Author: vines
Date: Wed Mar 6 22:50:12 2013
New Revision: 1453602
URL: http://svn.apache.org/r1453602
Log:
ACCUMULO-1159 - Shell now supports AuthenticationToken
Modified:
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
Modified:
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
URL:
http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
---
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
(original)
+++
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/Authenticator.java
Wed Mar 6 22:50:12 2013
@@ -30,10 +30,12 @@ public interface Authenticator {
public class AuthProperty {
private String key, description;
+ private boolean masked;
- public AuthProperty(String name, String description) {
+ public AuthProperty(String name, String description, boolean mask) {
this.key = name;
this.description = description;
+ this.masked = mask;
}
public String toString() {
@@ -47,5 +49,9 @@ public interface Authenticator {
public String getDescription() {
return this.description;
}
+
+ public boolean getMask() {
+ return this.masked;
+ }
}
}
Modified:
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
URL:
http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
---
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
(original)
+++
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/security/handler/ZKAuthenticator.java
Wed Mar 6 22:50:12 2013
@@ -43,7 +43,7 @@ public class ZKAuthenticator implements
public List<Set<AuthProperty>> getProperties() {
List<Set<AuthProperty>> toRet = new LinkedList<Set<AuthProperty>>();
Set<AuthProperty> internal = new TreeSet<AuthProperty>();
- internal.add(new AuthProperty("password", "the password for the
principal"));
+ internal.add(new AuthProperty("password", "the password for the
principal", true));
toRet.add(internal);
return toRet;
}
Modified:
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
URL:
http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
---
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
(original)
+++
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/Shell.java
Wed Mar 6 22:50:12 2013
@@ -30,6 +30,7 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Map.Entry;
+import java.util.Properties;
import java.util.Set;
import java.util.TreeMap;
import java.util.UUID;
@@ -54,6 +55,7 @@ import org.apache.accumulo.core.data.Key
import org.apache.accumulo.core.data.Value;
import org.apache.accumulo.core.data.thrift.TConstraintViolationSummary;
import org.apache.accumulo.core.security.AuditLevel;
+import org.apache.accumulo.core.security.handler.Authenticator;
import
org.apache.accumulo.core.tabletserver.thrift.ConstraintViolationException;
import org.apache.accumulo.core.trace.DistributedTrace;
import org.apache.accumulo.core.util.BadArgumentException;
@@ -244,17 +246,28 @@ public class Shell extends ShellOptions
String sysUser = System.getProperty("user.name");
if (sysUser == null)
sysUser = "root";
- String user = cl.getOptionValue(usernameOption.getOpt(), sysUser);
+ String user = cl.getOptionValue(usernameOption.getOpt());
+ String principal = cl.getOptionValue(principalOption.getOpt(), sysUser);
String passw = cl.getOptionValue(passwOption.getOpt(), null);
tabCompletion = !cl.hasOption(tabCompleteOption.getLongOpt());
+ String[] loginOptions = cl.getOptionValues(loginOption.getOpt());
// Use a fake (Mock), ZK, or HdfsZK Accumulo instance
setInstance(cl);
// process default parameters if unspecified
- byte[] pass;
try {
+ if (loginOptions != null) {
+ Properties props = new Properties();
+ for (String loginOption : loginOptions)
+ for (String lo : loginOption.split(",")) {
+ String[] split = lo.split("=");
+ props.put(split[0], split[1]);
+ }
+ this.token = instance.getAuthenticator().login(props);
+ }
+
if (!cl.hasOption(fakeOption.getLongOpt())) {
DistributedTrace.enable(instance, new
ZooReader(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut()),
"shell", InetAddress.getLocalHost()
.getHostName());
@@ -267,19 +280,45 @@ public class Shell extends ShellOptions
}
});
- if (passw == null)
- passw = readMaskedLine("Enter current password for '" + user + "'@'" +
instance.getInstanceName() + "': ", '*');
- if (passw == null) {
+ if (passw != null) {
+ this.token = new PasswordToken(passw);
+ }
+
+ if (this.token == null) {
+ List<Set<Authenticator.AuthProperty>> loginList =
instance.getAuthenticator().getProperties();
+ int loginMethod = 0;
+ if (loginList.size() > 1) {
+ System.out.println("Please select your preferred login method: ");
+ int i = 0;
+ for (Set<Authenticator.AuthProperty> set : loginList) {
+ System.out.println(i + " " + set);
+ i++;
+ }
+ loginMethod = Integer.parseInt(reader.readLine());
+ }
+ Set<Authenticator.AuthProperty> chosenMethod =
loginList.get(loginMethod);
+ Properties props = new Properties();
+ for (Authenticator.AuthProperty prop : chosenMethod) {
+ String value;
+ if (prop.getMask())
+ value = readMaskedLine("Enter " + prop + ": ", '*');
+ else
+ value = reader.readLine("Enter " + prop + ": ");
+ props.setProperty(prop.getKey(), value);
+ }
+ this.token = instance.getAuthenticator().login(props);
+ }
+ if (this.token == null) {
reader.printNewline();
configError = true;
return true;
} // user canceled
- pass = passw.getBytes();
this.setTableName("");
this.principal = user;
- this.token = new PasswordToken(pass);
- connector = instance.getConnector(principal, token);
+ if (this.principal == null)
+ this.principal = principal;
+ connector = instance.getConnector(this.principal, token);
} catch (Exception e) {
printException(e);
@@ -953,7 +992,6 @@ public class Shell extends ShellOptions
return token;
}
-
/**
* Return the formatter for the current table.
*
Modified:
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
URL:
http://svn.apache.org/viewvc/accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
---
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
(original)
+++
accumulo/branches/1.5/core/src/main/java/org/apache/accumulo/core/util/shell/ShellOptions.java
Wed Mar 6 22:50:12 2013
@@ -33,8 +33,13 @@ public abstract class ShellOptions {
public static final String helpLongOption = "help";
final Options opts = new Options();
+ @Deprecated // since 1.5
final Option usernameOption = new Option("u", "user", true, "username
(defaults to your OS user)");
+ final Option principalOption = new Option("pr", "principal", true,
"principal (defaults to your OS user)");
+ @Deprecated // since 1.5
final Option passwOption = new Option("p", "password", true, "password
(prompt for password if this option is missing)");
+ final Option loginOption = new Option("l", "login property", true, "login
properties in the format key=value. Reuse -l for each property and/or comma
seperate (prompt for properties if this option is missing");
+
final Option tabCompleteOption = new Option(null, "disable-tab-completion",
false, "disables tab completion (for less overhead when scripting)");
final Option debugOption = new Option(null, "debug", false, "enables client
debugging");
final Option fakeOption = new Option(null, "fake", false, "fake a connection
to accumulo");
@@ -54,9 +59,11 @@ public abstract class ShellOptions {
public ShellOptions() {
usernameOption.setArgName("user");
opts.addOption(usernameOption);
+ opts.addOption(principalOption);
passwOption.setArgName("pass");
opts.addOption(passwOption);
+ opts.addOption(loginOption);
opts.addOption(tabCompleteOption);
Modified:
accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
URL:
http://svn.apache.org/viewvc/accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java?rev=1453602&r1=1453601&r2=1453602&view=diff
==============================================================================
---
accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
(original)
+++
accumulo/branches/1.5/test/src/main/java/org/apache/accumulo/test/randomwalk/security/WalkingSecurity.java
Wed Mar 6 22:50:12 2013
@@ -414,7 +414,7 @@ public class WalkingSecurity extends Sec
public List<Set<AuthProperty>> getProperties() {
List<Set<AuthProperty>> toRet = new LinkedList<Set<AuthProperty>>();
Set<AuthProperty> internal = new TreeSet<AuthProperty>();
- internal.add(new AuthProperty("password", "the password for the
principal"));
+ internal.add(new AuthProperty("password", "the password for the
principal", true));
toRet.add(internal);
return toRet;
}
