/** * Check authenticationToken works for this user. */ private void checkCredentials() { try { if (!connector.securityOperations().authenticateUser(connector.whoami(), authenticationToken)) throw new IllegalArgumentException("instance " + connector.getInstance().getInstanceName() + ": bad username " + connector.whoami() + " with token " + authenticationToken); } catch (AccumuloException | AccumuloSecurityException e) { throw new IllegalArgumentException("instance " + connector.getInstance().getInstanceName() + ": error with username " + connector.whoami() + " with token " + authenticationToken, e); } }
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException { final String user = cl.getOptionValue(userOpt.getOpt(), shellState.getConnector().whoami()); final String scanOpts = cl.hasOption(clearOptAuths.getOpt()) ? null : cl.getOptionValue(scanOptAuths.getOpt()); shellState.getConnector().securityOperations().changeUserAuthorizations(user, ScanCommand.parseAuthorizations(scanOpts)); Shell.log.debug("Changed record-level authorizations for user " + user); return 0; }
protected List<String> readAccumuloAuthorizations() { try { Connector connector = accumuloConnectionFactory.getConnection(null, AccumuloConnectionFactory.Priority.ADMIN, new HashMap<>()); Authorizations auths = connector.securityOperations().getUserAuthorizations(connector.whoami()); return Arrays.asList(auths.toString().split("\\s*,\\s*")); } catch (Exception e) { throw new RuntimeException("Unable to acquire accumulo connector: " + e.getMessage(), e); } }
protected Authorizations getAuths(final CommandLine cl, final Shell shellState) throws AccumuloSecurityException, AccumuloException { final String user = shellState.getConnector().whoami(); Authorizations auths = shellState.getConnector().securityOperations() .getUserAuthorizations(user); if (cl.hasOption(scanOptAuths.getOpt())) { auths = ScanCommand.parseAuthorizations(cl.getOptionValue(scanOptAuths.getOpt())); } return auths; }
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws IOException { shellState.getReader().println(shellState.getConnector().whoami()); return 0; }
@Override public int execute(final String fullCommand, final CommandLine cl, final Shell shellState) throws AccumuloException, AccumuloSecurityException, IOException { final String user = cl.getOptionValue(userOpt.getOpt(), shellState.getConnector().whoami()); // Sort authorizations Authorizations auths = shellState.getConnector().securityOperations() .getUserAuthorizations(user); List<String> set = sortAuthorizations(auths); shellState.getReader().println(StringUtils.join(set, ',')); return 0; }
@Before public void configureInstance() throws Exception { conn = getConnector(); inst = conn.getInstance(); ReplicationTable.setOnline(conn); conn.securityOperations().grantTablePermission(conn.whoami(), MetadataTable.NAME, TablePermission.WRITE); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.READ); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.WRITE); }
@Before public void setupInstance() throws Exception { conn = getConnector(); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.WRITE); conn.securityOperations().grantTablePermission(conn.whoami(), MetadataTable.NAME, TablePermission.WRITE); ReplicationTable.setOnline(conn); }
@Before public void setupInstance() throws Exception { conn = getConnector(); ReplicationTable.setOnline(conn); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.WRITE); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.READ); fs = EasyMock.mock(VolumeManager.class); }
@Before public void initialize() throws Exception { conn = getConnector(); rcrr = new MockRemoveCompleteReplicationRecords(conn); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.READ); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.WRITE); ReplicationTable.setOnline(conn); }
@Before public void init() throws Exception { conn = getConnector(); assigner = new MockSequentialWorkAssigner(conn); // grant ourselves write to the replication table conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.READ); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.WRITE); ReplicationTable.setOnline(conn); }
@Before public void init() throws Exception { conn = getConnector(); assigner = new MockUnorderedWorkAssigner(conn); ReplicationTable.setOnline(conn); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.WRITE); conn.securityOperations().grantTablePermission(conn.whoami(), ReplicationTable.NAME, TablePermission.READ); }
@Override public Void run() throws Exception { // As the "root" user, open up the connection and get a delegation token Connector conn = mac.getConnector(qualifiedNewUser, new KerberosToken()); log.info("Created connector as {}", qualifiedNewUser); assertEquals(qualifiedNewUser, conn.whoami()); conn.securityOperations().getDelegationToken(new DelegationTokenConfig()); return null; } });
@Before public void setupInstance() throws Exception { conn = getConnector(); tableName = getUniqueNames(1)[0]; conn.securityOperations().changeUserAuthorizations(conn.whoami(), AUTHS); }
@Before public void setupInstance() throws Exception { conn = getConnector(); tableName = getUniqueNames(1)[0]; conn.securityOperations().changeUserAuthorizations(conn.whoami(), AUTHS); }
@Override public Void run() throws Exception { Connector conn = mac.getConnector(rootUser.getPrincipal(), new KerberosToken()); log.info("Created connector as {}", rootUser.getPrincipal()); assertEquals(rootUser.getPrincipal(), conn.whoami()); // Make sure the system user doesn't exist -- this will force some RPC to happen server-side createTableWithDataAndCompact(conn); assertEquals(users, conn.securityOperations().listLocalUsers()); return null; } });
public static IteratorSetting iteratorSetting(int priority, int sleepAfterFirstWrite, long batchWriterTimeout, long batchWriterMaxMemory, int numEntriesToWrite, String tableName, Connector connector, AuthenticationToken token, boolean clearCacheAfterFirstWrite, boolean splitAfterFirstWrite) { return iteratorSetting(priority, sleepAfterFirstWrite, batchWriterTimeout, batchWriterMaxMemory, numEntriesToWrite, tableName, connector.getInstance().getZooKeepers(), connector.getInstance().getInstanceName(), connector.getInstance().getZooKeepersSessionTimeOut(), connector.whoami(), token, clearCacheAfterFirstWrite, splitAfterFirstWrite); }
@Override public AuthenticationToken run() throws Exception { Connector conn = mac.getConnector(rootUser.getPrincipal(), new KerberosToken()); log.info("Created connector as {}", rootUser.getPrincipal()); assertEquals(rootUser.getPrincipal(), conn.whoami()); // Should fail return conn.securityOperations().getDelegationToken( new DelegationTokenConfig().setTokenLifetime(Long.MAX_VALUE, TimeUnit.MILLISECONDS)); } });
@Override public AuthenticationToken run() throws Exception { Connector conn = mac.getConnector(rootUser.getPrincipal(), new KerberosToken()); log.info("Created connector as {}", rootUser.getPrincipal()); assertEquals(rootUser.getPrincipal(), conn.whoami()); AuthenticationToken token = conn.securityOperations() .getDelegationToken(new DelegationTokenConfig()); assertTrue("Could not get tables with delegation token", mac .getConnector(rootUser.getPrincipal(), token).tableOperations().list().size() > 0); return token; } });
@Override public AuthenticationToken run() throws Exception { Connector conn = mac.getConnector(rootUser.getPrincipal(), new KerberosToken()); log.info("Created connector as {}", rootUser.getPrincipal()); assertEquals(rootUser.getPrincipal(), conn.whoami()); AuthenticationToken token = conn.securityOperations() .getDelegationToken(new DelegationTokenConfig()); assertTrue("Could not get tables with delegation token", mac .getConnector(rootUser.getPrincipal(), token).tableOperations().list().size() > 0); return token; } });