Example 46 with PasswordToken
use of org.apache.accumulo.core.client.security.tokens.PasswordToken in project incubator-rya by apache.
the class AccumuloAddUserIT method userNotAddedCanNotInsert.
/**
* Ensure a user that has not been added to the Rya instance can not interact with it.
*/
@Test
public void userNotAddedCanNotInsert() throws Exception {
final String user = testInstance.createUniqueUser();
final SecurityOperations secOps = super.getConnector().securityOperations();
final RyaClient userAClient = AccumuloRyaClientFactory.build(new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()), super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));
// Install the instance of Rya.
userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());
// Create the user that will not be added to the instance of Rya, but will try to scan it.
secOps.createLocalUser(user, new PasswordToken(user));
// Try to add a statement the Rya instance with the unauthorized user. This should fail.
boolean securityExceptionThrown = false;
Sail sail = null;
SailConnection sailConn = null;
try {
final AccumuloRdfConfiguration userCConf = makeRyaConfig(getRyaInstanceName(), user, user, getInstanceName(), getZookeepers());
sail = RyaSailFactory.getInstance(userCConf);
sailConn = sail.getConnection();
final ValueFactory vf = sail.getValueFactory();
sailConn.addStatement(vf.createURI("urn:Alice"), vf.createURI("urn:talksTo"), vf.createURI("urn:Bob"));
} catch (final RuntimeException e) {
final Throwable cause = e.getCause();
if (cause instanceof AccumuloSecurityException) {
securityExceptionThrown = true;
}
} finally {
if (sailConn != null) {
sailConn.close();
}
if (sail != null) {
sail.shutDown();
}
}
assertTrue(securityExceptionThrown);
}
Also used :
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
RyaClient(org.apache.rya.api.client.RyaClient)
ValueFactory(org.openrdf.model.ValueFactory)
AccumuloRdfConfiguration(org.apache.rya.accumulo.AccumuloRdfConfiguration)
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
SailConnection(org.openrdf.sail.SailConnection)
Sail(org.openrdf.sail.Sail)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
Test(org.junit.Test)
Example 47 with PasswordToken
use of org.apache.accumulo.core.client.security.tokens.PasswordToken in project incubator-rya by apache.
the class AccumuloAddUserIT method addUserTwice.
/**
* Ensure nothing happens if you try to add a user that is already there.
*/
@Test
public void addUserTwice() throws Exception {
final String user = testInstance.createUniqueUser();
final SecurityOperations secOps = super.getConnector().securityOperations();
final RyaClient userAClient = AccumuloRyaClientFactory.build(new AccumuloConnectionDetails(ADMIN_USER, ADMIN_USER.toCharArray(), getInstanceName(), getZookeepers()), super.getClusterInstance().getCluster().getConnector(ADMIN_USER, ADMIN_USER));
// Create the user that will not be added to the instance of Rya, but will try to scan it.
secOps.createLocalUser(user, new PasswordToken(user));
// Install the instance of Rya.
userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());
// Add the user.
userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
// Ensure the Rya instance's details only contain the username of the user who installed the instance.
final ImmutableList<String> expectedUsers = ImmutableList.<String>builder().add(ADMIN_USER).add(user).build();
final RyaDetails details = userAClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
assertEquals(expectedUsers, details.getUsers());
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
RyaDetails(org.apache.rya.api.instance.RyaDetails)
RyaClient(org.apache.rya.api.client.RyaClient)
Test(org.junit.Test)
Example 48 with PasswordToken
use of org.apache.accumulo.core.client.security.tokens.PasswordToken in project incubator-rya by apache.
the class AccumuloStorageTest method setUp.
@Override
public void setUp() throws Exception {
super.setUp();
connector = new MockInstance(instance).getConnector(user, new PasswordToken(pwd.getBytes()));
connector.tableOperations().create(table);
SecurityOperations secOps = connector.securityOperations();
secOps.createLocalUser(user, new PasswordToken(pwd.getBytes()));
secOps.grantTablePermission(user, table, TablePermission.READ);
secOps.grantTablePermission(user, table, TablePermission.WRITE);
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
MockInstance(org.apache.accumulo.core.client.mock.MockInstance)
SecurityOperations(org.apache.accumulo.core.client.admin.SecurityOperations)
Example 49 with PasswordToken
use of org.apache.accumulo.core.client.security.tokens.PasswordToken in project incubator-rya by apache.
the class AccumuloStorage method setStoreLocation.
@Override
public void setStoreLocation(final String location, final Job job) throws IOException {
conf = job.getConfiguration();
setLocationFromUri(location, job);
if (!conf.getBoolean(AccumuloOutputFormat.class.getSimpleName() + ".configured", false)) {
try {
AccumuloOutputFormat.setConnectorInfo(job, user, new PasswordToken(userP.getBytes(StandardCharsets.UTF_8)));
} catch (final AccumuloSecurityException e) {
throw new RuntimeException(e);
}
AccumuloOutputFormat.setDefaultTableName(job, table);
AccumuloOutputFormat.setZooKeeperInstance(job, inst, zookeepers);
final BatchWriterConfig config = new BatchWriterConfig();
config.setMaxLatency(10, TimeUnit.SECONDS);
config.setMaxMemory(10 * 1000 * 1000);
config.setMaxWriteThreads(10);
AccumuloOutputFormat.setBatchWriterOptions(job, config);
}
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
BatchWriterConfig(org.apache.accumulo.core.client.BatchWriterConfig)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
AccumuloOutputFormat(org.apache.accumulo.core.client.mapreduce.AccumuloOutputFormat)
Example 50 with PasswordToken
use of org.apache.accumulo.core.client.security.tokens.PasswordToken in project incubator-rya by apache.
the class AccumuloStorage method setLocation.
@Override
public void setLocation(final String location, final Job job) throws IOException {
if (logger.isDebugEnabled()) {
logger.debug("Set Location[" + location + "] for job[" + job.getJobName() + "]");
}
conf = job.getConfiguration();
setLocationFromUri(location, job);
if (!ConfiguratorBase.isConnectorInfoSet(AccumuloInputFormat.class, conf)) {
try {
AccumuloInputFormat.setConnectorInfo(job, user, new PasswordToken(userP.getBytes(StandardCharsets.UTF_8)));
} catch (final AccumuloSecurityException e) {
throw new RuntimeException(e);
}
AccumuloInputFormat.setInputTableName(job, table);
AccumuloInputFormat.setScanAuthorizations(job, authorizations);
if (!mock) {
AccumuloInputFormat.setZooKeeperInstance(job, inst, zookeepers);
} else {
AccumuloInputFormat.setMockInstance(job, inst);
}
}
if (columnFamilyColumnQualifierPairs.size() > 0) {
AccumuloInputFormat.fetchColumns(job, columnFamilyColumnQualifierPairs);
}
logger.info("Set ranges[" + ranges + "] for job[" + job.getJobName() + "] on table[" + table + "] " + "for columns[" + columnFamilyColumnQualifierPairs + "] with authorizations[" + authorizations + "]");
if (ranges.size() == 0) {
throw new IOException("Accumulo Range must be specified");
}
AccumuloInputFormat.setRanges(job, ranges);
}
Also used :
PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken)
AccumuloInputFormat(org.apache.accumulo.core.client.mapreduce.AccumuloInputFormat)
AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException)
IOException(java.io.IOException)
Aggregations
PasswordToken (org.apache.accumulo.core.client.security.tokens.PasswordToken)232
Test (org.junit.Test)104
Connector (org.apache.accumulo.core.client.Connector)96
MockInstance (org.apache.accumulo.core.client.mock.MockInstance)53
Instance (org.apache.accumulo.core.client.Instance)46
AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)43
ZooKeeperInstance (org.apache.accumulo.core.client.ZooKeeperInstance)40
Authorizations (org.apache.accumulo.core.security.Authorizations)38
AuthenticationToken (org.apache.accumulo.core.client.security.tokens.AuthenticationToken)32
BatchWriterConfig (org.apache.accumulo.core.client.BatchWriterConfig)31
ClientConfiguration (org.apache.accumulo.core.client.ClientConfiguration)30
Value (org.apache.accumulo.core.data.Value)30
Key (org.apache.accumulo.core.data.Key)29
Mutation (org.apache.accumulo.core.data.Mutation)29
AccumuloException (org.apache.accumulo.core.client.AccumuloException)27
Scanner (org.apache.accumulo.core.client.Scanner)27
Configuration (org.apache.hadoop.conf.Configuration)27
IOException (java.io.IOException)26
BatchWriter (org.apache.accumulo.core.client.BatchWriter)26
IteratorSetting (org.apache.accumulo.core.client.IteratorSetting)24
