Author: vines Date: Sat Feb 9 08:56:07 2013 New Revision: 1444344 URL: http://svn.apache.org/r1444344 Log: ACCUMULO-1041 - missed some files as I always do
Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/Credential.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/NullToken.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/PasswordToken.java (with props) accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/SecurityToken.java (with props) Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,179 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security; + +import java.io.ByteArrayInputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.nio.ByteBuffer; +import java.nio.charset.Charset; + +import org.apache.accumulo.core.client.AccumuloSecurityException; +import org.apache.accumulo.core.security.thrift.Credential; +import org.apache.accumulo.core.security.thrift.SecurityErrorCode; +import org.apache.accumulo.core.security.thrift.tokens.SecurityToken; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.io.output.ByteArrayOutputStream; +import org.apache.log4j.Logger; +import org.apache.thrift.TDeserializer; +import org.apache.thrift.TException; +import org.apache.thrift.TSerializer; + +public class CredentialHelper { + static Logger log = Logger.getLogger(CredentialHelper.class); + + /** + * @param principal + * @param token + * @param instanceID + * @return A proper Credential object which can be deserialized by the server + */ + public static Credential create(String principal, SecurityToken token, String instanceID) throws AccumuloSecurityException { + String className = token.getClass().getCanonicalName(); + return new Credential(principal, className, ByteBuffer.wrap(toBytes(token)), instanceID); + } + + /** + * @param cred + * @return A serialized Credential as a Base64 encoded String + */ + public static String asBase64String(Credential cred) throws AccumuloSecurityException { + return new String(Base64.encodeBase64(asByteArray(cred)), Charset.forName("UTF-8")); + } + + /** + * @param cred + * @return a serialized Credential + */ + public static byte[] asByteArray(Credential cred) throws AccumuloSecurityException { + TSerializer ts = new TSerializer(); + try { + return ts.serialize(cred); + } catch (TException e) { + // This really shouldn't happen + log.error(e, e); + throw new AccumuloSecurityException(cred.getPrincipal(), SecurityErrorCode.SERIALIZATION_ERROR); + } + } + + /** + * @param string + * @return + */ + public static Credential fromBase64String(String string) throws AccumuloSecurityException { + return fromByteArray(Base64.decodeBase64(string.getBytes(Charset.forName("UTF-8")))); + } + + /** + * @param decodeBase64 + * @return + */ + private static Credential fromByteArray(byte[] decodeBase64) throws AccumuloSecurityException { + TDeserializer td = new TDeserializer(); + try { + Credential toRet = new Credential(); + td.deserialize(toRet, decodeBase64); + return toRet; + } catch (TException e) { + // This really shouldn't happen + log.error(e, e); + throw new AccumuloSecurityException("unknown", SecurityErrorCode.SERIALIZATION_ERROR); + } + } + + /** + * @param toAuth + * @return + * @throws AccumuloSecurityException + */ + public static SecurityToken extractToken(Credential toAuth) throws AccumuloSecurityException { + return extractToken(toAuth.tokenClass, toAuth.getToken()); + } + + /** + * @param systemPrincipal + * @param systemToken + * @param instanceID + * @param b + * @return + */ + public static Credential createSquelchError(String principal, SecurityToken token, String instanceID) { + try { + return create(principal, token, instanceID); + } catch (AccumuloSecurityException e) { + log.error(e, e); + return null; + } + } + + /** + * @param token + * @return + * @throws AccumuloSecurityException + */ + public static String tokenAsBase64(SecurityToken token) throws AccumuloSecurityException { + return new String(Base64.encodeBase64(toBytes(token)), Charset.forName("UTF-8")); + } + + /** + * @param token + * @return + * @throws AccumuloSecurityException + */ + private static byte[] toBytes(SecurityToken token) throws AccumuloSecurityException { + try { + ByteArrayOutputStream bais = new ByteArrayOutputStream(); + token.write(new DataOutputStream(bais)); + byte[] serializedToken = bais.toByteArray(); + bais.close(); + return serializedToken; + } catch (IOException e) { + log.error(e, e); + throw new AccumuloSecurityException("unknown", SecurityErrorCode.SERIALIZATION_ERROR); + } + + } + + /** + * @param tokenClass + * @param token + * @return + * @throws AccumuloSecurityException + */ + public static SecurityToken extractToken(String tokenClass, byte[] token) throws AccumuloSecurityException { + try { + Object obj = Class.forName(tokenClass).newInstance(); + if (obj instanceof SecurityToken) { + SecurityToken toRet = (SecurityToken) obj; + toRet.readFields(new DataInputStream(new ByteArrayInputStream(token))); + return toRet; + } + } catch (ClassNotFoundException cnfe) { + log.error(cnfe, cnfe); + } catch (InstantiationException e) { + log.error(e, e); + } catch (IllegalAccessException e) { + log.error(e, e); + } catch (IOException e) { + log.error(e, e); + throw new AccumuloSecurityException("unknown", SecurityErrorCode.SERIALIZATION_ERROR); + } + throw new AccumuloSecurityException("unknown", SecurityErrorCode.INVALID_TOKEN); + } + +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/CredentialHelper.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,26 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security.handler; + +import java.util.Properties; + +import org.apache.accumulo.core.client.AccumuloSecurityException; +import org.apache.accumulo.core.security.thrift.tokens.SecurityToken; + +public interface Authenticator { + public SecurityToken login(Properties properties) throws AccumuloSecurityException; +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,35 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security.handler; + +import java.util.Properties; + +import org.apache.accumulo.core.client.AccumuloSecurityException; +import org.apache.accumulo.core.security.thrift.tokens.NullToken; +import org.apache.accumulo.core.security.thrift.tokens.SecurityToken; + +/** + * + */ +public class InsecureAuthenticator implements Authenticator { + + @Override + public SecurityToken login(Properties properties) throws AccumuloSecurityException { + return new NullToken(); + } + +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/InsecureAuthenticator.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,38 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security.handler; + +import java.nio.charset.Charset; +import java.util.Properties; + +import org.apache.accumulo.core.client.AccumuloSecurityException; +import org.apache.accumulo.core.security.thrift.SecurityErrorCode; +import org.apache.accumulo.core.security.thrift.tokens.PasswordToken; +import org.apache.accumulo.core.security.thrift.tokens.SecurityToken; + +/** + * + */ +public class ZKAuthenticator implements Authenticator { + + @Override + public SecurityToken login(Properties properties) throws AccumuloSecurityException{ + if (properties.containsKey("password")) + return new PasswordToken().setPassword(properties.getProperty("password").getBytes(Charset.forName("UTF-8"))); + throw new AccumuloSecurityException(properties.getProperty("user"), SecurityErrorCode.INSUFFICIENT_PROPERTIES); + } +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/Credential.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/Credential.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/Credential.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/Credential.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,713 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * Autogenerated by Thrift Compiler (0.9.0) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.accumulo.core.security.thrift; + +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@SuppressWarnings("all") public class Credential implements org.apache.thrift.TBase<Credential, Credential._Fields>, java.io.Serializable, Cloneable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("Credential"); + + private static final org.apache.thrift.protocol.TField PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("principal", org.apache.thrift.protocol.TType.STRING, (short)1); + private static final org.apache.thrift.protocol.TField TOKEN_CLASS_FIELD_DESC = new org.apache.thrift.protocol.TField("tokenClass", org.apache.thrift.protocol.TType.STRING, (short)2); + private static final org.apache.thrift.protocol.TField TOKEN_FIELD_DESC = new org.apache.thrift.protocol.TField("token", org.apache.thrift.protocol.TType.STRING, (short)3); + private static final org.apache.thrift.protocol.TField INSTANCE_ID_FIELD_DESC = new org.apache.thrift.protocol.TField("instanceId", org.apache.thrift.protocol.TType.STRING, (short)4); + + private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new CredentialStandardSchemeFactory()); + schemes.put(TupleScheme.class, new CredentialTupleSchemeFactory()); + } + + public String principal; // required + public String tokenClass; // required + public ByteBuffer token; // required + public String instanceId; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + @SuppressWarnings("all") public enum _Fields implements org.apache.thrift.TFieldIdEnum { + PRINCIPAL((short)1, "principal"), + TOKEN_CLASS((short)2, "tokenClass"), + TOKEN((short)3, "token"), + INSTANCE_ID((short)4, "instanceId"); + + private static final Map<String, _Fields> byName = new HashMap<String, _Fields>(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 1: // PRINCIPAL + return PRINCIPAL; + case 2: // TOKEN_CLASS + return TOKEN_CLASS; + case 3: // TOKEN + return TOKEN; + case 4: // INSTANCE_ID + return INSTANCE_ID; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.PRINCIPAL, new org.apache.thrift.meta_data.FieldMetaData("principal", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.TOKEN_CLASS, new org.apache.thrift.meta_data.FieldMetaData("tokenClass", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.TOKEN, new org.apache.thrift.meta_data.FieldMetaData("token", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING , true))); + tmpMap.put(_Fields.INSTANCE_ID, new org.apache.thrift.meta_data.FieldMetaData("instanceId", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(Credential.class, metaDataMap); + } + + public Credential() { + } + + public Credential( + String principal, + String tokenClass, + ByteBuffer token, + String instanceId) + { + this(); + this.principal = principal; + this.tokenClass = tokenClass; + this.token = token; + this.instanceId = instanceId; + } + + /** + * Performs a deep copy on <i>other</i>. + */ + public Credential(Credential other) { + if (other.isSetPrincipal()) { + this.principal = other.principal; + } + if (other.isSetTokenClass()) { + this.tokenClass = other.tokenClass; + } + if (other.isSetToken()) { + this.token = org.apache.thrift.TBaseHelper.copyBinary(other.token); +; + } + if (other.isSetInstanceId()) { + this.instanceId = other.instanceId; + } + } + + public Credential deepCopy() { + return new Credential(this); + } + + @Override + public void clear() { + this.principal = null; + this.tokenClass = null; + this.token = null; + this.instanceId = null; + } + + public String getPrincipal() { + return this.principal; + } + + public Credential setPrincipal(String principal) { + this.principal = principal; + return this; + } + + public void unsetPrincipal() { + this.principal = null; + } + + /** Returns true if field principal is set (has been assigned a value) and false otherwise */ + public boolean isSetPrincipal() { + return this.principal != null; + } + + public void setPrincipalIsSet(boolean value) { + if (!value) { + this.principal = null; + } + } + + public String getTokenClass() { + return this.tokenClass; + } + + public Credential setTokenClass(String tokenClass) { + this.tokenClass = tokenClass; + return this; + } + + public void unsetTokenClass() { + this.tokenClass = null; + } + + /** Returns true if field tokenClass is set (has been assigned a value) and false otherwise */ + public boolean isSetTokenClass() { + return this.tokenClass != null; + } + + public void setTokenClassIsSet(boolean value) { + if (!value) { + this.tokenClass = null; + } + } + + public byte[] getToken() { + setToken(org.apache.thrift.TBaseHelper.rightSize(token)); + return token == null ? null : token.array(); + } + + public ByteBuffer bufferForToken() { + return token; + } + + public Credential setToken(byte[] token) { + setToken(token == null ? (ByteBuffer)null : ByteBuffer.wrap(token)); + return this; + } + + public Credential setToken(ByteBuffer token) { + this.token = token; + return this; + } + + public void unsetToken() { + this.token = null; + } + + /** Returns true if field token is set (has been assigned a value) and false otherwise */ + public boolean isSetToken() { + return this.token != null; + } + + public void setTokenIsSet(boolean value) { + if (!value) { + this.token = null; + } + } + + public String getInstanceId() { + return this.instanceId; + } + + public Credential setInstanceId(String instanceId) { + this.instanceId = instanceId; + return this; + } + + public void unsetInstanceId() { + this.instanceId = null; + } + + /** Returns true if field instanceId is set (has been assigned a value) and false otherwise */ + public boolean isSetInstanceId() { + return this.instanceId != null; + } + + public void setInstanceIdIsSet(boolean value) { + if (!value) { + this.instanceId = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case PRINCIPAL: + if (value == null) { + unsetPrincipal(); + } else { + setPrincipal((String)value); + } + break; + + case TOKEN_CLASS: + if (value == null) { + unsetTokenClass(); + } else { + setTokenClass((String)value); + } + break; + + case TOKEN: + if (value == null) { + unsetToken(); + } else { + setToken((ByteBuffer)value); + } + break; + + case INSTANCE_ID: + if (value == null) { + unsetInstanceId(); + } else { + setInstanceId((String)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case PRINCIPAL: + return getPrincipal(); + + case TOKEN_CLASS: + return getTokenClass(); + + case TOKEN: + return getToken(); + + case INSTANCE_ID: + return getInstanceId(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case PRINCIPAL: + return isSetPrincipal(); + case TOKEN_CLASS: + return isSetTokenClass(); + case TOKEN: + return isSetToken(); + case INSTANCE_ID: + return isSetInstanceId(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof Credential) + return this.equals((Credential)that); + return false; + } + + public boolean equals(Credential that) { + if (that == null) + return false; + + boolean this_present_principal = true && this.isSetPrincipal(); + boolean that_present_principal = true && that.isSetPrincipal(); + if (this_present_principal || that_present_principal) { + if (!(this_present_principal && that_present_principal)) + return false; + if (!this.principal.equals(that.principal)) + return false; + } + + boolean this_present_tokenClass = true && this.isSetTokenClass(); + boolean that_present_tokenClass = true && that.isSetTokenClass(); + if (this_present_tokenClass || that_present_tokenClass) { + if (!(this_present_tokenClass && that_present_tokenClass)) + return false; + if (!this.tokenClass.equals(that.tokenClass)) + return false; + } + + boolean this_present_token = true && this.isSetToken(); + boolean that_present_token = true && that.isSetToken(); + if (this_present_token || that_present_token) { + if (!(this_present_token && that_present_token)) + return false; + if (!this.token.equals(that.token)) + return false; + } + + boolean this_present_instanceId = true && this.isSetInstanceId(); + boolean that_present_instanceId = true && that.isSetInstanceId(); + if (this_present_instanceId || that_present_instanceId) { + if (!(this_present_instanceId && that_present_instanceId)) + return false; + if (!this.instanceId.equals(that.instanceId)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + return 0; + } + + public int compareTo(Credential other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + Credential typedOther = (Credential)other; + + lastComparison = Boolean.valueOf(isSetPrincipal()).compareTo(typedOther.isSetPrincipal()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetPrincipal()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.principal, typedOther.principal); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetTokenClass()).compareTo(typedOther.isSetTokenClass()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetTokenClass()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.tokenClass, typedOther.tokenClass); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetToken()).compareTo(typedOther.isSetToken()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetToken()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.token, typedOther.token); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetInstanceId()).compareTo(typedOther.isSetInstanceId()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetInstanceId()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.instanceId, typedOther.instanceId); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("Credential("); + boolean first = true; + + sb.append("principal:"); + if (this.principal == null) { + sb.append("null"); + } else { + sb.append(this.principal); + } + first = false; + if (!first) sb.append(", "); + sb.append("tokenClass:"); + if (this.tokenClass == null) { + sb.append("null"); + } else { + sb.append(this.tokenClass); + } + first = false; + if (!first) sb.append(", "); + sb.append("token:"); + if (this.token == null) { + sb.append("null"); + } else { + org.apache.thrift.TBaseHelper.toString(this.token, sb); + } + first = false; + if (!first) sb.append(", "); + sb.append("instanceId:"); + if (this.instanceId == null) { + sb.append("null"); + } else { + sb.append(this.instanceId); + } + first = false; + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + // check for sub-struct validity + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class CredentialStandardSchemeFactory implements SchemeFactory { + public CredentialStandardScheme getScheme() { + return new CredentialStandardScheme(); + } + } + + private static class CredentialStandardScheme extends StandardScheme<Credential> { + + public void read(org.apache.thrift.protocol.TProtocol iprot, Credential struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 1: // PRINCIPAL + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.principal = iprot.readString(); + struct.setPrincipalIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 2: // TOKEN_CLASS + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.tokenClass = iprot.readString(); + struct.setTokenClassIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 3: // TOKEN + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.token = iprot.readBinary(); + struct.setTokenIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 4: // INSTANCE_ID + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.instanceId = iprot.readString(); + struct.setInstanceIdIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + + // check for required fields of primitive type, which can't be checked in the validate method + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, Credential struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + if (struct.principal != null) { + oprot.writeFieldBegin(PRINCIPAL_FIELD_DESC); + oprot.writeString(struct.principal); + oprot.writeFieldEnd(); + } + if (struct.tokenClass != null) { + oprot.writeFieldBegin(TOKEN_CLASS_FIELD_DESC); + oprot.writeString(struct.tokenClass); + oprot.writeFieldEnd(); + } + if (struct.token != null) { + oprot.writeFieldBegin(TOKEN_FIELD_DESC); + oprot.writeBinary(struct.token); + oprot.writeFieldEnd(); + } + if (struct.instanceId != null) { + oprot.writeFieldBegin(INSTANCE_ID_FIELD_DESC); + oprot.writeString(struct.instanceId); + oprot.writeFieldEnd(); + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class CredentialTupleSchemeFactory implements SchemeFactory { + public CredentialTupleScheme getScheme() { + return new CredentialTupleScheme(); + } + } + + private static class CredentialTupleScheme extends TupleScheme<Credential> { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, Credential struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + BitSet optionals = new BitSet(); + if (struct.isSetPrincipal()) { + optionals.set(0); + } + if (struct.isSetTokenClass()) { + optionals.set(1); + } + if (struct.isSetToken()) { + optionals.set(2); + } + if (struct.isSetInstanceId()) { + optionals.set(3); + } + oprot.writeBitSet(optionals, 4); + if (struct.isSetPrincipal()) { + oprot.writeString(struct.principal); + } + if (struct.isSetTokenClass()) { + oprot.writeString(struct.tokenClass); + } + if (struct.isSetToken()) { + oprot.writeBinary(struct.token); + } + if (struct.isSetInstanceId()) { + oprot.writeString(struct.instanceId); + } + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, Credential struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + BitSet incoming = iprot.readBitSet(4); + if (incoming.get(0)) { + struct.principal = iprot.readString(); + struct.setPrincipalIsSet(true); + } + if (incoming.get(1)) { + struct.tokenClass = iprot.readString(); + struct.setTokenClassIsSet(true); + } + if (incoming.get(2)) { + struct.token = iprot.readBinary(); + struct.setTokenIsSet(true); + } + if (incoming.get(3)) { + struct.instanceId = iprot.readString(); + struct.setInstanceIdIsSet(true); + } + } + } + +} + Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/Credential.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/NullToken.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/NullToken.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/NullToken.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/NullToken.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,53 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security.thrift.tokens; + +import java.io.DataInput; +import java.io.DataOutput; +import java.io.IOException; + +import javax.security.auth.DestroyFailedException; + +/** + * + */ +public class NullToken implements SecurityToken { + + @Override + public void readFields(DataInput arg0) throws IOException { + return; + } + + @Override + public void write(DataOutput arg0) throws IOException { + return; + } + + @Override + public void destroy() throws DestroyFailedException { + return; + } + + @Override + public boolean isDestroyed() { + return false; + } + + public NullToken clone() { + return new NullToken(); + } +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/NullToken.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/PasswordToken.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/PasswordToken.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/PasswordToken.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/PasswordToken.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,83 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security.thrift.tokens; + +import java.io.DataInput; +import java.io.DataOutput; +import java.io.IOException; +import java.util.Arrays; + +import javax.security.auth.DestroyFailedException; + +import org.apache.hadoop.io.WritableUtils; + +public class PasswordToken implements SecurityToken { + private byte[] password = null; + + public byte[] getPassword() { + return password; + } + + public PasswordToken setPassword(byte[] password) { + this.password = password; + return this; + } + + @Override + public void readFields(DataInput arg0) throws IOException { + password = WritableUtils.readCompressedByteArray(arg0); + } + + @Override + public void write(DataOutput arg0) throws IOException { + WritableUtils.writeCompressedByteArray(arg0, password); + } + + @Override + public void destroy() throws DestroyFailedException { + Arrays.fill(password, (byte)0x00); + password = null; + } + + @Override + public boolean isDestroyed() { + return password==null; + } + + @Override + public int hashCode() { + return Arrays.hashCode(password); + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (!(obj instanceof PasswordToken)) + return false; + PasswordToken other = (PasswordToken) obj; + if (!Arrays.equals(password, other.password)) + return false; + return true; + } + + public PasswordToken clone() { + return new PasswordToken().setPassword(Arrays.copyOf(password, password.length)); + } +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/PasswordToken.java ------------------------------------------------------------------------------ svn:eol-style = native Added: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/SecurityToken.java URL: http://svn.apache.org/viewvc/accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/SecurityToken.java?rev=1444344&view=auto ============================================================================== --- accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/SecurityToken.java (added) +++ accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/SecurityToken.java Sat Feb 9 08:56:07 2013 @@ -0,0 +1,25 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.accumulo.core.security.thrift.tokens; + +import javax.security.auth.Destroyable; + +import org.apache.hadoop.io.Writable; + +public interface SecurityToken extends Writable, Destroyable, Cloneable { + public SecurityToken clone(); +} Propchange: accumulo/trunk/core/src/main/java/org/apache/accumulo/core/security/thrift/tokens/SecurityToken.java ------------------------------------------------------------------------------ svn:eol-style = native