Repository: ranger Updated Branches: refs/heads/master f8ed53ef4 -> bf7a8bbde
RANGER-1608 - SOLR resource lookup fails with basic auth Signed-off-by: Colm O hEigeartaigh <cohei...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/bf7a8bbd Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/bf7a8bbd Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/bf7a8bbd Branch: refs/heads/master Commit: bf7a8bbde061d4ddcc387fb755443a70e85c4181 Parents: f8ed53e Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Tue May 23 12:33:47 2017 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Fri May 26 10:09:33 2017 +0100 ---------------------------------------------------------------------- .../services/solr/client/ServiceSolrClient.java | 50 ++++++++++++++++---- .../solr/client/ServiceSolrConnectionMgr.java | 2 +- 2 files changed, 42 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ranger/blob/bf7a8bbd/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java ---------------------------------------------------------------------- diff --git a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java index 880ec72..5875a29 100644 --- a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java +++ b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java @@ -32,12 +32,14 @@ import java.util.concurrent.TimeUnit; import org.apache.log4j.Logger; import org.apache.ranger.plugin.client.BaseClient; import org.apache.ranger.plugin.service.ResourceLookupContext; +import org.apache.ranger.plugin.util.PasswordUtils; import org.apache.ranger.plugin.util.TimedEventUtil; import org.apache.solr.client.solrj.SolrClient; import org.apache.solr.client.solrj.SolrQuery; import org.apache.solr.client.solrj.SolrResponse; import org.apache.solr.client.solrj.request.CollectionAdminRequest; import org.apache.solr.client.solrj.request.CoreAdminRequest; +import org.apache.solr.client.solrj.request.QueryRequest; import org.apache.solr.client.solrj.response.CoreAdminResponse; import org.apache.solr.client.solrj.response.QueryResponse; import org.apache.solr.common.params.CoreAdminParams.CoreAdminAction; @@ -51,10 +53,6 @@ public class ServiceSolrClient { COLLECTION, FIELD } - SolrClient solrClient = null; - boolean isSolrCloud = true; - - String serviceName = null; private static final String errMessage = " You can still save the repository and start creating " + "policies, but you would not be able to use autocomplete for " + "resource names. Check server logs for more info."; @@ -63,12 +61,17 @@ public class ServiceSolrClient { private static final String FIELD_KEY = "field"; private static final long LOOKUP_TIMEOUT_SEC = 5; - public ServiceSolrClient(String serviceName, SolrClient solrClient, - boolean isSolrCloud) { + private String username; + private String password; + private SolrClient solrClient = null; + private boolean isSolrCloud = true; + + public ServiceSolrClient(SolrClient solrClient, + boolean isSolrCloud, Map<String, String> configs) { this.solrClient = solrClient; this.isSolrCloud = isSolrCloud; - this.serviceName = serviceName; - + this.username = configs.get("username"); + this.password = configs.get("password"); } public Map<String, Object> connectionTest() throws Exception { @@ -101,6 +104,10 @@ public class ServiceSolrClient { } CollectionAdminRequest<?> request = new CollectionAdminRequest.List(); + String decPassword = getDecryptedPassword(); + if (username != null && decPassword != null) { + request.setBasicAuthCredentials(username, decPassword); + } SolrResponse response = request.process(solrClient); List<String> list = new ArrayList<String>(); @@ -121,6 +128,10 @@ public class ServiceSolrClient { throws Exception { CoreAdminRequest request = new CoreAdminRequest(); request.setAction(CoreAdminAction.STATUS); + String decPassword = getDecryptedPassword(); + if (username != null && decPassword != null) { + request.setBasicAuthCredentials(username, decPassword); + } CoreAdminResponse cores = request.process(solrClient); // List of the cores List<String> coreList = new ArrayList<String>(); @@ -145,7 +156,12 @@ public class ServiceSolrClient { queryStr += "/schema/fields"; SolrQuery query = new SolrQuery(); query.setRequestHandler(queryStr); - QueryResponse response = solrClient.query(query); + QueryRequest req = new QueryRequest(query); + String decPassword = getDecryptedPassword(); + if (username != null && decPassword != null) { + req.setBasicAuthCredentials(username, decPassword); + } + QueryResponse response = req.process(solrClient); List<String> fieldList = new ArrayList<String>(); if (response != null && response.getStatus() == 0) { @@ -288,4 +304,20 @@ public class ServiceSolrClient { return resultList; } + + private String getDecryptedPassword() { + String decryptedPwd = null; + try { + decryptedPwd = PasswordUtils.decryptPassword(password); + } catch (Exception ex) { + LOG.info("Password decryption failed; trying Solr connection with received password string"); + decryptedPwd = null; + } finally { + if (decryptedPwd == null) { + decryptedPwd = password; + } + } + + return decryptedPwd; + } } http://git-wip-us.apache.org/repos/asf/ranger/blob/bf7a8bbd/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java ---------------------------------------------------------------------- diff --git a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java index d8470a0..43a85a4 100644 --- a/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java +++ b/plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java @@ -34,7 +34,7 @@ public class ServiceSolrConnectionMgr { boolean isSolrCloud = true; SolrClient solrClient = new HttpSolrClient(url); ServiceSolrClient serviceSolrClient = new ServiceSolrClient( - serviceName, solrClient, isSolrCloud); + solrClient, isSolrCloud, configs); return serviceSolrClient; } // TODO: Need to add method to create SolrClient using ZooKeeper for