Repository: incubator-ranger Updated Branches: refs/heads/stack 0b4363df7 -> fda7b9fb3
RANGER-203: renamed xasecure-policymgr-ssl.xml to ranger-policymgr-ssl.xml. Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/fda7b9fb Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/fda7b9fb Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/fda7b9fb Branch: refs/heads/stack Commit: fda7b9fb3a6af60b321d5869ef433b7be4eb0096 Parents: 0b4363d Author: Madhan Neethiraj <[email protected]> Authored: Wed Feb 4 16:52:07 2015 -0800 Committer: Madhan Neethiraj <[email protected]> Committed: Wed Feb 4 16:52:07 2015 -0800 ---------------------------------------------------------------------- .../plugin/store/rest/ServiceRESTStore.java | 4 +- .../ranger/plugin/util/RangerRESTClient.java | 4 +- .../conf/ranger-policymgr-ssl-changes.cfg | 23 +++++++ hbase-agent/conf/ranger-policymgr-ssl.xml | 63 ++++++++++++++++++++ .../conf/xasecure-policymgr-ssl-changes.cfg | 23 ------- hbase-agent/conf/xasecure-policymgr-ssl.xml | 63 -------------------- .../conf/ranger-policymgr-ssl-changes.cfg | 23 +++++++ hdfs-agent/conf/ranger-policymgr-ssl.xml | 63 ++++++++++++++++++++ .../conf/xasecure-policymgr-ssl-changes.cfg | 23 ------- hdfs-agent/conf/xasecure-policymgr-ssl.xml | 63 -------------------- .../conf/ranger-policymgr-ssl-changes.cfg | 23 +++++++ hive-agent/conf/ranger-policymgr-ssl.xml | 63 ++++++++++++++++++++ .../conf/xasecure-policymgr-ssl-changes.cfg | 23 ------- hive-agent/conf/xasecure-policymgr-ssl.xml | 63 -------------------- 14 files changed, 262 insertions(+), 262 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/agents-common/src/main/java/org/apache/ranger/plugin/store/rest/ServiceRESTStore.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/rest/ServiceRESTStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/rest/ServiceRESTStore.java index 2318f76..de2852b 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/store/rest/ServiceRESTStore.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/rest/ServiceRESTStore.java @@ -82,8 +82,8 @@ public class ServiceRESTStore implements ServiceStore { @Override public void init() throws Exception { - String restUrl = RangerConfiguration.getInstance().get("ranger.service.store.rest.url", "http://localhost:6080";); - String sslConfigFile = RangerConfiguration.getInstance().get("ranger.service.store.rest.ssl.config.file", ""); + String restUrl = RangerConfiguration.getInstance().get("ranger.service.store.rest.url"); + String sslConfigFile = RangerConfiguration.getInstance().get("ranger.service.store.rest.ssl.config.file"); restClient = new RangerRESTClient(restUrl, sslConfigFile); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java index cfff4b7..f9cc570 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java @@ -62,8 +62,8 @@ import com.sun.jersey.client.urlconnection.HTTPSProperties; public class RangerRESTClient { private static final Log LOG = LogFactory.getLog(RangerRESTClient.class); - public static final String RANGER_PROP_POLICYMGR_URL = "xasecure.policymgr.url"; - public static final String RANGER_PROP_POLICYMGR_SSLCONFIG_FILENAME = "xasecure.policymgr.sslconfig.filename"; + public static final String RANGER_PROP_POLICYMGR_URL = "ranger.service.store.rest.url"; + public static final String RANGER_PROP_POLICYMGR_SSLCONFIG_FILENAME = "ranger.service.store.rest.ssl.config.file"; public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE = "xasecure.policymgr.clientssl.keystore"; public static final String RANGER_POLICYMGR_CLIENT_KEY_FILE_PASSWORD = "xasecure.policymgr.clientssl.keystore.password"; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg b/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg new file mode 100644 index 0000000..6bf4265 --- /dev/null +++ b/hbase-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -0,0 +1,23 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SSL Params +# +xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists +xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists +xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hbase-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/ranger-policymgr-ssl.xml b/hbase-agent/conf/ranger-policymgr-ssl.xml new file mode 100644 index 0000000..964aac7 --- /dev/null +++ b/hbase-agent/conf/ranger-policymgr-ssl.xml @@ -0,0 +1,63 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> + <!-- The following properties are used for 2-way SSL client server validation --> + <property> + <name>xasecure.policymgr.clientssl.keystore</name> + <value>hadoopdev-clientcert.jks</value> + <description> + Java Keystore files + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.keystore.password</name> + <value>none</value> + <description> + password for keystore + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore</name> + <value>cacerts-xasecure.jks</value> + <description> + java truststore file + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore.password</name> + <value>none</value> + <description> + java truststore password + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.keystore.credential.file</name> + <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> + <description> + java keystore credential file + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore.credential.file</name> + <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> + <description> + java truststore credential file + </description> + </property> +</configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hbase-agent/conf/xasecure-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/xasecure-policymgr-ssl-changes.cfg b/hbase-agent/conf/xasecure-policymgr-ssl-changes.cfg deleted file mode 100644 index 6bf4265..0000000 --- a/hbase-agent/conf/xasecure-policymgr-ssl-changes.cfg +++ /dev/null @@ -1,23 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SSL Params -# -xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hbase-agent/conf/xasecure-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hbase-agent/conf/xasecure-policymgr-ssl.xml b/hbase-agent/conf/xasecure-policymgr-ssl.xml deleted file mode 100644 index 964aac7..0000000 --- a/hbase-agent/conf/xasecure-policymgr-ssl.xml +++ /dev/null @@ -1,63 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> - <!-- The following properties are used for 2-way SSL client server validation --> - <property> - <name>xasecure.policymgr.clientssl.keystore</name> - <value>hadoopdev-clientcert.jks</value> - <description> - Java Keystore files - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore</name> - <value>cacerts-xasecure.jks</value> - <description> - java truststore file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.credential.file</name> - <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> - <description> - java keystore credential file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.credential.file</name> - <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> - <description> - java truststore credential file - </description> - </property> -</configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg b/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg new file mode 100644 index 0000000..50915b2 --- /dev/null +++ b/hdfs-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -0,0 +1,23 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SSL Params +# +xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists +xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists +xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hdfs-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/ranger-policymgr-ssl.xml b/hdfs-agent/conf/ranger-policymgr-ssl.xml new file mode 100644 index 0000000..cd4a580 --- /dev/null +++ b/hdfs-agent/conf/ranger-policymgr-ssl.xml @@ -0,0 +1,63 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> + <!-- The following properties are used for 2-way SSL client server validation --> + <property> + <name>xasecure.policymgr.clientssl.keystore</name> + <value>hadoopdev-clientcert.jks</value> + <description> + Java Keystore files + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.keystore.password</name> + <value>none</value> + <description> + password for keystore + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore</name> + <value>cacerts-xasecure.jks</value> + <description> + java truststore file + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore.password</name> + <value>none</value> + <description> + java truststore password + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.keystore.credential.file</name> + <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> + <description> + java keystore credential file + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore.credential.file</name> + <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> + <description> + java truststore credential file + </description> + </property> +</configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hdfs-agent/conf/xasecure-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/xasecure-policymgr-ssl-changes.cfg b/hdfs-agent/conf/xasecure-policymgr-ssl-changes.cfg deleted file mode 100644 index 50915b2..0000000 --- a/hdfs-agent/conf/xasecure-policymgr-ssl-changes.cfg +++ /dev/null @@ -1,23 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SSL Params -# -xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hdfs-agent/conf/xasecure-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hdfs-agent/conf/xasecure-policymgr-ssl.xml b/hdfs-agent/conf/xasecure-policymgr-ssl.xml deleted file mode 100644 index cd4a580..0000000 --- a/hdfs-agent/conf/xasecure-policymgr-ssl.xml +++ /dev/null @@ -1,63 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> - <!-- The following properties are used for 2-way SSL client server validation --> - <property> - <name>xasecure.policymgr.clientssl.keystore</name> - <value>hadoopdev-clientcert.jks</value> - <description> - Java Keystore files - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore</name> - <value>cacerts-xasecure.jks</value> - <description> - java truststore file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.credential.file</name> - <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> - <description> - java keystore credential file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.credential.file</name> - <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> - <description> - java truststore credential file - </description> - </property> -</configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hive-agent/conf/ranger-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hive-agent/conf/ranger-policymgr-ssl-changes.cfg b/hive-agent/conf/ranger-policymgr-ssl-changes.cfg new file mode 100644 index 0000000..6bf4265 --- /dev/null +++ b/hive-agent/conf/ranger-policymgr-ssl-changes.cfg @@ -0,0 +1,23 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SSL Params +# +xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists +xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists +xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists +xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hive-agent/conf/ranger-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hive-agent/conf/ranger-policymgr-ssl.xml b/hive-agent/conf/ranger-policymgr-ssl.xml new file mode 100644 index 0000000..964aac7 --- /dev/null +++ b/hive-agent/conf/ranger-policymgr-ssl.xml @@ -0,0 +1,63 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> + <!-- The following properties are used for 2-way SSL client server validation --> + <property> + <name>xasecure.policymgr.clientssl.keystore</name> + <value>hadoopdev-clientcert.jks</value> + <description> + Java Keystore files + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.keystore.password</name> + <value>none</value> + <description> + password for keystore + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore</name> + <value>cacerts-xasecure.jks</value> + <description> + java truststore file + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore.password</name> + <value>none</value> + <description> + java truststore password + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.keystore.credential.file</name> + <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> + <description> + java keystore credential file + </description> + </property> + <property> + <name>xasecure.policymgr.clientssl.truststore.credential.file</name> + <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> + <description> + java truststore credential file + </description> + </property> +</configuration> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hive-agent/conf/xasecure-policymgr-ssl-changes.cfg ---------------------------------------------------------------------- diff --git a/hive-agent/conf/xasecure-policymgr-ssl-changes.cfg b/hive-agent/conf/xasecure-policymgr-ssl-changes.cfg deleted file mode 100644 index 6bf4265..0000000 --- a/hive-agent/conf/xasecure-policymgr-ssl-changes.cfg +++ /dev/null @@ -1,23 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SSL Params -# -xasecure.policymgr.clientssl.keystore %SSL_KEYSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.password %SSL_KEYSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.keystore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore %SSL_TRUSTSTORE_FILE_PATH% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.password %SSL_TRUSTSTORE_PASSWORD% mod create-if-not-exists -xasecure.policymgr.clientssl.truststore.credential.file jceks://file%CREDENTIAL_PROVIDER_FILE% mod create-if-not-exists \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/fda7b9fb/hive-agent/conf/xasecure-policymgr-ssl.xml ---------------------------------------------------------------------- diff --git a/hive-agent/conf/xasecure-policymgr-ssl.xml b/hive-agent/conf/xasecure-policymgr-ssl.xml deleted file mode 100644 index 964aac7..0000000 --- a/hive-agent/conf/xasecure-policymgr-ssl.xml +++ /dev/null @@ -1,63 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software Foundation (ASF) under one or more - contributor license agreements. See the NOTICE file distributed with - this work for additional information regarding copyright ownership. - The ASF licenses this file to You under the Apache License, Version 2.0 - (the "License"); you may not use this file except in compliance with - the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<configuration xmlns:xi="http://www.w3.org/2001/XInclude";> - <!-- The following properties are used for 2-way SSL client server validation --> - <property> - <name>xasecure.policymgr.clientssl.keystore</name> - <value>hadoopdev-clientcert.jks</value> - <description> - Java Keystore files - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.password</name> - <value>none</value> - <description> - password for keystore - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore</name> - <value>cacerts-xasecure.jks</value> - <description> - java truststore file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.password</name> - <value>none</value> - <description> - java truststore password - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.keystore.credential.file</name> - <value>jceks://file/tmp/keystore-hadoopdev-ssl.jceks</value> - <description> - java keystore credential file - </description> - </property> - <property> - <name>xasecure.policymgr.clientssl.truststore.credential.file</name> - <value>jceks://file/tmp/truststore-hadoopdev-ssl.jceks</value> - <description> - java truststore credential file - </description> - </property> -</configuration> \ No newline at end of file
