> On 一月 24, 2022, 11:20 a.m., Mateen Mansoori wrote:
> > After applying your patch, Below files/folder are missing from ews/webaap
> >
> > log4j-kmsaudit.properties
> > logback.xml
> > META-INF/
> > mini-kms-acls-default.xml
>
> Kirby Zhou wrote:
> Yes, but I have checked, nothing depends on them.
>
>
> * log4j-kmsaudit.properties
> * logback.xml
> * META-INF/
>
> Some code use files above, but they just read it from 'ranger-kms.jar',
> and the files reside in webapp/ is meaningless.
> Remember, no ClassLoader load classes under ews/webapp, so noone can call
> getResource to get them.
>
>
> * mini-kms-acls-default.xml
> Even no code read the file, it seems just a document to explain the
> hard-coded rules.
>
> Kirby Zhou wrote:
> ```
> // KMSWebApp.contextInitialized
> kmsConf = KMSConfiguration.getKMSConf();
> kmsAcls =
> getAcls(kmsConf.get(KMSConfiguration.KMS_SECURITY_AUTHORIZER));
>
> // KMSWebApp.getAcls
> if (clsStr == null || clsStr.trim().equals("")) {
> cls = KMSACLs.class;
> }
> keyAcl = ReflectionUtils.newInstance(cls, kmsConf);
>
>
> // KMSConfiguration.getKMSConf
> KMS_SITE_XML = "kms-site.xml"
> return getConfiguration(true, KMS_SITE_XML);
>
> // ReflectionUtils.newInstance
> meth = theClass.getDeclaredConstructor(EMPTY_ARRAY);
> result = meth.newInstance();
>
> // KMSACLs.KMSACLs(conf)
> if (conf == null) {
> conf = loadACLs();
> }
> setKMSACLs(conf);
> setKeyACLs(conf);
>
> // KMSACLs.loaldACLs
> Configuration conf = KMSConfiguration.getACLsConf();
>
> // KMSConfiguration.getACLsConf()
> public static final String KMS_ACLS_XML = "dbks-site.xml";
> return getConfiguration(true, KMS_ACLS_XML);
>
> ```
>
> So the basic KMSACLs conf just read ACLS through "dbks-site.xml", never
> read mini-kms-acls-default.xml.
>
> Mateen Mansoori wrote:
> Hi Kirby, Thanks for looking into this.
>
>
> However 'META-INF' contains a 'context.xml' file which is configured to
> disable JAR manifest scan which is turned on by default. If 'context.xml' is
> not present under 'META-INF' then tomcat shows lots of warnings like :
> //
> org.apache.tomcat.util.scan.StandardJarScanner processURLs
> WARNING: Failed to scan
> [path/to/kms/ranger-3.0.0-SNAPSHOT-kms/ews/webapp/lib/protobuf-java-util-3.17.2.jar]
> from classloader hierarchy
> //
>
> and context.xml contains a workaround configuration to disable these
> warnings. Please see if there is a different workaround other than this.
>
> Thanks.
I get your point, the context.xml should be moved to webapp/.
I refreshed my patch to do it.
- Kirby
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73816/#review223993
-----------------------------------------------------------
On 一月 29, 2022, 9:30 a.m., Kirby Zhou wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73816/
> -----------------------------------------------------------
>
> (Updated 一月 29, 2022, 9:30 a.m.)
>
>
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad,
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and
> Velmurugan Periasamy.
>
>
> Bugs: RANGER-3595
> https://issues.apache.org/jira/browse/RANGER-3595
>
>
> Repository: ranger
>
>
> Description
> -------
>
> https://issues.apache.org/jira/browse/RANGER-3595
>
>
> There are lots of .class files under ews/webapp/, and never used.
> Becasue
> 1. place web.xml at correct location
> 2. setup.sh want to patch hadoop-common.jar at runtime, it requires some file
> inside ranger-kms.jar. But the patching of hadoop-common.jar is unnecessary.
>
> My patch here makes maven no longer unpack ranger-kms.jar, and place web.xml
> at correct location.
>
>
> Diffs
> -----
>
> distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100
> kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36
> kms/src/main/resources/META-INF/context.xml
> kms/src/main/resources/WEB-INF/web.xml
> 5e2d489fe632a16a5ed440bbbff41f558d2a2338
>
>
> Diff: https://reviews.apache.org/r/73816/diff/2/
>
>
> Testing
> -------
>
> mvn clean build package.
>
> fresh installion and upgrade.
>
>
> Thanks,
>
> Kirby Zhou
>
>
