Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

Package org.apache.accumulo.core.client.impl.thrift

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

    @Override
    public List<TKeyExtent> bulkImport(TInfo tinfo, TCredentials credentials, long tid, Map<TKeyExtent,Map<String,MapFileInfo>> files, boolean setTime)
        throws ThriftSecurityException {


      if (!security.canPerformSystemActions(credentials))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);


      List<TKeyExtent> failures = new ArrayList<TKeyExtent>();


      for (Entry<TKeyExtent,Map<String,MapFileInfo>> entry : files.entrySet()) {
        TKeyExtent tke = entry.getKey();

View Full Code Here

        List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations, boolean waitForWrites, boolean isolated,
        long readaheadThreshold) throws NotServingTabletException, ThriftSecurityException, org.apache.accumulo.core.tabletserver.thrift.TooManyFilesException {


      String tableId = new String(textent.getTable(), Constants.UTF8);
      if (!security.canScan(credentials, tableId, Tables.getNamespaceId(instance, tableId), range, columns, ssiList, ssio, authorizations))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);


      if (!security.userHasAuthorizations(credentials, authorizations))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS);


      KeyExtent extent = new KeyExtent(textent);


      // wait for any writes that are in flight.. this done to ensure
      // consistency across client restarts... assume a client writes

View Full Code Here

        throw new IllegalArgumentException("Cannot batch scan over multiple tables");


      // check if user has permission to the tables
      for (String tableId : tables)
        if (!security.canScan(credentials, tableId, Tables.getNamespaceId(instance, tableId), tbatch, tcolumns, ssiList, ssio, authorizations))
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);


      try {
        if (!security.userHasAuthorizations(credentials, authorizations))
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS);
      } catch (ThriftSecurityException tse) {
        log.error(tse, tse);
        throw tse;
      }
      Map<KeyExtent,List<Range>> batch = Translator.translate(tbatch, new TKeyExtentTranslator(), new Translator.ListTranslator<TRange,Range>(

View Full Code Here

    public void update(TInfo tinfo, TCredentials credentials, TKeyExtent tkeyExtent, TMutation tmutation) throws NotServingTabletException,
        ConstraintViolationException, ThriftSecurityException {


      String tableId = new String(tkeyExtent.getTable(), Constants.UTF8);
      if (!security.canWrite(credentials, tableId, Tables.getNamespaceId(instance, tableId)))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
      KeyExtent keyExtent = new KeyExtent(tkeyExtent);
      Tablet tablet = onlineTablets.get(new KeyExtent(keyExtent));
      if (tablet == null) {
        throw new NotServingTabletException(tkeyExtent);
      }

View Full Code Here

    public TConditionalSession startConditionalUpdate(TInfo tinfo, TCredentials credentials, List<ByteBuffer> authorizations, String tableId)
        throws ThriftSecurityException, TException {


      Authorizations userauths = null;
      if (!security.canConditionallyUpdate(credentials, tableId, Tables.getNamespaceId(instance, tableId), authorizations))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);


      userauths = security.getUserAuthorizations(credentials);
      for (ByteBuffer auth : authorizations)
        if (!userauths.contains(ByteBufferUtil.toBytes(auth)))
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS);


      ConditionalSession cs = new ConditionalSession();
      cs.auths = new Authorizations(authorizations);
      cs.credentials = credentials;
      cs.tableId = tableId;

View Full Code Here

        // table does not exist, try to educate the client
        throw new NotServingTabletException(tkeyExtent);
      }


      if (!security.canSplitTablet(credentials, tableId, namespaceId))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);


      KeyExtent keyExtent = new KeyExtent(tkeyExtent);


      Tablet tablet = onlineTablets.get(keyExtent);
      if (tablet == null) {

View Full Code Here

      boolean fatal = false;
      try {
        log.debug("Got " + request + " message from user: " + credentials.getPrincipal());
        if (!security.canPerformSystemActions(credentials)) {
          log.warn("Got " + request + " message from user: " + credentials.getPrincipal());
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
        }
      } catch (ThriftSecurityException e) {
        log.warn("Got " + request + " message from unauthenticatable user: " + e.getUser());
        if (SystemCredentials.get().getToken().getClass().getName().equals(credentials.getTokenClassName())) {
          log.fatal("Got message from a service with a mismatched configuration. Please ensure a compatible configuration.", e);

View Full Code Here

  
  /**
   * @return this exception as a thrift exception
   */
  public ThriftSecurityException asThriftException() {
    return new ThriftSecurityException(user, errorCode);
  }

View Full Code Here

    return SystemCredentials.get().getToken().getClass().getName().equals(credentials.getTokenClassName());
  }


  protected void authenticate(TCredentials credentials) throws ThriftSecurityException {
    if (!credentials.getInstanceId().equals(HdfsZooInstance.getInstance().getInstanceID()))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.INVALID_INSTANCEID);


    Credentials creds = Credentials.fromThrift(credentials);
    if (isSystemUser(credentials)) {
      if (!(SystemCredentials.get().equals(creds))) {
        throw new ThriftSecurityException(creds.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
      }
    } else {
      try {
        if (!authenticator.authenticateUser(creds.getPrincipal(), creds.getToken())) {
          throw new ThriftSecurityException(creds.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
        }
      } catch (AccumuloSecurityException e) {
        log.debug(e);
        throw e.asThriftException();
      }

View Full Code Here

  }


  public boolean canAskAboutUser(TCredentials credentials, String user) throws ThriftSecurityException {
    // Authentication done in canPerformSystemActions
    if (!(canPerformSystemActions(credentials) || credentials.getPrincipal().equals(user)))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return true;
  }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

org.apache.accumulo.core.client.TestThrift1474$TestServer

org.apache.accumulo.master.FateServiceHandler

org.apache.accumulo.master.MasterClientServiceHandler

org.apache.accumulo.server.client.ClientServiceHandler

org.apache.accumulo.server.master.Master$MasterClientServiceHandler

org.apache.accumulo.server.security.SecurityOperation

org.apache.accumulo.server.tabletserver.TabletServer$ThriftClientHandler

org.apache.accumulo.tserver.TabletServer$ThriftClientHandler

org.apache.thrift.protocol.TTupleProtocol

java.util.BitSet

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.