Examples of ThriftSecurityException

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException


  /**
   * @return this exception as a thrift exception
   */
  public ThriftSecurityException asThriftException() {
    return new ThriftSecurityException(user, errorCode);
  }

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

    @Override
    public List<TKeyExtent> bulkImport(TInfo tinfo, TCredentials credentials, long tid, Map<TKeyExtent,Map<String,MapFileInfo>> files, boolean setTime)
        throws ThriftSecurityException {


      if (!security.canPerformSystemActions(credentials))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
      
      List<TKeyExtent> failures = new ArrayList<TKeyExtent>();
      
      for (Entry<TKeyExtent,Map<String,MapFileInfo>> entry : files.entrySet()) {
        TKeyExtent tke = entry.getKey();

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

        List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations, boolean waitForWrites, boolean isolated)
        throws NotServingTabletException, ThriftSecurityException, org.apache.accumulo.core.tabletserver.thrift.TooManyFilesException {
      
      Authorizations userauths = null;
      if (!security.canScan(credentials, new String(textent.getTable(), Constants.UTF8)))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
      
      userauths = security.getUserAuthorizations(credentials);
      for (ByteBuffer auth : authorizations)
        if (!userauths.contains(ByteBufferUtil.toBytes(auth)))
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS);
      
      KeyExtent extent = new KeyExtent(textent);
      
      // wait for any writes that are in flight.. this done to ensure
      // consistency across client restarts... assume a client writes

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

      
      // check if user has permission to the tables
      Authorizations userauths = null;
      for (String table : tables)
        if (!security.canScan(credentials, table))
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
      
      userauths = security.getUserAuthorizations(credentials);
      for (ByteBuffer auth : authorizations)
        if (!userauths.contains(ByteBufferUtil.toBytes(auth)))
          throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_AUTHORIZATIONS);
      
      KeyExtent threadPoolExtent = null;
      
      Map<KeyExtent,List<Range>> batch = Translator.translate(tbatch, Translators.TKET, new Translator.ListTranslator<TRange,Range>(Translators.TRT));

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

    @Override
    public void update(TInfo tinfo, TCredentials credentials, TKeyExtent tkeyExtent, TMutation tmutation) throws NotServingTabletException,
        ConstraintViolationException, ThriftSecurityException {


      if (!security.canWrite(credentials, new String(tkeyExtent.getTable(), Constants.UTF8)))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
      KeyExtent keyExtent = new KeyExtent(tkeyExtent);
      Tablet tablet = onlineTablets.get(new KeyExtent(keyExtent));
      if (tablet == null) {
        throw new NotServingTabletException(tkeyExtent);
      }

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

    public void splitTablet(TInfo tinfo, TCredentials credentials, TKeyExtent tkeyExtent, ByteBuffer splitPoint)
        throws NotServingTabletException, ThriftSecurityException {
      
      String tableId = new String(ByteBufferUtil.toBytes(tkeyExtent.table), Constants.UTF8);
      if (!security.canSplitTablet(credentials, tableId))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
      
      KeyExtent keyExtent = new KeyExtent(tkeyExtent);
      
      Tablet tablet = onlineTablets.get(keyExtent);
      if (tablet == null) {

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

        boolean fatal = false;
        try {
          log.debug("Got " + request + " message from user: " + credentials.getPrincipal());
          if (!security.canPerformSystemActions(credentials)) {
            log.warn("Got " + request + " message from user: " + credentials.getPrincipal());
            throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
          }
        } catch (ThriftSecurityException e) {
          log.warn("Got " + request + " message from unauthenticatable user: " + e.getUser());
          if (e.getUser().equals(SecurityConstants.SYSTEM_PRINCIPAL)) {
            log.fatal("Got message from a service with a mismatched configuration. Please ensure a compatible configuration.", e);

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

    return rootUserName;
  }


  private void authenticate(TCredentials credentials) throws ThriftSecurityException {
    if (!credentials.getInstanceId().equals(HdfsZooInstance.getInstance().getInstanceID()))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.INVALID_INSTANCEID);


    if (SecurityConstants.getSystemCredentials().equals(credentials))
      return;
    else if (credentials.getPrincipal().equals(SecurityConstants.SYSTEM_PRINCIPAL)) {
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
    }


    try {
      AuthenticationToken token = reassembleToken(credentials);
      if (!authenticator.authenticateUser(credentials.getPrincipal(), token)) {
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
      }
    } catch (AccumuloSecurityException e) {
      log.debug(e);
      throw e.asThriftException();
    }

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

  }


  public boolean canAskAboutUser(TCredentials credentials, String user) throws ThriftSecurityException {
    // Authentication done in canPerformSystemActions
    if (!(canPerformSystemActions(credentials) || credentials.getPrincipal().equals(user)))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return true;
  }

View Full Code Here

Examples of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException

    authenticate(credentials);


    targetUserExists(user);


    if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials.getPrincipal(), SystemPermission.SYSTEM, false))
      throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);


    // system user doesn't need record-level authorizations for the tables it reads (for now)
    if (user.equals(SecurityConstants.SYSTEM_PRINCIPAL))
      return Constants.NO_AUTHS;

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.