Merge branch 'master' into tag-policy
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/42b040e6 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/42b040e6 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/42b040e6 Branch: refs/heads/tag-policy Commit: 42b040e67a0564b9a3583304fa7447977a52d2e2 Parents: 91f1932 a733b7c Author: Madhan Neethiraj <[email protected]> Authored: Wed Dec 2 15:18:03 2015 -0800 Committer: Madhan Neethiraj <[email protected]> Committed: Wed Dec 2 15:18:03 2015 -0800 ---------------------------------------------------------------------- .../RangerAbstractConditionEvaluator.java | 3 + .../RangerConditionEvaluator.java | 1 - .../contextenricher/RangerTagEnricher.java | 50 +- .../ranger/plugin/model/RangerTagDef.java | 1 + .../policyengine/RangerPolicyEngineImpl.java | 62 +- .../policyengine/RangerPolicyRepository.java | 25 + .../RangerAbstractPolicyEvaluator.java | 6 +- .../RangerAbstractPolicyItemEvaluator.java | 9 +- .../RangerCachedPolicyEvaluator.java | 26 +- .../RangerDefaultPolicyEvaluator.java | 96 ++- .../RangerDefaultPolicyItemEvaluator.java | 40 +- .../RangerOptimizedPolicyEvaluator.java | 79 ++- .../RangerPolicyItemEvaluator.java | 2 + .../RangerAbstractResourceMatcher.java | 6 +- .../ranger/plugin/store/AbstractTagStore.java | 45 ++ .../apache/ranger/plugin/store/TagStore.java | 1 + .../ranger/plugin/util/PolicyRefresher.java | 11 +- .../plugin/policyengine/TestPolicyEngine.java | 2 +- .../src/test/resources/log4j.properties | 35 -- agents-common/src/test/resources/log4j.xml | 53 ++ kms/scripts/dba_script.py | 8 +- kms/scripts/exportKeysToJCEKS.sh | 19 + kms/scripts/importJCEKSKeys.sh | 2 +- .../hadoop/crypto/key/Ranger2JKSUtil.java | 134 +++++ .../hadoop/crypto/key/RangerKeyStore.java | 40 +- .../kafka/authorizer/RangerKafkaAuthorizer.java | 84 ++- .../services/kafka/RangerServiceKafka.java | 37 +- .../kafka/client/ServiceKafkaClient.java | 42 +- pom.xml | 7 +- ranger-kafka-plugin-shim/.gitignore | 1 + .../kafka/authorizer/RangerKafkaAuthorizer.java | 87 ++- security-admin/.gitignore | 2 - security-admin/scripts/dba_script.py | 26 +- security-admin/scripts/install.properties | 13 + security-admin/scripts/setup.sh | 89 ++- .../ranger/biz/RangerPolicyRetriever.java | 7 +- .../apache/ranger/biz/RangerTagDBRetriever.java | 597 +++++++++++++++++++ .../java/org/apache/ranger/biz/TagDBStore.java | 24 +- .../java/org/apache/ranger/biz/UserMgr.java | 67 ++- .../java/org/apache/ranger/biz/XUserMgr.java | 51 +- .../ranger/db/XXServiceResourceElementDao.java | 12 + .../db/XXServiceResourceElementValueDao.java | 25 + .../org/apache/ranger/db/XXTagAttributeDao.java | 23 + .../apache/ranger/db/XXTagAttributeDefDao.java | 23 + .../java/org/apache/ranger/db/XXTagDefDao.java | 13 + .../org/apache/ranger/rest/ServiceREST.java | 198 +++--- .../ranger/rest/ServiceTagsProcessor.java | 27 +- .../handler/RangerAuthenticationProvider.java | 28 +- .../java/org/apache/ranger/solr/SolrMgr.java | 100 +++- .../java/org/apache/ranger/solr/SolrUtil.java | 3 +- .../resources/META-INF/jpa_named_queries.xml | 77 ++- .../conf.dist/security-applicationContext.xml | 1 - .../src/test/resources/log4j.properties | 35 -- security-admin/src/test/resources/log4j.xml | 53 ++ src/main/assembly/kms.xml | 1 + .../ldapconfigcheck/scripts/run.sh | 8 +- .../ldapconfigcheck/CommandLineOptions.java | 14 +- .../ldapconfigcheck/LdapConfigCheckMain.java | 6 +- .../apache/ranger/ldapconfigcheck/UserSync.java | 17 +- .../process/LdapUserGroupBuilder.java | 388 ++++++------ unixauthservice/scripts/setup.py | 4 +- 61 files changed, 2262 insertions(+), 684 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/42b040e6/security-admin/scripts/install.properties ---------------------------------------------------------------------- diff --cc security-admin/scripts/install.properties index 2d52890,cb10769..5c39dcf --- a/security-admin/scripts/install.properties +++ b/security-admin/scripts/install.properties @@@ -107,20 -107,9 +107,21 @@@ unix_group=range # # ------- UNIX User CONFIG - END ---------------- # + # # +#-------- SSO CONFIG - Start ------------------ +# +sso_enabled=false +sso_providerurl=https://localhost:8443/gateway/knoxsso/api/v1/websso +sso_publickey= +sso_cookiename=hadoop-jwt +sso_query_param_originalurl=originalUrl +# +#-------- SSO CONFIG - Start ------------------ +# + +# # UNIX authentication service for Policy Manager # # PolicyManager can authenticate using UNIX username/password http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/42b040e6/security-admin/scripts/setup.sh ----------------------------------------------------------------------
