本文整理汇总了Java中org.apache.accumulo.core.security.SystemPermission类的典型用法代码示例。如果您正苦于以下问题:Java SystemPermission类的具体用法?Java SystemPermission怎么用?Java SystemPermission使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SystemPermission类属于org.apache.accumulo.core.security包,在下文中一共展示了SystemPermission类的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: getToken
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
@Override
public AuthenticationToken getToken() {
AuthenticationToken authToken = super.getToken();
// For MapReduce, Kerberos credentials don't make it to the Mappers and Reducers,
// so we need to request a delegation token and use that instead.
if (authToken instanceof KerberosToken) {
log.info("Received KerberosToken, fetching DelegationToken for MapReduce");
try {
UserGroupInformation user = UserGroupInformation.getCurrentUser();
if (!user.hasKerberosCredentials()) {
throw new IllegalStateException("Expected current user to have Kerberos credentials");
}
String newPrincipal = user.getUserName();
log.info("Obtaining delegation token for {}", newPrincipal);
Connector conn = getConnector();
// Do the explicit check to see if the user has the permission to get a delegation token
if (!conn.securityOperations().hasSystemPermission(conn.whoami(), SystemPermission.OBTAIN_DELEGATION_TOKEN)) {
log.error(
"{} doesn't have the {} SystemPermission neccesary to obtain a delegation token. MapReduce tasks cannot automatically use the client's"
+ " credentials on remote servers. Delegation tokens provide a means to run MapReduce without distributing the user's credentials.",
user.getUserName(), SystemPermission.OBTAIN_DELEGATION_TOKEN.name());
throw new IllegalStateException(conn.whoami() + " does not have permission to obtain a delegation token");
}
// Get the delegation token from Accumulo
return conn.securityOperations().getDelegationToken(new DelegationTokenConfig());
} catch (Exception e) {
final String msg = "Failed to acquire DelegationToken for use with MapReduce";
log.error(msg, e);
throw new RuntimeException(msg, e);
}
}
return authToken;
}
开发者ID:apache,项目名称:accumulo-examples,代码行数:39,代码来源:MapReduceClientOpts.java
示例2: beforeClass
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
@Before
public void beforeClass() throws Exception {
final SecurityOperations secOps = super.getConnector().securityOperations();
// Create the user that will install the instance of Rya.
secOps.createLocalUser(ADMIN_USER, new PasswordToken(ADMIN_USER));
secOps.grantSystemPermission(ADMIN_USER, SystemPermission.CREATE_TABLE);
}
开发者ID:apache,项目名称:incubator-rya,代码行数:9,代码来源:AccumuloAddUserIT.java
示例3: removedUserNotInDetails
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
/**
* Ensure that when a user is removed from a Rya instance that its details are updated to no longer include the user.
*/
@Test
public void removedUserNotInDetails() throws Exception {
final String adminUser = testInstance.createUniqueUser();
final String user = testInstance.createUniqueUser();
final SecurityOperations secOps = super.getConnector().securityOperations();
// Create the user that will install the instance of Rya.
secOps.createLocalUser(adminUser, new PasswordToken(adminUser));
secOps.grantSystemPermission(adminUser, SystemPermission.CREATE_TABLE);
final RyaClient userAClient = AccumuloRyaClientFactory.build(
new AccumuloConnectionDetails(adminUser, adminUser.toCharArray(), getInstanceName(), getZookeepers()),
super.getClusterInstance().getCluster().getConnector(adminUser, adminUser));
// Create the user that will be added to the instance of Rya.
secOps.createLocalUser(user, new PasswordToken(user));
final RyaClient userBClient = AccumuloRyaClientFactory.build(
new AccumuloConnectionDetails(user, user.toCharArray(), getInstanceName(), getZookeepers()),
super.getClusterInstance().getCluster().getConnector(user, user));
// Install the instance of Rya.
userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());
// Add userB.
userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
// Remove userA.
userBClient.getRemoveUser().get().removeUser(getRyaInstanceName(), adminUser);
// Ensure the Rya instance's details have been updated to include the added user.
final ImmutableList<String> expectedUsers = ImmutableList.<String>builder()
.add(user)
.build();
final RyaDetails details = userBClient.getGetInstanceDetails().getDetails(getRyaInstanceName()).get();
assertEquals(expectedUsers, details.getUsers());
}
开发者ID:apache,项目名称:incubator-rya,代码行数:43,代码来源:AccumuloRemoveUserIT.java
示例4: setup
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
@Before
public void setup() throws Exception {
// this is a bit of a hack to clear any existing instances before
// adding the instances we want to exist for testing the list command
final TableOperations tableOps = getConnector().tableOperations();
final SecurityOperations secOps = getConnector().securityOperations();
secOps.grantSystemPermission("root", SystemPermission.DROP_TABLE);
for (final String tableName : getConnector().tableOperations().list()) {
if (!tableName.startsWith("accumulo.")) {
tableOps.delete(tableName);
}
}
}
开发者ID:apache,项目名称:incubator-rya,代码行数:15,代码来源:AccumuloListInstancesIT.java
示例5: createCluster
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
private static void createCluster() throws IOException, InterruptedException, AccumuloSecurityException, AccumuloException {
if (tempFolder.exists()) {
FileUtils.cleanDirectory(tempFolder);
}
final MiniAccumuloConfig miniAccumuloConfig = new MiniAccumuloConfig(tempFolder, PASSWORD);
cluster = new MiniAccumuloCluster(miniAccumuloConfig);
Runtime.getRuntime().addShutdownHook(new Thread() {
@Override
public void run() {
try {
cluster.stop();
tempFolder.delete();
} catch (final IOException | InterruptedException e) {
throw new RuntimeException(e);
}
}
});
cluster.start();
// Create user USER with permissions to create a table
cluster.getConnector(ROOT, PASSWORD).securityOperations().createLocalUser(USER, new PasswordToken(PASSWORD));
cluster.getConnector(ROOT, PASSWORD).securityOperations().grantSystemPermission(USER, SystemPermission.CREATE_TABLE);
// Create properties
accumuloProperties = new AccumuloProperties();
accumuloProperties.setStoreClass(AccumuloStore.class);
accumuloProperties.setInstance(cluster.getInstanceName());
accumuloProperties.setZookeepers(cluster.getZooKeepers());
accumuloProperties.setUser(MiniAccumuloClusterProvider.USER);
accumuloProperties.setPassword(MiniAccumuloClusterProvider.PASSWORD);
accumuloProperties.setOperationDeclarationPaths("sparkAccumuloOperationsDeclarations.json");
}
开发者ID:gchq,项目名称:Gaffer,代码行数:31,代码来源:MiniAccumuloClusterProvider.java
示例6: hasSystemPermission
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
/**
* ProxyAPI specifies AccumuloException and AccumuloSecurityException may be thrown. The IllegalArgumentException may be thrown if the
* {@link ThriftHelper#convertEnum(Enum, Class)} fails because the Java and Thrift SystemPermission no longer match; this should never happen.
*/
public boolean hasSystemPermission(String principal, SystemPermission perm) throws AccumuloException, AccumuloSecurityException, InternalError {
try {
return client.hasSystemPermission(token, principal, ThriftHelper.convertEnum(perm, org.apache.accumulo.proxy.thrift.SystemPermission.class));
} catch (TException e) {
throw ExceptionFactory.accumuloException(e);
}
}
开发者ID:JHUAPL,项目名称:accumulo-proxy-instance,代码行数:12,代码来源:ProxySecurityOperations.java
示例7: grantSystemPermission
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
public void grantSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
try {
client.grantSystemPermission(token, principal, ThriftHelper.convertEnum(permission, org.apache.accumulo.proxy.thrift.SystemPermission.class));
} catch (TException e) {
throw ExceptionFactory.accumuloException(e);
}
}
开发者ID:JHUAPL,项目名称:accumulo-proxy-instance,代码行数:9,代码来源:ProxySecurityOperations.java
示例8: revokeSystemPermission
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
public void revokeSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
try {
client.revokeSystemPermission(token, principal, ThriftHelper.convertEnum(permission, org.apache.accumulo.proxy.thrift.SystemPermission.class));
} catch (TException e) {
throw ExceptionFactory.accumuloException(e);
}
}
开发者ID:JHUAPL,项目名称:accumulo-proxy-instance,代码行数:9,代码来源:ProxySecurityOperations.java
示例9: removedUserCanNotInsert
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
/**
* Ensure a user that has been removed from the Rya instance can not interact with it.
*/
@Test
public void removedUserCanNotInsert() throws Exception {
final String adminUser = testInstance.createUniqueUser();
final String user = testInstance.createUniqueUser();
final SecurityOperations secOps = super.getConnector().securityOperations();
// Create the user that will install the instance of Rya.
secOps.createLocalUser(adminUser, new PasswordToken(adminUser));
secOps.grantSystemPermission(adminUser, SystemPermission.CREATE_TABLE);
final RyaClient userAClient = AccumuloRyaClientFactory.build(
new AccumuloConnectionDetails(adminUser, adminUser.toCharArray(), getInstanceName(), getZookeepers()),
super.getClusterInstance().getCluster().getConnector(adminUser, adminUser));
// Create the user that will be added to the instance of Rya.
secOps.createLocalUser(user, new PasswordToken(user));
final RyaClient userCClient = AccumuloRyaClientFactory.build(
new AccumuloConnectionDetails(user, user.toCharArray(), getInstanceName(), getZookeepers()),
super.getClusterInstance().getCluster().getConnector(user, user));
// Install the instance of Rya.
userAClient.getInstall().install(getRyaInstanceName(), InstallConfiguration.builder().build());
// Add userC.
userAClient.getAddUser().get().addUser(getRyaInstanceName(), user);
// Remove userA.
userCClient.getRemoveUser().get().removeUser(getRyaInstanceName(), adminUser);
// Show that userA can not insert anything.
boolean securityExceptionThrown = false;
Sail sail = null;
SailConnection sailConn = null;
try {
final AccumuloRdfConfiguration userAConf = makeRyaConfig(getRyaInstanceName(), adminUser, adminUser, getInstanceName(), getZookeepers());
sail = RyaSailFactory.getInstance(userAConf);
sailConn = sail.getConnection();
final ValueFactory vf = sail.getValueFactory();
sailConn.addStatement(vf.createURI("urn:Alice"), vf.createURI("urn:talksTo"), vf.createURI("urn:Bob"));
} catch(final RuntimeException e) {
final Throwable cause = e.getCause();
if(cause instanceof AccumuloSecurityException) {
securityExceptionThrown = true;
}
} finally {
if(sailConn != null) {
sailConn.close();
}
if(sail != null) {
sail.shutDown();
}
}
assertTrue(securityExceptionThrown);
}
开发者ID:apache,项目名称:incubator-rya,代码行数:63,代码来源:AccumuloRemoveUserIT.java
示例10: hasSystemPermission
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
@Override
public boolean hasSystemPermission(String principal, SystemPermission perm) throws AccumuloException, AccumuloSecurityException {
return operations.hasSystemPermission(principal, perm);
}
开发者ID:ezbake,项目名称:ezbake-common-java,代码行数:5,代码来源:NamespacedSecurityOperations.java
示例11: grantSystemPermission
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
@Override
public void grantSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
operations.grantSystemPermission(principal, permission);
}
开发者ID:ezbake,项目名称:ezbake-common-java,代码行数:5,代码来源:NamespacedSecurityOperations.java
示例12: revokeSystemPermission
import org.apache.accumulo.core.security.SystemPermission; //导入依赖的package包/类
@Override
public void revokeSystemPermission(String principal, SystemPermission permission) throws AccumuloException, AccumuloSecurityException {
operations.revokeSystemPermission(principal, permission);
}
开发者ID:ezbake,项目名称:ezbake-common-java,代码行数:5,代码来源:NamespacedSecurityOperations.java
注:本文中的org.apache.accumulo.core.security.SystemPermission类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论