Repository: incubator-ranger Updated Branches: refs/heads/master 065b431ff -> 2c54590a8
RANGER-539: fixes to support rolling upgrade/downgrade of ranger components Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/2c54590a Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/2c54590a Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/2c54590a Branch: refs/heads/master Commit: 2c54590a83ab4cf37924876ae468699746d2a751 Parents: 065b431 Author: sneethiraj <[email protected]> Authored: Mon Jun 8 23:04:40 2015 -0700 Committer: sneethiraj <[email protected]> Committed: Mon Jun 8 23:26:27 2015 -0700 ---------------------------------------------------------------------- .../conf.dist/ranger-admin-default-site.xml | 2 +- .../config/UserGroupSyncConfig.java | 37 ++++++++++++++------ .../ranger/usergroupsync/UserGroupSync.java | 3 +- unixauthservice/pom.xml | 12 ++++++- .../authentication/PasswordValidator.java | 3 +- 5 files changed, 42 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c54590a/security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml ---------------------------------------------------------------------- diff --git a/security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml b/security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml index 580341b..bd21365 100644 --- a/security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml +++ b/security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml @@ -438,7 +438,7 @@ </property> <property> <name>ranger.sha256Password.update.disable</name> - <value>false</value> + <value>true</value> <description></description> </property> </configuration> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c54590a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java index d9efe1a..f8b68f2 100644 --- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java +++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java @@ -40,9 +40,14 @@ import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; +import org.apache.log4j.Logger; + + + public class UserGroupSyncConfig { public static final String CONFIG_FILE = "ranger-ugsync-site.xml" ; + private static final Logger LOG = Logger.getLogger(UserGroupSyncConfig.class) ; public static final String DEFAULT_CONFIG_FILE = "ranger-ugsync-default-site.xml" ; @@ -70,6 +75,8 @@ public class UserGroupSyncConfig { private static final String UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_PARAM = "ranger.usersync.sleeptimeinmillisbetweensynccycle" ; + private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE = 30000L ; + private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_UNIX_DEFAULT_VALUE = 300000L ; private static final long UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_LDAP_DEFAULT_VALUE = 21600000L ; @@ -356,27 +363,37 @@ public class UserGroupSyncConfig { } else { long ret = Long.parseLong(val) ; + if (ret < UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE) { + LOG.info("Sleep Time Between Cycle can not be lower than [" + UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE + "] millisec. resetting to min value.") ; + ret = UGSYNC_SLEEP_TIME_IN_MILLIS_BETWEEN_CYCLE_MIN_VALUE ; + } return ret; } - } public UserGroupSource getUserGroupSource() throws Throwable { + String val = prop.getProperty(UGSYNC_SOURCE_CLASS_PARAM) ; + String syncSource = null ; + if(val == null || val.trim().isEmpty()) { - String syncSource=getSyncSource(); - if(syncSource!=null && syncSource.equalsIgnoreCase("UNIX")){ - val = UGSYNC_SOURCE_CLASS; - }else if(syncSource!=null && syncSource.equalsIgnoreCase("LDAP")){ - val = LGSYNC_SOURCE_CLASS; - }else{ - val = UGSYNC_SOURCE_CLASS; - } + syncSource=getSyncSource(); + } + else { + syncSource = val ; + } + + String className = val ; + + if(syncSource!=null && syncSource.equalsIgnoreCase("UNIX")){ + className = UGSYNC_SOURCE_CLASS; + }else if(syncSource!=null && syncSource.equalsIgnoreCase("LDAP")){ + className = LGSYNC_SOURCE_CLASS; } - Class<UserGroupSource> ugSourceClass = (Class<UserGroupSource>)Class.forName(val); + Class<UserGroupSource> ugSourceClass = (Class<UserGroupSource>)Class.forName(className); UserGroupSource ret = ugSourceClass.newInstance(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c54590a/ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSync.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSync.java b/ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSync.java index f5b213e..9d20aaa 100644 --- a/ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSync.java +++ b/ugsync/src/main/java/org/apache/ranger/usergroupsync/UserGroupSync.java @@ -64,8 +64,8 @@ public class UserGroupSync implements Runnable { } catch(Throwable t) { LOG.error("Failed to initialize UserGroup source/sink. Will retry after " + sleepTimeBetweenCycleInMillis + " milliseconds. Error details: ", t) ; - try { + LOG.debug("Sleeping for [" + sleepTimeBetweenCycleInMillis + "] milliSeconds") ; Thread.sleep(sleepTimeBetweenCycleInMillis) ; } catch (Exception e) { LOG.error("Failed to wait for [" + sleepTimeBetweenCycleInMillis + "] milliseconds before attempting to initialize UserGroup source/sink", e) ; @@ -77,6 +77,7 @@ public class UserGroupSync implements Runnable { while (! shutdownFlag ) { try { + LOG.debug("Sleeping for [" + sleepTimeBetweenCycleInMillis + "] milliSeconds") ; Thread.sleep(sleepTimeBetweenCycleInMillis); } catch (InterruptedException e) { LOG.error("Failed to wait for [" + sleepTimeBetweenCycleInMillis + "] milliseconds before attempting to synchronize UserGroup information", e) ; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c54590a/unixauthservice/pom.xml ---------------------------------------------------------------------- diff --git a/unixauthservice/pom.xml b/unixauthservice/pom.xml index 89c0a81..4d44e6f 100644 --- a/unixauthservice/pom.xml +++ b/unixauthservice/pom.xml @@ -97,7 +97,17 @@ </dependency> </dependencies> - + <build> + <resources> + <resource> + <targetPath>${project.build.outputDirectory}/</targetPath> + <directory>conf.dist</directory> + <includes> + <include>log4j.xml</include> + </includes> + </resource> + </resources> + </build> </project> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c54590a/unixauthservice/src/main/java/org/apache/ranger/authentication/PasswordValidator.java ---------------------------------------------------------------------- diff --git a/unixauthservice/src/main/java/org/apache/ranger/authentication/PasswordValidator.java b/unixauthservice/src/main/java/org/apache/ranger/authentication/PasswordValidator.java index 19d38eb..b8cfbcc 100644 --- a/unixauthservice/src/main/java/org/apache/ranger/authentication/PasswordValidator.java +++ b/unixauthservice/src/main/java/org/apache/ranger/authentication/PasswordValidator.java @@ -111,11 +111,10 @@ public class PasswordValidator implements Runnable { } catch(Throwable t) { - if (writer != null){ + if (userName != null && writer != null ) { String res = "FAILED: unable to validate due to error " + t ; writer.println(res) ; LOG.error("Response [" + res + "] for user: " + userName, t); - } } finally {
