[jira] [Commented] (RANGER-1329) Update Ranger plugin handling of service-not-found error

Wed, 01 Feb 2017 14:48:06 -0800 

    [ 
https://issues.apache.org/jira/browse/RANGER-1329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15849060#comment-15849060
 ] 

Abhay Kulkarni commented on RANGER-1329:
----------------------------------------

Commit details:

Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/16f481ba
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/16f481ba
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/16f481ba

Branch: refs/heads/master
Commit: 16f481ba888077acb4daf5705896a8318aa6a24e
Parents: 8f9fec3

> Update Ranger plugin handling of service-not-found error
> --------------------------------------------------------
>
>                 Key: RANGER-1329
>                 URL: https://issues.apache.org/jira/browse/RANGER-1329
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins
>            Reporter: Madhan Neethiraj
>            Assignee: Abhay Kulkarni
>             Fix For: 0.7.0
>
>
> Ranger plugins download policies from Ranger Admin for a specific service 
> (like hivedev, hadoopdev, ..) as configured in plugin configuration files. 
> Downloaded policies are cached in-memory and this cache is used to determine 
> authorization of resource accesses. In addition, the plugins also save the 
> downloaded polices in a configured policy-cache location - which are used 
> during component-restart  - if the plugin couldn't download policies from 
> Ranger Admin.
> If the service is deleted or renamed in Ranger Admin, the plugins will 
> continue to use the cached policies in memory; and on restart, the plugins 
> will load and use the policies saved in policy-cache. This may not be the 
> desired or intended behavior; the expectation would be that the plugins run 
> with no policy to determine authorization of resource-accesses. This would 
> require the plugin to clear its in-memory cache and also clear the saved 
> policy-cache. Please note that clearing of cached policies should be done 
> only if the plugins can determine that the configured service (like hivedev, 
> hadoopdev, ..) doesn't exist in Ranger Admin. On all other cases where the 
> policy download fails (like network issue, Ranger Admin not reachable, etc), 
> the plugin should continue to use the cached policies.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to