Package com.mapr.security

Class Security

  • public class Security
extends java.lang.Object

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static long MAX_EXPIRY_TIME  

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void BlacklistAndCloseConnections​(int[] uids, long[] blacklistTimes, boolean reinitList)  
      static java.lang.String ByteArrayToString​(java.lang.String preFix, byte[] bArray)  
      static void CloneAndGenerateTicketFile​(java.io.DataInputStream fsin, long expiration, java.io.DataOutputStream outTicket)
      Given an input stream for ticket file, clone the current cluster ticket with given expiration.
      static byte[] DecodeDataFromKeyFile​(byte[] encodedData, MutableInt erri)  
      static byte[] Decrypt​(com.mapr.fs.proto.Security.Key key, byte[] inBuf, MutableInt erri)  
      static com.mapr.fs.proto.Security.Ticket DecryptTicket​(byte[] encryptedTicket, MutableInt erri)  
      static boolean doesDareKeyExist()  
      static byte[] EncodeDataForWritingToKeyFile​(byte[] serializedProtobuf, MutableInt erri)  
      static byte[] Encrypt​(com.mapr.fs.proto.Security.Key key, byte[] inBuf, MutableInt erri)  
      static void GenerateAndWriteTicketAndKey​(java.lang.String userName, long expiration, java.io.DataOutputStream outTicket)
      Used by JT to generate a ticket for user for a specific job
      static com.mapr.fs.proto.Security.Key GenerateRandomKey()  
      static com.mapr.fs.proto.Security.TicketAndKey GenerateTicketAndKey​(com.mapr.fs.proto.Security.ServerKeyType keyType, java.lang.String userName, int uid, int[] gids, long expiryTime, long maxRenewalTimeSec, TicketOptionalParams tOptionalParams, MutableInt erri)  
      static com.mapr.fs.proto.Security.TicketAndKey GenerateTicketAndKeyUsingServerKey​(com.mapr.fs.proto.Security.ServerKeyType keyType, com.mapr.fs.proto.Security.Key key, java.lang.String userName, int uid, int[] gids, long expiryTime, long maxRenewalTimeSec, boolean isExternal, MutableInt erri)  
      static com.mapr.fs.proto.Security.Key getCLDBKeyFromHSM​(MutableInt erri)  
      static com.mapr.fs.proto.Security.Key GetClusterKey​(com.mapr.fs.proto.Security.Key CldbKey, long time)  
      static com.mapr.fs.proto.Security.Key GetKey​(com.mapr.fs.proto.Security.ServerKeyType keyType, MutableInt erri)  
      static com.mapr.fs.proto.Security.Key GetServerKey​(com.mapr.fs.proto.Security.Key CldbKey, long time)  
      static com.mapr.fs.proto.Security.TicketAndKey GetTicketAndKeyForCluster​(com.mapr.fs.proto.Security.ServerKeyType keyType, java.lang.String clusterName, MutableInt erri)  
      static boolean isHSMFeatureEnabled()  
      static boolean IsTicketAndKeyUsable​(com.mapr.fs.proto.Security.TicketAndKey ticketAndKey)  
      static void main​(java.lang.String[] args)  
      static void MergeAndGenerateTicketFile​(java.io.DataInputStream fsin, java.lang.String userName, long expiration, java.io.DataOutputStream outTicket)  
      static void RemoveFromBlacklist​(int[] uids)  
      static com.mapr.fs.proto.Security.TicketAndKey RenewTicketAndKey​(com.mapr.fs.proto.Security.ServerKeyType keyType, com.mapr.fs.proto.Security.TicketAndKey ticketAndKey, long expiryTime, MutableInt erri)  
      static int SetKey​(com.mapr.fs.proto.Security.ServerKeyType keyType, com.mapr.fs.proto.Security.Key key)  
      static int SetKeyFile​(com.mapr.fs.proto.Security.ServerKeyType keyType, java.lang.String path)  
      static int SetTicketAndKey​(com.mapr.fs.proto.Security.ServerKeyType keyType, java.lang.String clusterName, com.mapr.fs.proto.Security.TicketAndKey ticketAndKey)  
      static int SetTicketAndKeyFile​(java.lang.String path)  
      static void TestSecurity()  
      static java.lang.String TicketAndKeyToString​(java.lang.String prefix, com.mapr.fs.proto.Security.TicketAndKey t)  
      static java.lang.String TicketToString​(java.lang.String prefix, com.mapr.fs.proto.Security.Ticket t)  
      static void UseClusterTicketAsServerTicket()  
      static java.lang.String UserCredsToString​(java.lang.String prefix, com.mapr.fs.proto.Security.CredentialsMsg c)  
      static com.mapr.fs.proto.Security.Ticket ValidateTicketAndKey​(com.mapr.fs.proto.Security.TicketAndKey t, MutableInt err)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • MAX_EXPIRY_TIME

        public static long MAX_EXPIRY_TIME

    • Method Detail

      • GenerateRandomKey

        public static com.mapr.fs.proto.Security.Key GenerateRandomKey()

      • Encrypt

        public static byte[] Encrypt​(com.mapr.fs.proto.Security.Key key,
                             byte[] inBuf,
                             MutableInt erri)

      • Decrypt

        public static byte[] Decrypt​(com.mapr.fs.proto.Security.Key key,
                             byte[] inBuf,
                             MutableInt erri)

      • EncodeDataForWritingToKeyFile

        public static byte[] EncodeDataForWritingToKeyFile​(byte[] serializedProtobuf,
                                                   MutableInt erri)

      • DecodeDataFromKeyFile

        public static byte[] DecodeDataFromKeyFile​(byte[] encodedData,
                                           MutableInt erri)

      • isHSMFeatureEnabled

        public static boolean isHSMFeatureEnabled()

      • doesDareKeyExist

        public static boolean doesDareKeyExist()

      • getCLDBKeyFromHSM

        public static com.mapr.fs.proto.Security.Key getCLDBKeyFromHSM​(MutableInt erri)

      • SetKeyFile

        public static int SetKeyFile​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                             java.lang.String path)

      • SetKey

        public static int SetKey​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                         com.mapr.fs.proto.Security.Key key)

      • GetKey

        public static com.mapr.fs.proto.Security.Key GetKey​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                                                    MutableInt erri)

      • GenerateTicketAndKey

        public static com.mapr.fs.proto.Security.TicketAndKey GenerateTicketAndKey​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                                                                           java.lang.String userName,
                                                                           int uid,
                                                                           int[] gids,
                                                                           long expiryTime,
                                                                           long maxRenewalTimeSec,
                                                                           TicketOptionalParams tOptionalParams,
                                                                           MutableInt erri)

      • GenerateAndWriteTicketAndKey

        public static void GenerateAndWriteTicketAndKey​(java.lang.String userName,
                                                long expiration,
                                                java.io.DataOutputStream outTicket)
                                         throws java.io.IOException
        Used by JT to generate a ticket for user for a specific job
        Parameters:
        userName -
        expiration - - will be configurable on JT
        outTicket - - DataOutputStream where ticket will be written
        Throws:
        java.io.IOException

      • CloneAndGenerateTicketFile

        public static void CloneAndGenerateTicketFile​(java.io.DataInputStream fsin,
                                              long expiration,
                                              java.io.DataOutputStream outTicket)
                                       throws java.io.IOException
        Given an input stream for ticket file, clone the current cluster ticket with given expiration. It generates a non-renewable ticket. Parameters that will be cloned are uid, gids, canImpersonate
        Parameters:
        fsin - - DataInputStream for input ticket
        expiration - - expiration of the cloned ticket.
        outTicket - - DataOutputStream where ticket will be written
        Throws:
        java.io.IOException - where input ticket cannot be parsed for current cluster.

      • MergeAndGenerateTicketFile

        public static void MergeAndGenerateTicketFile​(java.io.DataInputStream fsin,
                                              java.lang.String userName,
                                              long expiration,
                                              java.io.DataOutputStream outTicket)
                                       throws java.io.IOException
        Throws:
        java.io.IOException

      • GenerateTicketAndKeyUsingServerKey

        public static com.mapr.fs.proto.Security.TicketAndKey GenerateTicketAndKeyUsingServerKey​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                                                                                         com.mapr.fs.proto.Security.Key key,
                                                                                         java.lang.String userName,
                                                                                         int uid,
                                                                                         int[] gids,
                                                                                         long expiryTime,
                                                                                         long maxRenewalTimeSec,
                                                                                         boolean isExternal,
                                                                                         MutableInt erri)

      • RenewTicketAndKey

        public static com.mapr.fs.proto.Security.TicketAndKey RenewTicketAndKey​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                                                                        com.mapr.fs.proto.Security.TicketAndKey ticketAndKey,
                                                                        long expiryTime,
                                                                        MutableInt erri)

      • DecryptTicket

        public static com.mapr.fs.proto.Security.Ticket DecryptTicket​(byte[] encryptedTicket,
                                                              MutableInt erri)

      • SetTicketAndKeyFile

        public static int SetTicketAndKeyFile​(java.lang.String path)

      • SetTicketAndKey

        public static int SetTicketAndKey​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                                  java.lang.String clusterName,
                                  com.mapr.fs.proto.Security.TicketAndKey ticketAndKey)

      • UseClusterTicketAsServerTicket

        public static void UseClusterTicketAsServerTicket()

      • GetTicketAndKeyForCluster

        public static com.mapr.fs.proto.Security.TicketAndKey GetTicketAndKeyForCluster​(com.mapr.fs.proto.Security.ServerKeyType keyType,
                                                                                java.lang.String clusterName,
                                                                                MutableInt erri)

      • GetServerKey

        public static com.mapr.fs.proto.Security.Key GetServerKey​(com.mapr.fs.proto.Security.Key CldbKey,
                                                          long time)

      • GetClusterKey

        public static com.mapr.fs.proto.Security.Key GetClusterKey​(com.mapr.fs.proto.Security.Key CldbKey,
                                                           long time)

      • ByteArrayToString

        public static java.lang.String ByteArrayToString​(java.lang.String preFix,
                                                 byte[] bArray)

      • UserCredsToString

        public static java.lang.String UserCredsToString​(java.lang.String prefix,
                                                 com.mapr.fs.proto.Security.CredentialsMsg c)

      • TicketAndKeyToString

        public static java.lang.String TicketAndKeyToString​(java.lang.String prefix,
                                                    com.mapr.fs.proto.Security.TicketAndKey t)

      • TicketToString

        public static java.lang.String TicketToString​(java.lang.String prefix,
                                              com.mapr.fs.proto.Security.Ticket t)

      • ValidateTicketAndKey

        public static com.mapr.fs.proto.Security.Ticket ValidateTicketAndKey​(com.mapr.fs.proto.Security.TicketAndKey t,
                                                                     MutableInt err)

      • IsTicketAndKeyUsable

        public static boolean IsTicketAndKeyUsable​(com.mapr.fs.proto.Security.TicketAndKey ticketAndKey)

      • BlacklistAndCloseConnections

        public static void BlacklistAndCloseConnections​(int[] uids,
                                                long[] blacklistTimes,
                                                boolean reinitList)

      • RemoveFromBlacklist

        public static void RemoveFromBlacklist​(int[] uids)

      • TestSecurity

        public static void TestSecurity()

      • main

        public static void main​(java.lang.String[] args)