Package org.apache.accumulo.core.security.thrift

Examples of org.apache.accumulo.core.security.thrift.ThriftSecurityException$ThriftSecurityExceptionTupleScheme


      // check if user has permission to the tables
      Authorizations userauths = null;
      try {
        for (String table : tables)
          if (!authenticator.hasTablePermission(credentials, credentials.user, table, TablePermission.READ))
            throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED);
       
        userauths = authenticator.getUserAuthorizations(credentials, credentials.user);
        for (byte[] auth : authorizations)
          if (!userauths.contains(auth))
            throw new ThriftSecurityException(credentials.user, SecurityErrorCode.BAD_AUTHORIZATIONS);
      } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
      }
     
      KeyExtent threadPoolExtent = null;
View Full Code Here


      // Make sure user is real
      try {
        if (!authenticator.authenticateUser(credentials, credentials.user, credentials.password)) {
          if (updateMetrics.isEnabled())
            updateMetrics.add(TabletServerUpdateMetrics.permissionErrors, 0);
          throw new ThriftSecurityException(credentials.user, SecurityErrorCode.BAD_CREDENTIALS);
        }
      } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
      }
     
View Full Code Here

    @Override
    public void update(TInfo tinfo, AuthInfo credentials, TKeyExtent tkeyExtent, TMutation tmutation) throws NotServingTabletException,
        ConstraintViolationException, ThriftSecurityException {
      try {
        if (!authenticator.hasTablePermission(credentials, credentials.user, new String(tkeyExtent.getTable()), TablePermission.WRITE))
          throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED);
      } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
      }
     
      KeyExtent keyExtent = new KeyExtent(tkeyExtent);
View Full Code Here

      String tableId = new String(tkeyExtent.table);
      try {
        if (!authenticator.hasSystemPermission(credentials, credentials.user, SystemPermission.ALTER_TABLE)
            && !authenticator.hasSystemPermission(credentials, credentials.user, SystemPermission.SYSTEM)
            && !authenticator.hasTablePermission(credentials, credentials.user, tableId, TablePermission.ALTER_TABLE))
          throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED);
      } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
      }
     
      KeyExtent keyExtent = new KeyExtent(tkeyExtent);
View Full Code Here

        boolean fatal = false;
        try {
          log.debug("Got " + request + " message from user: " + credentials.user);
          if (!authenticator.hasSystemPermission(credentials, credentials.user, SystemPermission.SYSTEM)) {
            log.warn("Got " + request + " message from user: " + credentials.user);
            throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED);
          }
        } catch (AccumuloSecurityException e) {
          log.warn("Got " + request + " message from unauthenticatable user: " + e.getUser());
          if (e.getUser().equals(SecurityConstants.SYSTEM_USERNAME)) {
            log.fatal("Got message from a service with a mismatched configuration. Please ensure a compatible configuration.", e);
View Full Code Here

    @Override
    public List<ActiveScan> getActiveScans(TInfo tinfo, AuthInfo credentials) throws ThriftSecurityException, TException {
     
      try {
        if (!authenticator.hasSystemPermission(credentials, credentials.user, SystemPermission.SYSTEM))
          throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED);
      } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
      }
     
      return sessionManager.getActiveScans();
View Full Code Here

          log.debug("Failed to scan !METADATA table to wait for flush " + tableId, e);
        } catch (TabletDeletedException tde) {
          log.debug("Failed to scan !METADATA table to wait for flush " + tableId, tde);
        } catch (AccumuloSecurityException e) {
          log.warn(e.getMessage(), e);
          throw new ThriftSecurityException();
        } catch (TableNotFoundException e) {
          log.error(e.getMessage(), e);
          throw new ThriftTableOperationException();
        }
      }
View Full Code Here

    }
   
    private void authenticate(AuthInfo credentials) throws ThriftSecurityException {
      try {
        if (!authenticator.authenticateUser(credentials, credentials.user, credentials.password))
          throw new ThriftSecurityException(credentials.user, SecurityErrorCode.BAD_CREDENTIALS);
      } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
      }
    }
View Full Code Here

 
  private void checkForSystemPrivs(String request, AuthInfo credentials) throws ThriftSecurityException {
    try {
      if (!authenticator.hasSystemPermission(credentials, credentials.user, SystemPermission.SYSTEM)) {
        LOG.warn("Got " + request + " from user: " + credentials.user);
        throw new ThriftSecurityException(credentials.user, SecurityErrorCode.PERMISSION_DENIED);
      }
    } catch (AccumuloSecurityException e) {
      LOG.warn("Got " + request + " from unauthenticatable user: " + e.getUser());
      throw e.asThriftException();
    }
View Full Code Here

 
  /**
   * @return this exception as a thrift exception
   */
  public ThriftSecurityException asThriftException() {
    return new ThriftSecurityException(user, errorCode);
  }
View Full Code Here

TOP

Related Classes of org.apache.accumulo.core.security.thrift.ThriftSecurityException$ThriftSecurityExceptionTupleScheme

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.