Author: vines Date: Wed Mar 6 22:50:12 2013 New Revision: 1453602 URL: http://svn.apache.org/r1453602 Log: ACCUMULO-1159 - Shell now supports AuthenticationToken
Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java?rev=1453602&r1=1453601&r2=1453602&view=diff ============================================================================== --- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java (original) +++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java Wed Mar 6 22:50:12 2013 @@ -30,10 +30,12 @@ public interface Authenticator { public class AuthProperty { private String key, description; + private boolean masked; - public AuthProperty(String name, String description) { + public AuthProperty(String name, String description, boolean mask) { this.key = name; this.description = description; + this.masked = mask; } public String toString() { @@ -47,5 +49,9 @@ public interface Authenticator { public String getDescription() { return this.description; } + + public boolean getMask() { + return this.masked; + } } } Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java?rev=1453602&r1=1453601&r2=1453602&view=diff ============================================================================== --- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java (original) +++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java Wed Mar 6 22:50:12 2013 @@ -43,7 +43,7 @@ public class ZKAuthenticator implements public List<Set<AuthProperty>> getProperties() { List<Set<AuthProperty>> toRet = new LinkedList<Set<AuthProperty>>(); Set<AuthProperty> internal = new TreeSet<AuthProperty>(); - internal.add(new AuthProperty("password", "the password for the principal")); + internal.add(new AuthProperty("password", "the password for the principal", true)); toRet.add(internal); return toRet; } Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java?rev=1453602&r1=1453601&r2=1453602&view=diff ============================================================================== --- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java (original) +++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java Wed Mar 6 22:50:12 2013 @@ -30,6 +30,7 @@ import java.util.List; import java.util.Locale; import java.util.Map; import java.util.Map.Entry; +import java.util.Properties; import java.util.Set; import java.util.TreeMap; import java.util.UUID; @@ -54,6 +55,7 @@ import org.apache.accumulo.core.data.Key import org.apache.accumulo.core.data.Value; import org.apache.accumulo.core.data.thrift.TConstraintViolationSummary; import org.apache.accumulo.core.security.AuditLevel; +import org.apache.accumulo.core.security.handler.Authenticator; import org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException; import org.apache.accumulo.core.trace.DistributedTrace; import org.apache.accumulo.core.util.BadArgumentException; @@ -244,17 +246,28 @@ public class Shell extends ShellOptions String sysUser = System.getProperty("user.name"); if (sysUser == null) sysUser = "root"; - String user = cl.getOptionValue(usernameOption.getOpt(), sysUser); + String user = cl.getOptionValue(usernameOption.getOpt()); + String principal = cl.getOptionValue(principalOption.getOpt(), sysUser); String passw = cl.getOptionValue(passwOption.getOpt(), null); tabCompletion = !cl.hasOption(tabCompleteOption.getLongOpt()); + String[] loginOptions = cl.getOptionValues(loginOption.getOpt()); // Use a fake (Mock), ZK, or HdfsZK Accumulo instance setInstance(cl); // process default parameters if unspecified - byte[] pass; try { + if (loginOptions != null) { + Properties props = new Properties(); + for (String loginOption : loginOptions) + for (String lo : loginOption.split(",")) { + String[] split = lo.split("="); + props.put(split[0], split[1]); + } + this.token = instance.getAuthenticator().login(props); + } + if (!cl.hasOption(fakeOption.getLongOpt())) { DistributedTrace.enable(instance, new ZooReader(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut()), "shell", InetAddress.getLocalHost() .getHostName()); @@ -267,19 +280,45 @@ public class Shell extends ShellOptions } }); - if (passw == null) - passw = readMaskedLine("Enter current password for '" + user + "'@'" + instance.getInstanceName() + "': ", '*'); - if (passw == null) { + if (passw != null) { + this.token = new PasswordToken(passw); + } + + if (this.token == null) { + List<Set<Authenticator.AuthProperty>> loginList = instance.getAuthenticator().getProperties(); + int loginMethod = 0; + if (loginList.size() > 1) { + System.out.println("Please select your preferred login method: "); + int i = 0; + for (Set<Authenticator.AuthProperty> set : loginList) { + System.out.println(i + " " + set); + i++; + } + loginMethod = Integer.parseInt(reader.readLine()); + } + Set<Authenticator.AuthProperty> chosenMethod = loginList.get(loginMethod); + Properties props = new Properties(); + for (Authenticator.AuthProperty prop : chosenMethod) { + String value; + if (prop.getMask()) + value = readMaskedLine("Enter " + prop + ": ", '*'); + else + value = reader.readLine("Enter " + prop + ": "); + props.setProperty(prop.getKey(), value); + } + this.token = instance.getAuthenticator().login(props); + } + if (this.token == null) { reader.printNewline(); configError = true; return true; } // user canceled - pass = passw.getBytes(); this.setTableName(""); this.principal = user; - this.token = new PasswordToken(pass); - connector = instance.getConnector(principal, token); + if (this.principal == null) + this.principal = principal; + connector = instance.getConnector(this.principal, token); } catch (Exception e) { printException(e); @@ -953,7 +992,6 @@ public class Shell extends ShellOptions return token; } - /** * Return the formatter for the current table. * Modified: accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java?rev=1453602&r1=1453601&r2=1453602&view=diff ============================================================================== --- accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java (original) +++ accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java Wed Mar 6 22:50:12 2013 @@ -33,8 +33,13 @@ public abstract class ShellOptions { public static final String helpLongOption = "help"; final Options opts = new Options(); + @Deprecated // since 1.5 final Option usernameOption = new Option("u", "user", true, "username (defaults to your OS user)"); + final Option principalOption = new Option("pr", "principal", true, "principal (defaults to your OS user)"); + @Deprecated // since 1.5 final Option passwOption = new Option("p", "password", true, "password (prompt for password if this option is missing)"); + final Option loginOption = new Option("l", "login property", true, "login properties in the format key=value. Reuse -l for each property and/or comma seperate (prompt for properties if this option is missing"); + final Option tabCompleteOption = new Option(null, "disable-tab-completion", false, "disables tab completion (for less overhead when scripting)"); final Option debugOption = new Option(null, "debug", false, "enables client debugging"); final Option fakeOption = new Option(null, "fake", false, "fake a connection to accumulo"); @@ -54,9 +59,11 @@ public abstract class ShellOptions { public ShellOptions() { usernameOption.setArgName("user"); opts.addOption(usernameOption); + opts.addOption(principalOption); passwOption.setArgName("pass"); opts.addOption(passwOption); + opts.addOption(loginOption); opts.addOption(tabCompleteOption); Modified: accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java URL: http://svn.apache.org/viewvc/accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java?rev=1453602&r1=1453601&r2=1453602&view=diff ============================================================================== --- accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java (original) +++ accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java Wed Mar 6 22:50:12 2013 @@ -414,7 +414,7 @@ public class WalkingSecurity extends Sec public List<Set<AuthProperty>> getProperties() { List<Set<AuthProperty>> toRet = new LinkedList<Set<AuthProperty>>(); Set<AuthProperty> internal = new TreeSet<AuthProperty>(); - internal.add(new AuthProperty("password", "the password for the principal")); + internal.add(new AuthProperty("password", "the password for the principal", true)); toRet.add(internal); return toRet; }