Java Code Examples for org.apache.hadoop.crypto.key.kms.KMSRESTConstants

The following examples show how to use org.apache.hadoop.crypto.key.kms.KMSRESTConstants. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@DELETE
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}")
public Response deleteKey(@PathParam("name") final String name)
    throws Exception {
  KMSWebApp.getAdminCallsMeter().mark();
  UserGroupInformation user = HttpUserGroupInformation.get();
  assertAccess(KMSACLs.Type.DELETE, user, KMSOp.DELETE_KEY, name);
  KMSClientProvider.checkNotEmpty(name, "name");

  user.doAs(new PrivilegedExceptionAction<Void>() {
    @Override
    public Void run() throws Exception {
      provider.deleteKey(name);
      provider.flush();
      return null;
    }
  });

  kmsAudit.ok(user, KMSOp.DELETE_KEY, name, "");

  return Response.ok().build();
}
 
Example 2
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEYS_METADATA_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeysMetadata(@QueryParam(KMSRESTConstants.KEY)
    List<String> keyNamesList) throws Exception {
  KMSWebApp.getAdminCallsMeter().mark();
  UserGroupInformation user = HttpUserGroupInformation.get();
  final String[] keyNames = keyNamesList.toArray(
      new String[keyNamesList.size()]);
  assertAccess(KMSACLs.Type.GET_METADATA, user, KMSOp.GET_KEYS_METADATA);

  KeyProvider.Metadata[] keysMeta = user.doAs(
      new PrivilegedExceptionAction<KeyProvider.Metadata[]>() {
        @Override
        public KeyProvider.Metadata[] run() throws Exception {
          return provider.getKeysMetadata(keyNames);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(keyNames, keysMeta);
  kmsAudit.ok(user, KMSOp.GET_KEYS_METADATA, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 3
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEYS_NAMES_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyNames() throws Exception {
  KMSWebApp.getAdminCallsMeter().mark();
  UserGroupInformation user = HttpUserGroupInformation.get();
  assertAccess(KMSACLs.Type.GET_KEYS, user, KMSOp.GET_KEYS);

  List<String> json = user.doAs(
      new PrivilegedExceptionAction<List<String>>() {
        @Override
        public List<String> run() throws Exception {
          return provider.getKeys();
        }
      }
  );

  kmsAudit.ok(user, KMSOp.GET_KEYS, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 4
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.METADATA_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getMetadata(@PathParam("name") final String name)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(name, "name");
  KMSWebApp.getAdminCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET_METADATA, user, KMSOp.GET_METADATA, name);

  KeyProvider.Metadata metadata = user.doAs(
      new PrivilegedExceptionAction<KeyProvider.Metadata>() {
        @Override
        public KeyProvider.Metadata run() throws Exception {
          return provider.getMetadata(name);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(name, metadata);
  kmsAudit.ok(user, KMSOp.GET_METADATA, name, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 5
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.CURRENT_VERSION_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getCurrentVersion(@PathParam("name") final String name)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(name, "name");
  KMSWebApp.getKeyCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_CURRENT_KEY, name);

  KeyVersion keyVersion = user.doAs(
      new PrivilegedExceptionAction<KeyVersion>() {
        @Override
        public KeyVersion run() throws Exception {
          return provider.getCurrentKey(name);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(keyVersion);
  kmsAudit.ok(user, KMSOp.GET_CURRENT_KEY, name, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 6
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_VERSION_RESOURCE + "/{versionName:.*}")
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyVersion(
    @PathParam("versionName") final String versionName) throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(versionName, "versionName");
  KMSWebApp.getKeyCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_KEY_VERSION);

  KeyVersion keyVersion = user.doAs(
      new PrivilegedExceptionAction<KeyVersion>() {
        @Override
        public KeyVersion run() throws Exception {
          return provider.getKeyVersion(versionName);
        }
      }
  );

  if (keyVersion != null) {
    kmsAudit.ok(user, KMSOp.GET_KEY_VERSION, keyVersion.getName(), "");
  }
  Object json = KMSServerJSONUtils.toJSON(keyVersion);
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 7
Source Project: hadoop   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.VERSIONS_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyVersions(@PathParam("name") final String name)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(name, "name");
  KMSWebApp.getKeyCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_KEY_VERSIONS, name);

  List<KeyVersion> ret = user.doAs(
      new PrivilegedExceptionAction<List<KeyVersion>>() {
        @Override
        public List<KeyVersion> run() throws Exception {
          return provider.getKeyVersions(name);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(ret);
  kmsAudit.ok(user, KMSOp.GET_KEY_VERSIONS, name, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 8
Source Project: hadoop   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(String keyName, KeyProvider.Metadata meta) {
  Map json = new LinkedHashMap();
  if (meta != null) {
    json.put(KMSRESTConstants.NAME_FIELD, keyName);
    json.put(KMSRESTConstants.CIPHER_FIELD, meta.getCipher());
    json.put(KMSRESTConstants.LENGTH_FIELD, meta.getBitLength());
    json.put(KMSRESTConstants.DESCRIPTION_FIELD, meta.getDescription());
    json.put(KMSRESTConstants.ATTRIBUTES_FIELD, meta.getAttributes());
    json.put(KMSRESTConstants.CREATED_FIELD,
        meta.getCreated().getTime());
    json.put(KMSRESTConstants.VERSIONS_FIELD,
        (long) meta.getVersions());
  }
  return json;
}
 
Example 9
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@DELETE
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}")
public Response deleteKey(@PathParam("name") final String name)
    throws Exception {
  KMSWebApp.getAdminCallsMeter().mark();
  UserGroupInformation user = HttpUserGroupInformation.get();
  assertAccess(KMSACLs.Type.DELETE, user, KMSOp.DELETE_KEY, name);
  KMSClientProvider.checkNotEmpty(name, "name");

  user.doAs(new PrivilegedExceptionAction<Void>() {
    @Override
    public Void run() throws Exception {
      provider.deleteKey(name);
      provider.flush();
      return null;
    }
  });

  kmsAudit.ok(user, KMSOp.DELETE_KEY, name, "");

  return Response.ok().build();
}
 
Example 10
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEYS_METADATA_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeysMetadata(@QueryParam(KMSRESTConstants.KEY)
    List<String> keyNamesList) throws Exception {
  KMSWebApp.getAdminCallsMeter().mark();
  UserGroupInformation user = HttpUserGroupInformation.get();
  final String[] keyNames = keyNamesList.toArray(
      new String[keyNamesList.size()]);
  assertAccess(KMSACLs.Type.GET_METADATA, user, KMSOp.GET_KEYS_METADATA);

  KeyProvider.Metadata[] keysMeta = user.doAs(
      new PrivilegedExceptionAction<KeyProvider.Metadata[]>() {
        @Override
        public KeyProvider.Metadata[] run() throws Exception {
          return provider.getKeysMetadata(keyNames);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(keyNames, keysMeta);
  kmsAudit.ok(user, KMSOp.GET_KEYS_METADATA, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 11
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEYS_NAMES_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyNames() throws Exception {
  KMSWebApp.getAdminCallsMeter().mark();
  UserGroupInformation user = HttpUserGroupInformation.get();
  assertAccess(KMSACLs.Type.GET_KEYS, user, KMSOp.GET_KEYS);

  List<String> json = user.doAs(
      new PrivilegedExceptionAction<List<String>>() {
        @Override
        public List<String> run() throws Exception {
          return provider.getKeys();
        }
      }
  );

  kmsAudit.ok(user, KMSOp.GET_KEYS, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 12
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.METADATA_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getMetadata(@PathParam("name") final String name)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(name, "name");
  KMSWebApp.getAdminCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET_METADATA, user, KMSOp.GET_METADATA, name);

  KeyProvider.Metadata metadata = user.doAs(
      new PrivilegedExceptionAction<KeyProvider.Metadata>() {
        @Override
        public KeyProvider.Metadata run() throws Exception {
          return provider.getMetadata(name);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(name, metadata);
  kmsAudit.ok(user, KMSOp.GET_METADATA, name, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 13
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.CURRENT_VERSION_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getCurrentVersion(@PathParam("name") final String name)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(name, "name");
  KMSWebApp.getKeyCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_CURRENT_KEY, name);

  KeyVersion keyVersion = user.doAs(
      new PrivilegedExceptionAction<KeyVersion>() {
        @Override
        public KeyVersion run() throws Exception {
          return provider.getCurrentKey(name);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(keyVersion);
  kmsAudit.ok(user, KMSOp.GET_CURRENT_KEY, name, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 14
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_VERSION_RESOURCE + "/{versionName:.*}")
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyVersion(
    @PathParam("versionName") final String versionName) throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(versionName, "versionName");
  KMSWebApp.getKeyCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_KEY_VERSION);

  KeyVersion keyVersion = user.doAs(
      new PrivilegedExceptionAction<KeyVersion>() {
        @Override
        public KeyVersion run() throws Exception {
          return provider.getKeyVersion(versionName);
        }
      }
  );

  if (keyVersion != null) {
    kmsAudit.ok(user, KMSOp.GET_KEY_VERSION, keyVersion.getName(), "");
  }
  Object json = KMSServerJSONUtils.toJSON(keyVersion);
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 15
Source Project: big-c   Source File: KMS.java    License: Apache License 2.0 6 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.VERSIONS_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyVersions(@PathParam("name") final String name)
    throws Exception {
  UserGroupInformation user = HttpUserGroupInformation.get();
  KMSClientProvider.checkNotEmpty(name, "name");
  KMSWebApp.getKeyCallsMeter().mark();
  assertAccess(KMSACLs.Type.GET, user, KMSOp.GET_KEY_VERSIONS, name);

  List<KeyVersion> ret = user.doAs(
      new PrivilegedExceptionAction<List<KeyVersion>>() {
        @Override
        public List<KeyVersion> run() throws Exception {
          return provider.getKeyVersions(name);
        }
      }
  );

  Object json = KMSServerJSONUtils.toJSON(ret);
  kmsAudit.ok(user, KMSOp.GET_KEY_VERSIONS, name, "");
  return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
}
 
Example 16
Source Project: big-c   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(String keyName, KeyProvider.Metadata meta) {
  Map json = new LinkedHashMap();
  if (meta != null) {
    json.put(KMSRESTConstants.NAME_FIELD, keyName);
    json.put(KMSRESTConstants.CIPHER_FIELD, meta.getCipher());
    json.put(KMSRESTConstants.LENGTH_FIELD, meta.getBitLength());
    json.put(KMSRESTConstants.DESCRIPTION_FIELD, meta.getDescription());
    json.put(KMSRESTConstants.ATTRIBUTES_FIELD, meta.getAttributes());
    json.put(KMSRESTConstants.CREATED_FIELD,
        meta.getCreated().getTime());
    json.put(KMSRESTConstants.VERSIONS_FIELD,
        (long) meta.getVersions());
  }
  return json;
}
 
Example 17
Source Project: ranger   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 6 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(String keyName, KeyProvider.Metadata meta) {
  Map json = new LinkedHashMap();
  if (meta != null) {
    json.put(KMSRESTConstants.NAME_FIELD, keyName);
    json.put(KMSRESTConstants.CIPHER_FIELD, meta.getCipher());
    json.put(KMSRESTConstants.LENGTH_FIELD, meta.getBitLength());
    json.put(KMSRESTConstants.DESCRIPTION_FIELD, meta.getDescription());
    json.put(KMSRESTConstants.ATTRIBUTES_FIELD, meta.getAttributes());
    json.put(KMSRESTConstants.CREATED_FIELD,
        meta.getCreated().getTime());
    json.put(KMSRESTConstants.VERSIONS_FIELD,
        (long) meta.getVersions());
  }
  return json;
}
 
Example 18
Source Project: hadoop   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(KeyProvider.KeyVersion keyVersion) {
  Map json = new LinkedHashMap();
  if (keyVersion != null) {
    json.put(KMSRESTConstants.NAME_FIELD,
        keyVersion.getName());
    json.put(KMSRESTConstants.VERSION_NAME_FIELD,
        keyVersion.getVersionName());
    json.put(KMSRESTConstants.MATERIAL_FIELD,
        Base64.encodeBase64URLSafeString(
            keyVersion.getMaterial()));
  }
  return json;
}
 
Example 19
Source Project: hadoop   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(EncryptedKeyVersion encryptedKeyVersion) {
  Map json = new LinkedHashMap();
  if (encryptedKeyVersion != null) {
    json.put(KMSRESTConstants.VERSION_NAME_FIELD,
        encryptedKeyVersion.getEncryptionKeyVersionName());
    json.put(KMSRESTConstants.IV_FIELD,
        Base64.encodeBase64URLSafeString(
            encryptedKeyVersion.getEncryptedKeyIv()));
    json.put(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD,
        toJSON(encryptedKeyVersion.getEncryptedKeyVersion()));
  }
  return json;
}
 
Example 20
Source Project: big-c   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(KeyProvider.KeyVersion keyVersion) {
  Map json = new LinkedHashMap();
  if (keyVersion != null) {
    json.put(KMSRESTConstants.NAME_FIELD,
        keyVersion.getName());
    json.put(KMSRESTConstants.VERSION_NAME_FIELD,
        keyVersion.getVersionName());
    json.put(KMSRESTConstants.MATERIAL_FIELD,
        Base64.encodeBase64URLSafeString(
            keyVersion.getMaterial()));
  }
  return json;
}
 
Example 21
Source Project: big-c   Source File: KMSServerJSONUtils.java    License: Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public static Map toJSON(EncryptedKeyVersion encryptedKeyVersion) {
  Map json = new LinkedHashMap();
  if (encryptedKeyVersion != null) {
    json.put(KMSRESTConstants.VERSION_NAME_FIELD,
        encryptedKeyVersion.getEncryptionKeyVersionName());
    json.put(KMSRESTConstants.IV_FIELD,
        Base64.encodeBase64URLSafeString(
            encryptedKeyVersion.getEncryptedKeyIv()));
    json.put(KMSRESTConstants.ENCRYPTED_KEY_VERSION_FIELD,
        toJSON(encryptedKeyVersion.getEncryptedKeyVersion()));
  }
  return json;
}
 
Example 22
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@DELETE
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}")
public Response deleteKey(@PathParam("name") final String name, @Context HttpServletRequest request)
    throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering deleteKey method.");
    }
    KMSWebApp.getAdminCallsMeter().mark();
    UserGroupInformation user = HttpUserGroupInformation.get();
    assertAccess(Type.DELETE, user, KMSOp.DELETE_KEY, name, request.getRemoteAddr());
    checkNotEmpty(name, "name");
    LOG.debug("Deleting key with name {}.", name);
    user.doAs(new PrivilegedExceptionAction<Void>() {
      @Override
      public Void run() throws Exception {
        provider.deleteKey(name);
        provider.flush();
        return null;
      }
    });
    kmsAudit.ok(user, KMSOp.DELETE_KEY, name, "");
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting deleteKey method.");
    }
    return Response.ok().build();
  } catch (Exception e) {
    LOG.error("Exception in deleteKey.", e);
    throw e;
    }
}
 
Example 23
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@POST
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" + KMSRESTConstants.INVALIDATECACHE_RESOURCE)
public Response invalidateCache(@PathParam("name") final String name) throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering invalidateCache Method.");
    }
    KMSWebApp.getAdminCallsMeter().mark();
    checkNotEmpty(name, "name");
    UserGroupInformation user = HttpUserGroupInformation.get();
    assertAccess(Type.ROLLOVER, user, KMSOp.INVALIDATE_CACHE, name);
    LOG.debug("Invalidating cache with key name {}.", name);
    user.doAs(new PrivilegedExceptionAction<Void>() {
      @Override
      public Void run() throws Exception {
        provider.invalidateCache(name);
        provider.flush();
        return null;
      }
    });
    kmsAudit.ok(user, KMSOp.INVALIDATE_CACHE, name, "");
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting invalidateCache for key name {}.", name);
    }
    return Response.ok().build();
  } catch (Exception e) {
    LOG.error("Exception in invalidateCache for key name {}.", name, e);
    throw e;
  }
}
 
Example 24
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEYS_METADATA_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeysMetadata(@QueryParam(KMSRESTConstants.KEY)
    List<String> keyNamesList, @Context HttpServletRequest request) throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering getKeysMetadata method.");
    }
    KMSWebApp.getAdminCallsMeter().mark();
    UserGroupInformation user = HttpUserGroupInformation.get();
    final String[] keyNames = keyNamesList.toArray( new String[keyNamesList.size()]);
    assertAccess(Type.GET_METADATA, user, KMSOp.GET_KEYS_METADATA, request.getRemoteAddr());
    KeyProvider.Metadata[] keysMeta = user.doAs(new PrivilegedExceptionAction<KeyProvider.Metadata[]>() {
      @Override
      public KeyProvider.Metadata[] run() throws Exception {
        return provider.getKeysMetadata(keyNames);
      }
    });
    Object json = KMSServerJSONUtils.toJSON(keyNames, keysMeta);
    kmsAudit.ok(user, KMSOp.GET_KEYS_METADATA, "");
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting getKeysMetadata method.");
    }
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
  } catch (Exception e) {
    LOG.error("Exception in getKeysmetadata.", e);
    throw e;
  }
}
 
Example 25
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEYS_NAMES_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyNames(@Context HttpServletRequest request) throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering getKeyNames method.");
    }
    KMSWebApp.getAdminCallsMeter().mark();
    UserGroupInformation user = HttpUserGroupInformation.get();
    assertAccess(Type.GET_KEYS, user, KMSOp.GET_KEYS, request.getRemoteAddr());
    List<String> json = user.doAs(new PrivilegedExceptionAction<List<String>>() {
      @Override
      public List<String> run() throws Exception {
        return provider.getKeys();
      }
    });
    kmsAudit.ok(user, KMSOp.GET_KEYS, "");
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting getKeyNames method.");
    }
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
  } catch (Exception e) {
    LOG.error("Exception in getkeyNames.", e);
    throw e;
  }
}
 
Example 26
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}")
public Response getKey(@PathParam("name") String name, @Context HttpServletRequest request)
    throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Getting key information for key with name {}.", name);
    }
    return getMetadata(name, request);
  } catch (Exception e) {
    LOG.error("Exception in getKey.", e);
    throw e;
  }
}
 
Example 27
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.METADATA_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getMetadata(@PathParam("name") final String name, @Context HttpServletRequest request)
    throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering getMetadata method.");
    }
    UserGroupInformation user = HttpUserGroupInformation.get();
    checkNotEmpty(name, "name");
    KMSWebApp.getAdminCallsMeter().mark();
    assertAccess(Type.GET_METADATA, user, KMSOp.GET_METADATA, name, request.getRemoteAddr());
    LOG.debug("Getting metadata for key with name {}.", name);
    KeyProvider.Metadata metadata = user.doAs(
      new PrivilegedExceptionAction<KeyProvider.Metadata>() {
      @Override
      public KeyProvider.Metadata run() throws Exception {
        return provider.getMetadata(name);
      }
    });
    Object json = KMSServerJSONUtils.toJSON(name, metadata);
    kmsAudit.ok(user, KMSOp.GET_METADATA, name, "");
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting getMetadata method.");
    }
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
  } catch (Exception e) {
    LOG.error("Exception in getMetadata.", e);
    throw e;
  }
}
 
Example 28
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.CURRENT_VERSION_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getCurrentVersion(@PathParam("name") final String name, @Context HttpServletRequest request)
    throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering getCurrentVersion method.");
    }
    UserGroupInformation user = HttpUserGroupInformation.get();
    checkNotEmpty(name, "name");
    KMSWebApp.getKeyCallsMeter().mark();
    assertAccess(Type.GET, user, KMSOp.GET_CURRENT_KEY, name, request.getRemoteAddr());
    LOG.debug("Getting key version for key with name {}.", name);
    KeyVersion keyVersion = user.doAs(new PrivilegedExceptionAction<KeyVersion>() {
      @Override
      public KeyVersion run() throws Exception {
        return provider.getCurrentKey(name);
      }
    });
    Object json = KMSUtil.toJSON(keyVersion);
    kmsAudit.ok(user, KMSOp.GET_CURRENT_KEY, name, "");
    if (LOG.isDebugEnabled()) {
      LOG.debug("Exiting getCurrentVersion method.");
    }
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
  } catch (Exception e) {
    LOG.error("Exception in getCurrentVersion.", e);
    throw e;
  }
}
 
Example 29
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_VERSION_RESOURCE + "/{versionName:.*}")
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyVersion(
    @PathParam("versionName") final String versionName, @Context HttpServletRequest request) throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering getKeyVersion method.");
    }
    UserGroupInformation user = HttpUserGroupInformation.get();
    checkNotEmpty(versionName, "versionName");
    KMSWebApp.getKeyCallsMeter().mark();
    assertAccess(Type.GET, user, KMSOp.GET_KEY_VERSION, request.getRemoteAddr());
    LOG.debug("Getting key with version name {}.", versionName);
    KeyVersion keyVersion = user.doAs(new PrivilegedExceptionAction<KeyVersion>() {
      @Override
      public KeyVersion run() throws Exception {
        return provider.getKeyVersion(versionName);
      }
    });
    if (keyVersion != null) {
      kmsAudit.ok(user, KMSOp.GET_KEY_VERSION, keyVersion.getName(), "");
    }
    Object json = KMSUtil.toJSON(keyVersion);
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting getKeyVersion method.");
    }
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
  } catch (Exception e) {
    LOG.error("Exception in getKeyVersion.", e);
    throw e;
  }
}
 
Example 30
Source Project: ranger   Source File: KMS.java    License: Apache License 2.0 5 votes vote down vote up
@GET
@Path(KMSRESTConstants.KEY_RESOURCE + "/{name:.*}/" +
    KMSRESTConstants.VERSIONS_SUB_RESOURCE)
@Produces(MediaType.APPLICATION_JSON)
public Response getKeyVersions(@PathParam("name") final String name, @Context HttpServletRequest request)
    throws Exception {
  try {
    if (LOG.isDebugEnabled()) {
      LOG.debug("Entering getKeyVersions method.");
    }
    UserGroupInformation user = HttpUserGroupInformation.get();
    checkNotEmpty(name, "name");
    KMSWebApp.getKeyCallsMeter().mark();
    assertAccess(Type.GET, user, KMSOp.GET_KEY_VERSIONS, name, request.getRemoteAddr());
    LOG.debug("Getting key versions for key {}", name);
    List<KeyVersion> ret = user.doAs(new PrivilegedExceptionAction<List<KeyVersion>>() {
      @Override
      public List<KeyVersion> run() throws Exception {
        return provider.getKeyVersions(name);
      }
    });
    Object json = KMSServerJSONUtils.toJSON(ret);
    kmsAudit.ok(user, KMSOp.GET_KEY_VERSIONS, name, "");
    if (LOG.isDebugEnabled()) {
        LOG.debug("Exiting getKeyVersions method.");
    }
    return Response.ok().type(MediaType.APPLICATION_JSON).entity(json).build();
  } catch (Exception e) {
      LOG.error("Exception in getKeyVersions.", e);
    throw e;
  }
 }