RANGER-492: Added new ldap/ad properties in windows install Signed-off-by: sneethiraj <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/5dc535e6 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/5dc535e6 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/5dc535e6 Branch: refs/heads/tag-policy Commit: 5dc535e61185a305c74d567c83963752338e21f0 Parents: 8034858 Author: Velmurugan Periasamy <[email protected]> Authored: Tue May 19 01:50:49 2015 -0400 Committer: Madhan Neethiraj <[email protected]> Committed: Tue May 19 15:08:22 2015 -0700 ---------------------------------------------------------------------- security-admin/src/bin/ranger_install.py | 74 +++++++++++++++++++- .../handler/RangerAuthenticationProvider.java | 12 ++-- 2 files changed, 78 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5dc535e6/security-admin/src/bin/ranger_install.py ---------------------------------------------------------------------- diff --git a/security-admin/src/bin/ranger_install.py b/security-admin/src/bin/ranger_install.py index a3c7836..346f292 100644 --- a/security-admin/src/bin/ranger_install.py +++ b/security-admin/src/bin/ranger_install.py @@ -893,11 +893,81 @@ def update_properties(): else: propertyName="ranger.jpa.jdbc.password" newPropertyValue=os.getenv("RANGER_ADMIN_DB_PASSWORD") - cObj.set('dummysection',propertyName,newPropertyValue) + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) propertyName="ranger.jpa.audit.jdbc.password" newPropertyValue=os.getenv("RANGER_AUDIT_DB_PASSWORD") - cObj.set('dummysection',propertyName,newPropertyValue) + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + if os.getenv("RANGER_AUTHENTICATION_METHOD") == "LDAP": + propertyName="ranger.authentication.method" + newPropertyValue=os.getenv("RANGER_AUTHENTICATION_METHOD") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.url" + newPropertyValue=os.getenv("RANGER_LDAP_URL") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.user.dnpattern" + newPropertyValue=os.getenv("RANGER_LDAP_USERDNPATTERN") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.group.searchbase" + newPropertyValue=os.getenv("RANGER_LDAP_GROUPSEARCHBASE") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.group.searchfilter" + newPropertyValue=os.getenv("RANGER_LDAP_GROUPSEARCHFILTER") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.group.roleattribute" + newPropertyValue=os.getenv("RANGER_LDAP_GROUPROLEATTRIBUTE") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.base.dn" + newPropertyValue=os.getenv("RANGER_LDAP_BASE_DN") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.bind.dn" + newPropertyValue=os.getenv("RANGER_LDAP_BIND_DN") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.bind.password" + newPropertyValue="_" + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.referral" + newPropertyValue=os.getenv("RANGER_LDAP_REFERRAL") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + elif os.getenv("RANGER_AUTHENTICATION_METHOD") == "ACTIVE_DIRECTORY": + propertyName="ranger.authentication.method" + newPropertyValue=os.getenv("RANGER_AUTHENTICATION_METHOD") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.ad.domain" + newPropertyValue=os.getenv("RANGER_LDAP_AD_DOMAIN") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.ad.url" + newPropertyValue=os.getenv("RANGER_LDAP_AD_URL") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.ad.base.dn" + newPropertyValue=os.getenv("RANGER_LDAP_AD_BASE_DN") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.ad.bind.dn" + newPropertyValue=os.getenv("RANGER_LDAP_AD_BIND_DN") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ldap.ad.bind.password" + newPropertyValue="_" + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) + + propertyName="ranger.ad.referral" + newPropertyValue=os.getenv("RANGER_LDAP_AD_REFERRAL") + updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger) def setup_authentication(authentication_method, xmlPath): if authentication_method == "UNIX": http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5dc535e6/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java index 5446dc4..3275a8e 100644 --- a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java +++ b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java @@ -230,12 +230,12 @@ public class RangerAuthenticationProvider implements AuthenticationProvider { .authenticate(finalAuthentication); return authentication; } else { - return null; + return authentication; } } catch (Exception e) { logger.debug("LDAP Authentication Failed:", e); } - return null; + return authentication; } public Authentication getADAuthentication(Authentication authentication) { @@ -272,7 +272,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider { .authenticate(finalAuthentication); return authentication; } else { - return null; + return authentication; } }catch (Exception e) { logger.debug("AD Authentication Failed:", e); @@ -330,7 +330,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider { .authenticate(finalAuthentication); return authentication; } else { - return null; + return authentication; } } catch (Exception e) { logger.debug("Unix Authentication Failed:", e); @@ -402,7 +402,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider { authentication = ldapAuthenticationProvider.authenticate(finalAuthentication); return authentication; } else { - return null; + return authentication; } } catch (Exception e) { logger.debug("AD Authentication Failed:", e); @@ -463,7 +463,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider { authentication = ldapAuthenticationProvider.authenticate(finalAuthentication); return authentication; } else { - return null; + return authentication; } } catch (Exception e) { logger.debug("LDAP Authentication Failed:", e);
