Examples with ThriftSecurityException org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException used on opensource projects

Example 36 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class ClientServiceHandler method getDiskUsage.

@Override
public List<TDiskUsage> getDiskUsage(Set<String> tables, TCredentials credentials) throws ThriftTableOperationException, ThriftSecurityException, TException {
    try {
        HashSet<Table.ID> tableIds = new HashSet<>();
        for (String table : tables) {
            // ensure that table table exists
            Table.ID tableId = checkTableId(instance, table, null);
            tableIds.add(tableId);
            Namespace.ID namespaceId = Tables.getNamespaceId(instance, tableId);
            if (!security.canScan(credentials, tableId, namespaceId))
                throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
        }
        // use the same set of tableIds that were validated above to avoid race conditions
        Map<TreeSet<String>, Long> diskUsage = TableDiskUsage.getDiskUsage(tableIds, fs, context.getConnector());
        List<TDiskUsage> retUsages = new ArrayList<>();
        for (Map.Entry<TreeSet<String>, Long> usageItem : diskUsage.entrySet()) {
            retUsages.add(new TDiskUsage(new ArrayList<>(usageItem.getKey()), usageItem.getValue()));
        }
        return retUsages;
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    } catch (AccumuloException | TableNotFoundException | IOException e) {
        throw new TException(e);
    }
}

Example 37 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class ClientServiceHandler method checkNamespaceClass.

@Override
public boolean checkNamespaceClass(TInfo tinfo, TCredentials credentials, String ns, String className, String interfaceMatch) throws TException, ThriftTableOperationException, ThriftSecurityException {
    security.authenticateUser(credentials, credentials);
    Namespace.ID namespaceId = checkNamespaceId(instance, ns, null);
    ClassLoader loader = getClass().getClassLoader();
    Class<?> shouldMatch;
    try {
        shouldMatch = loader.loadClass(interfaceMatch);
        AccumuloConfiguration conf = context.getServerConfigurationFactory().getNamespaceConfiguration(namespaceId);
        String context = conf.get(Property.TABLE_CLASSPATH);
        ClassLoader currentLoader;
        if (context != null && !context.equals("")) {
            currentLoader = AccumuloVFSClassLoader.getContextManager().getClassLoader(context);
        } else {
            currentLoader = AccumuloVFSClassLoader.getClassLoader();
        }
        Class<?> test = currentLoader.loadClass(className).asSubclass(shouldMatch);
        test.newInstance();
        return true;
    } catch (Exception e) {
        log.warn("Error checking object types", e);
        return false;
    }
}

Example 38 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class ClientServiceHandler method createLocalUser.

@Override
public void createLocalUser(TInfo tinfo, TCredentials credentials, String principal, ByteBuffer password) throws ThriftSecurityException {
    AuthenticationToken token;
    if (null != context.getSaslParams()) {
        try {
            token = new KerberosToken();
        } catch (IOException e) {
            log.warn("Failed to create KerberosToken");
            throw new ThriftSecurityException(e.getMessage(), SecurityErrorCode.DEFAULT_SECURITY_ERROR);
        }
    } else {
        token = new PasswordToken(password);
    }
    Credentials newUser = new Credentials(principal, token);
    security.createUser(credentials, newUser, new Authorizations());
}

Example 39 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class TableOperationsImpl method getDiskUsage.

@Override
public List<DiskUsage> getDiskUsage(Set<String> tableNames) throws AccumuloException, AccumuloSecurityException, TableNotFoundException {
    List<TDiskUsage> diskUsages = null;
    while (diskUsages == null) {
        Pair<String, Client> pair = null;
        try {
            // this operation may us a lot of memory... its likely that connections to tabletservers hosting metadata tablets will be cached, so do not use cached
            // connections
            pair = ServerClient.getConnection(context, false);
            diskUsages = pair.getSecond().getDiskUsage(tableNames, context.rpcCreds());
        } catch (ThriftTableOperationException e) {
            switch(e.getType()) {
                case NOTFOUND:
                    throw new TableNotFoundException(e);
                case NAMESPACE_NOTFOUND:
                    throw new TableNotFoundException(e.getTableName(), new NamespaceNotFoundException(e));
                default:
                    throw new AccumuloException(e.description, e);
            }
        } catch (ThriftSecurityException e) {
            throw new AccumuloSecurityException(e.getUser(), e.getCode());
        } catch (TTransportException e) {
            // some sort of communication error occurred, retry
            if (pair == null) {
                log.debug("Disk usage request failed.  Pair is null.  Retrying request...", e);
            } else {
                log.debug("Disk usage request failed {}, retrying ... ", pair.getFirst(), e);
            }
            sleepUninterruptibly(100, TimeUnit.MILLISECONDS);
        } catch (TException e) {
            // may be a TApplicationException which indicates error on the server side
            throw new AccumuloException(e);
        } finally {
            // must always return thrift connection
            if (pair != null)
                ServerClient.close(pair.getSecond());
        }
    }
    List<DiskUsage> finalUsages = new ArrayList<>();
    for (TDiskUsage diskUsage : diskUsages) {
        finalUsages.add(new DiskUsage(new TreeSet<>(diskUsage.getTables()), diskUsage.getUsage()));
    }
    return finalUsages;
}

Example 40 with ThriftSecurityException

use of org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException in project accumulo by apache.

the class TableOperationsImpl method testClassLoad.

@Override
public boolean testClassLoad(final String tableName, final String className, final String asTypeName) throws TableNotFoundException, AccumuloException, AccumuloSecurityException {
    checkArgument(tableName != null, "tableName is null");
    checkArgument(className != null, "className is null");
    checkArgument(asTypeName != null, "asTypeName is null");
    try {
        return ServerClient.executeRaw(context, new ClientExecReturn<Boolean, ClientService.Client>() {

            @Override
            public Boolean execute(ClientService.Client client) throws Exception {
                return client.checkTableClass(Tracer.traceInfo(), context.rpcCreds(), tableName, className, asTypeName);
            }
        });
    } catch (ThriftTableOperationException e) {
        switch(e.getType()) {
            case NOTFOUND:
                throw new TableNotFoundException(e);
            case NAMESPACE_NOTFOUND:
                throw new TableNotFoundException(tableName, new NamespaceNotFoundException(e));
            default:
                throw new AccumuloException(e.description, e);
        }
    } catch (ThriftSecurityException e) {
        throw new AccumuloSecurityException(e.user, e.code, e);
    } catch (AccumuloException e) {
        throw e;
    } catch (Exception e) {
        throw new AccumuloException(e);
    }
}