This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 09e8cac RANGER-3184: remove audit-to-rdbms implementation
09e8cac is described below
commit 09e8caca7203b6275f25c45bc8546deeb96cd79c
Author: Madhan Neethiraj <[email protected]>
AuthorDate: Fri Feb 26 17:57:17 2021 -0800
RANGER-3184: remove audit-to-rdbms implementation
---
agents-audit/pom.xml | 10 -
.../ranger/audit/dao/AuthzAuditEventDao.java | 29 --
.../java/org/apache/ranger/audit/dao/BaseDao.java | 229 ------------
.../org/apache/ranger/audit/dao/DaoManager.java | 58 ---
.../apache/ranger/audit/dao/DaoManagerBase.java | 44 ---
.../audit/destination/DBAuditDestination.java | 326 ----------------
.../ranger/audit/entity/AuthzAuditEventDbObj.java | 412 ---------------------
.../apache/ranger/audit/model/AuditEventBase.java | 4 -
.../apache/ranger/audit/model/AuthzAuditEvent.java | 8 -
.../audit/provider/AuditProviderFactory.java | 32 +-
.../ranger/audit/provider/BaseAuditHandler.java | 1 -
.../ranger/audit/provider/DbAuditProvider.java | 370 ------------------
.../org/apache/ranger/audit/test/TestEvents.java | 10 -
.../plugin/policyengine/TestPolicyEngine.java | 10 -
.../policyengine/TestPolicyEngineForDeltas.java | 10 -
distro/src/main/assembly/hbase-agent.xml | 2 -
distro/src/main/assembly/hdfs-agent.xml | 2 -
distro/src/main/assembly/hive-agent.xml | 2 -
distro/src/main/assembly/plugin-atlas.xml | 2 -
distro/src/main/assembly/plugin-elasticsearch.xml | 2 -
distro/src/main/assembly/plugin-kafka.xml | 2 -
distro/src/main/assembly/plugin-kms.xml | 2 -
distro/src/main/assembly/plugin-kylin.xml | 2 -
distro/src/main/assembly/plugin-ozone.xml | 2 -
distro/src/main/assembly/plugin-presto.xml | 2 -
distro/src/main/assembly/plugin-solr.xml | 2 -
distro/src/main/assembly/plugin-sqoop.xml | 2 -
distro/src/main/assembly/plugin-yarn.xml | 2 -
distro/src/main/assembly/storm-agent.xml | 2 -
hbase-agent/conf/ranger-hbase-audit-changes.cfg | 6 -
hbase-agent/conf/ranger-hbase-audit.xml | 54 ---
hbase-agent/scripts/install.sh | 77 ----
hdfs-agent/conf/ranger-hdfs-audit-changes.cfg | 6 -
hdfs-agent/conf/ranger-hdfs-audit.xml | 54 ---
hdfs-agent/scripts/install.sh | 76 ----
hive-agent/conf/ranger-hive-audit-changes.cfg | 8 +-
hive-agent/conf/ranger-hive-audit.xml | 54 ---
hive-agent/scripts/install.sh | 75 ----
kms/pom.xml | 10 +
knox-agent/conf/ranger-knox-audit-changes.cfg | 6 -
knox-agent/conf/ranger-knox-audit.xml | 54 ---
knox-agent/scripts/install.sh | 76 ----
.../conf/ranger-elasticsearch-audit-changes.cfg | 6 -
.../conf/ranger-elasticsearch-audit.xml | 55 ---
plugin-kafka/conf/ranger-kafka-audit-changes.cfg | 6 -
plugin-kafka/conf/ranger-kafka-audit.xml | 54 ---
plugin-kms/conf/ranger-kms-audit-changes.cfg | 6 -
plugin-kms/conf/ranger-kms-audit.xml | 53 ---
plugin-kms/scripts/enable-kms-plugin.sh | 43 ---
plugin-kylin/conf/ranger-kylin-audit-changes.cfg | 6 -
plugin-kylin/conf/ranger-kylin-audit.xml | 55 ---
plugin-ozone/conf/ranger-ozone-audit-changes.cfg | 6 -
plugin-ozone/conf/ranger-ozone-audit.xml | 51 ---
plugin-presto/conf/ranger-presto-audit-changes.cfg | 6 -
plugin-presto/conf/ranger-presto-audit.xml | 55 ---
plugin-solr/conf/ranger-solr-audit-changes.cfg | 6 -
plugin-solr/conf/ranger-solr-audit.xml | 55 ---
plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg | 6 -
plugin-sqoop/conf/ranger-sqoop-audit.xml | 55 ---
plugin-yarn/conf/ranger-yarn-audit-changes.cfg | 6 -
plugin-yarn/conf/ranger-yarn-audit.xml | 55 ---
.../distro/src/main/assembly/sample-client.xml | 2 -
.../conf/ranger-sampleapp-audit.xml | 32 --
.../java/org/apache/ranger/rest/TestXUserREST.java | 2 -
storm-agent/conf/ranger-storm-audit-changes.cfg | 6 -
storm-agent/conf/ranger-storm-audit.xml | 54 ---
storm-agent/scripts/install.sh | 76 ----
67 files changed, 12 insertions(+), 2882 deletions(-)
diff --git a/agents-audit/pom.xml b/agents-audit/pom.xml
index 85dd550..b9f6af2 100644
--- a/agents-audit/pom.xml
+++ b/agents-audit/pom.xml
@@ -59,16 +59,6 @@
</exclusions>
</dependency>
<dependency>
- <groupId>org.eclipse.persistence</groupId>
- <artifactId>eclipselink</artifactId>
- <version>${eclipse.jpa.version}</version>
- </dependency>
- <dependency>
- <groupId>org.eclipse.persistence</groupId>
- <artifactId>javax.persistence</artifactId>
- <version>${javax.persistence.version}</version>
- </dependency>
- <dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/dao/AuthzAuditEventDao.java
b/agents-audit/src/main/java/org/apache/ranger/audit/dao/AuthzAuditEventDao.java
deleted file mode 100644
index 35794b8..0000000
---
a/agents-audit/src/main/java/org/apache/ranger/audit/dao/AuthzAuditEventDao.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.ranger.audit.dao;
-
-import org.apache.ranger.audit.entity.AuthzAuditEventDbObj;
-
-public class AuthzAuditEventDao extends BaseDao<AuthzAuditEventDbObj> {
-
- public AuthzAuditEventDao(DaoManagerBase daoManager) {
- super(daoManager);
- }
-}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/dao/BaseDao.java
b/agents-audit/src/main/java/org/apache/ranger/audit/dao/BaseDao.java
deleted file mode 100644
index 124f89e..0000000
--- a/agents-audit/src/main/java/org/apache/ranger/audit/dao/BaseDao.java
+++ /dev/null
@@ -1,229 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package org.apache.ranger.audit.dao;
-
-
-import java.lang.reflect.ParameterizedType;
-import java.lang.reflect.Type;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.persistence.EntityManager;
-import javax.persistence.EntityTransaction;
-import javax.persistence.NoResultException;
-import javax.persistence.TypedQuery;
-
-import org.apache.log4j.Logger;
-
-public abstract class BaseDao<T> {
- static final Logger logger = Logger.getLogger(BaseDao.class);
-
- protected DaoManager daoManager;
-
- protected Class<T> tClass;
-
- public BaseDao(DaoManagerBase daoManager) {
- this.init(daoManager);
- }
-
- @SuppressWarnings("unchecked")
- private void init(DaoManagerBase daoManager) {
- this.daoManager = (DaoManager) daoManager;
-
- ParameterizedType genericSuperclass = (ParameterizedType)
getClass()
- .getGenericSuperclass();
-
- Type type = genericSuperclass.getActualTypeArguments()[0];
-
- if (type instanceof ParameterizedType) {
- this.tClass = (Class<T>) ((ParameterizedType)
type).getRawType();
- } else {
- this.tClass = (Class<T>) type;
- }
- }
-
- public EntityManager getEntityManager() {
- return daoManager.getEntityManager();
- }
-
- public boolean beginTransaction() {
- boolean ret = false;
-
- EntityManager em = getEntityManager();
-
- if(em != null) {
- EntityTransaction et = em.getTransaction();
-
- // check the transaction is not already active
- if(et != null && !et.isActive()) {
- et.begin();
- ret = true;
- }
- }
-
- return ret;
- }
-
- public void commitTransaction() {
- EntityManager em = getEntityManager();
-
- if(em != null) {
- em.flush();
-
- EntityTransaction et = em.getTransaction();
-
- if(et != null) {
- et.commit();
- }
- }
- }
-
- public void rollbackTransaction() {
- EntityManager em = getEntityManager();
-
- if(em != null) {
- EntityTransaction et = em.getTransaction();
-
- if(et != null) {
- et.rollback();
- }
- }
- }
-
- public T create(T obj) {
- T ret = null;
-
- boolean trxBegan = beginTransaction();
-
- getEntityManager().persist(obj);
-
- if(trxBegan) {
- commitTransaction();
- }
-
- ret = obj;
-
- return ret;
- }
-
- public T update(T obj) {
- boolean trxBegan = beginTransaction();
-
- getEntityManager().merge(obj);
-
- if(trxBegan) {
- commitTransaction();
- }
-
- return obj;
- }
-
- public boolean remove(Long id) {
- return remove(getById(id));
- }
-
- public boolean remove(T obj) {
- if (obj == null) {
- return true;
- }
-
- boolean trxBegan = beginTransaction();
-
- getEntityManager().remove(obj);
-
- if(trxBegan) {
- commitTransaction();
- }
-
- return trxBegan;
- }
-
- public T getById(Long id) {
- if (id == null) {
- return null;
- }
- T ret = null;
- try {
- ret = getEntityManager().find(tClass, id);
- } catch (NoResultException e) {
- return null;
- }
- return ret;
- }
-
- public List<T> getAll() {
- List<T> ret = null;
-
- TypedQuery<T> qry = getEntityManager().createQuery(
- "SELECT t FROM " + tClass.getSimpleName() + "
t", tClass);
-
- ret = qry.getResultList();
-
- return ret;
- }
-
- public Long getAllCount() {
- Long ret = null;
-
- TypedQuery<Long> qry = getEntityManager().createQuery(
- "SELECT count(t) FROM " +
tClass.getSimpleName() + " t",
- Long.class);
-
- ret = qry.getSingleResult();
-
- return ret;
- }
-
- public T getUniqueResult(TypedQuery<T> qry) {
- T ret = null;
-
- try {
- ret = qry.getSingleResult();
- } catch (NoResultException e) {
- // ignore
- }
- return ret;
- }
-
- public List<T> executeQuery(TypedQuery<T> qry) {
- List<T> ret = null;
-
- ret = qry.getResultList();
-
- return ret;
- }
-
- public List<T> findByNamedQuery(String namedQuery, String paramName,
- Object refId) {
- List<T> ret = new ArrayList<T>();
-
- if (namedQuery == null) {
- return ret;
- }
- try {
- TypedQuery<T> qry =
getEntityManager().createNamedQuery(namedQuery, tClass);
- qry.setParameter(paramName, refId);
- ret = qry.getResultList();
- } catch (NoResultException e) {
- // ignore
- }
- return ret;
- }
-}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/dao/DaoManager.java
b/agents-audit/src/main/java/org/apache/ranger/audit/dao/DaoManager.java
deleted file mode 100644
index b2f68ef..0000000
--- a/agents-audit/src/main/java/org/apache/ranger/audit/dao/DaoManager.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package org.apache.ranger.audit.dao;
-
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.PersistenceContext;
-
-
-//@Component
-public class DaoManager extends DaoManagerBase {
-
- @PersistenceContext
- private EntityManagerFactory emf;
-
- static ThreadLocal<EntityManager> sEntityManager;
-
- public void setEntityManagerFactory(EntityManagerFactory emf) {
- this.emf = emf;
- sEntityManager = new ThreadLocal<EntityManager>();
- }
-
- @Override
- public EntityManager getEntityManager() {
- EntityManager em = null;
-
- if(sEntityManager != null) {
- em = sEntityManager.get();
-
- if(em == null && this.emf != null) {
- em = this.emf.createEntityManager();
-
- sEntityManager.set(em);
- }
- } else {
- logger.error("EntityManagerFactory was not set in this
thread.", new Throwable());
- }
-
- return em;
- }
-}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/dao/DaoManagerBase.java
b/agents-audit/src/main/java/org/apache/ranger/audit/dao/DaoManagerBase.java
deleted file mode 100644
index 33ba2f6..0000000
--- a/agents-audit/src/main/java/org/apache/ranger/audit/dao/DaoManagerBase.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ranger.audit.dao;
-
-import javax.persistence.EntityManager;
-
-import org.apache.log4j.Logger;
-
-
-public abstract class DaoManagerBase {
- protected final static Logger logger =
Logger.getLogger(DaoManagerBase.class);
-
- abstract public EntityManager getEntityManager();
-
- private AuthzAuditEventDao mAuthzAuditDao = null;
-
- public DaoManagerBase() {
- }
-
- public AuthzAuditEventDao getAuthzAuditEventDao() {
- if(mAuthzAuditDao == null) {
- mAuthzAuditDao = new AuthzAuditEventDao(this);
- }
-
- return mAuthzAuditDao;
- }
-}
-
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/destination/DBAuditDestination.java
b/agents-audit/src/main/java/org/apache/ranger/audit/destination/DBAuditDestination.java
deleted file mode 100644
index 79f07d7..0000000
---
a/agents-audit/src/main/java/org/apache/ranger/audit/destination/DBAuditDestination.java
+++ /dev/null
@@ -1,326 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.ranger.audit.destination;
-
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.EntityTransaction;
-import javax.persistence.Persistence;
-
-import org.apache.ranger.audit.dao.DaoManager;
-import org.apache.ranger.audit.entity.AuthzAuditEventDbObj;
-import org.apache.ranger.audit.model.AuditEventBase;
-import org.apache.ranger.audit.provider.MiscUtil;
-
-public class DBAuditDestination extends AuditDestination {
-
- private static final Log logger = LogFactory
- .getLog(DBAuditDestination.class);
-
- public static final String PROP_DB_JDBC_DRIVER = "jdbc.driver";
- public static final String PROP_DB_JDBC_URL = "jdbc.url";
- public static final String PROP_DB_USER = "user";
- public static final String PROP_DB_PASSWORD = "password";
- public static final String PROP_DB_PASSWORD_ALIAS = "password.alias";
-
- private EntityManagerFactory entityManagerFactory;
- private DaoManager daoManager;
-
- private String jdbcDriver = null;
- private String jdbcURL = null;
- private String dbUser = null;
- private String dbPasswordAlias = "auditDBCred";
-
- public DBAuditDestination() {
- logger.info("DBAuditDestination() called");
- }
-
- @Override
- public void init(Properties props, String propPrefix) {
- logger.info("init() called");
- super.init(props, propPrefix);
- // Initial connect
- connect();
-
- // initialize the database related classes
- AuthzAuditEventDbObj.init(props);
- }
-
- /*
- * (non-Javadoc)
- *
- * @see
- *
org.apache.ranger.audit.provider.AuditHandler#logger(java.util.Collection
- * )
- */
- @Override
- public boolean log(Collection<AuditEventBase> events) {
- boolean retValue = false;
- logStatusIfRequired();
- addTotalCount(events.size());
-
- if (beginTransaction()) {
- boolean isFailed = false;
- for (AuditEventBase event : events) {
- try {
- event.persist(daoManager);
- } catch (Throwable t) {
- logger.error("Error persisting data.
event=" + event, t);
- isFailed = true;
- break;
- }
- }
- if (isFailed) {
- retValue = false;
- rollbackTransaction();
- } else {
- retValue = commitTransaction();
- }
- }
-
- if (retValue) {
- addSuccessCount(events.size());
- } else {
- addDeferredCount(events.size());
- }
- return retValue;
- }
-
- @Override
- public void stop() {
- cleanUp();
- super.stop();
- }
-
- // Local methods
- protected void connect() {
- if (isDbConnected()) {
- return;
- }
- try {
- jdbcDriver = MiscUtil.getStringProperty(props,
propPrefix + "."
- + PROP_DB_JDBC_DRIVER);
- jdbcURL = MiscUtil.getStringProperty(props, propPrefix
+ "."
- + PROP_DB_JDBC_URL);
- dbUser = MiscUtil.getStringProperty(props, propPrefix +
"."
- + PROP_DB_USER);
- String dbPasswordFromProp =
MiscUtil.getStringProperty(props,
- propPrefix + "." + PROP_DB_PASSWORD);
- String tmpAlias = MiscUtil.getStringProperty(props,
propPrefix
- + "." + PROP_DB_PASSWORD_ALIAS);
- dbPasswordAlias = tmpAlias != null ? tmpAlias :
dbPasswordAlias;
- String credFile = MiscUtil.getStringProperty(props,
- AUDIT_DB_CREDENTIAL_PROVIDER_FILE);
-
- if (jdbcDriver == null || jdbcDriver.isEmpty()) {
- logger.fatal("JDBC driver not provided. Set
property name "
- + propPrefix + "." +
PROP_DB_JDBC_DRIVER);
- return;
- }
- if (jdbcURL == null || jdbcURL.isEmpty()) {
- logger.fatal("JDBC URL not provided. Set
property name "
- + propPrefix + "." +
PROP_DB_JDBC_URL);
- return;
- }
- if (dbUser == null || dbUser.isEmpty()) {
- logger.fatal("DB user not provided. Set
property name "
- + propPrefix + "." +
PROP_DB_USER);
- return;
- }
- String dbPassword =
MiscUtil.getCredentialString(credFile,
- dbPasswordAlias);
-
- if (dbPassword == null || dbPassword.isEmpty()) {
- // If password is not in credential store,
let's try password
- // from property
- dbPassword = dbPasswordFromProp;
- }
-
- if (dbPassword == null || dbPassword.isEmpty()) {
- logger.warn("DB password not provided. Will
assume it is empty and continue");
- }
- logger.info("JDBC Driver=" + jdbcDriver + ", JDBC URL="
+ jdbcURL
- + ", dbUser=" + dbUser + ",
passwordAlias="
- + dbPasswordAlias + ", credFile=" +
credFile
- + ", usingPassword=" + (dbPassword ==
null ? "no" : "yes"));
-
- Map<String, String> dbProperties = new HashMap<String,
String>();
- dbProperties.put("javax.persistence.jdbc.driver",
jdbcDriver);
- dbProperties.put("javax.persistence.jdbc.url", jdbcURL);
- dbProperties.put("javax.persistence.jdbc.user", dbUser);
- if (dbPassword != null) {
-
dbProperties.put("javax.persistence.jdbc.password", dbPassword);
- }
-
- entityManagerFactory =
Persistence.createEntityManagerFactory(
- "xa_server", dbProperties);
-
- logger.info("entityManagerFactory=" +
entityManagerFactory);
-
- daoManager = new DaoManager();
-
daoManager.setEntityManagerFactory(entityManagerFactory);
-
- // this forces the connection to be made to DB
- if (daoManager.getEntityManager() == null) {
- logger.error("Error connecting audit database.
EntityManager is null. dbURL="
- + jdbcURL + ", dbUser=" +
dbUser);
- } else {
- logger.info("Connected to audit database.
dbURL=" + jdbcURL
- + ", dbUser=" + dbUser);
- }
-
- } catch (Throwable t) {
- logger.error("Error connecting audit database. dbURL="
+ jdbcURL
- + ", dbUser=" + dbUser, t);
- }
- }
-
- private synchronized void cleanUp() {
- logger.info("DBAuditDestination: cleanUp()");
-
- try {
- if (entityManagerFactory != null &&
entityManagerFactory.isOpen()) {
- entityManagerFactory.close();
- }
- } catch (Exception excp) {
- logger.error("DBAuditDestination.cleanUp(): failed",
excp);
- } finally {
- entityManagerFactory = null;
- daoManager = null;
- }
- logStatus();
- }
-
- private EntityManager getEntityManager() {
- DaoManager daoMgr = daoManager;
-
- if (daoMgr != null) {
- try {
- return daoMgr.getEntityManager();
- } catch (Exception excp) {
-
logger.error("DBAuditDestination.getEntityManager(): failed",
- excp);
-
- cleanUp();
- }
- }
-
- return null;
- }
-
- private boolean isDbConnected() {
- EntityManager em = getEntityManager();
- return em != null && em.isOpen();
- }
-
- private void clearEntityManager() {
- try {
- EntityManager em = getEntityManager();
-
- if (em != null) {
- em.clear();
- }
- } catch (Exception excp) {
- logger.warn("DBAuditDestination.clearEntityManager():
failed", excp);
- }
- }
-
- private EntityTransaction getTransaction() {
- if (!isDbConnected()) {
- connect();
- }
-
- EntityManager em = getEntityManager();
-
- return em != null ? em.getTransaction() : null;
- }
-
- private boolean beginTransaction() {
- EntityTransaction trx = getTransaction();
-
- if (trx != null && !trx.isActive()) {
- trx.begin();
- }
-
- if (trx == null) {
- logger.warn("DBAuditDestination.beginTransaction(): trx
is null");
- }
-
- return trx != null;
- }
-
- private boolean commitTransaction() {
- boolean ret = false;
- EntityTransaction trx = null;
-
- try {
- trx = getTransaction();
-
- if (trx != null && trx.isActive()) {
- trx.commit();
- ret = true;
- } else {
- throw new Exception("trx is null or not
active");
- }
- } catch (Throwable excp) {
- logger.error("DBAuditDestination.commitTransaction():
failed", excp);
-
- cleanUp(); // so that next insert will try to init()
- } finally {
- clearEntityManager();
- }
-
- return ret;
- }
-
- private boolean rollbackTransaction() {
- boolean ret = false;
- EntityTransaction trx = null;
-
- try {
- trx = getTransaction();
-
- if (trx != null && trx.isActive()) {
- trx.rollback();
- ret = true;
- } else {
- throw new Exception("trx is null or not
active");
- }
- } catch (Throwable excp) {
- logger.error("DBAuditDestination.rollbackTransaction():
failed",
- excp);
-
- cleanUp(); // so that next insert will try to init()
- } finally {
- clearEntityManager();
- }
-
- return ret;
- }
-
-}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java
b/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java
deleted file mode 100644
index 6830e95..0000000
---
a/agents-audit/src/main/java/org/apache/ranger/audit/entity/AuthzAuditEventDbObj.java
+++ /dev/null
@@ -1,412 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package org.apache.ranger.audit.entity;
-
-import java.io.Serializable;
-import java.util.Date;
-import java.util.Properties;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Id;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Table;
-import javax.persistence.Temporal;
-import javax.persistence.TemporalType;
-import javax.persistence.SequenceGenerator;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ranger.audit.model.AuthzAuditEvent;
-import org.apache.ranger.audit.provider.MiscUtil;
-
-/**
- * Entity implementation class for Entity: AuthzAuditEventDbObj
- *
- */
-@Entity
-@Table(name="xa_access_audit")
-public class AuthzAuditEventDbObj implements Serializable {
-
- private static final Log LOG =
LogFactory.getLog(AuthzAuditEventDbObj.class);
-
- private static final long serialVersionUID = 1L;
-
- static int MaxValueLengthAccessType = 255;
- static int MaxValueLengthAclEnforcer = 255;
- static int MaxValueLengthAgentId = 255;
- static int MaxValueLengthClientIp = 255;
- static int MaxValueLengthClientType = 255;
- static int MaxValueLengthRepoName = 255;
- static int MaxValueLengthResultReason = 255;
- static int MaxValueLengthSessionId = 255;
- static int MaxValueLengthRequestUser = 255;
- static int MaxValueLengthAction = 2000;
- static int MaxValueLengthRequestData = 4000;
- static int MaxValueLengthResourcePath = 4000;
- static int MaxValueLengthResourceType = 255;
-
- private long auditId;
- private int repositoryType;
- private String repositoryName;
- private String user;
- private Date timeStamp;
- private String accessType;
- private String resourcePath;
- private String resourceType;
- private String action;
- private int accessResult;
- private String agentId;
- private long policyId;
- private String resultReason;
- private String aclEnforcer;
- private String sessionId;
- private String clientType;
- private String clientIP;
- private String requestData;
- private long seqNum;
- private long eventCount;
- private long eventDurationMS;
- private String tags;
-
- public static void init(Properties props)
- {
- LOG.info("AuthzAuditEventDbObj.init()");
-
- final String AUDIT_DB_MAX_COLUMN_VALUE =
"xasecure.audit.destination.db.max.column.length";
- MaxValueLengthAccessType = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "access_type", MaxValueLengthAccessType);
- logMaxColumnValue("access_type", MaxValueLengthAccessType);
-
- MaxValueLengthAclEnforcer = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "acl_enforcer", MaxValueLengthAclEnforcer);
- logMaxColumnValue("acl_enforcer", MaxValueLengthAclEnforcer);
-
- MaxValueLengthAction = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "action", MaxValueLengthAction);
- logMaxColumnValue("action", MaxValueLengthAction);
-
- MaxValueLengthAgentId = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "agent_id", MaxValueLengthAgentId);
- logMaxColumnValue("agent_id", MaxValueLengthAgentId);
-
- MaxValueLengthClientIp = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "client_id", MaxValueLengthClientIp);
- logMaxColumnValue("client_id", MaxValueLengthClientIp);
-
- MaxValueLengthClientType = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "client_type", MaxValueLengthClientType);
- logMaxColumnValue("client_type", MaxValueLengthClientType);
-
- MaxValueLengthRepoName = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "repo_name", MaxValueLengthRepoName);
- logMaxColumnValue("repo_name", MaxValueLengthRepoName);
-
- MaxValueLengthResultReason = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "result_reason", MaxValueLengthResultReason);
- logMaxColumnValue("result_reason", MaxValueLengthResultReason);
-
- MaxValueLengthSessionId = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "session_id", MaxValueLengthSessionId);
- logMaxColumnValue("session_id", MaxValueLengthSessionId);
-
- MaxValueLengthRequestUser = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "request_user", MaxValueLengthRequestUser);
- logMaxColumnValue("request_user", MaxValueLengthRequestUser);
-
- MaxValueLengthRequestData = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "request_data", MaxValueLengthRequestData);
- logMaxColumnValue("request_data", MaxValueLengthRequestData);
-
- MaxValueLengthResourcePath = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "resource_path", MaxValueLengthResourcePath);
- logMaxColumnValue("resource_path", MaxValueLengthResourcePath);
-
- MaxValueLengthResourceType = MiscUtil.getIntProperty(props,
AUDIT_DB_MAX_COLUMN_VALUE + "." + "resource_type", MaxValueLengthResourceType);
- logMaxColumnValue("resource_type", MaxValueLengthResourceType);
- }
-
- public static void logMaxColumnValue(String columnName, int
configuredMaxValueLength) {
- LOG.info("Setting max column value for column[" + columnName +
"] to [" + configuredMaxValueLength + "].");
- if (configuredMaxValueLength == 0) {
- LOG.info("Max length of column[" + columnName + "] was
0! Column will NOT be emitted in the audit.");
- } else if (configuredMaxValueLength < 0) {
- LOG.info("Max length of column[" + columnName + "] was
less than 0! Column value will never be truncated.");
- }
- }
-
-
- public AuthzAuditEventDbObj() {
- super();
- }
-
- public AuthzAuditEventDbObj(AuthzAuditEvent event) {
- super();
- Date utcDate=null;
- if(event.getEventTime()!=null){
-
utcDate=MiscUtil.getUTCDateForLocalDate(event.getEventTime());
- }else{
- utcDate=MiscUtil.getUTCDate();
- }
- this.repositoryType = event.getRepositoryType();
- this.repositoryName = event.getRepositoryName();
- this.user = event.getUser();
- this.timeStamp = utcDate;
- this.accessType = event.getAccessType();
- this.resourcePath = event.getResourcePath();
- this.resourceType = event.getResourceType();
- this.action = event.getAction();
- this.accessResult = event.getAccessResult();
- this.agentId = event.getAgentId();
- this.policyId = event.getPolicyId();
- this.resultReason = event.getResultReason();
- this.aclEnforcer = event.getAclEnforcer();
- this.sessionId = event.getSessionId();
- this.clientType = event.getClientType();
- this.clientIP = event.getClientIP();
- this.requestData = event.getRequestData();
- this.seqNum = event.getSeqNum();
- this.eventCount = event.getEventCount();
- this.eventDurationMS= event.getEventDurationMS();
- this.tags = StringUtils.join(event.getTags(), ", ");
- }
-
- @Id
-
@SequenceGenerator(name="XA_ACCESS_AUDIT_SEQ",sequenceName="XA_ACCESS_AUDIT_SEQ",allocationSize=1)
-
@GeneratedValue(strategy=GenerationType.AUTO,generator="XA_ACCESS_AUDIT_SEQ")
- @Column(name = "id", unique = true, nullable = false)
- public long getAuditId() {
- return this.auditId;
- }
-
- public void setAuditId(long auditId) {
- this.auditId = auditId;
- }
-
- @Column(name = "repo_type")
- public int getRepositoryType() {
- return this.repositoryType;
- }
-
- public void setRepositoryType(int repositoryType) {
- this.repositoryType = repositoryType;
- }
-
- @Column(name = "repo_name")
- public String getRepositoryName() {
- return truncate(this.repositoryName, MaxValueLengthRepoName,
"repo_name");
- }
-
- public void setRepositoryName(String repositoryName) {
- this.repositoryName = repositoryName;
- }
-
- @Column(name = "request_user")
- public String getUser() {
- return truncate(this.user, MaxValueLengthRequestUser,
"request_user");
- }
-
- public void setUser(String user) {
- this.user = user;
- }
-
- @Temporal(TemporalType.TIMESTAMP)
- @Column(name = "event_time")
- public Date getTimeStamp() {
- return this.timeStamp;
- }
-
- public void setTimeStamp(Date timeStamp) {
- this.timeStamp = timeStamp;
- }
-
- @Column(name = "access_type")
- public String getAccessType() {
- return truncate(this.accessType, MaxValueLengthAccessType,
"access_type");
- }
-
- public void setAccessType(String accessType) {
- this.accessType = accessType;
- }
-
- @Column(name = "resource_path")
- public String getResourcePath() {
- return truncate(this.resourcePath, MaxValueLengthResourcePath,
"resource_path");
- }
-
- public void setResourcePath(String resourcePath) {
- this.resourcePath = resourcePath;
- }
-
- @Column(name = "resource_type")
- public String getResourceType() {
- return truncate(this.resourceType, MaxValueLengthResourceType,
"resource_type");
- }
-
- public void setResourceType(String resourceType) {
- this.resourceType = resourceType;
- }
-
- @Column(name = "action")
- public String getAction() {
- return truncate(this.action, MaxValueLengthAction, "action");
- }
-
- public void setAction(String action) {
- this.action = action;
- }
-
- @Column(name = "access_result")
- public int getAccessResult() {
- return this.accessResult;
- }
-
- public void setAccessResult(int accessResult) {
- this.accessResult = accessResult;
- }
-
- @Column(name = "agent_id")
- public String getAgentId() {
- return truncate(this.agentId, MaxValueLengthAgentId,
"agent_id");
- }
-
- public void setAgentId(String agentId) {
- this.agentId = agentId;
- }
-
- @Column(name = "policy_id")
- public long getPolicyId() {
- return this.policyId;
- }
-
- public void setPolicyId(long policyId) {
- this.policyId = policyId;
- }
-
- @Column(name = "result_reason")
- public String getResultReason() {
- return truncate(this.resultReason, MaxValueLengthResultReason,
"result_reason");
- }
-
- public void setResultReason(String resultReason) {
- this.resultReason = resultReason;
- }
-
- @Column(name = "acl_enforcer")
- public String getAclEnforcer() {
- return truncate(this.aclEnforcer, MaxValueLengthAclEnforcer,
"acl_enforcer");
- }
-
- public void setAclEnforcer(String aclEnforcer) {
- this.aclEnforcer = aclEnforcer;
- }
-
- @Column(name = "session_id")
- public String getSessionId() {
- return truncate(this.sessionId, MaxValueLengthSessionId,
"session_id");
- }
-
- public void setSessionId(String sessionId) {
- this.sessionId = sessionId;
- }
-
- @Column(name = "client_type")
- public String getClientType() {
- return truncate(this.clientType, MaxValueLengthClientType,
"client_type");
- }
-
- public void setClientType(String clientType) {
- this.clientType = clientType;
- }
-
- @Column(name = "client_ip")
- public String getClientIP() {
- return truncate(this.clientIP, MaxValueLengthClientIp,
"client_ip");
- }
-
- public void setClientIP(String clientIP) {
- this.clientIP = clientIP;
- }
-
- @Column(name = "request_data")
- public String getRequestData() {
- return truncate(this.requestData, MaxValueLengthRequestData,
"request_data");
- }
-
- public void setRequestData(String requestData) {
- this.requestData = requestData;
- }
-
- @Column(name = "seq_num")
- public long getSeqNum() { return this.seqNum; }
-
- public void setSeqNum(long seqNum) { this.seqNum = seqNum; }
-
- @Column(name = "event_count")
- public long getEventCount() { return this.eventCount; }
-
- public void setEventCount(long eventCount) { this.eventCount =
eventCount; }
-
- @Column(name = "event_dur_ms")
- public long getEventDurationMS() { return this.eventDurationMS; }
-
- public void setEventDurationMS(long eventDurationMS) {
this.eventDurationMS = eventDurationMS; }
-
- @Column(name = "tags")
- public String getTags() {
- return this.tags;
- }
-
- public void setTags(String tags) {
- this.tags = tags;
- }
-
- static final String TruncationMarker = "...";
- static final int TruncationMarkerLength = TruncationMarker.length();
-
- protected String truncate(String value, int limit, String columnName) {
- if (LOG.isDebugEnabled()) {
- LOG.debug(String.format("==> getTrunctedValue(%s, %d,
%s)", value, limit, columnName));
- }
-
- String result = value;
- if (value != null) {
- if (limit < 0) {
- if (LOG.isDebugEnabled()) {
- LOG.debug(String.format("Truncation is
suppressed for column[%s]: old value [%s], new value[%s]", columnName, value,
result));
- }
- } else if (limit == 0) {
- if (LOG.isDebugEnabled()) {
- LOG.debug(String.format("Column[%s] is
to be excluded from audit: old value [%s], new value[%s]", columnName, value,
result));
- }
- result = null;
- } else {
- if (value.length() > limit) {
- if (limit <= TruncationMarkerLength) {
- // NOTE: If value is to be
truncated to a size that is less than of equal to the Truncation Marker then we
won't put the marker in!!
- result = value.substring(0,
limit);
- } else {
- StringBuilder sb = new
StringBuilder(value.substring(0, limit - TruncationMarkerLength));
- sb.append(TruncationMarker);
- result = sb.toString();
- }
- if (LOG.isDebugEnabled()) {
-
LOG.debug(String.format("Truncating value for column[%s] to [%d] characters:
old value [%s], new value[%s]", columnName, limit, value, result));
- }
- }
- }
- }
-
- if (LOG.isDebugEnabled()) {
- LOG.debug(String.format("<== getTrunctedValue(%s, %d,
%s): %s", value, limit, columnName, result));
- }
- return result;
- }
-}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/model/AuditEventBase.java
b/agents-audit/src/main/java/org/apache/ranger/audit/model/AuditEventBase.java
index b579146..84eaebe 100644
---
a/agents-audit/src/main/java/org/apache/ranger/audit/model/AuditEventBase.java
+++
b/agents-audit/src/main/java/org/apache/ranger/audit/model/AuditEventBase.java
@@ -21,15 +21,11 @@ package org.apache.ranger.audit.model;
import java.util.Date;
-import org.apache.ranger.audit.dao.DaoManager;
-
public abstract class AuditEventBase {
protected AuditEventBase() {
}
- public abstract void persist(DaoManager daoManager);
-
public abstract String getEventKey();
public abstract Date getEventTime ();
public abstract void setEventCount(long eventCount);
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/model/AuthzAuditEvent.java
b/agents-audit/src/main/java/org/apache/ranger/audit/model/AuthzAuditEvent.java
index 28db58c..e20d1a7 100644
---
a/agents-audit/src/main/java/org/apache/ranger/audit/model/AuthzAuditEvent.java
+++
b/agents-audit/src/main/java/org/apache/ranger/audit/model/AuthzAuditEvent.java
@@ -24,8 +24,6 @@ import java.util.HashSet;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
-import org.apache.ranger.audit.dao.DaoManager;
-import org.apache.ranger.audit.entity.AuthzAuditEventDbObj;
import com.google.gson.annotations.SerializedName;
@@ -574,10 +572,4 @@ public class AuthzAuditEvent extends AuditEventBase {
return sb;
}
-
- @Override
- public void persist(DaoManager daoManager) {
- daoManager.getAuthzAuditEventDao().create(
- new AuthzAuditEventDbObj(this));
- }
}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
index f971a76..6b7f4b0 100644
---
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
+++
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
@@ -50,7 +50,6 @@ public class AuditProviderFactory {
.getLog(AuditProviderFactory.class);
public static final String AUDIT_IS_ENABLED_PROP =
"xasecure.audit.is.enabled";
- public static final String AUDIT_DB_IS_ENABLED_PROP =
"xasecure.audit.db.is.enabled";
public static final String AUDIT_HDFS_IS_ENABLED_PROP =
"xasecure.audit.hdfs.is.enabled";
public static final String AUDIT_LOG4J_IS_ENABLED_PROP =
"xasecure.audit.log4j.is.enabled";
public static final String AUDIT_KAFKA_IS_ENABLED_PROP =
"xasecure.audit.kafka.is.enabled";
@@ -130,8 +129,6 @@ public class AuditProviderFactory {
return;
}
- boolean isAuditToDbEnabled = MiscUtil.getBooleanProperty(props,
- AUDIT_DB_IS_ENABLED_PROP, false);
boolean isAuditToHdfsEnabled =
MiscUtil.getBooleanProperty(props,
AUDIT_HDFS_IS_ENABLED_PROP, false);
boolean isAuditToLog4jEnabled =
MiscUtil.getBooleanProperty(props,
@@ -280,7 +277,7 @@ public class AuditProviderFactory {
} else {
LOG.info("No v3 audit configuration found. Trying v2
audit configurations");
if (!isEnabled
- || !(isAuditToDbEnabled ||
isAuditToHdfsEnabled
+ || !(isAuditToHdfsEnabled
|| isAuditToKafkaEnabled ||
isAuditToLog4jEnabled
|| isAuditToSolrEnabled ||
providers.size() == 0)) {
LOG.info("AuditProviderFactory: Audit not
enabled..");
@@ -290,31 +287,6 @@ public class AuditProviderFactory {
return;
}
- if (isAuditToDbEnabled) {
- LOG.info("DbAuditProvider is enabled");
- DbAuditProvider dbProvider = new
DbAuditProvider();
-
- boolean isAuditToDbAsync =
MiscUtil.getBooleanProperty(props,
-
DbAuditProvider.AUDIT_DB_IS_ASYNC_PROP, false);
-
- if (isAuditToDbAsync) {
- int maxQueueSize =
MiscUtil.getIntProperty(props,
-
DbAuditProvider.AUDIT_DB_MAX_QUEUE_SIZE_PROP,
-
AUDIT_ASYNC_MAX_QUEUE_SIZE_DEFAULT);
- int maxFlushInterval =
MiscUtil.getIntProperty(props,
-
DbAuditProvider.AUDIT_DB_MAX_FLUSH_INTERVAL_PROP,
-
AUDIT_ASYNC_MAX_FLUSH_INTERVAL_DEFAULT);
-
- AsyncAuditProvider asyncProvider = new
AsyncAuditProvider(
- "DbAuditProvider",
maxQueueSize, maxFlushInterval,
- dbProvider);
-
- providers.add(asyncProvider);
- } else {
- providers.add(dbProvider);
- }
- }
-
if (isAuditToHdfsEnabled) {
LOG.info("HdfsAuditProvider is enabled");
@@ -448,8 +420,6 @@ public class AuditProviderFactory {
provider = new ElasticSearchAuditDestination();
} else if (providerName.equalsIgnoreCase("kafka")) {
provider = new KafkaAuditProvider();
- } else if (providerName.equalsIgnoreCase("db")) {
- provider = new DBAuditDestination();
} else if (providerName.equalsIgnoreCase("log4j")) {
provider = new Log4JAuditDestination();
} else if (providerName.equalsIgnoreCase("batch")) {
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/BaseAuditHandler.java
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/BaseAuditHandler.java
index 6138ca0..54f3764 100644
---
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/BaseAuditHandler.java
+++
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/BaseAuditHandler.java
@@ -35,7 +35,6 @@ public abstract class BaseAuditHandler implements
AuditHandler {
private static final Log LOG =
LogFactory.getLog(BaseAuditHandler.class);
static final String AUDIT_LOG_FAILURE_REPORT_MIN_INTERVAL_PROP =
"xasecure.audit.log.failure.report.min.interval.ms";
- protected static final String AUDIT_DB_CREDENTIAL_PROVIDER_FILE =
"xasecure.audit.credential.provider.file";
public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE
= "xasecure.policymgr.clientssl.keystore";
public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_TYPE
= "xasecure.policymgr.clientssl.keystore.type";
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
b/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
deleted file mode 100644
index 95909a9..0000000
---
a/agents-audit/src/main/java/org/apache/ranger/audit/provider/DbAuditProvider.java
+++ /dev/null
@@ -1,370 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ranger.audit.provider;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Map;
-import java.util.Properties;
-
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.EntityTransaction;
-import javax.persistence.Persistence;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.ranger.audit.dao.DaoManager;
-import org.apache.ranger.audit.destination.AuditDestination;
-import org.apache.ranger.audit.entity.AuthzAuditEventDbObj;
-import org.apache.ranger.audit.model.AuditEventBase;
-import org.apache.ranger.audit.model.AuthzAuditEvent;
-import org.apache.ranger.authorization.hadoop.utils.RangerCredentialProvider;
-
-
-/*
- * NOTE:
- * - Instances of this class are not thread-safe.
- */
-public class DbAuditProvider extends AuditDestination {
-
- private static final Log LOG = LogFactory.getLog(DbAuditProvider.class);
-
- public static final String AUDIT_DB_IS_ASYNC_PROP =
"xasecure.audit.db.is.async";
- public static final String AUDIT_DB_MAX_QUEUE_SIZE_PROP =
"xasecure.audit.db.async.max.queue.size";
- public static final String AUDIT_DB_MAX_FLUSH_INTERVAL_PROP =
"xasecure.audit.db.async.max.flush.interval.ms";
-
- private static final String AUDIT_DB_BATCH_SIZE_PROP =
"xasecure.audit.db.batch.size";
- private static final String AUDIT_DB_RETRY_MIN_INTERVAL_PROP =
"xasecure.audit.db.config.retry.min.interval.ms";
- private static final String AUDIT_JPA_CONFIG_PROP_PREFIX =
"xasecure.audit.jpa.";
- private static final String AUDIT_DB_CREDENTIAL_PROVIDER_FILE =
"xasecure.audit.credential.provider.file";
- private static final String AUDIT_DB_CREDENTIAL_PROVIDER_ALIAS =
"auditDBCred";
- private static final String AUDIT_JPA_JDBC_PASSWORD
= "javax.persistence.jdbc.password";
-
- private EntityManagerFactory entityManagerFactory;
- private DaoManager daoManager;
-
- private int mCommitBatchSize = 1;
- private int mDbRetryMinIntervalMs = 60 * 1000;
- private ArrayList<AuditEventBase> mUncommitted = new
ArrayList<AuditEventBase>();
- private Map<String, String> mDbProperties = null;
- private long mLastDbFailedTime = 0;
-
- public DbAuditProvider() {
- LOG.info("DbAuditProvider: creating..");
- }
-
- @Override
- public void init(Properties props) {
- LOG.info("DbAuditProvider.init()");
-
- super.init(props);
-
- mDbProperties = MiscUtil.getPropertiesWithPrefix(props,
AUDIT_JPA_CONFIG_PROP_PREFIX);
- mCommitBatchSize = MiscUtil.getIntProperty(props,
AUDIT_DB_BATCH_SIZE_PROP, 1000);
- mDbRetryMinIntervalMs = MiscUtil.getIntProperty(props,
AUDIT_DB_RETRY_MIN_INTERVAL_PROP, 15 * 1000);
-
- boolean isAsync = MiscUtil.getBooleanProperty(props,
AUDIT_DB_IS_ASYNC_PROP, false);
-
- if(! isAsync) {
- mCommitBatchSize = 1; // Batching not supported in sync
mode
- }
-
- String jdbcPassword =
getCredentialString(MiscUtil.getStringProperty(props,
AUDIT_DB_CREDENTIAL_PROVIDER_FILE), AUDIT_DB_CREDENTIAL_PROVIDER_ALIAS);
-
- if(jdbcPassword != null && !jdbcPassword.isEmpty()) {
- mDbProperties.put(AUDIT_JPA_JDBC_PASSWORD,
jdbcPassword);
- }
-
- // initialize the database related classes
- AuthzAuditEventDbObj.init(props);
- }
-
- @Override
- public boolean log(AuditEventBase event) {
- LOG.debug("DbAuditProvider.log()");
-
- boolean isSuccess = false;
-
- try {
- if(preCreate()) {
- DaoManager daoMgr = daoManager;
-
- if(daoMgr != null) {
- event.persist(daoMgr);
-
- isSuccess = postCreate(event);
- }
- }
- } catch(Exception excp) {
- logDbError("DbAuditProvider.log(): failed", excp);
- } finally {
- if(! isSuccess) {
- logFailedEvent(event);
- }
- }
- LOG.debug("<== DbAuditProvider.log()");
- return isSuccess;
- }
-
- @Override
- public boolean log(Collection<AuditEventBase> events) {
- boolean ret = true;
- for (AuditEventBase event : events) {
- ret = log(event);
- if(!ret) {
- break;
- }
- }
- return ret;
- }
-
- @Override
- public boolean logJSON(String event) {
- AuditEventBase eventObj = MiscUtil.fromJson(event,
- AuthzAuditEvent.class);
- return log(eventObj);
- }
-
- @Override
- public boolean logJSON(Collection<String> events) {
- boolean ret = true;
- for (String event : events) {
- ret = logJSON(event);
- if( !ret ) {
- break;
- }
- }
- return ret;
- }
-
- @Override
- public void start() {
- LOG.info("DbAuditProvider.start()");
-
- init();
- }
-
- @Override
- public void stop() {
- LOG.info("DbAuditProvider.stop()");
-
- cleanUp();
- }
-
- @Override
- public void flush() {
- if(mUncommitted.size() > 0) {
- boolean isSuccess = commitTransaction();
-
- if(! isSuccess) {
- for(AuditEventBase evt : mUncommitted) {
- logFailedEvent(evt);
- }
- }
-
- mUncommitted.clear();
- }
- }
-
- private synchronized boolean init() {
- long now = System.currentTimeMillis();
-
- if((now - mLastDbFailedTime) < mDbRetryMinIntervalMs) {
- return false;
- }
-
- LOG.info("DbAuditProvider: init()");
-
LOG.info("java.library.path:"+System.getProperty("java.library.path"));
- try {
- entityManagerFactory =
Persistence.createEntityManagerFactory("xa_server", mDbProperties);
-
- daoManager = new DaoManager();
- daoManager.setEntityManagerFactory(entityManagerFactory);
-
- daoManager.getEntityManager(); // this forces the
connection to be made to DB
- } catch(Exception excp) {
- logDbError("DbAuditProvider: DB initalization failed",
excp);
-
- cleanUp();
-
- return false;
- }
-
- return true;
- }
-
- private synchronized void cleanUp() {
- LOG.info("DbAuditProvider: cleanUp()");
-
- try {
- if(entityManagerFactory != null &&
entityManagerFactory.isOpen()) {
- entityManagerFactory.close();
- }
- } catch(Exception excp) {
- LOG.error("DbAuditProvider.cleanUp(): failed", excp);
- } finally {
- entityManagerFactory = null;
- daoManager = null;
- }
- }
-
- private boolean isDbConnected() {
- EntityManager em = getEntityManager();
-
- return em != null && em.isOpen();
- }
-
- private EntityManager getEntityManager() {
- DaoManager daoMgr = daoManager;
-
- if(daoMgr != null) {
- try {
- return daoMgr.getEntityManager();
- } catch(Exception excp) {
- logDbError("DbAuditProvider.getEntityManager():
failed", excp);
-
- cleanUp();
- }
- }
-
- return null;
- }
-
- private void clearEntityManager() {
- try {
- EntityManager em = getEntityManager();
-
- if(em != null) {
- em.clear();
- }
- } catch(Exception excp) {
- LOG.warn("DbAuditProvider.clearEntityManager():
failed", excp);
- }
- }
-
- private EntityTransaction getTransaction() {
- EntityManager em = getEntityManager();
-
- return em != null ? em.getTransaction() : null;
- }
-
- private boolean isInTransaction() {
- EntityTransaction trx = getTransaction();
-
- return trx != null && trx.isActive();
- }
-
- private boolean beginTransaction() {
- EntityTransaction trx = getTransaction();
-
- if(trx != null && !trx.isActive()) {
- trx.begin();
- }
-
- if(trx == null) {
- LOG.warn("DbAuditProvider.beginTransaction(): trx is
null");
- }
-
- return trx != null;
- }
-
- private boolean commitTransaction() {
- boolean ret = false;
- EntityTransaction trx = null;
-
- try {
- trx = getTransaction();
-
- if(trx != null && trx.isActive()) {
- trx.commit();
-
- ret =true;
- } else {
- throw new Exception("trx is null or not
active");
- }
- } catch(Exception excp) {
- logDbError("DbAuditProvider.commitTransaction():
failed", excp);
-
- cleanUp(); // so that next insert will try to init()
- } finally {
- clearEntityManager();
- }
-
- return ret;
- }
-
- private boolean preCreate() {
- boolean ret = true;
-
- if(!isDbConnected()) {
- ret = init();
- }
-
- if(ret) {
- if(! isInTransaction()) {
- ret = beginTransaction();
- }
- }
-
- return ret;
- }
-
- private boolean postCreate(AuditEventBase event) {
- boolean ret = true;
-
- if(mCommitBatchSize <= 1) {
- ret = commitTransaction();
- } else {
- mUncommitted.add(event);
-
- if((mUncommitted.size() % mCommitBatchSize) == 0) {
- ret = commitTransaction();
-
- if(! ret) {
- for(AuditEventBase evt : mUncommitted) {
- if(evt != event) {
- logFailedEvent(evt);
- }
- }
- }
-
- mUncommitted.clear();
- }
- }
- return ret;
- }
-
- private void logDbError(String msg, Exception excp) {
- long now = System.currentTimeMillis();
-
- if((now - mLastDbFailedTime) > mDbRetryMinIntervalMs) {
- mLastDbFailedTime = now;
- }
-
- LOG.warn(msg, excp);
- }
-
- private String getCredentialString(String url,String alias) {
- if(url != null && alias != null) {
- return
RangerCredentialProvider.getInstance().getCredentialString(url,alias);
- }
- return null;
- }
-}
diff --git
a/agents-audit/src/main/java/org/apache/ranger/audit/test/TestEvents.java
b/agents-audit/src/main/java/org/apache/ranger/audit/test/TestEvents.java
index 57f76d8..231cb86 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/test/TestEvents.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/test/TestEvents.java
@@ -55,21 +55,11 @@ public class TestEvents {
} else {
LOG.info("Audit properties file missing: " +
AUDIT_PROPERTIES_FILE);
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.url",
"jdbc:mysql://localhost:3306/xa_db");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.user",
"xaaudit");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.password",
"xaaudit");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.driver",
"com.mysql.jdbc.Driver");
-
auditProperties.setProperty("xasecure.audit.is.enabled",
"true");
auditProperties.setProperty("xasecure.audit.log4j.is.enabled",
"false");
auditProperties.setProperty("xasecure.audit.log4j.is.async",
"false");
auditProperties.setProperty("xasecure.audit.log4j.async.max.queue.size",
"100000");
auditProperties.setProperty("xasecure.audit.log4j.async.max.flush.interval.ms",
"30000");
- auditProperties.setProperty("xasecure.audit.db.is.enabled",
"false");
- auditProperties.setProperty("xasecure.audit.db.is.async",
"true");
-
auditProperties.setProperty("xasecure.audit.db.async.max.queue.size", "100000");
-
auditProperties.setProperty("xasecure.audit.db.async.max.flush.interval.ms",
"30000");
- auditProperties.setProperty("xasecure.audit.db.batch.size",
"100");
}
AuditProviderFactory factory = new AuditProviderFactory();
diff --git
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
index 5a06e1d..81c3744 100644
---
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
+++
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java
@@ -105,21 +105,11 @@ public class TestPolicyEngine {
} else {
System.out.println("Audit properties file missing: " +
AUDIT_PROPERTIES_FILE);
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.url",
"jdbc:mysql://node-1:3306/xasecure_audit");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.user",
"xalogger");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.password",
"xalogger");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.driver",
"com.mysql.jdbc.Driver");
-
auditProperties.setProperty("xasecure.audit.is.enabled", "false"); // Set this
to true to enable audit logging
auditProperties.setProperty("xasecure.audit.log4j.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.log4j.is.async", "false");
auditProperties.setProperty("xasecure.audit.log4j.async.max.queue.size",
"100000");
auditProperties.setProperty("xasecure.audit.log4j.async.max.flush.interval.ms",
"30000");
-
auditProperties.setProperty("xasecure.audit.db.is.enabled", "false");
-
auditProperties.setProperty("xasecure.audit.db.is.async", "false");
-
auditProperties.setProperty("xasecure.audit.db.async.max.queue.size", "100000");
-
auditProperties.setProperty("xasecure.audit.db.async.max.flush.interval.ms",
"30000");
-
auditProperties.setProperty("xasecure.audit.db.batch.size", "100");
}
AuditProviderFactory factory =
AuditProviderFactory.getInstance();
diff --git
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
index c4187cc..4e1844b 100644
---
a/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
+++
b/agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngineForDeltas.java
@@ -94,21 +94,11 @@ public class TestPolicyEngineForDeltas {
} else {
System.out.println("Audit properties file missing: " +
AUDIT_PROPERTIES_FILE);
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.url",
"jdbc:mysql://node-1:3306/xasecure_audit");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.user",
"xalogger");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.password",
"xalogger");
-
auditProperties.setProperty("xasecure.audit.jpa.javax.persistence.jdbc.driver",
"com.mysql.jdbc.Driver");
-
auditProperties.setProperty("xasecure.audit.is.enabled", "false"); // Set this
to true to enable audit logging
auditProperties.setProperty("xasecure.audit.log4j.is.enabled", "false");
auditProperties.setProperty("xasecure.audit.log4j.is.async", "false");
auditProperties.setProperty("xasecure.audit.log4j.async.max.queue.size",
"100000");
auditProperties.setProperty("xasecure.audit.log4j.async.max.flush.interval.ms",
"30000");
-
auditProperties.setProperty("xasecure.audit.db.is.enabled", "false");
-
auditProperties.setProperty("xasecure.audit.db.is.async", "false");
-
auditProperties.setProperty("xasecure.audit.db.async.max.queue.size", "100000");
-
auditProperties.setProperty("xasecure.audit.db.async.max.flush.interval.ms",
"30000");
-
auditProperties.setProperty("xasecure.audit.db.batch.size", "100");
}
AuditProviderFactory factory =
AuditProviderFactory.getInstance();
diff --git a/distro/src/main/assembly/hbase-agent.xml
b/distro/src/main/assembly/hbase-agent.xml
index 4100688..f550276 100644
--- a/distro/src/main/assembly/hbase-agent.xml
+++ b/distro/src/main/assembly/hbase-agent.xml
@@ -56,8 +56,6 @@
<include>com.sun.jersey:jersey-client:jar:${jersey-bundle.version}</include>
<include>com.sun.jersey:jersey-core:jar:${jersey-bundle.version}</include>
<include>org.codehaus.jackson:jackson-jaxrs:jar:${codehaus.jackson.version}</include>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.noggit:noggit:jar:${noggit.version}</include>
diff --git a/distro/src/main/assembly/hdfs-agent.xml
b/distro/src/main/assembly/hdfs-agent.xml
index 1f1ce63..163fc2a 100644
--- a/distro/src/main/assembly/hdfs-agent.xml
+++ b/distro/src/main/assembly/hdfs-agent.xml
@@ -82,8 +82,6 @@
<fileMode>644</fileMode>
<includes>
<include>commons-lang:commons-lang</include>
- <include>org.eclipse.persistence:javax.persistence</include>
- <include>org.eclipse.persistence:eclipselink</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
diff --git a/distro/src/main/assembly/hive-agent.xml
b/distro/src/main/assembly/hive-agent.xml
index baf6dcf..f2b1f22 100644
--- a/distro/src/main/assembly/hive-agent.xml
+++ b/distro/src/main/assembly/hive-agent.xml
@@ -53,8 +53,6 @@
<directoryMode>755</directoryMode>
<fileMode>644</fileMode>
<includes>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
<include>org.apache.httpcomponents:httpcore:jar:${httpcomponents.httpcore.version}</include>
diff --git a/distro/src/main/assembly/plugin-atlas.xml
b/distro/src/main/assembly/plugin-atlas.xml
index cfebb55..d350612 100644
--- a/distro/src/main/assembly/plugin-atlas.xml
+++ b/distro/src/main/assembly/plugin-atlas.xml
@@ -54,8 +54,6 @@
<directoryMode>755</directoryMode>
<fileMode>644</fileMode>
<includes>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>com.sun.jersey:jersey-bundle</include>
<include>com.google.guava:guava:jar:${google.guava.version}</include>
<include>org.codehaus.jackson:jackson-jaxrs</include>
diff --git a/distro/src/main/assembly/plugin-elasticsearch.xml
b/distro/src/main/assembly/plugin-elasticsearch.xml
index d116669..0b8aaee 100644
--- a/distro/src/main/assembly/plugin-elasticsearch.xml
+++ b/distro/src/main/assembly/plugin-elasticsearch.xml
@@ -65,8 +65,6 @@
<include>org.apache.hadoop:hadoop-auth:jar:${hadoop.version}</include>
<include>org.apache.hadoop:hadoop-hdfs:jar:${hadoop.version}</include>
<include>com.google.code.gson:gson</include>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>com.sun.jersey:jersey-bundle</include>
<include>commons-logging:commons-logging:jar:${commons.logging.version}</include>
diff --git a/distro/src/main/assembly/plugin-kafka.xml
b/distro/src/main/assembly/plugin-kafka.xml
index 9ed6af6..5577d8d 100644
--- a/distro/src/main/assembly/plugin-kafka.xml
+++ b/distro/src/main/assembly/plugin-kafka.xml
@@ -55,8 +55,6 @@
<include>org.apache.hadoop:hadoop-auth:jar:${hadoop.version}</include>
<include>org.apache.hadoop:hadoop-hdfs:jar:${hadoop.version}</include>
<include>com.google.code.gson:gson</include>
-
<include>org.eclipse.persistence:eclipselink</include>
-
<include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>commons-collections:commons-collections</include>
<include>com.sun.jersey:jersey-bundle</include>
diff --git a/distro/src/main/assembly/plugin-kms.xml
b/distro/src/main/assembly/plugin-kms.xml
index fefc334..7c40a85 100755
--- a/distro/src/main/assembly/plugin-kms.xml
+++ b/distro/src/main/assembly/plugin-kms.xml
@@ -56,8 +56,6 @@
<include>org.apache.commons:commons-configuration2:jar:${commons.configuration.version}</include>
<include>org.apache.hadoop:hadoop-common:jar:${hadoop.version}</include>
<include>com.google.code.gson:gson</include>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>commons-collections:commons-collections</include>
<include>commons-logging:commons-logging:jar:${commons.logging.version}</include>
diff --git a/distro/src/main/assembly/plugin-kylin.xml
b/distro/src/main/assembly/plugin-kylin.xml
index 7d88196..74b9f43 100644
--- a/distro/src/main/assembly/plugin-kylin.xml
+++ b/distro/src/main/assembly/plugin-kylin.xml
@@ -57,8 +57,6 @@
<outputDirectory>lib/ranger-kylin-plugin-impl</outputDirectory>
<unpack>false</unpack>
<includes>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
diff --git a/distro/src/main/assembly/plugin-ozone.xml
b/distro/src/main/assembly/plugin-ozone.xml
index 474e533..5c0852d 100644
--- a/distro/src/main/assembly/plugin-ozone.xml
+++ b/distro/src/main/assembly/plugin-ozone.xml
@@ -93,8 +93,6 @@
<includes>
<include>org.apache.commons:commons-configuration2:jar:${commons.configuration.version}</include>
<include>commons-configuration:commons-configuration:jar:${commons.configuration1.version}</include>
-
<include>org.eclipse.persistence:javax.persistence</include>
- <include>org.eclipse.persistence:eclipselink</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
diff --git a/distro/src/main/assembly/plugin-presto.xml
b/distro/src/main/assembly/plugin-presto.xml
index e3508a1..82d1610 100644
--- a/distro/src/main/assembly/plugin-presto.xml
+++ b/distro/src/main/assembly/plugin-presto.xml
@@ -67,8 +67,6 @@
<fileMode>644</fileMode>
<includes>
<include>com.google.code.gson:gson*</include>
- <include>org.eclipse.persistence:eclipselink</include>
-
<include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
diff --git a/distro/src/main/assembly/plugin-solr.xml
b/distro/src/main/assembly/plugin-solr.xml
index c819ce3..382b570 100644
--- a/distro/src/main/assembly/plugin-solr.xml
+++ b/distro/src/main/assembly/plugin-solr.xml
@@ -49,8 +49,6 @@
<fileMode>644</fileMode>
<includes>
<include>com.google.code.gson:gson</include>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>com.sun.jersey:jersey-bundle</include>
<include>com.google.guava:guava:jar:${google.guava.version}</include>
<include>org.codehaus.jackson:jackson-core-asl</include>
diff --git a/distro/src/main/assembly/plugin-sqoop.xml
b/distro/src/main/assembly/plugin-sqoop.xml
index c7679a5..13f74dc 100644
--- a/distro/src/main/assembly/plugin-sqoop.xml
+++ b/distro/src/main/assembly/plugin-sqoop.xml
@@ -53,8 +53,6 @@
<directoryMode>755</directoryMode>
<fileMode>644</fileMode>
<includes>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
diff --git a/distro/src/main/assembly/plugin-yarn.xml
b/distro/src/main/assembly/plugin-yarn.xml
index 1a6192f..b20a0e3 100644
--- a/distro/src/main/assembly/plugin-yarn.xml
+++ b/distro/src/main/assembly/plugin-yarn.xml
@@ -53,8 +53,6 @@
<directoryMode>755</directoryMode>
<fileMode>644</fileMode>
<includes>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>org.apache.httpcomponents:httpmime:jar:${httpcomponents.httpmime.version}</include>
<include>org.apache.httpcomponents:httpclient:jar:${httpcomponents.httpclient.version}</include>
diff --git a/distro/src/main/assembly/storm-agent.xml
b/distro/src/main/assembly/storm-agent.xml
index 325626c..908415f 100644
--- a/distro/src/main/assembly/storm-agent.xml
+++ b/distro/src/main/assembly/storm-agent.xml
@@ -61,8 +61,6 @@
<include>org.apache.hadoop:hadoop-common</include>
<include>org.apache.hadoop:hadoop-common-plus</include>
<include>com.google.code.gson:gson</include>
- <include>org.eclipse.persistence:eclipselink</include>
- <include>org.eclipse.persistence:javax.persistence</include>
<include>org.eclipse.jetty:jetty-client:jar:${jetty-client.version}</include>
<include>commons-collections:commons-collections</include>
<include>commons-logging:commons-logging:jar:${commons.logging.version}</include>
diff --git a/hbase-agent/conf/ranger-hbase-audit-changes.cfg
b/hbase-agent/conf/ranger-hbase-audit-changes.cfg
index 799e552..26bd2fa 100644
--- a/hbase-agent/conf/ranger-hbase-audit-changes.cfg
+++ b/hbase-agent/conf/ranger-hbase-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod
create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/hbase-agent/conf/ranger-hbase-audit.xml
b/hbase-agent/conf/ranger-hbase-audit.xml
index e212f78..9e27b5a 100644
--- a/hbase-agent/conf/ranger-hbase-audit.xml
+++ b/hbase-agent/conf/ranger-hbase-audit.xml
@@ -21,60 +21,6 @@
<name>xasecure.audit.is.enabled</name>
<value>true</value>
</property>
-
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/hbasedev/auditcred.jceks</value>
- </property>
-
<!-- HDFS audit provider configuration -->
<property>
diff --git a/hbase-agent/scripts/install.sh b/hbase-agent/scripts/install.sh
index d900d6a..b4fd3d6 100644
--- a/hbase-agent/scripts/install.sh
+++ b/hbase-agent/scripts/install.sh
@@ -238,83 +238,6 @@ chmod go+r ${CredFile}
chown ${CONFIG_FILE_OWNER} ${CredFile}
PROP_ARGS="-p ${install_dir}/install.properties"
-to_file="${install_dir}/install.properties"
-DB_FLAVOR=`grep '^XAAUDIT.DB.FLAVOUR' ${install_dir}/install.properties | awk
-F= '{ print $2 }'`
-DB_FLAVOR=`echo $DB_FLAVOR | tr '[:lower:]' '[:upper:]'`
-if [ "${DB_FLAVOR}" == "" ]
-then
- $DB_FLAVOR="MYSQL"
-fi
-echo "[I] Updating install.properites setting for : $DB_FLAVOR"
-
-if [ "${DB_FLAVOR}" == "MYSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- newPropertyValue="jdbc:mysql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.mysql.jdbc.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-
-if [ "${DB_FLAVOR}" == "ORACLE" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- count=$(grep -o ":" <<< "$audit_db_hostname" | wc -l)
- #if [[ ${count} -eq 2 ]] ; then
- if [ ${count} -eq 2 ] || [ ${count} -eq 0 ]; then
- #jdbc:oracle:thin:@[HOST][:PORT]:SID or #jdbc:oracle:thin:@GL
- newPropertyValue="jdbc:oracle:thin:@${audit_db_hostname}"
- else
- #jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE
- newPropertyValue="jdbc:oracle:thin:@//${audit_db_hostname}"
- fi
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="oracle.jdbc.OracleDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-
-if [ "${DB_FLAVOR}" == "POSTGRES" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="org.postgresql.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "MSSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "SQLA" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlanywhere:database=${audit_db_name};host=${audit_db_hostname}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="sap.jdbc4.sqlanywhere.IDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
for f in ${install_dir}/installer/conf/*-changes.cfg
do
if [ -f ${f} ]
diff --git a/hdfs-agent/conf/ranger-hdfs-audit-changes.cfg
b/hdfs-agent/conf/ranger-hdfs-audit-changes.cfg
index 4c9f662..9e099e6 100644
--- a/hdfs-agent/conf/ranger-hdfs-audit-changes.cfg
+++ b/hdfs-agent/conf/ranger-hdfs-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod
create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/hdfs-agent/conf/ranger-hdfs-audit.xml
b/hdfs-agent/conf/ranger-hdfs-audit.xml
index ad95420..e16ea59 100644
--- a/hdfs-agent/conf/ranger-hdfs-audit.xml
+++ b/hdfs-agent/conf/ranger-hdfs-audit.xml
@@ -22,60 +22,6 @@
<value>true</value>
</property>
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/hadoopdev/auditcred.jceks</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/hdfs-agent/scripts/install.sh b/hdfs-agent/scripts/install.sh
index 302faa0..94269da 100644
--- a/hdfs-agent/scripts/install.sh
+++ b/hdfs-agent/scripts/install.sh
@@ -250,82 +250,6 @@ chown ${CONFIG_FILE_OWNER} ${CredFile}
# Modify the XML files needed to support the
#
PROP_ARGS="-p ${install_dir}/install.properties"
-to_file="${install_dir}/install.properties"
-DB_FLAVOR=`grep '^XAAUDIT.DB.FLAVOUR' ${install_dir}/install.properties | awk
-F= '{ print $2 }'`
-DB_FLAVOR=`echo $DB_FLAVOR | tr '[:lower:]' '[:upper:]'`
-if [ "${DB_FLAVOR}" == "" ]
-then
- $DB_FLAVOR="MYSQL"
-fi
-echo "[I] Updating install.properites setting for : $DB_FLAVOR"
-
-if [ "${DB_FLAVOR}" == "MYSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- newPropertyValue="jdbc:mysql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.mysql.jdbc.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-
-if [ "${DB_FLAVOR}" == "ORACLE" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- count=$(grep -o ":" <<< "$audit_db_hostname" | wc -l)
- #if [[ ${count} -eq 2 ]] ; then
- if [ ${count} -eq 2 ] || [ ${count} -eq 0 ]; then
- #jdbc:oracle:thin:@[HOST][:PORT]:SID
- newPropertyValue="jdbc:oracle:thin:@${audit_db_hostname}"
- else
- #jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE
- newPropertyValue="jdbc:oracle:thin:@//${audit_db_hostname}"
- fi
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="oracle.jdbc.OracleDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "POSTGRES" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="org.postgresql.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "MSSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "SQLA" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlanywhere:database=${audit_db_name};host=${audit_db_hostname}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="sap.jdbc4.sqlanywhere.IDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
for f in ${install_dir}/installer/conf/*-changes.cfg
do
if [ -f ${f} ]
diff --git a/hive-agent/conf/ranger-hive-audit-changes.cfg
b/hive-agent/conf/ranger-hive-audit-changes.cfg
index cb023f8..c396d5d 100644
--- a/hive-agent/conf/ranger-hive-audit-changes.cfg
+++ b/hive-agent/conf/ranger-hive-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
@@ -78,4 +72,4 @@ xasecure.audit.log4j.is.async
%XAAUDIT.LOG4J.IS_ASYNC%
xasecure.audit.log4j.async.max.queue.size
%XAAUDIT.LOG4J.ASYNC.MAX.QUEUE.SIZE% mod
create-if-not-exists
xasecure.audit.log4j.async.max.flush.interval.ms
%XAAUDIT.LOG4J.ASYNC.MAX.FLUSH.INTERVAL.MS% mod
create-if-not-exists
xasecure.audit.destination.log4j
%XAAUDIT.LOG4J.DESTINATION.LOG4J% mod create-if-not-exists
-xasecure.audit.destination.log4j.logger
%XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER% mod
create-if-not-exists
\ No newline at end of file
+xasecure.audit.destination.log4j.logger
%XAAUDIT.LOG4J.DESTINATION.LOG4J.LOGGER% mod
create-if-not-exists
diff --git a/hive-agent/conf/ranger-hive-audit.xml
b/hive-agent/conf/ranger-hive-audit.xml
index ce68dd7..d42e589 100644
--- a/hive-agent/conf/ranger-hive-audit.xml
+++ b/hive-agent/conf/ranger-hive-audit.xml
@@ -22,60 +22,6 @@
<value>true</value>
</property>
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/hivedev/auditcred.jceks</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/hive-agent/scripts/install.sh b/hive-agent/scripts/install.sh
index 6a8a8a7..06aac48 100644
--- a/hive-agent/scripts/install.sh
+++ b/hive-agent/scripts/install.sh
@@ -228,81 +228,6 @@ chown ${CONFIG_FILE_OWNER} ${CredFile}
PROP_ARGS="-p ${install_dir}/install.properties"
to_file="${install_dir}/install.properties"
-DB_FLAVOR=`grep '^XAAUDIT.DB.FLAVOUR' ${install_dir}/install.properties | awk
-F= '{ print $2 }'`
-DB_FLAVOR=`echo $DB_FLAVOR | tr '[:lower:]' '[:upper:]'`
-if [ "${DB_FLAVOR}" == "" ]
-then
- $DB_FLAVOR="MYSQL"
-fi
-echo "[I] Updating install.properites setting for : $DB_FLAVOR"
-
-if [ "${DB_FLAVOR}" == "MYSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- newPropertyValue="jdbc:mysql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.mysql.jdbc.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-
-if [ "${DB_FLAVOR}" == "ORACLE" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- count=$(grep -o ":" <<< "$audit_db_hostname" | wc -l)
- #if [[ ${count} -eq 2 ]] ; then
- if [ ${count} -eq 2 ] || [ ${count} -eq 0 ]; then
- #jdbc:oracle:thin:@[HOST][:PORT]:SID or #jdbc:oracle:thin:@GL
- newPropertyValue="jdbc:oracle:thin:@${audit_db_hostname}"
- else
- #jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE
- newPropertyValue="jdbc:oracle:thin:@//${audit_db_hostname}"
- fi
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="oracle.jdbc.OracleDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "POSTGRES" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="org.postgresql.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "MSSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "SQLA" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlanywhere:database=${audit_db_name};host=${audit_db_hostname}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="sap.jdbc4.sqlanywhere.IDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
for f in ${install_dir}/installer/conf/*-changes.cfg
do
if [ -f ${f} ]
diff --git a/kms/pom.xml b/kms/pom.xml
index 66d6e36..0c33539 100644
--- a/kms/pom.xml
+++ b/kms/pom.xml
@@ -402,6 +402,16 @@
<artifactId>commons-lang3</artifactId>
<version>${commons.lang3.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.eclipse.persistence</groupId>
+ <artifactId>eclipselink</artifactId>
+ <version>${eclipse.jpa.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.eclipse.persistence</groupId>
+ <artifactId>javax.persistence</artifactId>
+ <version>${javax.persistence.version}</version>
+ </dependency>
</dependencies>
<build>
<pluginManagement>
diff --git a/knox-agent/conf/ranger-knox-audit-changes.cfg
b/knox-agent/conf/ranger-knox-audit-changes.cfg
index da23ebc..c396d5d 100644
--- a/knox-agent/conf/ranger-knox-audit-changes.cfg
+++ b/knox-agent/conf/ranger-knox-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod
create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/knox-agent/conf/ranger-knox-audit.xml
b/knox-agent/conf/ranger-knox-audit.xml
index 5f44ad2..ee7982d 100644
--- a/knox-agent/conf/ranger-knox-audit.xml
+++ b/knox-agent/conf/ranger-knox-audit.xml
@@ -21,60 +21,6 @@
<name>xasecure.audit.is.enabled</name>
<value>true</value>
</property>
-
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/knoxdev/auditcred.jceks</value>
- </property>
-
<!-- HDFS audit provider configuration -->
<property>
diff --git a/knox-agent/scripts/install.sh b/knox-agent/scripts/install.sh
index d717ad4..e672e88 100644
--- a/knox-agent/scripts/install.sh
+++ b/knox-agent/scripts/install.sh
@@ -159,82 +159,6 @@ done
PROP_ARGS="-p ${install_dir}/install.properties"
-to_file="${install_dir}/install.properties"
-DB_FLAVOR=`grep '^XAAUDIT.DB.FLAVOUR' ${install_dir}/install.properties | awk
-F= '{ print $2 }'`
-DB_FLAVOR=`echo $DB_FLAVOR | tr '[:lower:]' '[:upper:]'`
-if [ "${DB_FLAVOR}" == "" ]
-then
- $DB_FLAVOR="MYSQL"
-fi
-echo "[I] Updating install.properites setting for : $DB_FLAVOR"
-
-if [ "${DB_FLAVOR}" == "MYSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- newPropertyValue="jdbc:mysql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.mysql.jdbc.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-
-if [ "${DB_FLAVOR}" == "ORACLE" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- count=$(grep -o ":" <<< "$audit_db_hostname" | wc -l)
- #if [[ ${count} -eq 2 ]] ; then
- if [ ${count} -eq 2 ] || [ ${count} -eq 0 ]; then
- #jdbc:oracle:thin:@[HOST][:PORT]:SID or #jdbc:oracle:thin:@GL
- newPropertyValue="jdbc:oracle:thin:@${audit_db_hostname}"
- else
- #jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE
- newPropertyValue="jdbc:oracle:thin:@//${audit_db_hostname}"
- fi
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="oracle.jdbc.OracleDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "POSTGRES" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="org.postgresql.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "MSSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "SQLA" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlanywhere:database=${audit_db_name};host=${audit_db_hostname}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="sap.jdbc4.sqlanywhere.IDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
for f in ${install_dir}/installer/conf/*-changes.cfg
do
if [ -f ${f} ]
diff --git a/plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg
b/plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg
index c3219d7..c396d5d 100644
--- a/plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg
+++ b/plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-elasticsearch/conf/ranger-elasticsearch-audit.xml
b/plugin-elasticsearch/conf/ranger-elasticsearch-audit.xml
index b9bdde5..f06b384 100644
--- a/plugin-elasticsearch/conf/ranger-elasticsearch-audit.xml
+++ b/plugin-elasticsearch/conf/ranger-elasticsearch-audit.xml
@@ -22,61 +22,6 @@
<value>true</value>
</property>
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
-
<value>jceks://file/etc/ranger/elasticsearchdev/auditcred.jceks</value>
- </property>
-
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-kafka/conf/ranger-kafka-audit-changes.cfg
b/plugin-kafka/conf/ranger-kafka-audit-changes.cfg
index 35ec308..dfd27f3 100644
--- a/plugin-kafka/conf/ranger-kafka-audit-changes.cfg
+++ b/plugin-kafka/conf/ranger-kafka-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-kafka/conf/ranger-kafka-audit.xml
b/plugin-kafka/conf/ranger-kafka-audit.xml
index 34bb2fd..b7b4806 100644
--- a/plugin-kafka/conf/ranger-kafka-audit.xml
+++ b/plugin-kafka/conf/ranger-kafka-audit.xml
@@ -23,60 +23,6 @@
</property>
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/kafkadev/auditcred.jceks</value>
- </property>
-
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-kms/conf/ranger-kms-audit-changes.cfg
b/plugin-kms/conf/ranger-kms-audit-changes.cfg
index 939e839..8d5ca34 100644
--- a/plugin-kms/conf/ranger-kms-audit-changes.cfg
+++ b/plugin-kms/conf/ranger-kms-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-kms/conf/ranger-kms-audit.xml
b/plugin-kms/conf/ranger-kms-audit.xml
index 1c6c029..2ae726d 100755
--- a/plugin-kms/conf/ranger-kms-audit.xml
+++ b/plugin-kms/conf/ranger-kms-audit.xml
@@ -22,59 +22,6 @@
<value>true</value>
</property>
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/kmsdev/auditcred.jceks</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-kms/scripts/enable-kms-plugin.sh
b/plugin-kms/scripts/enable-kms-plugin.sh
index 43657f3..d8ace86 100755
--- a/plugin-kms/scripts/enable-kms-plugin.sh
+++ b/plugin-kms/scripts/enable-kms-plugin.sh
@@ -356,49 +356,6 @@ then
chown -R ${CFG_OWNER_INF} /etc/${PROJ_NAME}/${REPO_NAME}
- #
- # We need to do the AUDIT JDBC url
- #
-db_flavor=''
-db_flavor=`echo $(getInstallProperty 'XAAUDIT.DB.FLAVOUR') | tr '[:lower:]'
'[:upper:]'`
-if [ "${db_flavor}" != "" ]
-then
- audit_db_hostname=$(getInstallProperty 'XAAUDIT.DB.HOSTNAME')
- audit_db_name=$(getInstallProperty 'XAAUDIT.DB.DATABASE_NAME')
-
- if [ "${db_flavor}" = "MYSQL" ]
- then
- export
XAAUDIT_DB_JDBC_URL="jdbc:mysql://${audit_db_hostname}/${audit_db_name}"
- export XAAUDIT_DB_JDBC_DRIVER="com.mysql.jdbc.Driver"
- elif [ "${db_flavor}" = "ORACLE" ]
- then
- count=$(grep -o ":" <<< "$audit_db_hostname" | wc -l)
- #if [[ ${count} -eq 2 ]] ; then
- if [ ${count} -eq 2 ] || [ ${count} -eq 0 ]; then
- #jdbc:oracle:thin:@[HOST][:PORT]:SID or
#jdbc:oracle:thin:@GL
-
newPropertyValue="jdbc:oracle:thin:@${audit_db_hostname}"
- else
- #jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE
-
newPropertyValue="jdbc:oracle:thin:@//${audit_db_hostname}"
- fi
- export XAAUDIT_DB_JDBC_URL=${newPropertyValue}
- export XAAUDIT_DB_JDBC_DRIVER="oracle.jdbc.OracleDriver"
- elif [ "${db_flavor}" = "POSTGRES" ]
- then
- export
XAAUDIT_DB_JDBC_URL="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}"
- export XAAUDIT_DB_JDBC_DRIVER="org.postgresql.Driver"
- elif [ "${db_flavor}" = "MSSQL" ]
- then
- export
XAAUDIT_DB_JDBC_URL="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}"
- export
XAAUDIT_DB_JDBC_DRIVER="com.microsoft.sqlserver.jdbc.SQLServerDriver"
- else
- echo "Audit is not specified with a valid db_flavor: [${db_flavor}].
Ignoring audit ..."
- export
XAAUDIT_DB_JDBC_URL="jdbc:${db_flavor}://${audit_db_hostname}/${audit_db_name}"
- export XAAUDIT_DB_JDBC_DRIVER="com.unknown.driver.${db_flavor}"
- fi
-fi
-
-
for f in ${PROJ_INSTALL_DIR}/install/conf.templates/${action}/*.cfg
do
if [ -f "${f}" ]
diff --git a/plugin-kylin/conf/ranger-kylin-audit-changes.cfg
b/plugin-kylin/conf/ranger-kylin-audit-changes.cfg
index c3219d7..c396d5d 100644
--- a/plugin-kylin/conf/ranger-kylin-audit-changes.cfg
+++ b/plugin-kylin/conf/ranger-kylin-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-kylin/conf/ranger-kylin-audit.xml
b/plugin-kylin/conf/ranger-kylin-audit.xml
index 94fba58..f687814 100644
--- a/plugin-kylin/conf/ranger-kylin-audit.xml
+++ b/plugin-kylin/conf/ranger-kylin-audit.xml
@@ -22,61 +22,6 @@
<value>true</value>
</property>
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/kylindev/auditcred.jceks</value>
- </property>
-
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-ozone/conf/ranger-ozone-audit-changes.cfg
b/plugin-ozone/conf/ranger-ozone-audit-changes.cfg
index 9444593..8cd5e39 100644
--- a/plugin-ozone/conf/ranger-ozone-audit-changes.cfg
+++ b/plugin-ozone/conf/ranger-ozone-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-ozone/conf/ranger-ozone-audit.xml
b/plugin-ozone/conf/ranger-ozone-audit.xml
index 05a18d6..d9dede5 100644
--- a/plugin-ozone/conf/ranger-ozone-audit.xml
+++ b/plugin-ozone/conf/ranger-ozone-audit.xml
@@ -22,57 +22,6 @@
<value>true</value>
</property>
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/ozonedev/auditcred.jceks</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-presto/conf/ranger-presto-audit-changes.cfg
b/plugin-presto/conf/ranger-presto-audit-changes.cfg
index 35ec308..dfd27f3 100644
--- a/plugin-presto/conf/ranger-presto-audit-changes.cfg
+++ b/plugin-presto/conf/ranger-presto-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-presto/conf/ranger-presto-audit.xml
b/plugin-presto/conf/ranger-presto-audit.xml
index c72771e..d335974 100644
--- a/plugin-presto/conf/ranger-presto-audit.xml
+++ b/plugin-presto/conf/ranger-presto-audit.xml
@@ -22,61 +22,6 @@
<value>true</value>
</property>
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used to
configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/prestodev/auditcred.jceks</value>
- </property>
-
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-solr/conf/ranger-solr-audit-changes.cfg
b/plugin-solr/conf/ranger-solr-audit-changes.cfg
index 1e31667..d4588ff 100644
--- a/plugin-solr/conf/ranger-solr-audit-changes.cfg
+++ b/plugin-solr/conf/ranger-solr-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-solr/conf/ranger-solr-audit.xml
b/plugin-solr/conf/ranger-solr-audit.xml
index a7c8d98..9120a10 100644
--- a/plugin-solr/conf/ranger-solr-audit.xml
+++ b/plugin-solr/conf/ranger-solr-audit.xml
@@ -21,61 +21,6 @@
<name>xasecure.audit.is.enabled</name>
<value>true</value>
</property>
-
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/solrdev/auditcred.jceks</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
diff --git a/plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg
b/plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg
index c3219d7..c396d5d 100644
--- a/plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg
+++ b/plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-sqoop/conf/ranger-sqoop-audit.xml
b/plugin-sqoop/conf/ranger-sqoop-audit.xml
index 013a84c..89faa23 100644
--- a/plugin-sqoop/conf/ranger-sqoop-audit.xml
+++ b/plugin-sqoop/conf/ranger-sqoop-audit.xml
@@ -22,61 +22,6 @@
<value>true</value>
</property>
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/sqoopdev/auditcred.jceks</value>
- </property>
-
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/plugin-yarn/conf/ranger-yarn-audit-changes.cfg
b/plugin-yarn/conf/ranger-yarn-audit-changes.cfg
index c3219d7..c396d5d 100644
--- a/plugin-yarn/conf/ranger-yarn-audit-changes.cfg
+++ b/plugin-yarn/conf/ranger-yarn-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/plugin-yarn/conf/ranger-yarn-audit.xml
b/plugin-yarn/conf/ranger-yarn-audit.xml
index fceca71..1927572 100644
--- a/plugin-yarn/conf/ranger-yarn-audit.xml
+++ b/plugin-yarn/conf/ranger-yarn-audit.xml
@@ -21,61 +21,6 @@
<name>xasecure.audit.is.enabled</name>
<value>true</value>
</property>
-
-
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/yarndev/auditcred.jceks</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
diff --git a/ranger-examples/distro/src/main/assembly/sample-client.xml
b/ranger-examples/distro/src/main/assembly/sample-client.xml
index e3fa1bb..953cc1d 100644
--- a/ranger-examples/distro/src/main/assembly/sample-client.xml
+++ b/ranger-examples/distro/src/main/assembly/sample-client.xml
@@ -48,8 +48,6 @@
<include>org.apache.commons:commons-configuration2:jar:${commons.configuration.version}</include>
<include>org.apache.hadoop:hadoop-common:jar:${hadoop.version}</include>
<include>org.apache.hadoop:hadoop-auth:jar:${hadoop.version}</include>
- <include>org.eclipse.persistence:eclipselink</include>
-
<include>org.eclipse.persistence:javax.persistence</include>
<include>commons-collections:commons-collections</include>
<include>com.sun.jersey:jersey-bundle</include>
<include>commons-io:commons-io</include>
diff --git a/ranger-examples/plugin-sampleapp/conf/ranger-sampleapp-audit.xml
b/ranger-examples/plugin-sampleapp/conf/ranger-sampleapp-audit.xml
index 5b19063..7fe3439 100644
--- a/ranger-examples/plugin-sampleapp/conf/ranger-sampleapp-audit.xml
+++ b/ranger-examples/plugin-sampleapp/conf/ranger-sampleapp-audit.xml
@@ -17,38 +17,6 @@
-->
<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
<configuration xmlns:xi="http://www.w3.org/2001/XInclude">
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.destination.db</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.destination.db.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.destination.db.jdbc.url</name>
- <value>jdbc:mysql://localhost/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.destination.db.password</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.destination.db.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.destination.db.batch.filespool.dir</name>
- <value>/tmp/audit/db/spool</value>
- </property>
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.destination.hdfs</name>
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
index 8dc2575..2b25ba8 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
@@ -23,7 +23,6 @@ import static org.junit.Assert.assertEquals;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
-import org.apache.ranger.audit.dao.DaoManager;
import org.apache.ranger.biz.RangerBizUtil;
import org.apache.ranger.biz.SessionMgr;
import org.apache.ranger.biz.XUserMgr;
@@ -163,7 +162,6 @@ public class TestXUserREST {
@Mock XXResource xXResource;
@Mock XXAuditMap XXAuditMap;
@Mock XAuditMapService xAuditMapService;
- @Mock DaoManager daoManager;
@Mock XPermMapService xPermMapService;
@Mock XXAsset XXAsset;
@Mock RangerDaoManager rangerDaoManager;
diff --git a/storm-agent/conf/ranger-storm-audit-changes.cfg
b/storm-agent/conf/ranger-storm-audit-changes.cfg
index c3219d7..c396d5d 100644
--- a/storm-agent/conf/ranger-storm-audit-changes.cfg
+++ b/storm-agent/conf/ranger-storm-audit-changes.cfg
@@ -12,12 +12,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#xasecure.audit.db.is.enabled %XAAUDIT.DB.IS_ENABLED%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.url %XAAUDIT_DB_JDBC_URL%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.user
%XAAUDIT.DB.USER_NAME%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.password crypted
mod create-if-not-exists
-#xasecure.audit.credential.provider.file
jceks://file%CREDENTIAL_PROVIDER_FILE%
mod create-if-not-exists
-#xasecure.audit.jpa.javax.persistence.jdbc.driver
%XAAUDIT_DB_JDBC_DRIVER%
mod create-if-not-exists
xasecure.audit.hdfs.is.enabled
%XAAUDIT.HDFS.IS_ENABLED% mod create-if-not-exists
xasecure.audit.hdfs.config.destination.directory
%XAAUDIT.HDFS.DESTINATION_DIRECTORY% mod create-if-not-exists
diff --git a/storm-agent/conf/ranger-storm-audit.xml
b/storm-agent/conf/ranger-storm-audit.xml
index a8967c5..80232db 100644
--- a/storm-agent/conf/ranger-storm-audit.xml
+++ b/storm-agent/conf/ranger-storm-audit.xml
@@ -22,60 +22,6 @@
<value>true</value>
</property>
- <!-- DB audit provider configuration -->
- <property>
- <name>xasecure.audit.db.is.enabled</name>
- <value>false</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.is.async</name>
- <value>true</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.queue.size</name>
- <value>10240</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.async.max.flush.interval.ms</name>
- <value>30000</value>
- </property>
-
- <property>
- <name>xasecure.audit.db.batch.size</name>
- <value>100</value>
- </property>
-
- <!-- Properties whose name begin with "xasecure.audit.jpa." are used
to configure JPA -->
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.url</name>
- <value>jdbc:mysql://localhost:3306/ranger_audit</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.user</name>
- <value>rangerlogger</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.password</name>
- <value>none</value>
- </property>
-
- <property>
- <name>xasecure.audit.jpa.javax.persistence.jdbc.driver</name>
- <value>com.mysql.jdbc.Driver</value>
- </property>
-
- <property>
- <name>xasecure.audit.credential.provider.file</name>
- <value>jceks://file/etc/ranger/stormdev/auditcred.jceks</value>
- </property>
-
-
-
<!-- HDFS audit provider configuration -->
<property>
<name>xasecure.audit.hdfs.is.enabled</name>
diff --git a/storm-agent/scripts/install.sh b/storm-agent/scripts/install.sh
index d0fa2cc..4de934d 100644
--- a/storm-agent/scripts/install.sh
+++ b/storm-agent/scripts/install.sh
@@ -188,82 +188,6 @@ chown ${CONFIG_FILE_OWNER} ${CredFile}
PROP_ARGS="-p ${install_dir}/install.properties"
-to_file="${install_dir}/install.properties"
-DB_FLAVOR=`grep '^XAAUDIT.DB.FLAVOUR' ${install_dir}/install.properties | awk
-F= '{ print $2 }'`
-DB_FLAVOR=`echo $DB_FLAVOR | tr '[:lower:]' '[:upper:]'`
-if [ "${DB_FLAVOR}" == "" ]
-then
- $DB_FLAVOR="MYSQL"
-fi
-echo "[I] Updating install.properites setting for : $DB_FLAVOR"
-
-if [ "${DB_FLAVOR}" == "MYSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- newPropertyValue="jdbc:mysql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.mysql.jdbc.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-
-if [ "${DB_FLAVOR}" == "ORACLE" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
- count=$(grep -o ":" <<< "$audit_db_hostname" | wc -l)
- #if [[ ${count} -eq 2 ]] ; then
- if [ ${count} -eq 2 ] || [ ${count} -eq 0 ]; then
- #jdbc:oracle:thin:@[HOST][:PORT]:SID or #jdbc:oracle:thin:@GL
- newPropertyValue="jdbc:oracle:thin:@${audit_db_hostname}"
- else
- #jdbc:oracle:thin:@//[HOST][:PORT]/SERVICE
- newPropertyValue="jdbc:oracle:thin:@//${audit_db_hostname}"
- fi
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="oracle.jdbc.OracleDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "POSTGRES" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:postgresql://${audit_db_hostname}/${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="org.postgresql.Driver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "MSSQL" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlserver://${audit_db_hostname};databaseName=${audit_db_name}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="com.microsoft.sqlserver.jdbc.SQLServerDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
-if [ "${DB_FLAVOR}" == "SQLA" ]
-then
- audit_db_hostname=`grep '^XAAUDIT.DB.HOSTNAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- audit_db_name=`grep '^XAAUDIT.DB.DATABASE_NAME'
${install_dir}/install.properties | awk -F= '{ print $2 }'`
- propertyName=XAAUDIT.DB.JDBC_URL
-
newPropertyValue="jdbc:sqlanywhere:database=${audit_db_name};host=${audit_db_hostname}"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-
- propertyName=XAAUDIT.DB.JDBC_DRIVER
- newPropertyValue="sap.jdbc4.sqlanywhere.IDriver"
- updatePropertyToFile $propertyName $newPropertyValue $to_file
-fi
for f in ${install_dir}/installer/conf/*-changes.cfg
do
if [ -f ${f} ]