tooptoop4 commented on issue #36: [RANGER-2395] Add Presto plugin URL: https://github.com/apache/ranger/pull/36#issuecomment-497988012 @bolkedebruin @cryptoe I tried the https://cwiki.apache.org/confluence/display/RANGER/Presto+Plugin steps but getting below error. Ranger is working fine with Hive queries but with Presto always getting access denied even after setting up service with allow policies in the Ranger WebUI. Presto server startup log has this stacktrace but the presto server stays up. I have valid https... value for ranger.plugin.presto.policy.rest.url in ranger-presto-security.xml. Would like to know what jdbc url format you use in the Ranger UI Service connection too. 2019-06-02T00:06:15.483Z INFO main Bootstrap PROPERTY DEFAULT RUNTIME DESCRIPTION 2019-06-02T00:06:15.483Z INFO main Bootstrap ranger.keytab null null Keytab for authentication against Ranger 2019-06-02T00:06:15.483Z INFO main Bootstrap ranger.principal null null Principal for authentication against Ranger with keytab 2019-06-02T00:06:15.612Z INFO main stderr SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". 2019-06-02T00:06:15.612Z INFO main stderr SLF4J: Defaulting to no-operation (NOP) logger implementation 2019-06-02T00:06:15.613Z INFO main stderr SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. 2019-06-02T00:06:15.654Z ERROR main org.apache.ranger.authorization.hadoop.config.RangerConfiguration addResourceIfReadable(ranger-presto-audit.xml): couldn't find resource file location 2019-06-02T00:06:15.656Z ERROR main org.apache.ranger.authorization.hadoop.config.RangerConfiguration addResourceIfReadable(ranger-presto-security.xml): couldn't find resource file location 2019-06-02T00:06:15.658Z INFO main org.apache.ranger.audit.provider.AuditProviderFactory AuditProviderFactory: creating.. 2019-06-02T00:06:15.659Z INFO main org.apache.ranger.audit.provider.AuditProviderFactory AuditProviderFactory: initializing.. 2019-06-02T00:06:15.687Z INFO main org.apache.ranger.audit.provider.AuditProviderFactory No v3 audit configuration found. Trying v2 audit configurations 2019-06-02T00:06:15.687Z INFO main org.apache.ranger.audit.provider.AuditProviderFactory AuditProviderFactory: Audit not enabled.. 2019-06-02T00:06:15.691Z INFO main org.apache.ranger.plugin.service.RangerBasePlugin PolicyEngineOptions: { evaluatorType: auto, cacheAuditResult: false, disableContextEnrichers: false, disableCustomConditions: false, disableTrieLookupPrefilter: false } 2019-06-02T00:06:15.771Z WARN main org.apache.hadoop.util.NativeCodeLoader Unable to load native-hadoop library for your platform... using builtin-java classes where applicable 2019-06-02T00:06:15.958Z ERROR main org.apache.ranger.plugin.util.PolicyRefresher PolicyRefresher(serviceName=null): failed to refresh policies. Will continue to use last known version of policies (-1) com.sun.jersey.api.client.ClientHandlerException: java.lang.IllegalArgumentException: URI is not absolute at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:155) at com.sun.jersey.api.client.Client.handle(Client.java:652) at com.sun.jersey.api.client.WebResource.handle(WebResource.java:682) at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74) at com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:509) at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:131) at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) at org.apache.ranger.plugin.util.PolicyRefresher.startRefresher(PolicyRefresher.java:149) at org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:150) at org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControl.<init>(RangerSystemAccessControl.java:84) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControl.<init>(RangerSystemAccessControl.java:54) at org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControl$$FastClassByGuice$$ec9f475b.newInstance(<generated>) at com.google.inject.internal.DefaultConstructionProxyFactory$FastClassProxy.newInstance(DefaultConstructionProxyFactory.java:89) at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:114) at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91) at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:306) at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40) at com.google.inject.internal.SingletonScope$1.get(SingletonScope.java:168) at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:39) at com.google.inject.internal.InternalInjectorCreator.loadEagerSingletons(InternalInjectorCreator.java:211) at com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:182) at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:109) at com.google.inject.Guice.createInjector(Guice.java:87) at io.airlift.bootstrap.Bootstrap.initialize(Bootstrap.java:240) at org.apache.ranger.authorization.presto.authorizer.RangerSystemAccessControlFactory.create(RangerSystemAccessControlFactory.java:53) Caused by: java.lang.IllegalArgumentException: URI is not absolute at java.net.URI.toURL(URI.java:1088) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:163) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:153) ... 33 more 2019-06-02T00:06:15.959Z WARN main org.apache.ranger.plugin.util.PolicyRefresher cache file does not exist or not readable 'null' 2019-06-02T00:06:15.990Z INFO main org.apache.ranger.plugin.service.RangerBasePlugin Policies will NOT be reordered based on number of evaluations 2019-06-02T00:06:15.991Z ERROR Thread-95 org.apache.ranger.plugin.util.PolicyRefresher PolicyRefresher(serviceName=null): failed to refresh policies. Will continue to use last known version of policies (-1) com.sun.jersey.api.client.ClientHandlerException: java.lang.IllegalArgumentException: URI is not absolute at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:155) at com.sun.jersey.api.client.Client.handle(Client.java:652) at com.sun.jersey.api.client.WebResource.handle(WebResource.java:682) at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74) at com.sun.jersey.api.client.WebResource$Builder.get(WebResource.java:509) at org.apache.ranger.admin.client.RangerAdminRESTClient.getServicePoliciesIfUpdated(RangerAdminRESTClient.java:131) at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicyfromPolicyAdmin(PolicyRefresher.java:264) at org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:202) at org.apache.ranger.plugin.util.PolicyRefresher.run(PolicyRefresher.java:171) Caused by: java.lang.IllegalArgumentException: URI is not absolute at java.net.URI.toURL(URI.java:1088) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:163) at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:153) ... 8 more
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
