List of usage examples for java.security PrivilegedExceptionAction PrivilegedExceptionAction
PrivilegedExceptionAction
From source file:org.apache.hadoop.hbase.security.visibility.TestVisibilityLabelsWithDeletes.java
@Test public void testVisibilityLabelsWithDeleteColumnsWithPutsReAppearing() throws Exception { final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName()); Admin hBaseAdmin = TEST_UTIL.getAdmin(); HColumnDescriptor colDesc = new HColumnDescriptor(fam); colDesc.setMaxVersions(5);/*from w w w . ja v a 2 s . co m*/ HTableDescriptor desc = new HTableDescriptor(tableName); desc.addFamily(colDesc); hBaseAdmin.createTable(desc); try (Table table = TEST_UTIL.getConnection().getTable(tableName)) { Put put = new Put(Bytes.toBytes("row1")); put.addColumn(fam, qual, value); put.setCellVisibility(new CellVisibility(CONFIDENTIAL)); table.put(put); put = new Put(Bytes.toBytes("row1")); put.addColumn(fam, qual, value); put.setCellVisibility(new CellVisibility(SECRET)); table.put(put); TEST_UTIL.getAdmin().flush(tableName); PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() { @Override public Void run() throws Exception { try (Connection connection = ConnectionFactory.createConnection(conf); Table table = connection.getTable(tableName)) { Delete d = new Delete(row1); d.setCellVisibility(new CellVisibility(CONFIDENTIAL)); d.addColumns(fam, qual); table.delete(d); } catch (Throwable t) { throw new IOException(t); } return null; } }; SUPERUSER.runAs(actiona); Scan s = new Scan(); s.setMaxVersions(5); s.setAuthorizations(new Authorizations(SECRET)); ResultScanner scanner = table.getScanner(s); Result[] next = scanner.next(3); assertEquals(next.length, 1); put = new Put(Bytes.toBytes("row1")); put.addColumn(fam, qual, value1); put.setCellVisibility(new CellVisibility(CONFIDENTIAL)); table.put(put); actiona = new PrivilegedExceptionAction<Void>() { @Override public Void run() throws Exception { try (Connection connection = ConnectionFactory.createConnection(conf); Table table = connection.getTable(tableName)) { Delete d = new Delete(row1); d.setCellVisibility(new CellVisibility(SECRET)); d.addColumns(fam, qual); table.delete(d); } catch (Throwable t) { throw new IOException(t); } return null; } }; SUPERUSER.runAs(actiona); s = new Scan(); s.setMaxVersions(5); s.setAuthorizations(new Authorizations(CONFIDENTIAL)); scanner = table.getScanner(s); next = scanner.next(3); assertEquals(next.length, 1); s = new Scan(); s.setMaxVersions(5); s.setAuthorizations(new Authorizations(SECRET)); scanner = table.getScanner(s); Result[] next1 = scanner.next(3); assertEquals(next1.length, 0); } }
From source file:org.apache.axis2.jaxws.description.impl.EndpointInterfaceDescriptionImpl.java
private String readLegacyWebMethodFlag() { String legacyWebmethod = null; try {/*w w w .ja v a 2s. com*/ legacyWebmethod = (String) AccessController.doPrivileged(new PrivilegedExceptionAction() { public Object run() { //System property takes precedence over manifest property. //So first lets check for system property. return (System.getProperty(MDQConstants.USE_LEGACY_WEB_METHOD_RULES)); } }); } catch (PrivilegedActionException e) { // Swallow and continue if (log.isWarnEnabled()) { log.debug("Exception getting USE_LEGACY_WEB_METHOD_RULES system property: " + e.getException()); } } //System property not set, so let return the manifest property. if (!WSToolingUtils.hasValue(legacyWebmethod)) { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: system property '" + MDQConstants.USE_LEGACY_WEB_METHOD_RULES + "' not set"); } ConfigurationContext configContext = getEndpointDescription().getServiceDescription() .getAxisConfigContext(); if (configContext != null) { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: Reading Manifest property '" + MDQConstants.USE_MANIFEST_LEGACY_WEB_METHOD_RULES + "'"); } String param = (String) configContext .getProperty(MDQConstants.USE_MANIFEST_LEGACY_WEB_METHOD_RULES); if (param == null) { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: Manifest property '" + MDQConstants.USE_MANIFEST_LEGACY_WEB_METHOD_RULES + "' not set"); } } else { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: Manifest property '" + MDQConstants.USE_MANIFEST_LEGACY_WEB_METHOD_RULES + "' is set to" + param); } legacyWebmethod = param; } } else { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: Unable to Read Manifest property '" + MDQConstants.USE_MANIFEST_LEGACY_WEB_METHOD_RULES + "'"); log.debug("EndpointInterfaceDescriptionImpl: AxisConfigContext was null"); } } } else { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: system property '" + MDQConstants.USE_LEGACY_WEB_METHOD_RULES + "' set"); } } return legacyWebmethod; }
From source file:com.cloudera.beeswax.BeeswaxServiceImpl.java
@Override public void close(QueryHandle handle) throws QueryNotFoundException, BeeswaxException { LogContext.unregisterCurrentThread(); validateHandle(handle);// ww w. j av a 2 s . c o m LogContext.registerCurrentThread(handle.log_context); final RunningQueryState state = runningQueries.get(handle.id); try { doWithState(state, new PrivilegedExceptionAction<Integer>() { public Integer run() throws Exception { if (state == null) { throw new QueryNotFoundException(); } return state.close(); } }); } catch (BeeswaxException e) { throw e; } runningQueries.remove(handle.id); }
From source file:org.apache.axis2.wsdl.util.WSDLWrapperReloadImpl.java
/** * Load and Return a Definition object.// w w w . j ava 2 s .c o m * (The caller will determine if the Definition object should have * its resources freed or not) * @return Definition * @throws WSDLException */ private Definition loadDefinition() throws WSDLException { Definition def = null; if (wsdlExplicitURI != null) { try { def = (Definition) AccessController.doPrivileged(new PrivilegedExceptionAction() { public Object run() throws WSDLException { WSDLReader reader = getWSDLReader(); return reader.readWSDL(wsdlExplicitURI); } }); } catch (PrivilegedActionException e) { if (isDebugEnabled) { log.debug(myClassName + ".loadDefinition(): " + "Exception thrown from AccessController: " + e); log.trace("Call Stack = " + JavaUtils.callStackToString()); } WSDLException we = new WSDLException("WSDLWrapperReloadImpl : ", e.getMessage(), e); throw we; } } // Loading the wsdl is expensive. Dump the callstack.. so that we // support can look at the trace and determine if this class is being used incorrectly. if (isDebugEnabled) { log.debug(myClassName + ".loadDefinition(): returning Definition [" + def + "]"); log.trace("Call Stack = " + JavaUtils.callStackToString()); } return def; }
From source file:org.apache.axis2.jaxws.description.impl.EndpointInterfaceDescriptionImpl.java
private static String getNewSunRulesFlag() { String newSunRulesFlag = null; try {//from w w w.j ava 2 s .c o m newSunRulesFlag = (String) AccessController.doPrivileged(new PrivilegedExceptionAction() { public Object run() { return (System.getProperty(MDQConstants.USE_LEGACY_WEB_METHOD_RULES_SUN)); } }); } catch (PrivilegedActionException e) { // Swallow and continue if (log.isWarnEnabled()) { log.debug("Exception getting USE_LEGACY_WEB_METHOD_RULES_SUN system property: " + e.getException()); } } if (WSToolingUtils.hasValue(newSunRulesFlag)) { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: system property '" + MDQConstants.USE_LEGACY_WEB_METHOD_RULES_SUN + "' is set"); log.debug("MDQConstants.USE_LEGACY_WEB_METHOD_RULES_SUN =" + newSunRulesFlag); } } else { if (log.isDebugEnabled()) { log.debug("EndpointInterfaceDescriptionImpl: system property '" + MDQConstants.USE_LEGACY_WEB_METHOD_RULES_SUN + "' is not set"); } } return newSunRulesFlag; }
From source file:org.apache.hadoop.hbase.security.visibility.TestVisibilityLabelsWithDeletes.java
@Test public void testVisibilityCombinations() throws Exception { final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName()); Admin hBaseAdmin = TEST_UTIL.getAdmin(); HColumnDescriptor colDesc = new HColumnDescriptor(fam); colDesc.setMaxVersions(5);// w w w . j a va 2 s .co m HTableDescriptor desc = new HTableDescriptor(tableName); desc.addFamily(colDesc); hBaseAdmin.createTable(desc); try (Table table = TEST_UTIL.getConnection().getTable(tableName)) { Put put = new Put(Bytes.toBytes("row1")); put.addColumn(fam, qual, 123l, value); put.setCellVisibility(new CellVisibility(CONFIDENTIAL)); table.put(put); put = new Put(Bytes.toBytes("row1")); put.addColumn(fam, qual, 124l, value1); put.setCellVisibility(new CellVisibility(SECRET)); table.put(put); PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() { @Override public Void run() throws Exception { try (Connection connection = ConnectionFactory.createConnection(conf); Table table = connection.getTable(tableName)) { Delete d = new Delete(row1); d.setCellVisibility(new CellVisibility(SECRET)); d.addColumns(fam, qual, 126l); table.delete(d); } catch (Throwable t) { throw new IOException(t); } try (Connection connection = ConnectionFactory.createConnection(conf); Table table = connection.getTable(tableName)) { Delete d = new Delete(row1); d.setCellVisibility(new CellVisibility(CONFIDENTIAL)); d.addColumn(fam, qual, 123l); table.delete(d); } catch (Throwable t) { throw new IOException(t); } return null; } }; SUPERUSER.runAs(actiona); Scan s = new Scan(); s.setMaxVersions(5); s.setAuthorizations(new Authorizations(CONFIDENTIAL, SECRET)); ResultScanner scanner = table.getScanner(s); Result[] next = scanner.next(3); assertEquals(next.length, 0); } }
From source file:org.apache.hadoop.mapred.TaskTracker.java
/** * Localize the job on this tasktracker. Specifically * <ul>/*from w ww. j a v a2s . com*/ * <li>Cleanup and create job directories on all disks</li> * <li>Download the credentials file</li> * <li>Download the job config file job.xml from the FS</li> * <li>Invokes the {@link TaskController} to do the rest of the job * initialization</li> * </ul> * * @param t task whose job has to be localized on this TT * @param rjob the {@link RunningJob} * @param ttAddr the tasktracker's RPC address * @return the path to the job configuration to be used for all the tasks * of this job as a starting point. * @throws IOException */ Path initializeJob(final Task t, final RunningJob rjob, final InetSocketAddress ttAddr) throws IOException, InterruptedException { final JobID jobId = t.getJobID(); final Path jobFile = new Path(t.getJobFile()); final String userName = t.getUser(); final Configuration conf = getJobConf(); // save local copy of JobToken file final String localJobTokenFile = localizeJobTokenFile(t.getUser(), jobId); synchronized (rjob) { rjob.ugi = UserGroupInformation.createRemoteUser(t.getUser()); Credentials ts = TokenCache.loadTokens(localJobTokenFile, conf); Token<JobTokenIdentifier> jt = TokenCache.getJobToken(ts); if (jt != null) { //could be null in the case of some unit tests getJobTokenSecretManager().addTokenForJob(jobId.toString(), jt); } for (Token<? extends TokenIdentifier> token : ts.getAllTokens()) { rjob.ugi.addToken(token); } } FileSystem userFs = getFS(jobFile, jobId, conf); // Download the job.xml for this job from the system FS final Path localJobFile = localizeJobConfFile(new Path(t.getJobFile()), userName, userFs, jobId); /** * Now initialize the job via task-controller to do the rest of the * job-init. Do this within a doAs since the public distributed cache * is also set up here. * To support potential authenticated HDFS accesses, we need the tokens */ rjob.ugi.doAs(new PrivilegedExceptionAction<Object>() { public Object run() throws IOException, InterruptedException { try { final JobConf localJobConf = new JobConf(localJobFile); // Setup the public distributed cache TaskDistributedCacheManager taskDistributedCacheManager = getTrackerDistributedCacheManager() .newTaskDistributedCacheManager(jobId, localJobConf); rjob.distCacheMgr = taskDistributedCacheManager; taskDistributedCacheManager.setupCache(localJobConf, TaskTracker.getPublicDistributedCacheDir(), TaskTracker.getPrivateDistributedCacheDir(userName)); // Set some config values localJobConf.set(JobConf.MAPRED_LOCAL_DIR_PROPERTY, getJobConf().get(JobConf.MAPRED_LOCAL_DIR_PROPERTY)); if (conf.get("slave.host.name") != null) { localJobConf.set("slave.host.name", conf.get("slave.host.name")); } resetNumTasksPerJvm(localJobConf); localJobConf.setUser(t.getUser()); // write back the config (this config will have the updates that the // distributed cache manager makes as well) JobLocalizer.writeLocalJobFile(localJobFile, localJobConf); taskController.initializeJob(t.getUser(), jobId.toString(), new Path(localJobTokenFile), localJobFile, TaskTracker.this, ttAddr); } catch (IOException e) { LOG.warn("Exception while localization " + StringUtils.stringifyException(e)); throw e; } catch (InterruptedException ie) { LOG.warn("Exception while localization " + StringUtils.stringifyException(ie)); throw ie; } return null; } }); //search for the conf that the initializeJob created //need to look up certain configs from this conf, like //the distributed cache, profiling, etc. ones Path initializedConf = lDirAlloc.getLocalPathToRead(getLocalJobConfFile(userName, jobId.toString()), getJobConf()); return initializedConf; }
From source file:org.apache.hadoop.hbase.security.visibility.TestVisibilityLabelsWithDeletes.java
@Test public void testVisibilityLabelsWithDeleteColumnWithSpecificVersionWithPutsReAppearing() throws Exception { final TableName tableName = TableName.valueOf(TEST_NAME.getMethodName()); Admin hBaseAdmin = TEST_UTIL.getAdmin(); HColumnDescriptor colDesc = new HColumnDescriptor(fam); colDesc.setMaxVersions(5);/*from ww w . j av a2s . c om*/ HTableDescriptor desc = new HTableDescriptor(tableName); desc.addFamily(colDesc); hBaseAdmin.createTable(desc); try (Table table = TEST_UTIL.getConnection().getTable(tableName)) { Put put1 = new Put(Bytes.toBytes("row1")); put1.addColumn(fam, qual, 123l, value); put1.setCellVisibility(new CellVisibility(CONFIDENTIAL)); Put put2 = new Put(Bytes.toBytes("row1")); put2.addColumn(fam, qual, 123l, value1); put2.setCellVisibility(new CellVisibility(SECRET)); table.put(createList(put1, put2)); Scan s = new Scan(); s.setMaxVersions(5); s.setAuthorizations(new Authorizations(CONFIDENTIAL, SECRET)); ResultScanner scanner = table.getScanner(s); assertEquals(scanner.next(3).length, 1); scanner.close(); PrivilegedExceptionAction<Void> actiona = new PrivilegedExceptionAction<Void>() { @Override public Void run() throws Exception { try (Connection connection = ConnectionFactory.createConnection(conf); Table table = connection.getTable(tableName)) { Delete d = new Delete(row1); d.setCellVisibility(new CellVisibility(CONFIDENTIAL)); d.addColumn(fam, qual, 123l); table.delete(d); } try (Connection connection = ConnectionFactory.createConnection(conf); Table table = connection.getTable(tableName)) { Delete d = new Delete(row1); d.setCellVisibility(new CellVisibility(SECRET)); d.addColumn(fam, qual, 123l); table.delete(d); } catch (Throwable t) { throw new IOException(t); } return null; } }; SUPERUSER.runAs(actiona); s = new Scan(); s.setMaxVersions(5); s.setAuthorizations(new Authorizations(CONFIDENTIAL)); scanner = table.getScanner(s); assertEquals(scanner.next(3).length, 0); scanner.close(); } }
From source file:org.apache.axis2.wsdl.util.WSDLWrapperReloadImpl.java
/** * Returns a wsdl reader for the wsdl//from w ww .jav a2s. com * * @return WSDLReader * @exception WSDLException */ private WSDLReader getWSDLReader() throws WSDLException { WSDLReader reader; try { reader = (WSDLReader) AccessController.doPrivileged(new PrivilegedExceptionAction() { public Object run() throws WSDLException { WSDLFactory factory = WSDLFactory.newInstance(); return factory.newWSDLReader(); } }); } catch (PrivilegedActionException e) { throw (WSDLException) e.getException(); } // prevent system out from occurring reader.setFeature(com.ibm.wsdl.Constants.FEATURE_VERBOSE, false); return reader; }
From source file:org.apache.axis2.wsdl.util.WSDLWrapperReloadImpl.java
/** * This method provides a Java2 Security compliant way to obtain the InputStream * for a given URLConnection object. This is needed as a given URLConnection object * may be an instance of a FileURLConnection object which would require access * permissions if Java2 Security was enabled. *///from www. j a v a 2s . co m private static InputStream getInputStream(URLConnection urlCon) throws Exception { final URLConnection finalURLCon = urlCon; InputStream is = null; try { is = (InputStream) AccessController.doPrivileged(new PrivilegedExceptionAction() { public Object run() throws IOException { return finalURLCon.getInputStream(); } }); } catch (PrivilegedActionException e) { throw e.getException(); } return is; }