This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new d2b0d3a RANGER-3647 : Connection to DB fails for MySQL version above
8.0
d2b0d3a is described below
commit d2b0d3aa4b68dd8c8145b79020a2f54b79fad295
Author: Vishal Suvagia <[email protected]>
AuthorDate: Wed Mar 16 19:06:55 2022 +0530
RANGER-3647 : Connection to DB fails for MySQL version above 8.0
Issue:
Observed that Ranger DB setup fails when using with MySQL version above 8.0.
Changes:
Updated code to allow MySql connection with version > 8.0
Added new option to allow user to over-ride jdbc url by configuring it in
install.properties
Testing:
verified on a local setup.
Signed-off-by: Mehul Parikh <[email protected]>
---
security-admin/scripts/db_setup.py | 90 +++++++++++++++++-----
security-admin/scripts/install.properties | 5 ++
.../org/apache/ranger/common/PropertiesUtil.java | 30 +++++++-
3 files changed, 103 insertions(+), 22 deletions(-)
diff --git a/security-admin/scripts/db_setup.py
b/security-admin/scripts/db_setup.py
index ad823b3..ff54956 100644
--- a/security-admin/scripts/db_setup.py
+++ b/security-admin/scripts/db_setup.py
@@ -819,7 +819,7 @@ class BaseDB(object):
class MysqlConf(BaseDB):
# Constructor
- def __init__(self,
host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type):
+ def __init__(self,
host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,is_db_override_jdbc_connection_string,db_override_jdbc_connection_string):
self.host = host
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
@@ -833,6 +833,8 @@ class MysqlConf(BaseDB):
self.javax_net_ssl_trustStorePassword=javax_net_ssl_trustStorePassword
self.commandTerminator=" "
self.XA_DB_FLAVOR = "MYSQL"
+ self.is_db_override_jdbc_connection_string =
is_db_override_jdbc_connection_string
+ self.db_override_jdbc_connection_string =
db_override_jdbc_connection_string
def get_jisql_cmd(self, user, password ,db_name):
path = RANGER_ADMIN_HOME
@@ -845,11 +847,20 @@ class MysqlConf(BaseDB):
db_ssl_cert_param="
-Djavax.net.ssl.trustStore=%s -Djavax.net.ssl.trustStorePassword=%s "
%(self.javax_net_ssl_trustStore,self.javax_net_ssl_trustStorePassword)
else:
db_ssl_cert_param="
-Djavax.net.ssl.keyStore=%s -Djavax.net.ssl.keyStorePassword=%s
-Djavax.net.ssl.trustStore=%s -Djavax.net.ssl.trustStorePassword=%s "
%(self.javax_net_ssl_keyStore,self.javax_net_ssl_keyStorePassword,self.javax_net_ssl_trustStore,self.javax_net_ssl_trustStorePassword)
+ else:
+ if "useSSL" not in db_name:
+ db_ssl_param="?useSSL=false"
self.JAVA_BIN = self.JAVA_BIN.strip("'")
if is_unix:
- jisql_cmd = "%s %s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s%s -u
'%s' -p '%s' -noheader -trim -c \;"
%(self.JAVA_BIN,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path,self.host,db_name,db_ssl_param,user,password)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s %s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver mysqlconj -cstring %s -u '%s' -p '%s'
-noheader -trim -c \;"
%(self.JAVA_BIN,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path,self.db_override_jdbc_connection_string,user,password)
+ else:
+ jisql_cmd = "%s %s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s%s -u
'%s' -p '%s' -noheader -trim -c \;"
%(self.JAVA_BIN,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path,self.host,db_name,db_ssl_param,user,password)
elif os_name == "WINDOWS":
- jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s%s -u
\"%s\" -p \"%s\" -noheader -trim"
%(self.JAVA_BIN,db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host,
db_name, db_ssl_param,user, password)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver mysqlconj -cstring %s -u \"%s\" -p \"%s\"
-noheader -trim" %(self.JAVA_BIN,db_ssl_cert_param,self.SQL_CONNECTOR_JAR,
path, self.db_override_jdbc_connection_string,user, password)
+ else:
+ jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver mysqlconj -cstring jdbc:mysql://%s/%s%s -u
\"%s\" -p \"%s\" -noheader -trim"
%(self.JAVA_BIN,db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host,
db_name, db_ssl_param,user, password)
return jisql_cmd
def get_check_table_query(self, TABLE_NAME):
@@ -869,12 +880,14 @@ class MysqlConf(BaseDB):
class OracleConf(BaseDB):
# Constructor
- def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN):
+ def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN,
is_db_override_jdbc_connection_string, db_override_jdbc_connection_string):
self.host = host
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
self.commandTerminator=" -c \\; "
self.XA_DB_FLAVOR = "ORACLE"
+ self.is_db_override_jdbc_connection_string =
is_db_override_jdbc_connection_string
+ self.db_override_jdbc_connection_string =
db_override_jdbc_connection_string
def get_jisql_cmd(self, user, password ,db_name):
path = RANGER_ADMIN_HOME
@@ -891,9 +904,15 @@ class OracleConf(BaseDB):
cstring="jdbc:oracle:thin:@//%s" %(self.host)
if is_unix:
- jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver oraclethin -cstring %s -u '%s' -p '%s'
-noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, cstring, user,
password)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver oraclethin -cstring %s -u '%s' -p '%s'
-noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, cstring, user,
password)
+ else:
+ jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver oraclethin -cstring %s -u '%s' -p '%s'
-noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, cstring, user,
password)
elif os_name == "WINDOWS":
- jisql_cmd = "%s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver oraclethin -cstring %s -u \"%s\" -p \"%s\"
-noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, cstring, user,
password)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver oraclethin -cstring %s -u \"%s\" -p \"%s\"
-noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, cstring, user,
password)
+ else:
+ jisql_cmd = "%s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver oraclethin -cstring %s -u \"%s\" -p \"%s\"
-noheader -trim" %(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, cstring, user,
password)
return jisql_cmd
def execute_file(self, file_name):
@@ -939,7 +958,7 @@ class OracleConf(BaseDB):
class PostgresConf(BaseDB):
# Constructor
- def __init__(self,
host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,db_ssl_certificate_file,javax_net_ssl_trustStore_type,javax_net_ssl_keyStore_type):
+ def __init__(self,
host,SQL_CONNECTOR_JAR,JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,db_ssl_certificate_file,javax_net_ssl_trustStore_type,javax_net_ssl_keyStore_type,is_db_override_jdbc_connection_string,db_override_jdbc_connection_string):
self.host = host.lower()
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
@@ -956,6 +975,8 @@ class PostgresConf(BaseDB):
self.javax_net_ssl_trustStore_type=javax_net_ssl_trustStore_type.lower()
self.commandTerminator=" "
self.XA_DB_FLAVOR = "POSTGRES"
+ self.is_db_override_jdbc_connection_string =
is_db_override_jdbc_connection_string
+ self.db_override_jdbc_connection_string =
db_override_jdbc_connection_string
def get_jisql_cmd(self, user, password, db_name):
path = RANGER_ADMIN_HOME
@@ -974,9 +995,15 @@ class PostgresConf(BaseDB):
else:
db_ssl_param="?ssl=%s" %(self.db_ssl_enabled)
if is_unix:
- jisql_cmd = "%s %s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s
-u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN,
db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name,
db_ssl_param,user, password)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s %s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p '%s'
-noheader -trim -c \;" %(self.JAVA_BIN,
db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path,
self.db_override_jdbc_connection_string, user, password)
+ else:
+ jisql_cmd = "%s %s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s
-u %s -p '%s' -noheader -trim -c \;" %(self.JAVA_BIN,
db_ssl_cert_param,self.SQL_CONNECTOR_JAR,path, self.host, db_name,
db_ssl_param,user, password)
elif os_name == "WINDOWS":
- jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s
-u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN,
db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name,
db_ssl_param,user, password)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver postgresql -cstring %s -u %s -p \"%s\"
-noheader -trim" %(self.JAVA_BIN, db_ssl_cert_param,self.SQL_CONNECTOR_JAR,
path, self.db_override_jdbc_connection_string,user, password)
+ else:
+ jisql_cmd = "%s %s -cp %s;%s\jisql\\lib\\*
org.apache.util.sql.Jisql -driver postgresql -cstring jdbc:postgresql://%s/%s%s
-u %s -p \"%s\" -noheader -trim" %(self.JAVA_BIN,
db_ssl_cert_param,self.SQL_CONNECTOR_JAR, path, self.host, db_name,
db_ssl_param,user, password)
return jisql_cmd
def create_language_plpgsql(self,db_user, db_password, db_name):
@@ -1020,21 +1047,29 @@ class PostgresConf(BaseDB):
class SqlServerConf(BaseDB):
# Constructor
- def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN):
+ def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN,
is_db_override_jdbc_connection_string, db_override_jdbc_connection_string):
self.host = host
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
self.commandTerminator=" -c \\; "
self.XA_DB_FLAVOR = "MSSQL"
+ self.is_db_override_jdbc_connection_string =
is_db_override_jdbc_connection_string
+ self.db_override_jdbc_connection_string =
db_override_jdbc_connection_string
def get_jisql_cmd(self, user, password, db_name):
#TODO: User array for forming command
path = RANGER_ADMIN_HOME
self.JAVA_BIN = self.JAVA_BIN.strip("'")
if is_unix:
- jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -user %s -p '%s' -driver mssql -cstring
jdbc:sqlserver://%s\\;databaseName=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path, user, password, self.host,db_name)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -user %s -p '%s' -driver mssql -cstring %s -noheader
-trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, user, password,
self.db_override_jdbc_connection_string)
+ else:
+ jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -user %s -p '%s' -driver mssql -cstring
jdbc:sqlserver://%s\\;databaseName=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path, user, password, self.host,db_name)
elif os_name == "WINDOWS":
- jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\*
org.apache.util.sql.Jisql -user %s -p \"%s\" -driver mssql -cstring
jdbc:sqlserver://%s;databaseName=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path, user, password, self.host,db_name)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\*
org.apache.util.sql.Jisql -user %s -p \"%s\" -driver mssql -cstring %s
-noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, user, password,
self.db_override_jdbc_connection_string)
+ else:
+ jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\*
org.apache.util.sql.Jisql -user %s -p \"%s\" -driver mssql -cstring
jdbc:sqlserver://%s;databaseName=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path, user, password, self.host,db_name)
return jisql_cmd
def get_check_table_query(self, TABLE_NAME):
@@ -1054,20 +1089,28 @@ class SqlServerConf(BaseDB):
class SqlAnywhereConf(BaseDB):
# Constructor
- def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN):
+ def __init__(self, host, SQL_CONNECTOR_JAR, JAVA_BIN,
is_db_override_jdbc_connection_string, db_override_jdbc_connection_string):
self.host = host
self.SQL_CONNECTOR_JAR = SQL_CONNECTOR_JAR
self.JAVA_BIN = JAVA_BIN
self.commandTerminator=" -c \\; "
self.XA_DB_FLAVOR = "SQLA"
+ self.is_db_override_jdbc_connection_string =
is_db_override_jdbc_connection_string
+ self.db_override_jdbc_connection_string =
db_override_jdbc_connection_string
def get_jisql_cmd(self, user, password, db_name):
path = RANGER_ADMIN_HOME
self.JAVA_BIN = self.JAVA_BIN.strip("'")
if is_unix:
- jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -user %s -password '%s' -driver sapsajdbc4 -cstring
jdbc:sqlanywhere:database=%s;host=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path,user, password,db_name,self.host)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -user %s -password '%s' -driver sapsajdbc4 -cstring
%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path,user,
password,self.db_override_jdbc_connection_string)
+ else:
+ jisql_cmd = "%s -cp %s:%s/jisql/lib/*
org.apache.util.sql.Jisql -user %s -password '%s' -driver sapsajdbc4 -cstring
jdbc:sqlanywhere:database=%s;host=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path,user, password,db_name,self.host)
elif os_name == "WINDOWS":
- jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\*
org.apache.util.sql.Jisql -user %s -password '%s' -driver sapsajdbc4 -cstring
jdbc:sqlanywhere:database=%s;host=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path, user, password,db_name,self.host)
+ if self.is_db_override_jdbc_connection_string == 'true'
and self.db_override_jdbc_connection_string is not None and
len(self.db_override_jdbc_connection_string) > 0:
+ jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\*
org.apache.util.sql.Jisql -user %s -password '%s' -driver sapsajdbc4 -cstring
%s -noheader -trim"%(self.JAVA_BIN, self.SQL_CONNECTOR_JAR, path, user,
password,self.db_override_jdbc_connection_string)
+ else:
+ jisql_cmd = "%s -cp %s;%s\\jisql\\lib\\*
org.apache.util.sql.Jisql -user %s -password '%s' -driver sapsajdbc4 -cstring
jdbc:sqlanywhere:database=%s;host=%s -noheader -trim"%(self.JAVA_BIN,
self.SQL_CONNECTOR_JAR, path, user, password,db_name,self.host)
return jisql_cmd
def get_check_table_query(self, TABLE_NAME):
@@ -1222,6 +1265,8 @@ def main(argv):
db_ssl_certificate_file=''
javax_net_ssl_trustStore_type='bcfks'
javax_net_ssl_keyStore_type='bcfks'
+ is_override_db_connection_string='false'
+ db_override_jdbc_connection_string=''
if XA_DB_FLAVOR == "MYSQL" or XA_DB_FLAVOR == "POSTGRES":
if 'db_ssl_enabled' in globalDict:
@@ -1266,10 +1311,15 @@ def main(argv):
if
javax_net_ssl_keyStorePassword is None or javax_net_ssl_keyStorePassword =="":
log("[E] Invalid ssl
keystore password!","error")
sys.exit(1)
+ if 'is_override_db_connection_string' in globalDict:
+
is_override_db_connection_string=globalDict['is_override_db_connection_string'].lower()
+ if 'db_override_jdbc_connection_string' in globalDict:
+
db_override_jdbc_connection_string=globalDict['db_override_jdbc_connection_string'].strip()
+
if XA_DB_FLAVOR == "MYSQL":
MYSQL_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
- xa_sqlObj = MysqlConf(xa_db_host, MYSQL_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type)
+ xa_sqlObj = MysqlConf(xa_db_host, MYSQL_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,is_override_db_connection_string,db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME ,
mysql_dbversion_catalog)
xa_db_core_file = os.path.join(RANGER_ADMIN_HOME ,
mysql_core_file)
xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,mysql_patches)
@@ -1278,7 +1328,7 @@ def main(argv):
elif XA_DB_FLAVOR == "ORACLE":
ORACLE_CONNECTOR_JAR=globalDict['SQL_CONNECTOR_JAR']
- xa_sqlObj = OracleConf(xa_db_host, ORACLE_CONNECTOR_JAR,
JAVA_BIN)
+ xa_sqlObj = OracleConf(xa_db_host, ORACLE_CONNECTOR_JAR,
JAVA_BIN, is_override_db_connection_string, db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME
,oracle_dbversion_catalog)
xa_db_core_file = os.path.join(RANGER_ADMIN_HOME
,oracle_core_file)
xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,oracle_patches)
@@ -1289,7 +1339,7 @@ def main(argv):
db_user=db_user.lower()
db_name=db_name.lower()
POSTGRES_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
- xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,db_ssl_certificate_file,javax_net_ssl_trustStore_type,javax_net_ssl_keyStore_type)
+ xa_sqlObj = PostgresConf(xa_db_host, POSTGRES_CONNECTOR_JAR,
JAVA_BIN,db_ssl_enabled,db_ssl_required,db_ssl_verifyServerCertificate,javax_net_ssl_keyStore,javax_net_ssl_keyStorePassword,javax_net_ssl_trustStore,javax_net_ssl_trustStorePassword,db_ssl_auth_type,db_ssl_certificate_file,javax_net_ssl_trustStore_type,javax_net_ssl_keyStore_type,is_override_db_connection_string,db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME ,
postgres_dbversion_catalog)
xa_db_core_file = os.path.join(RANGER_ADMIN_HOME ,
postgres_core_file)
xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,
postgres_patches)
@@ -1298,7 +1348,7 @@ def main(argv):
elif XA_DB_FLAVOR == "MSSQL":
SQLSERVER_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
- xa_sqlObj = SqlServerConf(xa_db_host, SQLSERVER_CONNECTOR_JAR,
JAVA_BIN)
+ xa_sqlObj = SqlServerConf(xa_db_host, SQLSERVER_CONNECTOR_JAR,
JAVA_BIN, is_override_db_connection_string, db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME
,sqlserver_dbversion_catalog)
xa_db_core_file = os.path.join(RANGER_ADMIN_HOME ,
sqlserver_core_file)
xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,
sqlserver_patches)
@@ -1311,7 +1361,7 @@ def main(argv):
log("[E] ---------- LD_LIBRARY_PATH environment
property not defined, aborting installation. ----------", "error")
sys.exit(1)
SQLANYWHERE_CONNECTOR_JAR = globalDict['SQL_CONNECTOR_JAR']
- xa_sqlObj = SqlAnywhereConf(xa_db_host,
SQLANYWHERE_CONNECTOR_JAR, JAVA_BIN)
+ xa_sqlObj = SqlAnywhereConf(xa_db_host,
SQLANYWHERE_CONNECTOR_JAR, JAVA_BIN, is_override_db_connection_string,
db_override_jdbc_connection_string)
xa_db_version_file = os.path.join(RANGER_ADMIN_HOME
,sqlanywhere_dbversion_catalog)
xa_db_core_file = os.path.join(RANGER_ADMIN_HOME ,
sqlanywhere_core_file)
xa_patch_file = os.path.join(RANGER_ADMIN_HOME ,
sqlanywhere_patches)
diff --git a/security-admin/scripts/install.properties
b/security-admin/scripts/install.properties
index 22868fa..b8e864e 100644
--- a/security-admin/scripts/install.properties
+++ b/security-admin/scripts/install.properties
@@ -75,6 +75,11 @@ db_name=ranger
db_user=rangeradmin
db_password=
+#For over-riding the jdbc url.
+is_override_db_connection_string=false
+db_override_connection_string=
+
+
# change password. Password for below mentioned users can be changed only once
using this property.
#PLEASE NOTE :: Password should be minimum 8 characters with min one alphabet
and one numeric.
rangerAdmin_password=
diff --git
a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
index b3c41a9..f98d009 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
@@ -260,6 +260,7 @@ public class PropertiesUtil extends
PropertyPlaceholderConfigurer {
db_ssl_enabled="false";
}
db_ssl_enabled=db_ssl_enabled.toLowerCase();
+ String
ranger_jpa_jdbc_url=propertiesMap.get("ranger.jpa.jdbc.url");
if("true".equalsIgnoreCase(db_ssl_enabled)){
String
db_ssl_required=propertiesMap.get("ranger.db.ssl.required");
if(StringUtils.isEmpty(db_ssl_required)||
!"true".equalsIgnoreCase(db_ssl_required)){
@@ -283,7 +284,7 @@ public class PropertiesUtil extends
PropertyPlaceholderConfigurer {
props.put("ranger.db.ssl.verifyServerCertificate",
db_ssl_verifyServerCertificate);
propertiesMap.put("ranger.db.ssl.auth.type",
db_ssl_auth_type);
props.put("ranger.db.ssl.auth.type",
db_ssl_auth_type);
- String
ranger_jpa_jdbc_url=propertiesMap.get("ranger.jpa.jdbc.url");
+
if(StringUtils.isNotEmpty(ranger_jpa_jdbc_url)
&& !ranger_jpa_jdbc_url.contains("?")){
StringBuffer
ranger_jpa_jdbc_url_ssl=new StringBuffer(ranger_jpa_jdbc_url);
if
(RangerBizUtil.getDBFlavor()==AppConstants.DB_FLAVOR_MYSQL) {
@@ -305,7 +306,32 @@ public class PropertiesUtil extends
PropertyPlaceholderConfigurer {
props.put("ranger.jpa.jdbc.url",
ranger_jpa_jdbc_url);
}
logger.info("ranger.jpa.jdbc.url="+ranger_jpa_jdbc_url);
- }
+ } else {
+ String
ranger_jpa_jdbc_url_extra_args="";
+
if(!StringUtils.isEmpty(ranger_jpa_jdbc_url)) {
+ if
(ranger_jpa_jdbc_url.contains("?")) {
+
ranger_jpa_jdbc_url_extra_args =
ranger_jpa_jdbc_url.substring(ranger_jpa_jdbc_url.indexOf("?")+1);
+ ranger_jpa_jdbc_url
= ranger_jpa_jdbc_url.substring(0, ranger_jpa_jdbc_url.indexOf("?"));
+ }
+ if
(RangerBizUtil.getDBFlavor()==AppConstants.DB_FLAVOR_MYSQL) {
+ StringBuilder
ranger_jpa_jdbc_url_no_ssl=new StringBuilder(ranger_jpa_jdbc_url);
+ if
(!ranger_jpa_jdbc_url_extra_args.contains("useSSL")) {
+
ranger_jpa_jdbc_url_no_ssl.append("?useSSL=false");
+ }
+ if
(!StringUtils.isEmpty(ranger_jpa_jdbc_url_extra_args) &&
ranger_jpa_jdbc_url_no_ssl.toString().contains("useSSL")) {
+
ranger_jpa_jdbc_url_no_ssl.append("&").append(ranger_jpa_jdbc_url_extra_args);
+ } else if
(!StringUtils.isEmpty(ranger_jpa_jdbc_url_extra_args) &&
!ranger_jpa_jdbc_url_no_ssl.toString().contains("useSSL")) {
+
ranger_jpa_jdbc_url_no_ssl.append("?").append(ranger_jpa_jdbc_url_extra_args);
+ }
+
propertiesMap.put("ranger.jpa.jdbc.url", ranger_jpa_jdbc_url_no_ssl.toString());
+ }
+
ranger_jpa_jdbc_url=propertiesMap.get("ranger.jpa.jdbc.url");
+
if(StringUtils.isNotEmpty(ranger_jpa_jdbc_url)) {
+
props.put("ranger.jpa.jdbc.url", ranger_jpa_jdbc_url);
+ }
+
logger.info("ranger.jpa.jdbc.url="+ranger_jpa_jdbc_url);
+ }
+ }
}
}