Repository: incubator-ranger Updated Branches: refs/heads/ranger-0.5 04f3fa4af -> 41166a537
RANGER-733 : Implement best coding practices to resolve issues found during code scan Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/41166a53 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/41166a53 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/41166a53 Branch: refs/heads/ranger-0.5 Commit: 41166a5372b3790f36f77c824defdb08d9e049dd Parents: 04f3fa4 Author: Gautam Borad <[email protected]> Authored: Wed Nov 18 10:08:17 2015 +0530 Committer: Gautam Borad <[email protected]> Committed: Fri Nov 20 22:57:02 2015 +0530 ---------------------------------------------------------------------- .../apache/ranger/plugin/client/BaseClient.java | 10 ++++++- .../ranger/services/knox/client/KnoxClient.java | 6 ++-- .../ranger/services/kms/client/KMSClient.java | 4 +-- .../org/apache/ranger/biz/RangerBizUtil.java | 29 ++++++++++++++++---- .../java/org/apache/ranger/biz/UserMgr.java | 8 ++---- .../java/org/apache/ranger/biz/XUserMgr.java | 11 ++++++-- .../apache/ranger/json/JsonDateSerializer.java | 5 ++-- .../service/AbstractBaseResourceService.java | 4 +-- .../ranger/service/RangerBaseModelService.java | 2 +- .../ranger/service/XAccessAuditService.java | 11 -------- .../apache/ranger/service/XPolicyService.java | 2 +- .../apache/ranger/view/VXGroupPermission.java | 2 +- .../org/apache/ranger/view/VXModuleDef.java | 2 +- .../apache/ranger/view/VXUserPermission.java | 2 +- .../org/apache/ranger/biz/TestXUserMgr.java | 1 - .../TestRangerServiceDefServiceBase.java | 2 -- .../services/storm/client/StormClient.java | 6 ++-- .../unix/jaas/RemoteUnixLoginModule.java | 4 +-- .../scripts/ranger-usersync-services.sh | 2 +- 19 files changed, 65 insertions(+), 48 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java ---------------------------------------------------------------------- diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java b/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java index 4ef3b48..0242caa 100644 --- a/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java +++ b/agents-common/src/main/java/org/apache/ranger/plugin/client/BaseClient.java @@ -159,5 +159,13 @@ public abstract class BaseClient { } return StringUtils.join(errList, ""); } - + + public static Map<String, String> getMaskedConfigMap(Map<String, String> configMap){ + Map<String, String> maskedMap=new HashMap<String, String>(); + maskedMap.putAll(configMap); + if(maskedMap!=null && maskedMap.containsKey("password")){ + maskedMap.put("password", "*****"); + } + return maskedMap; + } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java ---------------------------------------------------------------------- diff --git a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java index f4d5858..6859492 100644 --- a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java +++ b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java @@ -314,8 +314,10 @@ public class KnoxClient { public static KnoxClient getKnoxClient(String serviceName, Map<String, String> configs) { KnoxClient knoxClient = null; - LOG.debug("Getting knoxClient for ServiceName: " + serviceName - + "configMap: " + configs); + if(LOG.isDebugEnabled()){ + LOG.debug("Getting knoxClient for ServiceName: " + serviceName); + LOG.debug("configMap: " + BaseClient.getMaskedConfigMap(configs)); + } String errMsg = " You can still save the repository and start creating " + "policies, but you would not be able to use autocomplete for " + "resource names. Check xa_portal.log for more info."; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java ---------------------------------------------------------------------- diff --git a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java index c67584e..061f95c 100755 --- a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java +++ b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java @@ -309,8 +309,8 @@ public class KMSClient { Map<String, String> configs) { KMSClient kmsClient = null; if (LOG.isDebugEnabled()) { - LOG.debug("Getting KmsClient for datasource: " + serviceName - + "configMap: " + configs); + LOG.debug("Getting KmsClient for datasource: " + serviceName); + LOG.debug("configMap: " + BaseClient.getMaskedConfigMap(configs)); } String errMsg = errMessage; if (configs == null || configs.isEmpty()) { http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java index 689e165..872f61e 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java @@ -1334,13 +1334,30 @@ public class RangerBizUtil { Long trxId = guidUtil.genLong(); for (XXTrxLog xTrxLog : trxLogList) { - xTrxLog.setTransactionId(trxId.toString()); - if (authSessionId != null) { - xTrxLog.setSessionId("" + authSessionId); + if (xTrxLog != null) { + if ("Password".equalsIgnoreCase(xTrxLog.getAttributeName() + .trim())) { + if (xTrxLog.getPreviousValue() != null + && !xTrxLog.getPreviousValue().trim().isEmpty() + && !"null".equalsIgnoreCase(xTrxLog + .getPreviousValue().trim())) { + xTrxLog.setPreviousValue(AppConstants.Masked_String); + } + if (xTrxLog.getNewValue() != null + && !xTrxLog.getNewValue().trim().isEmpty() + && !"null".equalsIgnoreCase(xTrxLog.getNewValue() + .trim())) { + xTrxLog.setNewValue(AppConstants.Masked_String); + } + } + xTrxLog.setTransactionId(trxId.toString()); + if (authSessionId != null) { + xTrxLog.setSessionId("" + authSessionId); + } + xTrxLog.setSessionType("Spring Authenticated Session"); + xTrxLog.setRequestId(trxId.toString()); + daoManager.getXXTrxLog().create(xTrxLog); } - xTrxLog.setSessionType("Spring Authenticated Session"); - xTrxLog.setRequestId(trxId.toString()); - daoManager.getXXTrxLog().create(xTrxLog); } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java index 8fbad1f..ee9d14b 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java @@ -294,7 +294,7 @@ public class UserMgr { userProfile, gjUser, "update"); userProfile.setPassword(gjUser.getPassword()); - userProfile = xPortalUserService.updateResource(userProfile); + xPortalUserService.updateResource(userProfile); sessionMgr.resetUserSessionForProfiles(ContextUtil .getCurrentUserSession()); @@ -1231,10 +1231,8 @@ public class UserMgr { public void checkAdminAccess() { UserSessionBase sess = ContextUtil.getCurrentUserSession(); - if (sess != null) { - if (sess != null && sess.isUserAdmin()) { - return; - } + if (sess != null && sess.isUserAdmin()) { + return; } throw restErrorUtil.create403RESTException("Operation not allowed." + " loggedInUser=" + (sess != null ? sess.getXXPortalUser().getId() : "Not Logged In")); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java index 2d43379..3f2c041 100644 --- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java +++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java @@ -396,6 +396,7 @@ public class XUserMgr extends XUserMgrBase { roleList = userMgr.getRolesForUser(xXPortalUser); } if (roleList == null || roleList.size() == 0) { + roleList = new ArrayList<String>(); roleList.add(RangerConstants.ROLE_USER); } @@ -501,7 +502,11 @@ public class XUserMgr extends XUserMgrBase { vXGroupUser = xGroupUserService .createXGroupUserWithOutLogin(vXGroupUser); } - + VXPortalUser vXPortalUser = userMgr.getUserProfileByLoginId(vXUser + .getName()); + if(vXPortalUser!=null){ + assignPermissionToUser(vXPortalUser, true); + } vxUGInfo.setXgroupInfo(vxg); return vxUGInfo; @@ -838,7 +843,7 @@ public class XUserMgr extends XUserMgrBase { for (VXGroupPermission oldVXGroupPerm : groupPermListOld) { if (newVXGroupPerm.getModuleId().equals(oldVXGroupPerm.getModuleId()) && newVXGroupPerm.getGroupId().equals(oldVXGroupPerm.getGroupId())) { - if (newVXGroupPerm.getIsAllowed() != oldVXGroupPerm.getIsAllowed()) { + if (!newVXGroupPerm.getIsAllowed().equals(oldVXGroupPerm.getIsAllowed())) { oldVXGroupPerm.setIsAllowed(newVXGroupPerm.getIsAllowed()); oldVXGroupPerm = this.updateXGroupPermission(oldVXGroupPerm); } @@ -857,7 +862,7 @@ public class XUserMgr extends XUserMgrBase { boolean isExist = false; for (VXUserPermission oldVXUserPerm : userPermListOld) { if (newVXUserPerm.getModuleId().equals(oldVXUserPerm.getModuleId()) && newVXUserPerm.getUserId().equals(oldVXUserPerm.getUserId())) { - if (newVXUserPerm.getIsAllowed() != oldVXUserPerm.getIsAllowed()) { + if (!newVXUserPerm.getIsAllowed().equals(oldVXUserPerm.getIsAllowed())) { oldVXUserPerm.setIsAllowed(newVXUserPerm.getIsAllowed()); oldVXUserPerm = this.updateXUserPermission(oldVXUserPerm); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/json/JsonDateSerializer.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/json/JsonDateSerializer.java b/security-admin/src/main/java/org/apache/ranger/json/JsonDateSerializer.java index 7493226..1d7cfcf 100644 --- a/security-admin/src/main/java/org/apache/ranger/json/JsonDateSerializer.java +++ b/security-admin/src/main/java/org/apache/ranger/json/JsonDateSerializer.java @@ -37,14 +37,13 @@ import org.springframework.stereotype.Component; @Component public class JsonDateSerializer extends JsonSerializer<Date> { - private static final SimpleDateFormat dateFormat = new SimpleDateFormat - ("yyyy-MM-dd'T'HH:mm:ss'Z'"); + private static final String DATE_FORMAT = "yyyy-MM-dd'T'HH:mm:ss'Z'"; @Override public void serialize(Date date, JsonGenerator gen, SerializerProvider provider) throws IOException, JsonProcessingException { - String formattedDate = dateFormat.format(date); + String formattedDate = new SimpleDateFormat(DATE_FORMAT).format(date); gen.writeString(formattedDate); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java b/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java index 49f5dde..fb51534 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/AbstractBaseResourceService.java @@ -234,12 +234,12 @@ public abstract class AbstractBaseResourceService<T extends XXDBBase, V extends } // Get total count of the rows which meet the search criteria - countQueryStr = "SELECT COUNT(obj) FROM " + tEntityClass.getName() + countQueryStr = "SELECT COUNT(obj) FROM " + className + " obj "; queryStr = "SELECT obj FROM " + className + " obj "; distinctCountQueryStr = "SELECT COUNT(distinct obj.id) FROM " - + tEntityClass.getName() + " obj "; + + className + " obj "; distinctQueryStr = "SELECT distinct obj FROM " + className + " obj "; sortFields.add(new SortField("id", "obj.id",true,SORT_ORDER.ASC)); registerService(this); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java index 1c65436..4a1f27c 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/RangerBaseModelService.java @@ -110,7 +110,7 @@ public abstract class RangerBaseModelService<T extends XXDBBase, V extends Range populateExistingBaseFields = false; - countQueryStr = "SELECT COUNT(obj) FROM " + tEntityClass.getName() + " obj "; + countQueryStr = "SELECT COUNT(obj) FROM " + tClassName + " obj "; queryStr = "SELECT obj FROM " + tClassName + " obj "; } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/service/XAccessAuditService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/XAccessAuditService.java b/security-admin/src/main/java/org/apache/ranger/service/XAccessAuditService.java index 98c987e..3bf52dc 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/XAccessAuditService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/XAccessAuditService.java @@ -28,7 +28,6 @@ import org.apache.ranger.common.SearchCriteria; import org.apache.ranger.common.SearchField; import org.apache.ranger.common.SearchField.DATA_TYPE; import org.apache.ranger.common.SearchField.SEARCH_TYPE; -import org.apache.ranger.common.SearchUtil; import org.apache.ranger.common.SortField; import org.apache.ranger.common.SortField.SORT_ORDER; import org.apache.ranger.db.RangerDaoManager; @@ -45,20 +44,10 @@ import org.springframework.stereotype.Service; @Scope("singleton") public class XAccessAuditService extends XAccessAuditServiceBase<XXAccessAudit, VXAccessAudit>{ public static final String NAME = "XAccessAudit"; - public List<SortField> sortFields = new ArrayList<SortField>(); - public List<SearchField> searchFields = new ArrayList<SearchField>(); - - @Autowired - protected SearchUtil searchUtil; - @Autowired RangerDaoManager appDaoMgr; - - protected String queryStr; protected final String distinctCountQueryStr; protected final String distinctQueryStr; - protected String countQueryStr; - public XAccessAuditService() { countQueryStr = "SELECT COUNT(obj) FROM XXAccessAudit obj "; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java index 42de408..5e8ed56 100644 --- a/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java +++ b/security-admin/src/main/java/org/apache/ranger/service/XPolicyService.java @@ -236,7 +236,7 @@ public class XPolicyService extends PublicAPIServiceBase<VXResource, VXPolicy> { int assetType = AppConstants.getEnumFor_AssetType(vXPolicy .getRepositoryType()); - if (assetType == 0 || assetType == AppConstants.ASSET_UNKNOWN) { + if (assetType == AppConstants.ASSET_UNKNOWN) { assetType = xAsset.getAssetType(); vXPolicy.setRepositoryType(AppConstants.getLabelFor_AssetType(assetType)); } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/view/VXGroupPermission.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXGroupPermission.java b/security-admin/src/main/java/org/apache/ranger/view/VXGroupPermission.java index 445b5f0..2e02eb5 100644 --- a/security-admin/src/main/java/org/apache/ranger/view/VXGroupPermission.java +++ b/security-admin/src/main/java/org/apache/ranger/view/VXGroupPermission.java @@ -34,7 +34,7 @@ public class VXGroupPermission extends VXDataObject implements java.io.Serializa private static final long serialVersionUID = 1L; - protected Long id; + protected Long groupId; protected Long moduleId; protected Integer isAllowed; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/view/VXModuleDef.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXModuleDef.java b/security-admin/src/main/java/org/apache/ranger/view/VXModuleDef.java index 3923d07..0c9ee5e 100644 --- a/security-admin/src/main/java/org/apache/ranger/view/VXModuleDef.java +++ b/security-admin/src/main/java/org/apache/ranger/view/VXModuleDef.java @@ -37,7 +37,7 @@ public class VXModuleDef extends VXDataObject implements java.io.Serializable { private static final long serialVersionUID = 1L; - protected Long id; + protected Date createTime; protected Date updateTime; protected Long addedById; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/main/java/org/apache/ranger/view/VXUserPermission.java ---------------------------------------------------------------------- diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXUserPermission.java b/security-admin/src/main/java/org/apache/ranger/view/VXUserPermission.java index cdbddc5..82b5995 100644 --- a/security-admin/src/main/java/org/apache/ranger/view/VXUserPermission.java +++ b/security-admin/src/main/java/org/apache/ranger/view/VXUserPermission.java @@ -34,7 +34,7 @@ public class VXUserPermission extends VXDataObject implements private static final long serialVersionUID = 1L; - protected Long id; + protected Long userId; protected Long moduleId; protected Integer isAllowed; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java ---------------------------------------------------------------------- diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java index e992190..8ace44b 100644 --- a/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java +++ b/security-admin/src/test/java/org/apache/ranger/biz/TestXUserMgr.java @@ -242,7 +242,6 @@ public class TestXUserMgr { Mockito.when(xUserService.createResource(vxUser)).thenReturn(vxUser); XXModuleDefDao value = Mockito.mock(XXModuleDefDao.class); Mockito.when(daoManager.getXXModuleDef()).thenReturn(value); - List<XXModuleDef> lsvalue = new ArrayList<XXModuleDef>(); Mockito.when( userMgr.createDefaultAccountUser((VXPortalUser) Mockito http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/security-admin/src/test/java/org/apache/ranger/service/TestRangerServiceDefServiceBase.java ---------------------------------------------------------------------- diff --git a/security-admin/src/test/java/org/apache/ranger/service/TestRangerServiceDefServiceBase.java b/security-admin/src/test/java/org/apache/ranger/service/TestRangerServiceDefServiceBase.java index e01e23c..67d1feb 100644 --- a/security-admin/src/test/java/org/apache/ranger/service/TestRangerServiceDefServiceBase.java +++ b/security-admin/src/test/java/org/apache/ranger/service/TestRangerServiceDefServiceBase.java @@ -292,8 +292,6 @@ public class TestRangerServiceDefServiceBase { resourceDefObj.getDescription()); Assert.assertEquals(dbRangerResourceDef.getType(), resourceDefObj.getType()); - Assert.assertEquals(dbRangerResourceDef.getParent(), - resourceDefObj.getParent()); Assert.assertEquals(dbRangerResourceDef.getRbKeyDescription(), resourceDefObj.getRbkeydescription()); Mockito.verify(daoManager).getXXResourceDef(); http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java ---------------------------------------------------------------------- diff --git a/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java b/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java index 2b62c4f..c7c746d 100644 --- a/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java +++ b/storm-agent/src/main/java/org/apache/ranger/services/storm/client/StormClient.java @@ -329,8 +329,10 @@ public class StormClient { public static StormClient getStormClient(String serviceName, Map<String, String> configs) { StormClient stormClient = null; - LOG.debug("Getting StormClient for datasource: " + serviceName - + "configMap: " + configs); + if(LOG.isDebugEnabled()){ + LOG.debug("Getting StormClient for datasource: " + serviceName); + LOG.debug("configMap: " + BaseClient.getMaskedConfigMap(configs)); + } String errMsg = errMessage; if (configs == null || configs.isEmpty()) { String msgDesc = "Could not connect as Connection ConfigMap is empty."; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/RemoteUnixLoginModule.java ---------------------------------------------------------------------- diff --git a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/RemoteUnixLoginModule.java b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/RemoteUnixLoginModule.java index 0dd549a..51367c0 100644 --- a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/RemoteUnixLoginModule.java +++ b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/RemoteUnixLoginModule.java @@ -277,7 +277,7 @@ public class RemoteUnixLoginModule implements LoginModule { if (trustStorePathPassword == null) { trustStorePathPassword = ""; } - log("trustStorePathPassword:" + trustStorePathPassword); + log("trustStorePathPassword:*****"); } keyStorePath = (String) options.get(SSL_KEYSTORE_PATH_PARAM); @@ -287,7 +287,7 @@ public class RemoteUnixLoginModule implements LoginModule { if (keyStorePathPassword == null) { keyStorePathPassword = ""; } - log("keyStorePathPassword:" + keyStorePathPassword); + log("keyStorePathPassword:*****"); } String certValidationFlag = (String) options.get(SERVER_CERT_VALIDATION_PARAM) ; http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/41166a53/unixauthservice/scripts/ranger-usersync-services.sh ---------------------------------------------------------------------- diff --git a/unixauthservice/scripts/ranger-usersync-services.sh b/unixauthservice/scripts/ranger-usersync-services.sh index ea5c7e8..4b3d4d4 100644 --- a/unixauthservice/scripts/ranger-usersync-services.sh +++ b/unixauthservice/scripts/ranger-usersync-services.sh @@ -64,7 +64,7 @@ if [ "${action}" == "START" ]; then cd ${cdir} umask 0077 - nohup java -Dproc_rangerusersync ${JAVA_OPTS} -Dlogdir="${logdir}" -cp "${cp}" org.apache.ranger.authentication.UnixAuthenticationService -enableUnixAuth > ${logdir}/auth.log 2>&1 & + nohup java -Dproc_rangerusersync -Dlog4j.configuration=file:/etc/ranger/usersync/conf/log4j.xml ${JAVA_OPTS} -Dlogdir="${logdir}" -cp "${cp}" org.apache.ranger.authentication.UnixAuthenticationService -enableUnixAuth > ${logdir}/auth.log 2>&1 & echo $! > ${pidf} chown ranger ${pidf} sleep 5
