Examples with ThriftSecurityException org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException used on opensource projects

Example 26 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method grantNamespacePermission.

public void grantNamespacePermission(TCredentials c, String user, Namespace.ID namespace, NamespacePermission permission) throws ThriftSecurityException {
    if (!canGrantNamespace(c, user, namespace))
        throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    targetUserExists(user);
    try {
        permHandle.grantNamespacePermission(user, namespace, permission);
        log.info("Granted namespace permission {} for user {} on the namespace {} at the request of user {}", permission, user, namespace, c.getPrincipal());
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    } catch (NamespaceNotFoundException e) {
        throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
    }
}

Example 27 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandler method updateArgs.

/**
 * Try to find a TCredentials object in the argument list, and, when the AuthenticationToken is a KerberosToken, set the principal from the SASL server as the
 * TCredentials principal. This ensures that users can't spoof a different principal into the Credentials than what they used to authenticate.
 */
protected void updateArgs(Object[] args) throws ThriftSecurityException {
    // If we don't have at least two args
    if (args == null || args.length < 2) {
        return;
    }
    TCredentials tcreds = null;
    if (args[0] != null && args[0] instanceof TCredentials) {
        tcreds = (TCredentials) args[0];
    } else if (args[1] != null && args[1] instanceof TCredentials) {
        tcreds = (TCredentials) args[1];
    }
    // If we don't find a tcredentials in the first two positions
    if (null == tcreds) {
        // Not all calls require authentication (e.g. closeMultiScan). We need to let these pass through.
        log.trace("Did not find a TCredentials object in the first two positions of the argument list, not updating principal");
        return;
    }
    Class<? extends AuthenticationToken> tokenClass = getTokenClassFromName(tcreds.tokenClassName);
    // The Accumulo principal extracted from the SASL transport
    final String principal = UGIAssumingProcessor.rpcPrincipal();
    // If we authenticated the user over DIGEST-MD5 and they have a DelegationToken, the principals should match
    if (SaslMechanism.DIGEST_MD5 == UGIAssumingProcessor.rpcMechanism() && DelegationTokenImpl.class.isAssignableFrom(tokenClass)) {
        if (!principal.equals(tcreds.principal)) {
            log.warn("{} issued RPC with delegation token over DIGEST-MD5 as the Accumulo principal {}. Disallowing RPC", principal, tcreds.principal);
            throw new ThriftSecurityException("RPC principal did not match provided Accumulo principal", SecurityErrorCode.BAD_CREDENTIALS);
        }
        return;
    }
    // If the authentication token isn't a KerberosToken
    if (!KerberosToken.class.isAssignableFrom(tokenClass) && !SystemToken.class.isAssignableFrom(tokenClass)) {
        // Don't include messages about SystemToken since it's internal
        log.debug("Will not update principal on authentication tokens other than KerberosToken. Received {}", tokenClass);
        throw new ThriftSecurityException("Did not receive a valid token", SecurityErrorCode.BAD_CREDENTIALS);
    }
    if (null == principal) {
        log.debug("Found KerberosToken in TCredentials, but did not receive principal from SASL processor");
        throw new ThriftSecurityException("Did not extract principal from Thrift SASL processor", SecurityErrorCode.BAD_CREDENTIALS);
    }
    // The principal from the SASL transport should match what the user requested as their Accumulo principal
    if (!principal.equals(tcreds.principal)) {
        UsersWithHosts usersWithHosts = impersonation.get(principal);
        if (null == usersWithHosts) {
            principalMismatch(principal, tcreds.principal);
        }
        if (!usersWithHosts.getUsers().contains(tcreds.principal)) {
            principalMismatch(principal, tcreds.principal);
        }
        String clientAddr = TServerUtils.clientAddress.get();
        if (!usersWithHosts.getHosts().contains(clientAddr)) {
            final String msg = "Principal in credentials object allowed mismatched Kerberos principals, but not on " + clientAddr;
            log.warn(msg);
            throw new ThriftSecurityException(msg, SecurityErrorCode.BAD_CREDENTIALS);
        }
    }
}

Example 28 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class MasterClientServiceHandler method setSystemProperty.

@Override
public void setSystemProperty(TInfo info, TCredentials c, String property, String value) throws ThriftSecurityException, TException {
    master.security.canPerformSystemActions(c);
    try {
        SystemPropUtil.setSystemProperty(property, value);
        updatePlugins(property);
    } catch (IllegalArgumentException iae) {
        // throw the exception here so it is not caught and converted to a generic TException
        throw iae;
    } catch (Exception e) {
        Master.log.error("Problem setting config property in zookeeper", e);
        throw new TException(e.getMessage());
    }
}

Example 29 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class MasterClientServiceHandler method getDelegationToken.

@Override
public TDelegationToken getDelegationToken(TInfo tinfo, TCredentials credentials, TDelegationTokenConfig tConfig) throws ThriftSecurityException, TException {
    if (!master.security.canObtainDelegationToken(credentials)) {
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    }
    // Round-about way to verify that SASL is also enabled.
    if (!master.delegationTokensAvailable()) {
        throw new TException("Delegation tokens are not available for use");
    }
    final DelegationTokenConfig config = DelegationTokenConfigSerializer.deserialize(tConfig);
    final AuthenticationTokenSecretManager secretManager = master.getSecretManager();
    try {
        Entry<Token<AuthenticationTokenIdentifier>, AuthenticationTokenIdentifier> pair = secretManager.generateToken(credentials.principal, config);
        return new TDelegationToken(ByteBuffer.wrap(pair.getKey().getPassword()), pair.getValue().getThriftIdentifier());
    } catch (Exception e) {
        throw new TException(e.getMessage());
    }
}

Example 30 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class MasterClientServiceHandler method initiateFlush.

@Override
public long initiateFlush(TInfo tinfo, TCredentials c, String tableIdStr) throws ThriftSecurityException, ThriftTableOperationException {
    Table.ID tableId = Table.ID.of(tableIdStr);
    Namespace.ID namespaceId = getNamespaceIdFromTableId(TableOperation.FLUSH, tableId);
    master.security.canFlush(c, tableId, namespaceId);
    String zTablePath = Constants.ZROOT + "/" + master.getInstance().getInstanceID() + Constants.ZTABLES + "/" + tableId + Constants.ZTABLE_FLUSH_ID;
    IZooReaderWriter zoo = ZooReaderWriter.getInstance();
    byte[] fid;
    try {
        fid = zoo.mutate(zTablePath, null, null, new Mutator() {

            @Override
            public byte[] mutate(byte[] currentValue) throws Exception {
                long flushID = Long.parseLong(new String(currentValue));
                flushID++;
                return ("" + flushID).getBytes();
            }
        });
    } catch (NoNodeException nne) {
        throw new ThriftTableOperationException(tableId.canonicalID(), null, TableOperation.FLUSH, TableOperationExceptionType.NOTFOUND, null);
    } catch (Exception e) {
        Master.log.warn("{}", e.getMessage(), e);
        throw new ThriftTableOperationException(tableId.canonicalID(), null, TableOperation.FLUSH, TableOperationExceptionType.OTHER, null);
    }
    return Long.parseLong(new String(fid));
}