Examples with ClientConfiguration org.apache.accumulo.core.client.ClientConfiguration used on opensource projects

Search in sources :

Example 71 with ClientConfiguration

use of org.apache.accumulo.core.client.ClientConfiguration in project accumulo by apache.

the class ClientContext method convertClientConfig.

/**
 * A utility method for converting client configuration to a standard configuration object for use internally.
 *
 * @param config
 *          the original {@link ClientConfiguration}
 * @return the client configuration presented in the form of an {@link AccumuloConfiguration}
 */
public static AccumuloConfiguration convertClientConfig(final ClientConfiguration config) {
    final AccumuloConfiguration defaults = DefaultConfiguration.getInstance();
    return new AccumuloConfiguration() {

        @Override
        public String get(Property property) {
            final String key = property.getKey();
            // Attempt to load sensitive properties from a CredentialProvider, if configured
            if (property.isSensitive()) {
                org.apache.hadoop.conf.Configuration hadoopConf = getHadoopConfiguration();
                if (null != hadoopConf) {
                    try {
                        char[] value = CredentialProviderFactoryShim.getValueFromCredentialProvider(hadoopConf, key);
                        if (null != value) {
                            log.trace("Loaded sensitive value for {} from CredentialProvider", key);
                            return new String(value);
                        } else {
                            log.trace("Tried to load sensitive value for {} from CredentialProvider, but none was found", key);
                        }
                    } catch (IOException e) {
                        log.warn("Failed to extract sensitive property ({}) from Hadoop CredentialProvider, falling back to base AccumuloConfiguration", key, e);
                    }
                }
            }
            if (config.containsKey(key))
                return config.getString(key);
            else {
                // Reconstitute the server kerberos property from the client config
                if (Property.GENERAL_KERBEROS_PRINCIPAL == property) {
                    if (config.containsKey(ClientConfiguration.ClientProperty.KERBEROS_SERVER_PRIMARY.getKey())) {
                        // Avoid providing a realm since we don't know what it is...
                        return config.getString(ClientConfiguration.ClientProperty.KERBEROS_SERVER_PRIMARY.getKey()) + "/_HOST@" + SaslConnectionParams.getDefaultRealm();
                    }
                }
                return defaults.get(property);
            }
        }

        @Override
        public void getProperties(Map<String, String> props, Predicate<String> filter) {
            defaults.getProperties(props, filter);
            Iterator<String> keyIter = config.getKeys();
            while (keyIter.hasNext()) {
                String key = keyIter.next().toString();
                if (filter.test(key))
                    props.put(key, config.getString(key));
            }
            // Automatically reconstruct the server property when converting a client config.
            if (props.containsKey(ClientConfiguration.ClientProperty.KERBEROS_SERVER_PRIMARY.getKey())) {
                final String serverPrimary = props.remove(ClientConfiguration.ClientProperty.KERBEROS_SERVER_PRIMARY.getKey());
                if (filter.test(Property.GENERAL_KERBEROS_PRINCIPAL.getKey())) {
                    // Use the _HOST expansion. It should be unnecessary in "client land".
                    props.put(Property.GENERAL_KERBEROS_PRINCIPAL.getKey(), serverPrimary + "/_HOST@" + SaslConnectionParams.getDefaultRealm());
                }
            }
            // Attempt to load sensitive properties from a CredentialProvider, if configured
            org.apache.hadoop.conf.Configuration hadoopConf = getHadoopConfiguration();
            if (null != hadoopConf) {
                try {
                    for (String key : CredentialProviderFactoryShim.getKeys(hadoopConf)) {
                        if (!Property.isValidPropertyKey(key) || !Property.isSensitive(key)) {
                            continue;
                        }
                        if (filter.test(key)) {
                            char[] value = CredentialProviderFactoryShim.getValueFromCredentialProvider(hadoopConf, key);
                            if (null != value) {
                                props.put(key, new String(value));
                            }
                        }
                    }
                } catch (IOException e) {
                    log.warn("Failed to extract sensitive properties from Hadoop CredentialProvider, falling back to accumulo-site.xml", e);
                }
            }
        }

        private org.apache.hadoop.conf.Configuration getHadoopConfiguration() {
            String credProviderPaths = config.getString(Property.GENERAL_SECURITY_CREDENTIAL_PROVIDER_PATHS.getKey());
            if (null != credProviderPaths && !credProviderPaths.isEmpty()) {
                org.apache.hadoop.conf.Configuration hadoopConf = new org.apache.hadoop.conf.Configuration();
                hadoopConf.set(CredentialProviderFactoryShim.CREDENTIAL_PROVIDER_PATH, credProviderPaths);
                return hadoopConf;
            }
            log.trace("Did not find credential provider configuration in ClientConfiguration");
            return null;
        }
    };
}
Also used : DefaultConfiguration(org.apache.accumulo.core.conf.DefaultConfiguration) AccumuloConfiguration(org.apache.accumulo.core.conf.AccumuloConfiguration) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) IOException(java.io.IOException) Predicate(java.util.function.Predicate) Property(org.apache.accumulo.core.conf.Property) Map(java.util.Map) AccumuloConfiguration(org.apache.accumulo.core.conf.AccumuloConfiguration)

Example 72 with ClientConfiguration

use of org.apache.accumulo.core.client.ClientConfiguration in project accumulo by apache.

the class SaslConnectionParamsTest method testDefaultParamsAsClient.

@Test
public void testDefaultParamsAsClient() throws Exception {
    final KerberosToken token = EasyMock.createMock(KerberosToken.class);
    testUser.doAs(new PrivilegedExceptionAction<Void>() {

        @Override
        public Void run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            final SaslConnectionParams saslParams = new SaslConnectionParams(clientConf, token);
            assertEquals(primary, saslParams.getKerberosServerPrimary());
            final QualityOfProtection defaultQop = QualityOfProtection.get(Property.RPC_SASL_QOP.getDefaultValue());
            assertEquals(defaultQop, saslParams.getQualityOfProtection());
            Map<String, String> properties = saslParams.getSaslProperties();
            assertEquals(1, properties.size());
            assertEquals(defaultQop.getQuality(), properties.get(Sasl.QOP));
            assertEquals(username, saslParams.getPrincipal());
            return null;
        }
    });
}
Also used : QualityOfProtection(org.apache.accumulo.core.rpc.SaslConnectionParams.QualityOfProtection) KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) Map(java.util.Map) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) Test(org.junit.Test)

Example 73 with ClientConfiguration

use of org.apache.accumulo.core.client.ClientConfiguration in project accumulo by apache.

the class SaslConnectionParamsTest method testDelegationTokenImpl.

@Test
public void testDelegationTokenImpl() throws Exception {
    final DelegationTokenImpl token = new DelegationTokenImpl(new byte[0], new AuthenticationTokenIdentifier("user", 1, 10l, 20l, "instanceid"));
    testUser.doAs(new PrivilegedExceptionAction<Void>() {

        @Override
        public Void run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            final AccumuloConfiguration rpcConf = ClientContext.convertClientConfig(clientConf);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            final SaslConnectionParams saslParams = new SaslConnectionParams(rpcConf, token);
            assertEquals(primary, saslParams.getKerberosServerPrimary());
            final QualityOfProtection defaultQop = QualityOfProtection.get(Property.RPC_SASL_QOP.getDefaultValue());
            assertEquals(defaultQop, saslParams.getQualityOfProtection());
            assertEquals(SaslMechanism.DIGEST_MD5, saslParams.getMechanism());
            assertNotNull(saslParams.getCallbackHandler());
            assertEquals(SaslClientDigestCallbackHandler.class, saslParams.getCallbackHandler().getClass());
            Map<String, String> properties = saslParams.getSaslProperties();
            assertEquals(1, properties.size());
            assertEquals(defaultQop.getQuality(), properties.get(Sasl.QOP));
            assertEquals(username, saslParams.getPrincipal());
            return null;
        }
    });
}
Also used : QualityOfProtection(org.apache.accumulo.core.rpc.SaslConnectionParams.QualityOfProtection) DelegationTokenImpl(org.apache.accumulo.core.client.impl.DelegationTokenImpl) AuthenticationTokenIdentifier(org.apache.accumulo.core.client.impl.AuthenticationTokenIdentifier) Map(java.util.Map) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) AccumuloConfiguration(org.apache.accumulo.core.conf.AccumuloConfiguration) Test(org.junit.Test)

Example 74 with ClientConfiguration

use of org.apache.accumulo.core.client.ClientConfiguration in project accumulo by apache.

the class SaslConnectionParamsTest method testEquality.

@Test
public void testEquality() throws Exception {
    final KerberosToken token = EasyMock.createMock(KerberosToken.class);
    SaslConnectionParams params1 = testUser.doAs(new PrivilegedExceptionAction<SaslConnectionParams>() {

        @Override
        public SaslConnectionParams run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            final AccumuloConfiguration rpcConf = ClientContext.convertClientConfig(clientConf);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            return new SaslConnectionParams(rpcConf, token);
        }
    });
    SaslConnectionParams params2 = testUser.doAs(new PrivilegedExceptionAction<SaslConnectionParams>() {

        @Override
        public SaslConnectionParams run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            final AccumuloConfiguration rpcConf = ClientContext.convertClientConfig(clientConf);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            return new SaslConnectionParams(rpcConf, token);
        }
    });
    assertEquals(params1, params2);
    assertEquals(params1.hashCode(), params2.hashCode());
    final DelegationTokenImpl delToken1 = new DelegationTokenImpl(new byte[0], new AuthenticationTokenIdentifier("user", 1, 10l, 20l, "instanceid"));
    SaslConnectionParams params3 = testUser.doAs(new PrivilegedExceptionAction<SaslConnectionParams>() {

        @Override
        public SaslConnectionParams run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            final AccumuloConfiguration rpcConf = ClientContext.convertClientConfig(clientConf);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            return new SaslConnectionParams(rpcConf, delToken1);
        }
    });
    assertNotEquals(params1, params3);
    assertNotEquals(params1.hashCode(), params3.hashCode());
    assertNotEquals(params2, params3);
    assertNotEquals(params2.hashCode(), params3.hashCode());
    final DelegationTokenImpl delToken2 = new DelegationTokenImpl(new byte[0], new AuthenticationTokenIdentifier("user", 1, 10l, 20l, "instanceid"));
    SaslConnectionParams params4 = testUser.doAs(new PrivilegedExceptionAction<SaslConnectionParams>() {

        @Override
        public SaslConnectionParams run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            final AccumuloConfiguration rpcConf = ClientContext.convertClientConfig(clientConf);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            return new SaslConnectionParams(rpcConf, delToken2);
        }
    });
    assertNotEquals(params1, params4);
    assertNotEquals(params1.hashCode(), params4.hashCode());
    assertNotEquals(params2, params4);
    assertNotEquals(params2.hashCode(), params4.hashCode());
    assertEquals(params3, params4);
    assertEquals(params3.hashCode(), params4.hashCode());
}
Also used : KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) DelegationTokenImpl(org.apache.accumulo.core.client.impl.DelegationTokenImpl) AuthenticationTokenIdentifier(org.apache.accumulo.core.client.impl.AuthenticationTokenIdentifier) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) AccumuloConfiguration(org.apache.accumulo.core.conf.AccumuloConfiguration) Test(org.junit.Test)

Example 75 with ClientConfiguration

use of org.apache.accumulo.core.client.ClientConfiguration in project accumulo by apache.

the class SaslConnectionParamsTest method testDefaultParams.

@Test
public void testDefaultParams() throws Exception {
    final KerberosToken token = EasyMock.createMock(KerberosToken.class);
    testUser.doAs(new PrivilegedExceptionAction<Void>() {

        @Override
        public Void run() throws Exception {
            final ClientConfiguration clientConf = ClientConfiguration.loadDefault();
            // The primary is the first component of the principal
            final String primary = "accumulo";
            clientConf.withSasl(true, primary);
            final AccumuloConfiguration rpcConf = ClientContext.convertClientConfig(clientConf);
            assertEquals("true", clientConf.get(ClientProperty.INSTANCE_RPC_SASL_ENABLED));
            final SaslConnectionParams saslParams = new SaslConnectionParams(rpcConf, token);
            assertEquals(primary, saslParams.getKerberosServerPrimary());
            final QualityOfProtection defaultQop = QualityOfProtection.get(Property.RPC_SASL_QOP.getDefaultValue());
            assertEquals(defaultQop, saslParams.getQualityOfProtection());
            Map<String, String> properties = saslParams.getSaslProperties();
            assertEquals(1, properties.size());
            assertEquals(defaultQop.getQuality(), properties.get(Sasl.QOP));
            assertEquals(username, saslParams.getPrincipal());
            return null;
        }
    });
}
Also used : QualityOfProtection(org.apache.accumulo.core.rpc.SaslConnectionParams.QualityOfProtection) KerberosToken(org.apache.accumulo.core.client.security.tokens.KerberosToken) Map(java.util.Map) ClientConfiguration(org.apache.accumulo.core.client.ClientConfiguration) AccumuloConfiguration(org.apache.accumulo.core.conf.AccumuloConfiguration) Test(org.junit.Test)

Aggregations

ClientConfiguration (org.apache.accumulo.core.client.ClientConfiguration)79 Test (org.junit.Test)40 Connector (org.apache.accumulo.core.client.Connector)28 PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)28 IOException (java.io.IOException)16 TestIngest (org.apache.accumulo.test.TestIngest)15 BatchWriterOpts (org.apache.accumulo.core.cli.BatchWriterOpts)13 ScannerOpts (org.apache.accumulo.core.cli.ScannerOpts)12 KerberosToken (org.apache.accumulo.core.client.security.tokens.KerberosToken)12 AccumuloConfiguration (org.apache.accumulo.core.conf.AccumuloConfiguration)11 VerifyIngest (org.apache.accumulo.test.VerifyIngest)11 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)10 ClusterUser (org.apache.accumulo.cluster.ClusterUser)9 ZooKeeperInstance (org.apache.accumulo.core.client.ZooKeeperInstance)9 Map (java.util.Map)7 AccumuloException (org.apache.accumulo.core.client.AccumuloException)7 AuthenticationToken (org.apache.accumulo.core.client.security.tokens.AuthenticationToken)7 Instance (org.apache.accumulo.core.client.Instance)6 Authorizations (org.apache.accumulo.core.security.Authorizations)6 Path (org.apache.hadoop.fs.Path)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial