HttpMethod.GET), - SEARCH_DSL(BASE_URI + URI_SEARCH + "/dsl", HttpMethod.GET), - SEARCH_GREMLIN(BASE_URI + URI_SEARCH + "/gremlin", HttpMethod.GET), - SEARCH_FULL_TEXT(BASE_URI + URI_SEARCH + "/fulltext", HttpMethod.GET), - - //Lineage operations - LINEAGE_INPUTS_GRAPH(BASE_URI + URI_LINEAGE, HttpMethod.GET), - LINEAGE_OUTPUTS_GRAPH(BASE_URI + URI_LINEAGE, HttpMethod.GET), - LINEAGE_SCHEMA(BASE_URI + URI_LINEAGE, HttpMethod.GET); - - private final String method; - private final String path; - - API(String path, String method) { - this.path = path; - this.method = method; - } - - public String getMethod() { - return method; - } - - public String getPath() { - return path; - } - } - - /** - * Register the given type(meta model) - * @param typeAsJson type definition a jaon - * @return result json object - * @throws MetadataServiceException - */ - public JSONObject createType(String typeAsJson) throws MetadataServiceException { - return callAPI(API.CREATE_TYPE, typeAsJson); - } - - public List<String> listTypes() throws MetadataServiceException { - try { - final JSONObject jsonObject = callAPI(API.LIST_TYPES, null); - final JSONArray list = jsonObject.getJSONArray(MetadataServiceClient.RESULTS); - ArrayList<String> types = new ArrayList<>(); - for (int index = 0; index < list.length(); index++) { - types.add(list.getString(index)); - } - - return types; - } catch (JSONException e) { - throw new MetadataServiceException(API.LIST_TYPES, e); - } - } - - public String getType(String typeName) throws MetadataServiceException { - WebResource resource = getResource(API.GET_TYPE, typeName); - try { - JSONObject response = callAPIWithResource(API.GET_TYPE, resource); - return response.getString(DEFINITION); - } catch (MetadataServiceException e) { - if (e.getStatus() == ClientResponse.Status.NOT_FOUND) { - return null; - } - throw e; - } catch (JSONException e) { - throw new MetadataServiceException(e); - } - } - - /** - * Create the given entity - * @param entityAsJson entity(type instance) as json - * @return result json object - * @throws MetadataServiceException - */ - public JSONObject createEntity(String entityAsJson) throws MetadataServiceException { - return callAPI(API.CREATE_ENTITY, entityAsJson); - } - - /** - * Get an entity given the entity id - * @param guid entity id - * @return result json object - * @throws MetadataServiceException - */ - public Referenceable getEntity(String guid) throws MetadataServiceException { - JSONObject jsonResponse = callAPI(API.GET_ENTITY, null, guid); - try { - String entityInstanceDefinition = jsonResponse.getString(MetadataServiceClient.DEFINITION); - return InstanceSerialization.fromJsonReferenceable(entityInstanceDefinition, true); - } catch (JSONException e) { - throw new MetadataServiceException(e); - } - } - - /** - * Updates property for the entity corresponding to guid - * @param guid guid - * @param property property key - * @param value property value - */ - public JSONObject updateEntity(String guid, String property, String value) throws MetadataServiceException { - WebResource resource = getResource(API.UPDATE_ENTITY, guid); - resource = resource.queryParam(ATTRIBUTE_NAME, property); - resource = resource.queryParam(ATTRIBUTE_VALUE, value); - return callAPIWithResource(API.UPDATE_ENTITY, resource); - } - - public JSONObject searchEntity(String searchQuery) throws MetadataServiceException { - WebResource resource = getResource(API.SEARCH); - resource = resource.queryParam(QUERY, searchQuery); - return callAPIWithResource(API.SEARCH, resource); - } - - /** - * Search given type name, an attribute and its value. Uses search dsl - * @param typeName name of the entity type - * @param attributeName attribute name - * @param attributeValue attribute value - * @return result json object - * @throws MetadataServiceException - */ - public JSONArray rawSearch(String typeName, String attributeName, Object attributeValue) throws - MetadataServiceException { -// String gremlinQuery = String.format( -// "g.V.has(\"typeName\",\"%s\").and(_().has(\"%s.%s\", T.eq, \"%s\")).toList()", -// typeName, typeName, attributeName, attributeValue); -// return searchByGremlin(gremlinQuery); - String dslQuery = String.format("%s where %s = \"%s\"", typeName, attributeName, attributeValue); - return searchByDSL(dslQuery); - } - - /** - * Search given query DSL - * @param query DSL query - * @return result json object - * @throws MetadataServiceException - */ - public JSONArray searchByDSL(String query) throws MetadataServiceException { - LOG.debug("DSL query: {}", query); - WebResource resource = getResource(API.SEARCH_DSL); - resource = resource.queryParam(QUERY, query); - JSONObject result = callAPIWithResource(API.SEARCH_DSL, resource); - try { - return result.getJSONObject(RESULTS).getJSONArray(ROWS); - } catch (JSONException e) { - throw new MetadataServiceException(e); - } - } - - /** - * Search given gremlin query - * @param gremlinQuery Gremlin query - * @return result json object - * @throws MetadataServiceException - */ - public JSONObject searchByGremlin(String gremlinQuery) throws MetadataServiceException { - LOG.debug("Gremlin query: " + gremlinQuery); - WebResource resource = getResource(API.SEARCH_GREMLIN); - resource = resource.queryParam(QUERY, gremlinQuery); - return callAPIWithResource(API.SEARCH_GREMLIN, resource); - } - - /** - * Search given full text search - * @param query Query - * @return result json object - * @throws MetadataServiceException - */ - public JSONObject searchByFullText(String query) throws MetadataServiceException { - WebResource resource = getResource(API.SEARCH_FULL_TEXT); - resource = resource.queryParam(QUERY, query); - return callAPIWithResource(API.SEARCH_FULL_TEXT, resource); - } - - public JSONObject getInputGraph(String datasetName) throws MetadataServiceException { - JSONObject response = callAPI(API.LINEAGE_INPUTS_GRAPH, null, datasetName, "/inputs/graph"); - try { - return response.getJSONObject(MetadataServiceClient.RESULTS); - } catch (JSONException e) { - throw new MetadataServiceException(e); - } - } - - public JSONObject getOutputGraph(String datasetName) throws MetadataServiceException { - JSONObject response = callAPI(API.LINEAGE_OUTPUTS_GRAPH, null, datasetName, "/outputs/graph"); - try { - return response.getJSONObject(MetadataServiceClient.RESULTS); - } catch (JSONException e) { - throw new MetadataServiceException(e); - } - } - - public String getRequestId(JSONObject json) throws MetadataServiceException { - try { - return json.getString(REQUEST_ID); - } catch (JSONException e) { - throw new MetadataServiceException(e); - } - } - - private WebResource getResource(API api, String... pathParams) { - WebResource resource = service.path(api.getPath()); - if (pathParams != null) { - for (String pathParam : pathParams) { - resource = resource.path(pathParam); - } - } - return resource; - } - - private JSONObject callAPIWithResource(API api, WebResource resource) throws MetadataServiceException { - return callAPIWithResource(api, resource, null); - } - - private JSONObject callAPIWithResource(API api, WebResource resource, Object requestObject) - throws MetadataServiceException { - ClientResponse clientResponse = resource - .accept(JSON_MEDIA_TYPE) - .type(JSON_MEDIA_TYPE) - .method(api.getMethod(), ClientResponse.class, requestObject); - - Response.Status expectedStatus = HttpMethod.POST.equals(api.getMethod()) - ? Response.Status.CREATED : Response.Status.OK; - if (clientResponse.getStatus() == expectedStatus.getStatusCode()) { - String responseAsString = clientResponse.getEntity(String.class); - try { - return new JSONObject(responseAsString); - } catch (JSONException e) { - throw new MetadataServiceException(api, e); - } - } - - throw new MetadataServiceException(api, clientResponse); - } - - private JSONObject callAPI(API api, Object requestObject, - String... pathParams) throws MetadataServiceException { - WebResource resource = getResource(api, pathParams); - return callAPIWithResource(api, resource, requestObject); - } -} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceException.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceException.java b/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceException.java deleted file mode 100755 index e22e079..0000000 --- a/client/src/main/java/org/apache/hadoop/metadata/MetadataServiceException.java +++ /dev/null @@ -1,45 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.hadoop.metadata; - -import com.sun.jersey.api.client.ClientResponse; - -public class MetadataServiceException extends Exception { - private ClientResponse.Status status; - - public MetadataServiceException(MetadataServiceClient.API api, Exception e) { - super("Metadata service API " + api + " failed", e); - } - - public MetadataServiceException(MetadataServiceClient.API api, ClientResponse response) { - super("Metadata service API " + api + " failed with status " + - response.getClientResponseStatus().getStatusCode() + "(" + - response.getClientResponseStatus().getReasonPhrase() + ") Response Body (" + - response.getEntity(String.class) + ")"); - this.status = response.getClientResponseStatus(); - } - - public MetadataServiceException(Exception e) { - super(e); - } - - public ClientResponse.Status getStatus() { - return status; - } -} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/hadoop/metadata/PropertiesUtil.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/hadoop/metadata/PropertiesUtil.java b/client/src/main/java/org/apache/hadoop/metadata/PropertiesUtil.java deleted file mode 100644 index 2d5e0b5..0000000 --- a/client/src/main/java/org/apache/hadoop/metadata/PropertiesUtil.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * <p/> - * http://www.apache.org/licenses/LICENSE-2.0 - * <p/> - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.hadoop.metadata; - -import org.apache.commons.configuration.PropertiesConfiguration; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.io.File; -import java.net.URL; - -public class PropertiesUtil { - private static final Logger LOG = LoggerFactory.getLogger(PropertiesUtil.class); - - private static final String APPLICATION_PROPERTIES = "application.properties"; - public static final String CLIENT_PROPERTIES = "client.properties"; - - public static PropertiesConfiguration getApplicationProperties() throws MetadataException { - return getPropertiesConfiguration(APPLICATION_PROPERTIES); - } - - public static PropertiesConfiguration getClientProperties() throws MetadataException { - return getPropertiesConfiguration(CLIENT_PROPERTIES); - } - - private static PropertiesConfiguration getPropertiesConfiguration(String name) throws MetadataException { - String confLocation = System.getProperty("metadata.conf"); - URL url; - try { - if (confLocation == null) { - url = PropertiesUtil.class.getResource("/" + name); - } else { - url = new File(confLocation, name).toURI().toURL(); - } - LOG.info("Loading {} from {}", name, url); - return new PropertiesConfiguration(url); - } catch (Exception e) { - throw new MetadataException("Failed to load application properties", e); - } - } - -} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/hadoop/metadata/security/SecureClientUtils.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/hadoop/metadata/security/SecureClientUtils.java b/client/src/main/java/org/apache/hadoop/metadata/security/SecureClientUtils.java deleted file mode 100644 index 7755b82..0000000 --- a/client/src/main/java/org/apache/hadoop/metadata/security/SecureClientUtils.java +++ /dev/null @@ -1,195 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.metadata.security; - -import com.sun.jersey.api.client.config.DefaultClientConfig; -import com.sun.jersey.client.urlconnection.HttpURLConnectionFactory; -import com.sun.jersey.client.urlconnection.URLConnectionClientHandler; -import org.apache.commons.configuration.PropertiesConfiguration; -import org.apache.hadoop.conf.Configuration; -import org.apache.hadoop.metadata.MetadataException; -import org.apache.hadoop.metadata.PropertiesUtil; -import org.apache.hadoop.security.UserGroupInformation; -import org.apache.hadoop.security.alias.CredentialProviderFactory; -import org.apache.hadoop.security.authentication.client.AuthenticationException; -import org.apache.hadoop.security.authentication.client.Authenticator; -import org.apache.hadoop.security.authentication.client.ConnectionConfigurator; -import org.apache.hadoop.security.ssl.SSLFactory; -import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL; -import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator; -import org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticator; -import org.apache.hadoop.security.token.delegation.web.PseudoDelegationTokenAuthenticator; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.SSLSocketFactory; -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.lang.reflect.UndeclaredThrowableException; -import java.net.HttpURLConnection; -import java.net.URL; -import java.net.URLConnection; -import java.security.GeneralSecurityException; -import java.security.PrivilegedExceptionAction; - -import static org.apache.hadoop.metadata.security.SecurityProperties.*; - -/** - * - */ -public class SecureClientUtils { - - public final static int DEFAULT_SOCKET_TIMEOUT = 1 * 60 * 1000; // 1 minute - private static final Logger LOG = LoggerFactory.getLogger(SecureClientUtils.class); - - - public static URLConnectionClientHandler getClientConnectionHandler(DefaultClientConfig config, - PropertiesConfiguration clientConfig) { - config.getProperties().put( - URLConnectionClientHandler.PROPERTY_HTTP_URL_CONNECTION_SET_METHOD_WORKAROUND, - true); - Configuration conf = new Configuration(false); - conf.addResource(conf.get(SSLFactory.SSL_CLIENT_CONF_KEY, "ssl-client.xml")); - String authType = "simple"; - if (clientConfig != null) { - authType = clientConfig.getString("metadata.http.authentication.type", "simple"); - } - UserGroupInformation.setConfiguration(conf); - final ConnectionConfigurator connConfigurator = newConnConfigurator(conf); - Authenticator authenticator = new PseudoDelegationTokenAuthenticator(); - if (!authType.equals("simple")) { - authenticator = new KerberosDelegationTokenAuthenticator(); - } - authenticator.setConnectionConfigurator(connConfigurator); - final DelegationTokenAuthenticator finalAuthenticator = (DelegationTokenAuthenticator) authenticator; - final DelegationTokenAuthenticatedURL.Token token = new DelegationTokenAuthenticatedURL.Token(); - HttpURLConnectionFactory httpURLConnectionFactory = new HttpURLConnectionFactory() { - @Override - public HttpURLConnection getHttpURLConnection(final URL url) throws IOException { - try { - return new DelegationTokenAuthenticatedURL(finalAuthenticator, connConfigurator) - .openConnection(url, token, null); - } catch (Exception e) { - throw new IOException(e); - } - } - }; - - return new URLConnectionClientHandler(httpURLConnectionFactory); - } - - private final static ConnectionConfigurator DEFAULT_TIMEOUT_CONN_CONFIGURATOR = - new ConnectionConfigurator() { - @Override - public HttpURLConnection configure(HttpURLConnection conn) - throws IOException { - setTimeouts(conn, DEFAULT_SOCKET_TIMEOUT); - return conn; - } - }; - - private static ConnectionConfigurator newConnConfigurator(Configuration conf) { - try { - return newSslConnConfigurator(DEFAULT_SOCKET_TIMEOUT, conf); - } catch (Exception e) { - LOG.debug("Cannot load customized ssl related configuration. " + - "Fallback to system-generic settings.", e); - return DEFAULT_TIMEOUT_CONN_CONFIGURATOR; - } - } - - private static ConnectionConfigurator newSslConnConfigurator(final int timeout, - Configuration conf) throws IOException, GeneralSecurityException { - final SSLFactory factory; - final SSLSocketFactory sf; - final HostnameVerifier hv; - - factory = new SSLFactory(SSLFactory.Mode.CLIENT, conf); - factory.init(); - sf = factory.createSSLSocketFactory(); - hv = factory.getHostnameVerifier(); - - return new ConnectionConfigurator() { - @Override - public HttpURLConnection configure(HttpURLConnection conn) - throws IOException { - if (conn instanceof HttpsURLConnection) { - HttpsURLConnection c = (HttpsURLConnection) conn; - c.setSSLSocketFactory(sf); - c.setHostnameVerifier(hv); - } - setTimeouts(conn, timeout); - return conn; - } - }; - } - - private static void setTimeouts(URLConnection connection, int socketTimeout) { - connection.setConnectTimeout(socketTimeout); - connection.setReadTimeout(socketTimeout); - } - - private static File getSSLClientFile() throws MetadataException { - String confLocation = System.getProperty("metadata.conf"); - File sslDir; - try { - if (confLocation == null) { - String persistDir = null; - URL resource = PropertiesUtil.class.getResource("/"); - if (resource != null) { - persistDir = resource.toURI().getPath(); - } - assert persistDir != null; - sslDir = new File(persistDir); - } else { - sslDir = new File(confLocation); - } - LOG.info("ssl-client.xml will be created in {}", sslDir); - } catch (Exception e) { - throw new MetadataException("Failed to find client configuration directory", e); - } - return new File(sslDir, SecurityProperties.SSL_CLIENT_PROPERTIES); - } - - public static void persistSSLClientConfiguration(PropertiesConfiguration clientConfig) throws MetadataException, IOException { - //trust settings - Configuration configuration = new Configuration(false); - File sslClientFile = getSSLClientFile(); - if (!sslClientFile.exists()) { - configuration.set("ssl.client.truststore.type", "jks"); - configuration.set("ssl.client.truststore.location", clientConfig.getString(TRUSTSTORE_FILE_KEY)); - if (clientConfig.getBoolean(CLIENT_AUTH_KEY, false)) { - // need to get client key properties - configuration.set("ssl.client.keystore.location", clientConfig.getString(KEYSTORE_FILE_KEY)); - configuration.set("ssl.client.keystore.type", "jks"); - } - // add the configured credential provider - configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, - clientConfig.getString(CERT_STORES_CREDENTIAL_PROVIDER_PATH)); - String hostnameVerifier = clientConfig.getString(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY); - if (hostnameVerifier != null) { - configuration.set(SSLFactory.SSL_HOSTNAME_VERIFIER_KEY, hostnameVerifier); - } - - configuration.writeXml(new FileWriter(sslClientFile)); - } - } - -} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/main/java/org/apache/hadoop/metadata/security/SecurityProperties.java ---------------------------------------------------------------------- diff --git a/client/src/main/java/org/apache/hadoop/metadata/security/SecurityProperties.java b/client/src/main/java/org/apache/hadoop/metadata/security/SecurityProperties.java deleted file mode 100644 index df7ae52..0000000 --- a/client/src/main/java/org/apache/hadoop/metadata/security/SecurityProperties.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.metadata.security; - -/** - * - */ -public interface SecurityProperties { - public static final String TLS_ENABLED = "metadata.enableTLS"; - public static final String KEYSTORE_FILE_KEY = "keystore.file"; - public static final String DEFAULT_KEYSTORE_FILE_LOCATION = "target/metadata.keystore"; - public static final String KEYSTORE_PASSWORD_KEY = "keystore.password"; - public static final String TRUSTSTORE_FILE_KEY = "truststore.file"; - public static final String DEFATULT_TRUSTORE_FILE_LOCATION = "target/metadata.keystore"; - public static final String TRUSTSTORE_PASSWORD_KEY = "truststore.password"; - public static final String SERVER_CERT_PASSWORD_KEY = "password"; - public static final String CLIENT_AUTH_KEY = "client.auth.enabled"; - public static final String CERT_STORES_CREDENTIAL_PROVIDER_PATH = "cert.stores.credential.provider.path"; - public static final String SSL_CLIENT_PROPERTIES = "ssl-client.xml"; - public static final String BIND_ADDRESS = "metadata.server.bind.address"; -} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/test/java/org/apache/atlas/security/BaseSecurityTest.java ---------------------------------------------------------------------- diff --git a/client/src/test/java/org/apache/atlas/security/BaseSecurityTest.java b/client/src/test/java/org/apache/atlas/security/BaseSecurityTest.java new file mode 100644 index 0000000..13cce01 --- /dev/null +++ b/client/src/test/java/org/apache/atlas/security/BaseSecurityTest.java @@ -0,0 +1,128 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.atlas.security; + +import org.apache.commons.configuration.ConfigurationException; +import org.apache.commons.configuration.PropertiesConfiguration; +import org.apache.hadoop.minikdc.MiniKdc; +import org.apache.zookeeper.Environment; +import org.mortbay.jetty.Server; +import org.mortbay.jetty.webapp.WebAppContext; +import org.testng.Assert; + +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; +import java.io.Writer; +import java.nio.file.Files; +import java.util.Locale; +import java.util.Properties; + +/** + * + */ +public class BaseSecurityTest { + private static final String JAAS_ENTRY = + "%s { \n" + + " %s required\n" + // kerberos module + + " keyTab=\"%s\"\n" + + " debug=true\n" + + " principal=\"%s\"\n" + + " useKeyTab=true\n" + + " useTicketCache=false\n" + + " doNotPrompt=true\n" + + " storeKey=true;\n" + + "}; \n"; + protected MiniKdc kdc; + + protected String getWarPath() { + return String.format("/target/atlas-webapp-%s.war", + System.getProperty("release.version", "0.1-incubating-SNAPSHOT")); + } + + protected void generateTestProperties(Properties props) throws ConfigurationException, IOException { + PropertiesConfiguration config = new PropertiesConfiguration(System.getProperty("user.dir") + + "/../src/conf/application.properties"); + for (String propName : props.stringPropertyNames()) { + config.setProperty(propName, props.getProperty(propName)); + } + File file = new File(System.getProperty("user.dir"), "application.properties"); + file.deleteOnExit(); + Writer fileWriter = new FileWriter(file); + config.save(fileWriter); + } + + protected void startEmbeddedServer(Server server) throws Exception { + WebAppContext webapp = new WebAppContext(); + webapp.setContextPath("/"); + webapp.setWar(System.getProperty("user.dir") + getWarPath()); + server.setHandler(webapp); + + server.start(); + } + + protected File startKDC() throws Exception { + File target = Files.createTempDirectory("sectest").toFile(); + File kdcWorkDir = new File(target, "kdc"); + Properties kdcConf = MiniKdc.createConf(); + kdcConf.setProperty(MiniKdc.DEBUG, "true"); + kdc = new MiniKdc(kdcConf, kdcWorkDir); + kdc.start(); + + Assert.assertNotNull(kdc.getRealm()); + return kdcWorkDir; + } + + public String createJAASEntry( + String context, + String principal, + File keytab) { + String keytabpath = keytab.getAbsolutePath(); + // fix up for windows; no-op on unix + keytabpath = keytabpath.replace('\\', '/'); + return String.format( + Locale.ENGLISH, + JAAS_ENTRY, + context, + getKerberosAuthModuleForJVM(), + keytabpath, + principal); + } + + protected String getKerberosAuthModuleForJVM() { + if (System.getProperty("java.vendor").contains("IBM")) { + return "com.ibm.security.auth.module.Krb5LoginModule"; + } else { + return "com.sun.security.auth.module.Krb5LoginModule"; + } + } + + protected void bindJVMtoJAASFile(File jaasFile) { + String path = jaasFile.getAbsolutePath(); + System.setProperty(Environment.JAAS_CONF_KEY, path); + } + + protected File createKeytab(MiniKdc kdc, File kdcWorkDir, String principal, String filename) throws Exception { + File keytab = new File(kdcWorkDir, filename); + kdc.createPrincipal(keytab, + principal, + principal + "/localhost", + principal + "/127.0.0.1"); + return keytab; + } +} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/client/src/test/java/org/apache/hadoop/metadata/security/BaseSecurityTest.java ---------------------------------------------------------------------- diff --git a/client/src/test/java/org/apache/hadoop/metadata/security/BaseSecurityTest.java b/client/src/test/java/org/apache/hadoop/metadata/security/BaseSecurityTest.java deleted file mode 100644 index ac099e8..0000000 --- a/client/src/test/java/org/apache/hadoop/metadata/security/BaseSecurityTest.java +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.hadoop.metadata.security; - -import org.apache.commons.configuration.ConfigurationException; -import org.apache.commons.configuration.PropertiesConfiguration; -import org.apache.hadoop.minikdc.MiniKdc; -import org.apache.zookeeper.Environment; -import org.mortbay.jetty.Server; -import org.mortbay.jetty.webapp.WebAppContext; -import org.testng.Assert; - -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.io.Writer; -import java.nio.file.Files; -import java.util.Locale; -import java.util.Properties; - -/** - * - */ -public class BaseSecurityTest { - private static final String JAAS_ENTRY = - "%s { \n" - + " %s required\n" - // kerberos module - + " keyTab=\"%s\"\n" - + " debug=true\n" - + " principal=\"%s\"\n" - + " useKeyTab=true\n" - + " useTicketCache=false\n" - + " doNotPrompt=true\n" - + " storeKey=true;\n" - + "}; \n"; - protected MiniKdc kdc; - - protected String getWarPath() { - return String.format("/target/metadata-webapp-%s.war", - System.getProperty("release.version", "0.1-incubating-SNAPSHOT")); - } - - protected void generateTestProperties(Properties props) throws ConfigurationException, IOException { - PropertiesConfiguration config = new PropertiesConfiguration(System.getProperty("user.dir") + - "/../src/conf/application.properties"); - for (String propName : props.stringPropertyNames()) { - config.setProperty(propName, props.getProperty(propName)); - } - File file = new File(System.getProperty("user.dir"), "application.properties"); - file.deleteOnExit(); - Writer fileWriter = new FileWriter(file); - config.save(fileWriter); - } - - protected void startEmbeddedServer(Server server) throws Exception { - WebAppContext webapp = new WebAppContext(); - webapp.setContextPath("/"); - webapp.setWar(System.getProperty("user.dir") + getWarPath()); - server.setHandler(webapp); - - server.start(); - } - - protected File startKDC() throws Exception { - File target = Files.createTempDirectory("sectest").toFile(); - File kdcWorkDir = new File(target, "kdc"); - Properties kdcConf = MiniKdc.createConf(); - kdcConf.setProperty(MiniKdc.DEBUG, "true"); - kdc = new MiniKdc(kdcConf, kdcWorkDir); - kdc.start(); - - Assert.assertNotNull(kdc.getRealm()); - return kdcWorkDir; - } - - public String createJAASEntry( - String context, - String principal, - File keytab) { - String keytabpath = keytab.getAbsolutePath(); - // fix up for windows; no-op on unix - keytabpath = keytabpath.replace('\\', '/'); - return String.format( - Locale.ENGLISH, - JAAS_ENTRY, - context, - getKerberosAuthModuleForJVM(), - keytabpath, - principal); - } - - protected String getKerberosAuthModuleForJVM() { - if (System.getProperty("java.vendor").contains("IBM")) { - return "com.ibm.security.auth.module.Krb5LoginModule"; - } else { - return "com.sun.security.auth.module.Krb5LoginModule"; - } - } - - protected void bindJVMtoJAASFile(File jaasFile) { - String path = jaasFile.getAbsolutePath(); - System.setProperty(Environment.JAAS_CONF_KEY, path); - } - - protected File createKeytab(MiniKdc kdc, File kdcWorkDir, String principal, String filename) throws Exception { - File keytab = new File(kdcWorkDir, filename); - kdc.createPrincipal(keytab, - principal, - principal + "/localhost", - principal + "/127.0.0.1"); - return keytab; - } -} http://git-wip-us.apache.org/repos/asf/incubator-atlas/blob/30711973/repository/src/main/java/org/apache/atlas/GraphTransaction.java ---------------------------------------------------------------------- diff --git a/repository/src/main/java/org/apache/atlas/GraphTransaction.java b/repository/src/main/java/org/apache/atlas/GraphTransaction.java new file mode 100644 index 0000000..2c3983f --- /dev/null +++ b/repository/src/main/java/org/apache/atlas/GraphTransaction.java @@ -0,0 +1,26 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.atlas; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +@Retention(RetentionPolicy.RUNTIME) @Target(ElementType.METHOD) +public @interface GraphTransaction {}
