Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Zookeeper, mail # user - Ip ACL


Copy link to this message
-
Ip ACL
Proctor, Janet [USA] 2013-05-29, 20:09
Hello,

I am trying to use ACLs to lock down znodes to a specific Ip Address. I am getting a NoAuth error when I try create the sturcture /testkeystore/certs/somecert.pem.  I create the node /testkeystore with an ACL of cdrwa with no problem. When I try to attach certs to /testkeystore (/testkeystore/certs), I get an the NoAuth error on the create method below.  I had to type this code in email, beacuse it lives a different network. Please excuse mistabbling. It should compile. I've tried to account for all of the braces. Also, please forgive the catch all exceptions, I'm just trying to get things to work.

My code is as follows:

DataStore mystore = new DataStore();

mystore.connect();

mystore.create("testkeystore", null);

mystore.copyFolder(new File("home/hadoop/testkeystore/certs"), "/testkeystore/certs");

mystore.close();

public class DataStore implements Watcher {

private ZooKeeper zk;

List <ACL> aclLst = new ArrayList<ACL> (1);

public void connect throws IOException, InterruptedException {

zk = new Zookeeper("localhost", SESSION_TIMEOUT, this);

zk.addAuthInfo("ip", "#.#.#.#) //the #s are the ip address of the server that i'm running zookeeper on and executing this code on

aclLst.add(new ACL(Perms.ALL, new Id("ip", "#.#.#.#")));

connectedSignal.await()

}

public void create(String path, byte [] fileBytes) throws KeeperException, InterruptedException, Exception

{

Stat stat = zk.exists(path, false);

    if(stat == null){

        zk.create(path, fileBytes, aclLst, CreateMode.PERSISTENT);

    }

    else

    {

        zk.setData(path, fileBytes, -1);

    }

}

public void copyFolder(File srcFolder, String dst) throws Exception

{

    String dstFolder = dst;

        if(srcFolder.isDirectory())

        {

            Stat stat = zk.exists(dst, false);

        if(stat == null){

            zk.create(dst, new byte[0], aclLst, CreateMode.PERSISTENT);

        }

        String files [] = srcFolder.list();

        for(String file:files)

        {

            File srcFile = new File(srcFolder, file);

            dstFolder = dst + "/" + file;

        //recursive copy

        copyFolder(srcFile, dstFolder);

        }

    }

    else

    {

        copyFromLocal(srcFolder.getPath, dstFolder);

    }

}

public void copyFromLocal(String src, String dst) throws Exception

{

File srcFile = new File (src);

file byte [] fileBytes;

InputStream in = null;

    try{

         in = new FileInputStream(srcFile);

         fileBytes = readFully(in)_;

        create(dst, fileBytes);

        }

    finally {

    if(in != null)

        try {

        in.close();

        }

        catch(Exception ignore) {

        }

    }

}

private static byte [] readFully(final InputStream in ) throws IOException {

final ByteArrayOutputStream buf1 = new ByteArrayOutputStream();

final byte [] buf2 = new byte[8*1024];

for(int read; (read = in.read(buf2)) >0;){

    buf1.write(buf2, 0, read);

    }

return buf1.toByteArray();

}

}

Janet Proctor, PMP
Booz Allen Hamilton
301-617-2565 (Booz Allen)
410-854-3559(Client Site)