SENTRY-1056: Get service name from Kafka's server properties. (Ashish K Singh, reviewed by: Dapeng Sun and Hao Hao)
Change-Id: Ibb0abb9c01d50c05dc178e31d08295c0b3efb9b1 Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/51f4e8d4 Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/51f4e8d4 Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/51f4e8d4 Branch: refs/heads/master Commit: 51f4e8d46445b83debfd3984620b2953378a82e0 Parents: c117c65 Author: hahao <[email protected]> Authored: Wed Mar 2 10:44:28 2016 -0800 Committer: hahao <[email protected]> Committed: Mon Mar 21 23:16:32 2016 -0700 ---------------------------------------------------------------------- .../sentry/kafka/authorizer/SentryKafkaAuthorizer.java | 7 ++++++- .../org/apache/sentry/kafka/binding/KafkaAuthBinding.java | 9 ++++----- .../sentry/kafka/binding/KafkaAuthBindingSingleton.java | 4 ++-- .../java/org/apache/sentry/kafka/conf/KafkaAuthConf.java | 6 +++--- 4 files changed, 15 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/51f4e8d4/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java index 9ffb971..5bf520b 100644 --- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java +++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java @@ -44,6 +44,7 @@ public class SentryKafkaAuthorizer implements Authorizer { String sentry_site = null; List<KafkaPrincipal> super_users = null; + String kafkaServiceInstanceName = KafkaAuthConf.AuthzConfVars.getDefault(KafkaAuthConf.KAFKA_SERVICE_INSTANCE_NAME); public SentryKafkaAuthorizer() { } @@ -105,9 +106,13 @@ public class SentryKafkaAuthorizer implements Authorizer { if (kafkaSuperUsersConfig != null) { getSuperUsers(kafkaSuperUsersConfig.toString()); } + final Object kafkaServiceInstanceName = configs.get(KafkaAuthConf.KAFKA_SERVICE_INSTANCE_NAME); + if (kafkaServiceInstanceName != null) { + this.kafkaServiceInstanceName = kafkaServiceInstanceName.toString(); + } LOG.info("Configuring Sentry KafkaAuthorizer: " + sentry_site); final KafkaAuthBindingSingleton instance = KafkaAuthBindingSingleton.getInstance(); - instance.configure(sentry_site); + instance.configure(this.kafkaServiceInstanceName, sentry_site); this.binding = instance.getAuthBinding(); this.kafkaAuthConf = instance.getKafkaAuthConf(); } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/51f4e8d4/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java index 9e72d78..a54eb8f 100644 --- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java +++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java @@ -52,9 +52,9 @@ public class KafkaAuthBinding { private final KafkaActionFactory actionFactory = KafkaActionFactory.getInstance(); - public KafkaAuthBinding(Configuration authConf) throws Exception { + public KafkaAuthBinding(String instanceName, Configuration authConf) throws Exception { this.authConf = authConf; - this.authProvider = createAuthProvider(); + this.authProvider = createAuthProvider(instanceName); } /** @@ -62,7 +62,7 @@ public class KafkaAuthBinding { * * @return {@link AuthorizationProvider} */ - private AuthorizationProvider createAuthProvider() throws Exception { + private AuthorizationProvider createAuthProvider(String instanceName) throws Exception { /** * get the authProvider class, policyEngine class, providerBackend class and resources from the * kafkaAuthConf config @@ -79,7 +79,6 @@ public class KafkaAuthBinding { String policyEngineName = authConf.get(AuthzConfVars.AUTHZ_POLICY_ENGINE.getVar(), AuthzConfVars.AUTHZ_POLICY_ENGINE.getDefault()); - String instanceName = authConf.get(AuthzConfVars.AUTHZ_INSTANCE_NAME.getVar()); if (resourceName != null && resourceName.startsWith("classpath:")) { String resourceFileName = resourceName.substring("classpath:".length()); resourceName = AuthorizationProvider.class.getClassLoader().getResource(resourceFileName).getPath(); @@ -100,7 +99,7 @@ public class KafkaAuthBinding { resourceName}); if (providerBackend instanceof SentryGenericProviderBackend) { ((SentryGenericProviderBackend) providerBackend).setComponentType(COMPONENT_TYPE); - ((SentryGenericProviderBackend) providerBackend).setServiceName("kafka" + instanceName); + ((SentryGenericProviderBackend) providerBackend).setServiceName(instanceName); } // Instantiate the configured policyEngine http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/51f4e8d4/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java index 92e50e6..d7a5d1c 100644 --- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java +++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java @@ -56,10 +56,10 @@ public class KafkaAuthBindingSingleton { return kafkaAuthConf; } - public void configure(String sentry_site) { + public void configure(String instanceName, String sentry_site) { try { kafkaAuthConf = loadAuthzConf(sentry_site); - binding = new KafkaAuthBinding(kafkaAuthConf); + binding = new KafkaAuthBinding(instanceName, kafkaAuthConf); log.info("KafkaAuthBinding created successfully"); } catch (Exception ex) { log.error("Unable to create KafkaAuthBinding", ex); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/51f4e8d4/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java index e75ec7e..cff9418 100644 --- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java +++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java @@ -28,17 +28,17 @@ public class KafkaAuthConf extends Configuration { public static final String SENTRY_KAFKA_SITE_URL = "sentry.kafka.site.url"; public static final String AUTHZ_SITE_FILE = "sentry-site.xml"; public static final String KAFKA_SUPER_USERS = "kafka.superusers"; + public static final String KAFKA_SERVICE_INSTANCE_NAME = "sentry.kafka.service.instance"; /** * Config setting definitions */ public static enum AuthzConfVars { - AUTHZ_PROVIDER("sentry.kafka.provider", - HadoopGroupResourceAuthorizationProvider.class.getName()), + AUTHZ_PROVIDER("sentry.kafka.provider", HadoopGroupResourceAuthorizationProvider.class.getName()), AUTHZ_PROVIDER_RESOURCE("sentry.kafka.provider.resource", ""), AUTHZ_PROVIDER_BACKEND("sentry.kafka.provider.backend", SentryGenericProviderBackend.class.getName()), AUTHZ_POLICY_ENGINE("sentry.kafka.policy.engine", SimpleKafkaPolicyEngine.class.getName()), - AUTHZ_INSTANCE_NAME("sentry.kafka.name", ""); + AUTHZ_INSTANCE_NAME(KAFKA_SERVICE_INSTANCE_NAME, "kafka"); private final String varName; private final String defaultVal;
