Examples of org.apache.accumulo.core.security.Credentials

• org.apache.accumulo.core.security.Credentials
  A wrapper for internal use. This class carries the instance, principal, and authentication token for use in the public API, in a non-serialized form. This is important, so that the authentication token carried in a {@link Connector} can be destroyed, invalidating future RPC operations from that {@link Connector}.

    TreeMap<KeyExtent,String> tabletLocations = new TreeMap<KeyExtent,String>();

    Connector conn = opts.getConnector();
    final Instance inst = conn.getInstance();
    String tableId = Tables.getNameToIdMap(inst).get(tableName);
    Credentials credentials = new Credentials(opts.principal, opts.getToken());
    MetadataServicer.forTableId(inst, credentials, tableId).getTabletLocations(tabletLocations);

    final HashSet<KeyExtent> failures = new HashSet<KeyExtent>();

    Map<String,List<KeyExtent>> extentsPerServer = new TreeMap<String,List<KeyExtent>>();

    for (Entry<KeyExtent,String> entry : tabletLocations.entrySet()) {
      KeyExtent keyExtent = entry.getKey();
      String loc = entry.getValue();
      if (loc == null)
        System.out.println(" Tablet " + keyExtent + " has no location");
      else if (opts.verbose)
        System.out.println(" Tablet " + keyExtent + " is located at " + loc);

      if (loc != null) {
        List<KeyExtent> extentList = extentsPerServer.get(loc);
        if (extentList == null) {
          extentList = new ArrayList<KeyExtent>();
          extentsPerServer.put(loc, extentList);
        }

        if (check == null || check.contains(keyExtent))
          extentList.add(keyExtent);
      }
    }

    ExecutorService tp = Executors.newFixedThreadPool(20);
    final ServerConfiguration conf = new ServerConfiguration(inst);
    for (final Entry<String,List<KeyExtent>> entry : extentsPerServer.entrySet()) {
      Runnable r = new Runnable() {

        @Override
        public void run() {
          try {
            checkTabletServer(inst, conf.getConfiguration(), new Credentials(opts.principal, opts.getToken()), entry, failures);
          } catch (Exception e) {
            System.err.println("Failure on ts " + entry.getKey() + " " + e.getMessage());
            e.printStackTrace();
            failures.addAll(entry.getValue());
          }

        } else
          initiateMinor = true;
      }

      if (updateMetadata) {
        Credentials creds = SystemCredentials.get();
        // if multiple threads were allowed to update this outside of a sync block, then it would be
        // a race condition
        MetadataTableUtil.updateTabletFlushID(extent, tableFlushID, creds, tabletServer.getLock());
      } else if (initiateMinor)
        initiateMinorCompaction(tableFlushID, MinorCompactionReason.USER);

          }
        } else {
          tl = getTabletLocator(job, tableId);
          // its possible that the cache could contain complete, but old information about a tables tablets... so clear it
          tl.invalidateCache();
          Credentials creds = new Credentials(getPrincipal(job), getAuthenticationToken(job));

          while (!tl.binRanges(creds, ranges, binnedRanges).isEmpty()) {
            if (!(instance instanceof MockInstance)) {
              if (!Tables.exists(instance, tableId))
                throw new TableDeletedException(tableId);

      try {
        log.debug("Creating connector with user: " + principal);
        log.debug("Creating scanner for table: " + table);
        log.debug("Authorizations are: " + authorizations);
        if (isOffline) {
          scanner = new OfflineScanner(instance, new Credentials(principal, token), split.getTableId(), authorizations);
        } else if (instance instanceof MockInstance) {
          scanner = instance.getConnector(principal, token).createScanner(split.getTableName(), authorizations);
        } else {
          scanner = new ScannerImpl(instance, new Credentials(principal, token), split.getTableId(), authorizations);
        }
        if (isIsolated) {
          log.info("Creating isolated scanner");
          scanner = new IsolatedScanner(scanner);
        }

  String username;
  private final MockAccumulo acu;
  private final Instance instance;

  MockConnector(String username, MockInstance instance) throws AccumuloSecurityException {
    this(new Credentials(username, new NullToken()), new MockAccumulo(MockInstance.getDefaultFileSystem()), instance);
  }

    this.conf = conf;
  }

  @Override
  public Connector getConnector(String principal, AuthenticationToken token) throws AccumuloException, AccumuloSecurityException {
    Connector conn = new MockConnector(new Credentials(principal, token), acu, this);
    if (!acu.users.containsKey(principal))
      conn.securityOperations().createLocalUser(principal, (PasswordToken) token);
    else if (!acu.users.get(principal).token.equals(token))
      throw new AccumuloSecurityException(principal, SecurityErrorCode.BAD_CREDENTIALS);
    return conn;

    } else
      target = WalkingSecurity.get(state).getSysUserName();

    targetExists = WalkingSecurity.get(state).userExists(target);

    hasPerm = WalkingSecurity.get(state).canChangePassword(new Credentials(principal, token).toThrift(state.getInstance()), target);

    Random r = new Random();

    byte[] newPassw = new byte[r.nextInt(50) + 1];
    for (int i = 0; i < newPassw.length; i++)

    String tableName = WalkingSecurity.get(state).getTableName();
    String namespaceName = WalkingSecurity.get(state).getNamespaceName();

    boolean exists = WalkingSecurity.get(state).getTableExists();
    boolean hasPermission = WalkingSecurity.get(state).canDeleteTable(new Credentials(principal, token).toThrift(state.getInstance()), tableName, namespaceName);

    try {
      conn.tableOperations().delete(tableName);
    } catch (AccumuloSecurityException ae) {
      if (ae.getSecurityErrorCode().equals(SecurityErrorCode.PERMISSION_DENIED)) {

      sourceUser = state.getUserName();
      sourceToken = state.getToken();
    }
    Connector conn = state.getInstance().getConnector(sourceUser, sourceToken);

    canGive = WalkingSecurity.get(state).canGrantTable(new Credentials(sourceUser, sourceToken).toThrift(state.getInstance()), target,
        WalkingSecurity.get(state).getTableName(), WalkingSecurity.get(state).getNamespaceName());

    // toggle
    if (!"take".equals(action) && !"give".equals(action)) {
      try {

      target = WalkingSecurity.get(state).getSysUserName();
    }
    boolean exists = WalkingSecurity.get(state).userExists(target);
    // Copy so if failed it doesn't mess with the password stored in state
    byte[] password = Arrays.copyOf(WalkingSecurity.get(state).getUserPassword(target), WalkingSecurity.get(state).getUserPassword(target).length);
    boolean hasPermission = WalkingSecurity.get(state).canAskAboutUser(new Credentials(principal, token).toThrift(state.getInstance()), target);

    if (!success)
      for (int i = 0; i < password.length; i++)
        password[i]++;