Thanks Madhan. Just to clarify - ATLAS-2459 is not yet applied, so do I
have to apply this manually to get this to work?
When trying to install the current Ranger 1.1.0-SNAPSHOT plugin with the
latest Atlas SNAPSHOT distribution I see an error in application.log:
java.lang.NoClassDefFoundError:
org/codehaus/jackson/jaxrs/JacksonJsonProvider
at
org.apache.ranger.plugin.util.RangerRESTClient.buildClient(RangerRESTClient.java:209)
I'm wondering if there is a conflict between the jackson-jaxrs-1.9.13.jar
in the Atlas plugin lib and the version of Jackson used in Atlas?
Colm.
On Mon, Mar 12, 2018 at 9:14 PM, Madhan Neethiraj <mad...@apache.org> wrote:
> Colm,
>
> Perhaps you are using the Atlas service-def from Ranger master, against
> Atlas from branch-0.8 (or from master before ATLAS-2459)? Earlier Atlas
> versions use a different authorization model, which don't allow access
> controls at instance/type levels. Please try with Atlas from master branch.
>
> Hope this helps.
>
> Madhan
>
>
>
>
> On 3/12/18, 11:16 AM, "Colm O hEigeartaigh" <cohei...@apache.org> wrote:
>
> Hi all,
>
> I'm using the Ranger plugin to secure access to Atlas. How can I
> create a
> policy in Ranger to allow a user access to a subset of the entities?
> So for
> example, I want to allow "alice" to "read" all entities that have a
> given
> type. I created an authorization policy of "type" "Table", but I get
> the
> following error:
>
> curl -u alice:password "http://localhost:21000/api/
> atlas/entities?type=Table
> "
> <title>Error 403 {"AuthorizationError":"You are not
> authorized for READ on [ENTITY] : *"}</title>
>
> How can I allow authorization for a subset of the entities? I guess I
> need
> an authorization policy for "Entity" but it's not clear what values
> apart
> from "*" are supported here?
>
> Colm.
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
>
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
