Repository: ranger Updated Branches: refs/heads/master a4ad1a0b6 -> 60f862b53
RANGER-2073: Good coding practices for usersync, tagsync, ldap tool configuration Project: http://git-wip-us.apache.org/repos/asf/ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/6101a410 Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/6101a410 Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/6101a410 Branch: refs/heads/master Commit: 6101a41063e45e5aa2c77fff34fc699e36c2b3ba Parents: bc2cd5e Author: Sailaja Polavarapu <[email protected]> Authored: Wed Apr 18 12:59:07 2018 -0700 Committer: Sailaja Polavarapu <[email protected]> Committed: Wed Apr 18 12:59:07 2018 -0700 ---------------------------------------------------------------------- .../ranger/tagsync/process/TagSyncConfig.java | 4 ---- ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml | 15 +++++++++++++++ .../ldapconfigcheck/scripts/run.sh | 7 +++++++ .../ranger/ldapconfigcheck/CommandLineOptions.java | 8 ++++++++ .../apache/ranger/ldapconfigcheck/LdapConfig.java | 2 +- .../process/LdapPolicyMgrUserGroupBuilder.java | 6 +----- .../unixusersync/config/UserGroupSyncConfig.java | 16 ++++------------ .../process/PolicyMgrUserGroupBuilder.java | 6 +----- 8 files changed, 37 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java ---------------------------------------------------------------------- diff --git a/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java b/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java index 5f6079e..6d27b02 100644 --- a/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java +++ b/tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java @@ -85,7 +85,6 @@ public class TagSyncConfig extends Configuration { public static final String TAGSYNC_RANGER_COOKIE_ENABLED_PROP = "ranger.tagsync.cookie.enabled"; private static final String DEFAULT_TAGADMIN_USERNAME = "rangertagsync"; - private static final String DEFAULT_TAGADMIN_PASSWORD = "rangertagsync"; private static final String DEFAULT_ATLASREST_USERNAME = "admin"; private static final String DEFAULT_ATLASREST_PASSWORD = "admin"; @@ -280,9 +279,6 @@ public class TagSyncConfig extends Configuration { } } } - if(StringUtils.isBlank(password)){ - return DEFAULT_TAGADMIN_PASSWORD; - } return null; } http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml ---------------------------------------------------------------------- diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml b/ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml index 38dd4aa..7d4e2b9 100644 --- a/ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml +++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/pom.xml @@ -43,6 +43,11 @@ <artifactId>commons-lang</artifactId> <version>${commons.lang.version}</version> </dependency> + <dependency> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>${commons.logging.version}</version> + </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-beans</artifactId> @@ -142,6 +147,16 @@ ${project.build.directory}/generated-tool-dependencies/lib </outputDirectory> </artifactItem> + <artifactItem> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> + <version>${commons.logging.version}</version> + <type>jar</type> + <overWrite>false</overWrite> + <outputDirectory> + ${project.build.directory}/generated-tool-dependencies/lib + </outputDirectory> + </artifactItem> </artifactItems> <overWriteReleases>false</overWriteReleases> <overWriteSnapshots>true</overWriteSnapshots> http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh ---------------------------------------------------------------------- diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh b/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh index f3f7ac5..26eec6f 100755 --- a/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh +++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/scripts/run.sh @@ -69,6 +69,13 @@ then JAVA_CMD="$JAVA_CMD -p $password" fi +if [${AUTH} == 1] +then + prompt="Sample Authentication User Password:" + read -p "$prompt" -s authPassword + JAVA_CMD="$JAVA_CMD -u $authPassword" +fi + if [ "${JAVA_HOME}" != "" ] then export JAVA_HOME http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java ---------------------------------------------------------------------- diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java index 384ca23..6e23a06 100644 --- a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java +++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/CommandLineOptions.java @@ -48,6 +48,7 @@ public class CommandLineOptions { options.addOption("r", "retrieve", true, "{all|users|groups}"); options.addOption("a", "noAuthentication", false, "Ignore authentication properties"); options.addOption("p", true, "Ldap Bind Password"); + options.addOption("u", true, "Sample Authentication User Password"); } public void parse() { @@ -64,6 +65,13 @@ public class CommandLineOptions { } } + if (cmd.hasOption("u")) { + authPass = cmd.getOptionValue("u"); + if (authPass.trim().isEmpty()) { + System.out.println("Sample Authentication User Password cannot be empty!"); + } + } + if (cmd.hasOption("o")) { output = cmd.getOptionValue("o"); } else { http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java ---------------------------------------------------------------------- diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java index 5a90b1c..9a77ced 100644 --- a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java +++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfig.java @@ -420,7 +420,7 @@ public class LdapConfig { config.setProperty(LGSYNC_USER_SEARCH_BASE, userSearchBase); config.setProperty(LGSYNC_USER_SEARCH_FILTER, userSearchFilter); config.setProperty(AUTH_USERNAME, authUser); - config.setProperty(AUTH_PASSWORD, authPass); + //config.setProperty(AUTH_PASSWORD, authPass); config.save(); } catch (ConfigurationException e) { System.out.println("Failed to update " + CONFIG_FILE + ": " + e); http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java index d428e75..f653b81 100644 --- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java +++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java @@ -864,11 +864,7 @@ private static final Logger LOG = Logger.getLogger(LdapPolicyMgrUserGroupBuilder if(ret!=null){ String username = config.getPolicyMgrUserName(); String password = config.getPolicyMgrPassword(); - if(username==null||password==null||username.trim().isEmpty()||password.trim().isEmpty()){ - username=config.getDefaultPolicyMgrUserName(); - password=config.getDefaultPolicyMgrPassword(); - } - if(username!=null && password!=null){ + if(username!=null && !username.trim().isEmpty() && password!=null && !password.trim().isEmpty()){ ret.addFilter(new HTTPBasicAuthFilter(username, password)); } } http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java index e9e356a..c4a5877 100644 --- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java +++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java @@ -211,7 +211,6 @@ public class UserGroupSyncConfig { private static final String DEFAULT_POLICYMGR_USERNAME = "rangerusersync"; - private static final String DEFAULT_POLICYMGR_PASSWORD = "rangerusersync"; private static final String SYNC_SOURCE = "ranger.usersync.sync.source"; private static final String LGSYNC_REFERRAL = "ranger.usersync.ldap.referral"; private static final String DEFAULT_LGSYNC_REFERRAL = "ignore"; @@ -815,20 +814,13 @@ public class UserGroupSyncConfig { String userName=null; if(prop!=null && prop.containsKey(SYNC_POLICY_MGR_USERNAME)){ userName=prop.getProperty(SYNC_POLICY_MGR_USERNAME); - if(userName!=null && !userName.isEmpty()){ - return userName; - } } - return null; - } - - public String getDefaultPolicyMgrUserName(){ - return DEFAULT_POLICYMGR_USERNAME; + if (userName == null || userName.isEmpty()) { + userName = DEFAULT_POLICYMGR_USERNAME; + } + return userName; } - public String getDefaultPolicyMgrPassword(){ - return DEFAULT_POLICYMGR_PASSWORD; - } public String getSyncSource() { String syncSource=null; if(prop!=null && prop.containsKey(SYNC_SOURCE)){ http://git-wip-us.apache.org/repos/asf/ranger/blob/6101a410/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java index b30b051..41daf39 100644 --- a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java +++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java @@ -1100,11 +1100,7 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink { if(ret!=null){ String username = config.getPolicyMgrUserName(); String password = config.getPolicyMgrPassword(); - if(username==null||password==null||username.trim().isEmpty()||password.trim().isEmpty()){ - username=config.getDefaultPolicyMgrUserName(); - password=config.getDefaultPolicyMgrPassword(); - } - if(username!=null && password!=null){ + if(username!=null && !username.trim().isEmpty() && password!=null && !password.trim().isEmpty()){ ret.addFilter(new HTTPBasicAuthFilter(username, password)); } }
