Examples with ThriftSecurityException org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException used on opensource projects

Example 31 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class ClientServiceHandler method getDiskUsage.

@Override
public List<TDiskUsage> getDiskUsage(Set<String> tables, TCredentials credentials) throws ThriftTableOperationException, ThriftSecurityException, TException {
    try {
        HashSet<TableId> tableIds = new HashSet<>();
        for (String table : tables) {
            // ensure that table table exists
            TableId tableId = checkTableId(context, table, null);
            tableIds.add(tableId);
            NamespaceId namespaceId = context.getNamespaceId(tableId);
            if (!security.canScan(credentials, tableId, namespaceId))
                throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
        }
        // use the same set of tableIds that were validated above to avoid race conditions
        Map<TreeSet<String>, Long> diskUsage = TableDiskUsage.getDiskUsage(tableIds, context.getVolumeManager(), context);
        List<TDiskUsage> retUsages = new ArrayList<>();
        for (Map.Entry<TreeSet<String>, Long> usageItem : diskUsage.entrySet()) {
            retUsages.add(new TDiskUsage(new ArrayList<>(usageItem.getKey()), usageItem.getValue()));
        }
        return retUsages;
    } catch (TableNotFoundException | IOException e) {
        throw new TException(e);
    }
}

Example 32 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class TCredentialsUpdatingInvocationHandler method updateArgs.

/**
 * Try to find a TCredentials object in the argument list, and, when the AuthenticationToken is a
 * KerberosToken, set the principal from the SASL server as the TCredentials principal. This
 * ensures that users can't spoof a different principal into the Credentials than what they used
 * to authenticate.
 */
protected void updateArgs(Object[] args) throws ThriftSecurityException {
    // If we don't have at least two args
    if (args == null || args.length < 2) {
        return;
    }
    TCredentials tcreds = null;
    if (args[0] != null && args[0] instanceof TCredentials) {
        tcreds = (TCredentials) args[0];
    } else if (args[1] != null && args[1] instanceof TCredentials) {
        tcreds = (TCredentials) args[1];
    }
    // If we don't find a tcredentials in the first two positions
    if (tcreds == null) {
        // Not all calls require authentication (e.g. closeMultiScan). We need to let these pass
        // through.
        log.trace("Did not find a TCredentials object in the first two positions" + " of the argument list, not updating principal");
        return;
    }
    Class<? extends AuthenticationToken> tokenClass = getTokenClassFromName(tcreds.tokenClassName);
    // The Accumulo principal extracted from the SASL transport
    final String principal = UGIAssumingProcessor.rpcPrincipal();
    // should match
    if (UGIAssumingProcessor.rpcMechanism() == SaslMechanism.DIGEST_MD5 && DelegationTokenImpl.class.isAssignableFrom(tokenClass)) {
        if (!principal.equals(tcreds.principal)) {
            log.warn("{} issued RPC with delegation token over DIGEST-MD5 as the " + "Accumulo principal {}. Disallowing RPC", principal, tcreds.principal);
            throw new ThriftSecurityException("RPC principal did not match provided Accumulo principal", SecurityErrorCode.BAD_CREDENTIALS);
        }
        return;
    }
    // If the authentication token isn't a KerberosToken
    if (!KerberosToken.class.isAssignableFrom(tokenClass) && !SystemToken.class.isAssignableFrom(tokenClass)) {
        // Don't include messages about SystemToken since it's internal
        log.debug("Will not update principal on authentication tokens other than" + " KerberosToken. Received {}", tokenClass);
        throw new ThriftSecurityException("Did not receive a valid token", SecurityErrorCode.BAD_CREDENTIALS);
    }
    if (principal == null) {
        log.debug("Found KerberosToken in TCredentials, but did not receive principal from SASL processor");
        throw new ThriftSecurityException("Did not extract principal from Thrift SASL processor", SecurityErrorCode.BAD_CREDENTIALS);
    }
    // principal
    if (!principal.equals(tcreds.principal)) {
        UsersWithHosts usersWithHosts = impersonation.get(principal);
        if (usersWithHosts == null) {
            principalMismatch(principal, tcreds.principal);
        }
        if (!usersWithHosts.getUsers().contains(tcreds.principal)) {
            principalMismatch(principal, tcreds.principal);
        }
        String clientAddr = TServerUtils.clientAddress.get();
        if (!usersWithHosts.getHosts().contains(clientAddr)) {
            final String msg = "Principal in credentials object allowed mismatched" + " Kerberos principals, but not on " + clientAddr;
            log.warn(msg);
            throw new ThriftSecurityException(msg, SecurityErrorCode.BAD_CREDENTIALS);
        }
    }
}

Example 33 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method grantNamespacePermission.

public void grantNamespacePermission(TCredentials c, String user, NamespaceId namespace, NamespacePermission permission) throws ThriftSecurityException {
    if (!canGrantNamespace(c, namespace))
        throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    targetUserExists(user);
    try {
        permHandle.grantNamespacePermission(user, namespace.canonical(), permission);
        log.info("Granted namespace permission {} for user {} on the namespace {}" + " at the request of user {}", permission, user, namespace, c.getPrincipal());
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    } catch (NamespaceNotFoundException e) {
        throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.NAMESPACE_DOESNT_EXIST);
    }
}

Example 34 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method changeAuthorizations.

public void changeAuthorizations(TCredentials credentials, String user, Authorizations authorizations) throws ThriftSecurityException {
    if (!canChangeAuthorizations(credentials, user))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    targetUserExists(user);
    try {
        authorizor.changeAuthorizations(user, authorizations);
        log.info("Changed authorizations for user {} at the request of user {}", user, credentials.getPrincipal());
    } catch (AccumuloSecurityException ase) {
        throw ase.asThriftException();
    }
}

Example 35 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method revokeSystemPermission.

public void revokeSystemPermission(TCredentials credentials, String user, SystemPermission permission) throws ThriftSecurityException {
    if (!canRevokeSystem(credentials, user, permission))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    targetUserExists(user);
    try {
        permHandle.revokeSystemPermission(user, permission);
        log.info("Revoked system permission {} for user {} at the request of user {}", permission, user, credentials.getPrincipal());
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    }
}