本文整理汇总了Java中org.apache.zookeeper.data.ACL类的典型用法代码示例。如果您正苦于以下问题:Java ACL类的具体用法?Java ACL怎么用?Java ACL使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
ACL类属于org.apache.zookeeper.data包,在下文中一共展示了ACL类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testValidSaslIds
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Test
public void testValidSaslIds() throws Exception {
ZooKeeper zk = createClient();
List<String> validIds = new ArrayList<String>();
validIds.add("user");
validIds.add("service/host.name.com");
validIds.add("[email protected]");
validIds.add("service/[email protected]");
int i = 0;
for(String validId: validIds) {
List<ACL> aclList = new ArrayList<ACL>();
ACL acl = new ACL(0,new Id("sasl",validId));
aclList.add(acl);
zk.create("/valid"+i,null,aclList,CreateMode.PERSISTENT);
i++;
}
}
示例2: parse
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
/**
* parse string into list of ACL
* @param aclString
* @return
*/
public static List<ACL> parse(String aclString) {
List<ACL> acl;
String acls[] = aclString.split(",");
acl = new ArrayList<ACL>();
for (String a : acls) {
int firstColon = a.indexOf(':');
int lastColon = a.lastIndexOf(':');
if (firstColon == -1 || lastColon == -1 || firstColon == lastColon) {
System.err.println(a + " does not have the form scheme:id:perm");
continue;
}
ACL newAcl = new ACL();
newAcl.setId(new Id(a.substring(0, firstColon), a.substring(
firstColon + 1, lastColon)));
newAcl.setPerms(getPermFromString(a.substring(lastColon + 1)));
acl.add(newAcl);
}
return acl;
}
示例3: testUserHomedirsPermissionsRestricted
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Test
public void testUserHomedirsPermissionsRestricted() throws Throwable {
// test that the /users/$user permissions are restricted
RMRegistryOperationsService rmRegistryOperations =
startRMRegistryOperations();
// create Alice's dir, so it should have an ACL for Alice
final String home = rmRegistryOperations.initUserRegistry(ALICE);
List<ACL> acls = rmRegistryOperations.zkGetACLS(home);
ACL aliceACL = null;
for (ACL acl : acls) {
LOG.info(RegistrySecurity.aclToString(acl));
Id id = acl.getId();
if (id.getScheme().equals(ZookeeperConfigOptions.SCHEME_SASL)
&& id.getId().startsWith(ALICE)) {
aliceACL = acl;
break;
}
}
assertNotNull(aliceACL);
assertEquals(RegistryAdminService.USER_HOMEDIR_ACL_PERMISSIONS,
aliceACL.getPerms());
}
示例4: testReconfigEnabledWithAuthAndACL
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Test(timeout = 10000)
public void testReconfigEnabledWithAuthAndACL() throws InterruptedException {
resetZKAdmin();
try {
zkAdmin.addAuthInfo("digest", "super:test".getBytes());
ArrayList<ACL> acls = new ArrayList<ACL>(
Collections.singletonList(
new ACL(ZooDefs.Perms.WRITE,
new Id("digest", "user:tl+z3z0vO6PfPfEENfLF96E6pM0="/* password is test */))));
zkAdmin.setACL(ZooDefs.CONFIG_NODE, acls, -1);
resetZKAdmin();
zkAdmin.addAuthInfo("digest", "user:test".getBytes());
Assert.assertTrue(reconfigPort());
} catch (KeeperException e) {
Assert.fail("Reconfig should not fail, but failed with exception : " + e.getMessage());
}
}
示例5: parseACLs
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
private static List<ACL> parseACLs(String aclString) {
List<ACL> acl;
String acls[] = aclString.split(",");
acl = new ArrayList<ACL>();
for (String a : acls) {
int firstColon = a.indexOf(':');
int lastColon = a.lastIndexOf(':');
if (firstColon == -1 || lastColon == -1 || firstColon == lastColon) {
System.err
.println(a + " does not have the form scheme:id:perm");
continue;
}
ACL newAcl = new ACL();
newAcl.setId(new Id(a.substring(0, firstColon), a.substring(
firstColon + 1, lastColon)));
newAcl.setPerms(getPermFromString(a.substring(lastColon + 1)));
acl.add(newAcl);
}
return acl;
}
示例6: addDigestACL
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
/**
* Add a digest ACL
* @param acl add ACL
*/
public boolean addDigestACL(ACL acl) {
if (secureRegistry) {
if (LOG.isDebugEnabled()) {
LOG.debug("Added ACL {}", aclToString(acl));
}
digestACLs.add(acl);
return true;
} else {
if (LOG.isDebugEnabled()) {
LOG.debug("Ignoring added ACL - registry is insecure{}",
aclToString(acl));
}
return false;
}
}
示例7: setACL
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Override
public Stat setACL(String path, List<ACL> acl, int version)
throws KeeperException, InterruptedException {
int count = 0;
do {
try {
return super.setACL(path, acl, version);
} catch (KeeperException.ConnectionLossException e) {
LoggerFactory.getLogger().warn(
"ZooKeeper connection lost. Trying to reconnect.");
Stat s = exists(path, false);
if (s != null) {
if (getACL(path, s).equals(acl)) {
return s;
}
} else {
return null;
}
}
} while (!closed && (limit == -1 || count++ < limit));
return null;
}
示例8: setACL
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
/**
* Set the ACL for the node of the given path if such a node exists and the
* given version matches the version of the node. Return the stat of the
* node.
* <p>
* A KeeperException with error code KeeperException.NoNode will be thrown
* if no node with the given path exists.
* <p>
* A KeeperException with error code KeeperException.BadVersion will be
* thrown if the given version does not match the node's version.
*
* @param path
* @param acl
* @param version
* @return the stat of the node.
* @throws InterruptedException If the server transaction is interrupted.
* @throws KeeperException If the server signals an error with a non-zero error code.
* @throws org.apache.zookeeper.KeeperException.InvalidACLException If the acl is invalide.
* @throws IllegalArgumentException if an invalid path is specified
*/
public Stat setACL(final String path, List<ACL> acl, int version)
throws KeeperException, InterruptedException
{
final String clientPath = path;
PathUtils.validatePath(clientPath);
final String serverPath = prependChroot(clientPath);
RequestHeader h = new RequestHeader();
h.setType(ZooDefs.OpCode.setACL);
SetACLRequest request = new SetACLRequest();
request.setPath(serverPath);
if (acl != null && acl.size() == 0) {
throw new KeeperException.InvalidACLException(clientPath);
}
request.setAcl(acl);
request.setVersion(version);
SetACLResponse response = new SetACLResponse();
ReplyHeader r = cnxn.submitRequest(h, request, response, null);
if (r.getErr() != 0) {
throw KeeperException.create(KeeperException.Code.get(r.getErr()),
clientPath);
}
return response.getStat();
}
示例9: checkAndSetZNodeAcls
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
/**
* On master start, we check the znode ACLs under the root directory and set the ACLs properly
* if needed. If the cluster goes from an unsecure setup to a secure setup, this step is needed
* so that the existing znodes created with open permissions are now changed with restrictive
* perms.
*/
public void checkAndSetZNodeAcls() {
if (!ZKUtil.isSecureZooKeeper(getConfiguration())) {
LOG.info("not a secure deployment, proceeding");
return;
}
// Check the base znodes permission first. Only do the recursion if base znode's perms are not
// correct.
try {
List<ACL> actualAcls = recoverableZooKeeper.getAcl(baseZNode, new Stat());
if (!isBaseZnodeAclSetup(actualAcls)) {
LOG.info("setting znode ACLs");
setZnodeAclsRecursive(baseZNode);
}
} catch(KeeperException.NoNodeException nne) {
return;
} catch(InterruptedException ie) {
interruptedException(ie);
} catch (IOException|KeeperException e) {
LOG.warn("Received exception while checking and setting zookeeper ACLs", e);
}
}
示例10: testMultipleAddsAndRemove
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Test
public void testMultipleAddsAndRemove() {
List<ACL> testACL = createACL("myid");
ReferenceCountedACLCache cache = new ReferenceCountedACLCache();
Long aclId = cache.convertAcls(testACL);
assertEquals(1, cache.size());
cache.convertAcls(testACL);
assertEquals(1, cache.size());
List<ACL> testACL2 = createACL("anotherId");
cache.convertAcls(testACL2);
cache.removeUsage(aclId);
assertEquals(2, cache.size());
cache.removeUsage(aclId);
assertEquals(1, cache.size());
Long newId = cache.convertAcls(testACL);
assertFalse(aclId.equals(newId));
}
示例11: testAddUsage
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Test
public void testAddUsage() {
List<ACL> testACL = createACL("myid");
ReferenceCountedACLCache cache = new ReferenceCountedACLCache();
Long aclId = cache.convertAcls(testACL);
assertEquals(1, cache.size());
cache.addUsage(aclId);
assertEquals(1, cache.size());
cache.removeUsage(aclId);
assertEquals(1, cache.size());
cache.removeUsage(aclId);
assertEquals(0, cache.size());
}
示例12: setACL
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Override
public Stat setACL(String path, List<ACL> acl, int aclVersion)
throws KeeperException, InterruptedException {
int count = 0;
do {
try {
return super.setACL(path, acl, aclVersion);
} catch (KeeperException.ConnectionLossException e) {
LoggerFactory.getLogger().warn(
"ZooKeeper connection lost. Trying to reconnect.");
Stat s = exists(path, false);
if (s != null) {
if (getACL(path, s).equals(acl)) {
return s;
}
} else {
return null;
}
}
} while (!closed && (limit == -1 || count++ < limit));
return null;
}
示例13: create
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
/**
* The asynchronous version of create.
*
* @see #create(String, byte[], List, CreateMode)
*/
public void create(final String path, byte data[], List<ACL> acl,
CreateMode createMode, StringCallback cb, Object ctx)
{
final String clientPath = path;
PathUtils.validatePath(clientPath, createMode.isSequential());
final String serverPath = prependChroot(clientPath);
RequestHeader h = new RequestHeader();
h.setType(ZooDefs.OpCode.create);
CreateRequest request = new CreateRequest();
CreateResponse response = new CreateResponse();
ReplyHeader r = new ReplyHeader();
request.setData(data);
request.setFlags(createMode.toFlag());
request.setPath(serverPath);
request.setAcl(acl);
cnxn.queuePacket(h, r, request, response, cb, clientPath,
serverPath, ctx, null);
}
示例14: constructZkRootNodeACL
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
/**
* Given the {@link Configuration} and {@link ACL}s used (zkAcl) for
* ZooKeeper access, construct the {@link ACL}s for the store's root node.
* In the constructed {@link ACL}, all the users allowed by zkAcl are given
* rwa access, while the current RM has exclude create-delete access.
*
* To be called only when HA is enabled and the configuration doesn't set ACL
* for the root node.
*/
@VisibleForTesting
@Private
@Unstable
protected List<ACL> constructZkRootNodeACL(
Configuration conf, List<ACL> sourceACLs) throws NoSuchAlgorithmException {
List<ACL> zkRootNodeAcl = new ArrayList<ACL>();
for (ACL acl : sourceACLs) {
zkRootNodeAcl.add(new ACL(
ZKUtil.removeSpecificPerms(acl.getPerms(), CREATE_DELETE_PERMS),
acl.getId()));
}
zkRootNodeUsername = HAUtil.getConfValueForRMInstance(
YarnConfiguration.RM_ADDRESS,
YarnConfiguration.DEFAULT_RM_ADDRESS, conf);
Id rmId = new Id(zkRootNodeAuthScheme,
DigestAuthenticationProvider.generateDigest(
zkRootNodeUsername + ":" + zkRootNodePassword));
zkRootNodeAcl.add(new ACL(CREATE_DELETE_PERMS, rmId));
return zkRootNodeAcl;
}
示例15: testUGILogin
import org.apache.zookeeper.data.ACL; //导入依赖的package包/类
@Test
public void testUGILogin() throws Throwable {
UserGroupInformation ugi = loginUGI(ZOOKEEPER, keytab_zk);
RegistrySecurity.UgiInfo ugiInfo =
new RegistrySecurity.UgiInfo(ugi);
LOG.info("logged in as: {}", ugiInfo);
assertTrue("security is not enabled: " + ugiInfo,
UserGroupInformation.isSecurityEnabled());
assertTrue("login is keytab based: " + ugiInfo,
ugi.isFromKeytab());
// now we are here, build a SASL ACL
ACL acl = ugi.doAs(new PrivilegedExceptionAction<ACL>() {
@Override
public ACL run() throws Exception {
return registrySecurity.createSaslACLFromCurrentUser(0);
}
});
assertEquals(ZOOKEEPER_REALM, acl.getId().getId());
assertEquals(ZookeeperConfigOptions.SCHEME_SASL, acl.getId().getScheme());
registrySecurity.addSystemACL(acl);
}