Search in sources :

Example 81 with TProtocol

use of org.apache.thrift.protocol.TProtocol in project carbondata by apache.

the class CarbonUtil method read.

/**
   * Below method will be used to convert the byte array value to thrift object for
   * data chunk
   *
   * @param data    thrift byte array
   * @param creator type of thrift
   * @return thrift object
   * @throws IOException any problem while converting the object
   */
private static TBase read(byte[] data, TBaseCreator creator, int offset, int length) throws IOException {
    ByteArrayInputStream stream = new ByteArrayInputStream(data, offset, length);
    TProtocol binaryIn = new TCompactProtocol(new TIOStreamTransport(stream));
    TBase t = creator.create();
    try {
        t.read(binaryIn);
    } catch (TException e) {
        throw new IOException(e);
    } finally {
        CarbonUtil.closeStreams(stream);
    }
    return t;
}
Also used : TException(org.apache.thrift.TException) ByteArrayInputStream(java.io.ByteArrayInputStream) TProtocol(org.apache.thrift.protocol.TProtocol) TIOStreamTransport(org.apache.thrift.transport.TIOStreamTransport) TBase(org.apache.thrift.TBase) IOException(java.io.IOException) TCompactProtocol(org.apache.thrift.protocol.TCompactProtocol)

Example 82 with TProtocol

use of org.apache.thrift.protocol.TProtocol in project simba-os by cegeka.

the class JerseyBasicAuthenticationFilter method filter.

@Override
public void filter(ContainerRequestContext containerRequestContext) throws IOException {
    ContainerRequest containerRequest = (ContainerRequest) containerRequestContext.getRequest();
    Map<String, String> requestParameters = toMap(containerRequestContext.getUriInfo().getQueryParameters());
    List<String> auth = containerRequest.getRequestHeader("authorization");
    if (auth == null || auth.isEmpty()) {
        throw new WebApplicationException(Response.Status.UNAUTHORIZED);
    }
    String[] credentials = decode(auth.get(0));
    requestParameters.put(AuthenticationConstants.USERNAME, credentials[0]);
    requestParameters.put(AuthenticationConstants.PASSWORD, credentials[1]);
    RequestData requestData = new RequestData(requestParameters, toMap(containerRequest.getRequestHeaders()), containerRequest.getAbsolutePath().toString(), simbaWebURL, null, /* SSO Token */
    null, /* Client IP */
    false, false, false, false, false, containerRequest.getMethod(), RequestUtil.HOST_SERVER_NAME, null, null);
    THttpClient tHttpClient = null;
    try {
        tHttpClient = new THttpClient(simbaWebURL + "/authenticationService");
        TProtocol tProtocol = new TJSONProtocol(tHttpClient);
        AuthenticationFilterService.Client authenticationClient = new AuthenticationFilterService.Client(tProtocol);
        ActionDescriptor actionDescriptor = authenticationClient.processRequest(requestData, "wsLoginChain");
        if (!actionDescriptor.getActionTypes().contains(ActionType.DO_FILTER_AND_SET_PRINCIPAL)) {
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
    } catch (Exception e) {
        e.printStackTrace();
        throw new WebApplicationException(e, Response.Status.UNAUTHORIZED);
    } finally {
        if (tHttpClient != null) {
            tHttpClient.close();
        }
    }
}
Also used : WebApplicationException(javax.ws.rs.WebApplicationException) AuthenticationFilterService(org.simbasecurity.api.service.thrift.AuthenticationFilterService) ActionDescriptor(org.simbasecurity.api.service.thrift.ActionDescriptor) THttpClient(org.apache.thrift.transport.THttpClient) IOException(java.io.IOException) WebApplicationException(javax.ws.rs.WebApplicationException) TJSONProtocol(org.apache.thrift.protocol.TJSONProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) RequestData(org.simbasecurity.api.service.thrift.RequestData) ContainerRequest(org.glassfish.jersey.server.ContainerRequest) THttpClient(org.apache.thrift.transport.THttpClient)

Example 83 with TProtocol

use of org.apache.thrift.protocol.TProtocol in project simba-os by cegeka.

the class AuthorizationServiceClient method getAuthorizationServiceClient.

protected AuthorizationService.Iface getAuthorizationServiceClient() throws TTransportException {
    THttpClient tHttpClient = new THttpClient(SimbaConfiguration.getSimbaAuthorizationURL());
    TProtocol tProtocol = new TJSONProtocol(tHttpClient);
    return new AuthorizationService.Client(tProtocol);
}
Also used : TJSONProtocol(org.apache.thrift.protocol.TJSONProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) THttpClient(org.apache.thrift.transport.THttpClient) THttpClient(org.apache.thrift.transport.THttpClient)

Example 84 with TProtocol

use of org.apache.thrift.protocol.TProtocol in project simba-os by cegeka.

the class FeedingServlet method doPost.

@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    THttpClient tHttpClient = null;
    try {
        tHttpClient = new THttpClient(SystemConfiguration.getSimbaServiceURL(getServletContext()) + "/authorizationService");
        TProtocol tProtocol = new TJSONProtocol(tHttpClient);
        AuthorizationService.Client authorizationClient = new AuthorizationService.Client(tProtocol);
        PolicyDecision decision = authorizationClient.isResourceRuleAllowed(request.getUserPrincipal().getName(), "ANIMAL", "WRITE");
        if (!decision.isAllowed()) {
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
        response.sendRedirect("jsp/feeding.jsp");
    } catch (Exception e) {
        throw new ServletException(e);
    } finally {
        if (tHttpClient != null) {
            tHttpClient.close();
        }
    }
}
Also used : ServletException(javax.servlet.ServletException) PolicyDecision(org.simbasecurity.api.service.thrift.PolicyDecision) TJSONProtocol(org.apache.thrift.protocol.TJSONProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) AuthorizationService(org.simbasecurity.api.service.thrift.AuthorizationService) THttpClient(org.apache.thrift.transport.THttpClient) THttpClient(org.apache.thrift.transport.THttpClient) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Example 85 with TProtocol

use of org.apache.thrift.protocol.TProtocol in project hive by apache.

the class HiveMetaStore method startMetaStore.

/**
 * Start Metastore based on a passed {@link HadoopThriftAuthBridge}
 *
 * @param port
 * @param bridge
 * @param conf
 *          configuration overrides
 * @throws Throwable
 */
public static void startMetaStore(int port, HadoopThriftAuthBridge bridge, Configuration conf, Lock startLock, Condition startCondition, AtomicBoolean startedServing) throws Throwable {
    try {
        isMetaStoreRemote = true;
        // Server will create new threads up to max as necessary. After an idle
        // period, it will destroy threads to keep the number of threads in the
        // pool to min.
        long maxMessageSize = MetastoreConf.getLongVar(conf, ConfVars.SERVER_MAX_MESSAGE_SIZE);
        int minWorkerThreads = MetastoreConf.getIntVar(conf, ConfVars.SERVER_MIN_THREADS);
        int maxWorkerThreads = MetastoreConf.getIntVar(conf, ConfVars.SERVER_MAX_THREADS);
        boolean tcpKeepAlive = MetastoreConf.getBoolVar(conf, ConfVars.TCP_KEEP_ALIVE);
        boolean useFramedTransport = MetastoreConf.getBoolVar(conf, ConfVars.USE_THRIFT_FRAMED_TRANSPORT);
        boolean useCompactProtocol = MetastoreConf.getBoolVar(conf, ConfVars.USE_THRIFT_COMPACT_PROTOCOL);
        boolean useSSL = MetastoreConf.getBoolVar(conf, ConfVars.USE_SSL);
        useSasl = MetastoreConf.getBoolVar(conf, ConfVars.USE_THRIFT_SASL);
        if (useSasl) {
            // we are in secure mode. Login using keytab
            String kerberosName = SecurityUtil.getServerPrincipal(MetastoreConf.getVar(conf, ConfVars.KERBEROS_PRINCIPAL), "0.0.0.0");
            String keyTabFile = MetastoreConf.getVar(conf, ConfVars.KERBEROS_KEYTAB_FILE);
            UserGroupInformation.loginUserFromKeytab(kerberosName, keyTabFile);
        }
        TProcessor processor;
        TTransportFactory transFactory;
        final TProtocolFactory protocolFactory;
        final TProtocolFactory inputProtoFactory;
        if (useCompactProtocol) {
            protocolFactory = new TCompactProtocol.Factory();
            inputProtoFactory = new TCompactProtocol.Factory(maxMessageSize, maxMessageSize);
        } else {
            protocolFactory = new TBinaryProtocol.Factory();
            inputProtoFactory = new TBinaryProtocol.Factory(true, true, maxMessageSize, maxMessageSize);
        }
        HMSHandler baseHandler = new HiveMetaStore.HMSHandler("new db based metaserver", conf, false);
        IHMSHandler handler = newRetryingHMSHandler(baseHandler, conf);
        // Initialize materializations invalidation cache
        MaterializationsInvalidationCache.get().init(conf, handler);
        TServerSocket serverSocket;
        if (useSasl) {
            // we are in secure mode.
            if (useFramedTransport) {
                throw new HiveMetaException("Framed transport is not supported with SASL enabled.");
            }
            saslServer = bridge.createServer(MetastoreConf.getVar(conf, ConfVars.KERBEROS_KEYTAB_FILE), MetastoreConf.getVar(conf, ConfVars.KERBEROS_PRINCIPAL), MetastoreConf.getVar(conf, ConfVars.CLIENT_KERBEROS_PRINCIPAL));
            // Start delegation token manager
            delegationTokenManager = new MetastoreDelegationTokenManager();
            delegationTokenManager.startDelegationTokenSecretManager(conf, baseHandler, HadoopThriftAuthBridge.Server.ServerMode.METASTORE);
            saslServer.setSecretManager(delegationTokenManager.getSecretManager());
            transFactory = saslServer.createTransportFactory(MetaStoreUtils.getMetaStoreSaslProperties(conf, useSSL));
            processor = saslServer.wrapProcessor(new ThriftHiveMetastore.Processor<>(handler));
            LOG.info("Starting DB backed MetaStore Server in Secure Mode");
        } else {
            // we are in unsecure mode.
            if (MetastoreConf.getBoolVar(conf, ConfVars.EXECUTE_SET_UGI)) {
                transFactory = useFramedTransport ? new ChainedTTransportFactory(new TFramedTransport.Factory(), new TUGIContainingTransport.Factory()) : new TUGIContainingTransport.Factory();
                processor = new TUGIBasedProcessor<>(handler);
                LOG.info("Starting DB backed MetaStore Server with SetUGI enabled");
            } else {
                transFactory = useFramedTransport ? new TFramedTransport.Factory() : new TTransportFactory();
                processor = new TSetIpAddressProcessor<>(handler);
                LOG.info("Starting DB backed MetaStore Server");
            }
        }
        if (!useSSL) {
            serverSocket = SecurityUtils.getServerSocket(null, port);
        } else {
            String keyStorePath = MetastoreConf.getVar(conf, ConfVars.SSL_KEYSTORE_PATH).trim();
            if (keyStorePath.isEmpty()) {
                throw new IllegalArgumentException(ConfVars.SSL_KEYSTORE_PATH.toString() + " Not configured for SSL connection");
            }
            String keyStorePassword = MetastoreConf.getPassword(conf, MetastoreConf.ConfVars.SSL_KEYSTORE_PASSWORD);
            // enable SSL support for HMS
            List<String> sslVersionBlacklist = new ArrayList<>();
            for (String sslVersion : MetastoreConf.getVar(conf, ConfVars.SSL_PROTOCOL_BLACKLIST).split(",")) {
                sslVersionBlacklist.add(sslVersion);
            }
            serverSocket = SecurityUtils.getServerSSLSocket(null, port, keyStorePath, keyStorePassword, sslVersionBlacklist);
        }
        if (tcpKeepAlive) {
            serverSocket = new TServerSocketKeepAlive(serverSocket);
        }
        // Metrics will have already been initialized if we're using them since HMSHandler
        // initializes them.
        openConnections = Metrics.getOrCreateGauge(MetricsConstants.OPEN_CONNECTIONS);
        TThreadPoolServer.Args args = new TThreadPoolServer.Args(serverSocket).processor(processor).transportFactory(transFactory).protocolFactory(protocolFactory).inputProtocolFactory(inputProtoFactory).minWorkerThreads(minWorkerThreads).maxWorkerThreads(maxWorkerThreads);
        TServer tServer = new TThreadPoolServer(args);
        TServerEventHandler tServerEventHandler = new TServerEventHandler() {

            @Override
            public void preServe() {
            }

            @Override
            public ServerContext createContext(TProtocol tProtocol, TProtocol tProtocol1) {
                openConnections.incrementAndGet();
                return null;
            }

            @Override
            public void deleteContext(ServerContext serverContext, TProtocol tProtocol, TProtocol tProtocol1) {
                openConnections.decrementAndGet();
                // If the IMetaStoreClient#close was called, HMSHandler#shutdown would have already
                // cleaned up thread local RawStore. Otherwise, do it now.
                cleanupRawStore();
            }

            @Override
            public void processContext(ServerContext serverContext, TTransport tTransport, TTransport tTransport1) {
            }
        };
        tServer.setServerEventHandler(tServerEventHandler);
        HMSHandler.LOG.info("Started the new metaserver on port [" + port + "]...");
        HMSHandler.LOG.info("Options.minWorkerThreads = " + minWorkerThreads);
        HMSHandler.LOG.info("Options.maxWorkerThreads = " + maxWorkerThreads);
        HMSHandler.LOG.info("TCP keepalive = " + tcpKeepAlive);
        HMSHandler.LOG.info("Enable SSL = " + useSSL);
        if (startLock != null) {
            signalOtherThreadsToStart(tServer, startLock, startCondition, startedServing);
        }
        tServer.serve();
    } catch (Throwable x) {
        x.printStackTrace();
        HMSHandler.LOG.error(StringUtils.stringifyException(x));
        throw x;
    }
}
Also used : TProtocolFactory(org.apache.thrift.protocol.TProtocolFactory) TProcessor(org.apache.thrift.TProcessor) TServerEventHandler(org.apache.thrift.server.TServerEventHandler) TServer(org.apache.thrift.server.TServer) ArrayList(java.util.ArrayList) TProtocolFactory(org.apache.thrift.protocol.TProtocolFactory) LoggerFactory(org.slf4j.LoggerFactory) TTransportFactory(org.apache.thrift.transport.TTransportFactory) TCompactProtocol(org.apache.thrift.protocol.TCompactProtocol) TServerSocket(org.apache.thrift.transport.TServerSocket) TProcessor(org.apache.thrift.TProcessor) TProtocol(org.apache.thrift.protocol.TProtocol) TFramedTransport(org.apache.thrift.transport.TFramedTransport) TUGIContainingTransport(org.apache.hadoop.hive.metastore.security.TUGIContainingTransport) TTransportFactory(org.apache.thrift.transport.TTransportFactory) TBinaryProtocol(org.apache.thrift.protocol.TBinaryProtocol) ServerContext(org.apache.thrift.server.ServerContext) TTransport(org.apache.thrift.transport.TTransport) TThreadPoolServer(org.apache.thrift.server.TThreadPoolServer) MetastoreDelegationTokenManager(org.apache.hadoop.hive.metastore.security.MetastoreDelegationTokenManager)

Aggregations

TProtocol (org.apache.thrift.protocol.TProtocol)93 TTransport (org.apache.thrift.transport.TTransport)42 TBinaryProtocol (org.apache.thrift.protocol.TBinaryProtocol)36 TSocket (org.apache.thrift.transport.TSocket)36 TException (org.apache.thrift.TException)25 TFramedTransport (org.apache.thrift.transport.TFramedTransport)24 TCompactProtocol (org.apache.thrift.protocol.TCompactProtocol)18 IOException (java.io.IOException)16 TIOStreamTransport (org.apache.thrift.transport.TIOStreamTransport)10 THttpClient (org.apache.thrift.transport.THttpClient)9 ArrayList (java.util.ArrayList)8 TTransportException (org.apache.thrift.transport.TTransportException)8 ByteArrayOutputStream (java.io.ByteArrayOutputStream)7 TJSONProtocol (org.apache.thrift.protocol.TJSONProtocol)7 RDF_Term (org.apache.jena.riot.thrift.wire.RDF_Term)6 TProcessor (org.apache.thrift.TProcessor)6 InputStream (java.io.InputStream)5 TTransportFactory (org.apache.thrift.transport.TTransportFactory)5 ImageDatasetService (org.vcell.imagedataset.ImageDatasetService)5 Hbase (org.apache.hadoop.hbase.thrift.generated.Hbase)4