[
https://issues.apache.org/jira/browse/RANGER-1329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Abhay Kulkarni reassigned RANGER-1329:
--------------------------------------
Assignee: Abhay Kulkarni
> Upate Ranger plugin handling of service not-found error
> -------------------------------------------------------
>
> Key: RANGER-1329
> URL: https://issues.apache.org/jira/browse/RANGER-1329
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Reporter: Madhan Neethiraj
> Assignee: Abhay Kulkarni
>
> Ranger plugins download policies from Ranger Admin for a specific service
> (like hivedev, hadoopdev, ..) as configured in plugin configuration files.
> Downloaded policies are cached in-memory and this cache is used to determine
> authorization of resource accesses. In addition, the plugins also save the
> downloaded polices in a configured policy-cache location - which are used
> during component-restart - if the plugin couldn't download policies from
> Ranger Admin.
> If the service is deleted or renamed in Ranger Admin, the plugins will
> continue to use the cached policies in memory; and on restart, the plugins
> will load and use the policies saved in policy-cache. This may not be the
> desired or intended behavior; the expectation would be that the plugins run
> with no policy to determine authorization of resource-accesses. This would
> require the plugin to clear its in-memory cache and also clear the saved
> policy-cache. Please note that clearing of cached policies should be done
> only if the plugins can determine that the configured service (like hivedev,
> hadoopdev, ..) doesn't exist in Ranger Admin. On all other cases where the
> policy download fails (like network issue, Ranger Admin not reachable, etc),
> the plugin should continue to use the cached policies.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
