org.apache.accumulo.test.randomwalk.security
Class WalkingSecurity

java.lang.Object
  extended by org.apache.accumulo.server.security.SecurityOperation
      extended by org.apache.accumulo.test.randomwalk.security.WalkingSecurity
All Implemented Interfaces:
Authenticator, Authorizor, PermissionHandler

public class WalkingSecurity
extends SecurityOperation
implements Authorizor, Authenticator, PermissionHandler


Field Summary
protected static org.apache.log4j.Logger log
           
 
Fields inherited from class org.apache.accumulo.server.security.SecurityOperation
authenticator, authorizor, permHandle
 
Constructor Summary
WalkingSecurity(Authorizor author, Authenticator authent, PermissionHandler pm, String instanceId)
           
WalkingSecurity(State state2)
           
 
Method Summary
 boolean ambiguousAuthorizations(String userName)
           
 boolean authenticateUser(String principal, AuthenticationToken token)
           
 boolean canAskAboutUser(TCredentials credentials, String user)
           
 void changeAuthorizations(String user, Authorizations authorizations)
          Used to change the authorizations for the user
 void changePassword(String principal, AuthenticationToken token)
           
 void cleanTablePermissions(String table)
          Cleans up the permissions for a table.
 void cleanUser(String user)
          Deletes a user
static void clearInstance()
           
 void createUser(String principal, AuthenticationToken token)
           
 void dropUser(String user)
          Deletes a user
static WalkingSecurity get(State state)
           
 String[] getAuthsArray()
           
 Map<String,Integer> getAuthsMap()
           
 Authorizations getCachedUserAuthorizations(String user)
          Used to get the authorizations for the user
 org.apache.hadoop.fs.FileSystem getFs()
           
 String getLastKey()
           
 Set<Class<? extends AuthenticationToken>> getSupportedTokenTypes()
           
 TCredentials getSysCredentials()
           
 byte[] getSysPassword()
           
 AuthenticationToken getSysToken()
           
 String getSysUserName()
           
 TCredentials getTabCredentials()
           
 boolean getTableExists()
           
 String getTableName()
           
 byte[] getTabPassword()
           
 AuthenticationToken getTabToken()
           
 String getTabUserName()
           
 byte[] getUserPassword(String user)
           
 void grantSystemPermission(String user, SystemPermission permission)
          Gives the user the given system permission
 void grantTablePermission(String user, String table, TablePermission permission)
          Gives the user the given table permission
 boolean hasCachedSystemPermission(String user, SystemPermission permission)
          Used to get the system permission for the user, with caching due to high frequency operation.
 boolean hasCachedTablePermission(String user, String table, TablePermission permission)
          Used to get the table permission of a user for a table, with caching.
 boolean hasSystemPermission(String user, SystemPermission permission)
          Used to get the system permission for the user
 boolean hasTablePermission(String user, String table, TablePermission permission)
          Used to get the table permission of a user for a table
 boolean inAmbiguousZone(String userName, TablePermission tp)
           
 void increaseAuthMap(String s, int increment)
           
 void initialize(String instanceId, boolean initialize)
          Sets up the authorizor for a new instance of Accumulo
 void initializeSecurity(TCredentials rootuser, String token)
          Used to initialize security for the root user
 void initTable(String table)
          Initializes a new user
 void initUser(String user)
          Initializes a new user
 Set<String> listUsers()
           
 void revokeSystemPermission(String user, SystemPermission permission)
          Denies the user the given system permission
 void revokeTablePermission(String user, String table, TablePermission permission)
          Denies the user the given table permission.
 void setSysUserName(String name)
           
 void setTableName(String tName)
           
 void setTabUserName(String name)
           
 boolean userExists(String user)
           
 boolean userPassTransient(String user)
           
 boolean validSecurityHandlers(Authenticator one, Authorizor two)
          Used to validate that the Authorizor, Authenticator, and permission handler can coexist
 boolean validSecurityHandlers(Authenticator one, PermissionHandler two)
          Used to validate that the Authorizor, Authenticator, and permission handler can coexist
 boolean validSecurityHandlers(Authorizor one, PermissionHandler two)
           
 boolean validTokenClass(String tokenClass)
          Returns true if the given token is appropriate for this Authenticator
 
Methods inherited from class org.apache.accumulo.server.security.SecurityOperation
authenticateUser, canAlterTable, canBulkImport, canChangeAuthorizations, canChangePassword, canCloneTable, canCompact, canCreateTable, canCreateUser, canDeleteRange, canDeleteTable, canDropUser, canExport, canFlush, canGrantSystem, canGrantTable, canImport, canMerge, canOnlineOfflineTable, canPerformSystemActions, canRenameTable, canRevokeSystem, canRevokeTable, canScan, canSplitTablet, canWrite, changeAuthorizations, changePassword, createUser, deleteTable, dropUser, getAuthenticator, getAuthorizor, getInstance, getInstance, getPermHandler, getRootUsername, getUserAuthorizations, getUserAuthorizations, grantSystemPermission, grantTablePermission, hasSystemPermission, hasTablePermission, initializeSecurity, listUsers, revokeSystemPermission, revokeTablePermission
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.accumulo.server.security.handler.Authenticator
initializeSecurity
 

Field Detail

log

protected static final org.apache.log4j.Logger log
Constructor Detail

WalkingSecurity

public WalkingSecurity(Authorizor author,
                       Authenticator authent,
                       PermissionHandler pm,
                       String instanceId)

WalkingSecurity

public WalkingSecurity(State state2)
Method Detail

get

public static WalkingSecurity get(State state)

initialize

public void initialize(String instanceId,
                       boolean initialize)
Description copied from interface: Authorizor
Sets up the authorizor for a new instance of Accumulo

Specified by:
initialize in interface Authenticator
Specified by:
initialize in interface Authorizor
Specified by:
initialize in interface PermissionHandler

validSecurityHandlers

public boolean validSecurityHandlers(Authenticator one,
                                     PermissionHandler two)
Description copied from interface: Authorizor
Used to validate that the Authorizor, Authenticator, and permission handler can coexist

Specified by:
validSecurityHandlers in interface Authorizor

validSecurityHandlers

public boolean validSecurityHandlers(Authenticator one,
                                     Authorizor two)
Description copied from interface: PermissionHandler
Used to validate that the Authorizor, Authenticator, and permission handler can coexist

Specified by:
validSecurityHandlers in interface PermissionHandler

validSecurityHandlers

public boolean validSecurityHandlers(Authorizor one,
                                     PermissionHandler two)
Specified by:
validSecurityHandlers in interface Authenticator

initializeSecurity

public void initializeSecurity(TCredentials rootuser,
                               String token)
                        throws ThriftSecurityException
Description copied from interface: Authorizor
Used to initialize security for the root user

Specified by:
initializeSecurity in interface Authorizor
Specified by:
initializeSecurity in interface PermissionHandler
Throws:
ThriftSecurityException

changeAuthorizations

public void changeAuthorizations(String user,
                                 Authorizations authorizations)
                          throws AccumuloSecurityException
Description copied from interface: Authorizor
Used to change the authorizations for the user

Specified by:
changeAuthorizations in interface Authorizor
Throws:
AccumuloSecurityException

getCachedUserAuthorizations

public Authorizations getCachedUserAuthorizations(String user)
                                           throws AccumuloSecurityException
Description copied from interface: Authorizor
Used to get the authorizations for the user

Specified by:
getCachedUserAuthorizations in interface Authorizor
Throws:
AccumuloSecurityException

ambiguousAuthorizations

public boolean ambiguousAuthorizations(String userName)

initUser

public void initUser(String user)
              throws AccumuloSecurityException
Description copied from interface: Authorizor
Initializes a new user

Specified by:
initUser in interface Authorizor
Specified by:
initUser in interface PermissionHandler
Throws:
AccumuloSecurityException

listUsers

public Set<String> listUsers()
                      throws AccumuloSecurityException
Specified by:
listUsers in interface Authenticator
Throws:
AccumuloSecurityException

authenticateUser

public boolean authenticateUser(String principal,
                                AuthenticationToken token)
Specified by:
authenticateUser in interface Authenticator

createUser

public void createUser(String principal,
                       AuthenticationToken token)
                throws AccumuloSecurityException
Specified by:
createUser in interface Authenticator
Throws:
AccumuloSecurityException

dropUser

public void dropUser(String user)
              throws AccumuloSecurityException
Description copied from interface: Authorizor
Deletes a user

Specified by:
dropUser in interface Authenticator
Specified by:
dropUser in interface Authorizor
Throws:
AccumuloSecurityException

changePassword

public void changePassword(String principal,
                           AuthenticationToken token)
                    throws AccumuloSecurityException
Specified by:
changePassword in interface Authenticator
Throws:
AccumuloSecurityException

userExists

public boolean userExists(String user)
Specified by:
userExists in interface Authenticator

hasSystemPermission

public boolean hasSystemPermission(String user,
                                   SystemPermission permission)
                            throws AccumuloSecurityException
Description copied from interface: PermissionHandler
Used to get the system permission for the user

Specified by:
hasSystemPermission in interface PermissionHandler
Throws:
AccumuloSecurityException

hasCachedSystemPermission

public boolean hasCachedSystemPermission(String user,
                                         SystemPermission permission)
                                  throws AccumuloSecurityException
Description copied from interface: PermissionHandler
Used to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included just in case we need it in the future.

Specified by:
hasCachedSystemPermission in interface PermissionHandler
Throws:
AccumuloSecurityException

hasTablePermission

public boolean hasTablePermission(String user,
                                  String table,
                                  TablePermission permission)
                           throws AccumuloSecurityException,
                                  TableNotFoundException
Description copied from interface: PermissionHandler
Used to get the table permission of a user for a table

Specified by:
hasTablePermission in interface PermissionHandler
Throws:
AccumuloSecurityException
TableNotFoundException

hasCachedTablePermission

public boolean hasCachedTablePermission(String user,
                                        String table,
                                        TablePermission permission)
                                 throws AccumuloSecurityException,
                                        TableNotFoundException
Description copied from interface: PermissionHandler
Used to get the table permission of a user for a table, with caching. This method is for high frequency operations

Specified by:
hasCachedTablePermission in interface PermissionHandler
Throws:
AccumuloSecurityException
TableNotFoundException

grantSystemPermission

public void grantSystemPermission(String user,
                                  SystemPermission permission)
                           throws AccumuloSecurityException
Description copied from interface: PermissionHandler
Gives the user the given system permission

Specified by:
grantSystemPermission in interface PermissionHandler
Throws:
AccumuloSecurityException

revokeSystemPermission

public void revokeSystemPermission(String user,
                                   SystemPermission permission)
                            throws AccumuloSecurityException
Description copied from interface: PermissionHandler
Denies the user the given system permission

Specified by:
revokeSystemPermission in interface PermissionHandler
Throws:
AccumuloSecurityException

grantTablePermission

public void grantTablePermission(String user,
                                 String table,
                                 TablePermission permission)
                          throws AccumuloSecurityException,
                                 TableNotFoundException
Description copied from interface: PermissionHandler
Gives the user the given table permission

Specified by:
grantTablePermission in interface PermissionHandler
Throws:
AccumuloSecurityException
TableNotFoundException

revokeTablePermission

public void revokeTablePermission(String user,
                                  String table,
                                  TablePermission permission)
                           throws AccumuloSecurityException,
                                  TableNotFoundException
Description copied from interface: PermissionHandler
Denies the user the given table permission.

Specified by:
revokeTablePermission in interface PermissionHandler
Throws:
AccumuloSecurityException
TableNotFoundException

cleanTablePermissions

public void cleanTablePermissions(String table)
                           throws AccumuloSecurityException,
                                  TableNotFoundException
Description copied from interface: PermissionHandler
Cleans up the permissions for a table. Used when a table gets deleted.

Specified by:
cleanTablePermissions in interface PermissionHandler
Throws:
AccumuloSecurityException
TableNotFoundException

cleanUser

public void cleanUser(String user)
               throws AccumuloSecurityException
Description copied from interface: PermissionHandler
Deletes a user

Specified by:
cleanUser in interface PermissionHandler
Throws:
AccumuloSecurityException

getTabUserName

public String getTabUserName()

getSysUserName

public String getSysUserName()

setTabUserName

public void setTabUserName(String name)

setSysUserName

public void setSysUserName(String name)

getTableName

public String getTableName()

getTableExists

public boolean getTableExists()

getSysCredentials

public TCredentials getSysCredentials()

getTabCredentials

public TCredentials getTabCredentials()

getSysToken

public AuthenticationToken getSysToken()

getTabToken

public AuthenticationToken getTabToken()

getUserPassword

public byte[] getUserPassword(String user)

getSysPassword

public byte[] getSysPassword()

getTabPassword

public byte[] getTabPassword()

userPassTransient

public boolean userPassTransient(String user)

setTableName

public void setTableName(String tName)

initTable

public void initTable(String table)
               throws AccumuloSecurityException
Description copied from interface: PermissionHandler
Initializes a new user

Specified by:
initTable in interface PermissionHandler
Throws:
AccumuloSecurityException

getAuthsArray

public String[] getAuthsArray()

inAmbiguousZone

public boolean inAmbiguousZone(String userName,
                               TablePermission tp)

getAuthsMap

public Map<String,Integer> getAuthsMap()

getLastKey

public String getLastKey()

increaseAuthMap

public void increaseAuthMap(String s,
                            int increment)

getFs

public org.apache.hadoop.fs.FileSystem getFs()

canAskAboutUser

public boolean canAskAboutUser(TCredentials credentials,
                               String user)
                        throws ThriftSecurityException
Overrides:
canAskAboutUser in class SecurityOperation
Throws:
ThriftSecurityException

validTokenClass

public boolean validTokenClass(String tokenClass)
Description copied from interface: Authenticator
Returns true if the given token is appropriate for this Authenticator

Specified by:
validTokenClass in interface Authenticator

clearInstance

public static void clearInstance()

getSupportedTokenTypes

public Set<Class<? extends AuthenticationToken>> getSupportedTokenTypes()
Specified by:
getSupportedTokenTypes in interface Authenticator


Copyright © 2013 Apache Accumulo Project. All Rights Reserved.