Re: Review Request 62709: RANGER-1817 : Audit to Solr fails to log when the number of columns are in large number

2017-10-03 Thread Ramesh Mani 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62709/#review187051
---


Ship it!




Ship It!

- Ramesh Mani


On Sept. 30, 2017, 6:26 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62709/
> ---
> 
> (Updated Sept. 30, 2017, 6:26 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1817
> https://issues.apache.org/jira/browse/RANGER-1817
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Audit to Solr fails to log when the number of columns are in large number. 
> This is due to Solr has a hard limit on solr.StrField and if this string is 
> exceeding max length 32766, it throws exception which causes the audit to 
> fail. To overcome this we need to trip this in Audit records and the best 
> place to do it is in solr schema for ranger-audits.
> 
> For this we need to change the file managed_schema in ranger and commit it to 
> zookeeper.
> Change required in the managed_schema file is, find the following in the 
> managed_schema file and add this param to limit the length to 2500 max.
> 
> 
> Diffs
> -
> 
>   security-admin/contrib/solr_for_audit_setup/conf/managed-schema ee1d894 
> 
> 
> Diff: https://reviews.apache.org/r/62709/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested Ranger installation
> 2.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 62709: RANGER-1817 : Audit to Solr fails to log when the number of columns are in large number

2017-10-03 Thread Fatima Khan 


> On Sept. 30, 2017, 4:24 p.m., Ramesh Mani wrote:
> > security-admin/contrib/solr_for_audit_setup/conf/managed-schema
> > Lines 32 (patched)
> > 
> >
> > We need to have a default value for this config in ranger, which can be 
> > overridden.
> > 
> > Default can be a much less value say 100, which can be rendered on UI 
> > without any performance issue.

Currently we are not exposing any properties in Ranger. This will be a new 
feature.


- Fatima


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62709/#review186786
---


On Sept. 30, 2017, 6:26 a.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62709/
> ---
> 
> (Updated Sept. 30, 2017, 6:26 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
> Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-1817
> https://issues.apache.org/jira/browse/RANGER-1817
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Audit to Solr fails to log when the number of columns are in large number. 
> This is due to Solr has a hard limit on solr.StrField and if this string is 
> exceeding max length 32766, it throws exception which causes the audit to 
> fail. To overcome this we need to trip this in Audit records and the best 
> place to do it is in solr schema for ranger-audits.
> 
> For this we need to change the file managed_schema in ranger and commit it to 
> zookeeper.
> Change required in the managed_schema file is, find the following in the 
> managed_schema file and add this param to limit the length to 2500 max.
> 
> 
> Diffs
> -
> 
>   security-admin/contrib/solr_for_audit_setup/conf/managed-schema ee1d894 
> 
> 
> Diff: https://reviews.apache.org/r/62709/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Tested Ranger installation
> 2.Junit test was successful
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 62751: RANGER-1824 - Upgrade Spring Framework to 3.2.18

2017-10-03 Thread bhavik patel 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62751/#review187048
---



@Colm : Can you please confirm is Ranger KMS in Simple, Kerberos, SSL, KnoxSSO, 
KnoxProxy enabled environments is working as expected?

- bhavik patel


On Oct. 3, 2017, 2:09 p.m., Colm O hEigeartaigh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62751/
> ---
> 
> (Updated Oct. 3, 2017, 2:09 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1824
> https://issues.apache.org/jira/browse/RANGER-1824
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> When starting the Admin console, the following appears in the logs:
> 
> 2017-10-02 10:00:35,651 [localhost-startStop-1] WARN 
> org.springframework.security.core.SpringSecurityCoreVersion 
> (SpringSecurityCoreVersion.java:60) -  You are advised to use Spring 
> 3.2.18.RELEASE or later with this version. You are running: 3.2.10.RELEASE
> 
> We should update Spring to 3.2.18
> 
> 
> Diffs
> -
> 
>   pom.xml 3958014c 
> 
> 
> Diff: https://reviews.apache.org/r/62751/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the admin console started properly + can load policies etc.
> 
> 
> Thanks,
> 
> Colm O hEigeartaigh
> 
>

[jira] [Updated] (RANGER-1819) Not able to delete group that is having special character(ampersand) from ranger admin

2017-10-03 Thread Madhan Neethiraj (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1819?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Madhan Neethiraj updated RANGER-1819:
-
Reporter: Deepak Sharma  (was: Nitin Galave)

> Not able to delete group that is having special character(ampersand) from 
> ranger admin
> --
>
> Key: RANGER-1819
> URL: https://issues.apache.org/jira/browse/RANGER-1819
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 1.0.0
>Reporter: Deepak Sharma
>Assignee: Nitin Galave
> Fix For: 1.0.0, 0.7.2
>
> Attachments: RANGER-1819.patch
>
>
> Trying to delete some of the group with special character from the ranger 
> admin, but not able to delete.
> This issue happens only if there is & in the username:
> groupspecial#$@&
> i see this error saying this user is not found, user does not seems to be 
> parsed correctly at the time of deletion, groupspecial#$@& is the username 
> whereas ranger tries to delete "groupspecial":
> {code}
> 2017-09-27 13:08:49,214 [http-bio-6182-exec-22] INFO  
> org.apache.ranger.biz.SessionMgr (SessionMgr.java:232) - UserSession Updated 
> to set new Permissions to User: hive
> 2017-09-27 13:08:49,214 [http-bio-6182-exec-22] INFO  
> org.apache.ranger.biz.SessionMgr (SessionMgr.java:184) - Login Success: 
> loginId=hive, sessionId=null, sessionId=8E3EF64186DAFB35987287CFB30A0B9B, 
> requestId=172.27.68.207, epoch=1506517729214
> 2017-09-27 13:08:52,333 [http-bio-6182-exec-21] INFO  
> org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request 
> failed. loginId=admin, logMessage=groupspecial is Not Found
> javax.ws.rs.WebApplicationException
>   at 
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
>   at 
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
>   at 
> org.apache.ranger.service.XGroupService.getGroupByGroupName(XGroupService.java:104)
>   at 
> org.apache.ranger.rest.XUserREST.deleteSingleGroupByGroupName(XUserREST.java:1100)
>   at 
> org.apache.ranger.rest.XUserREST$$FastClassBySpringCGLIB$$b2a65360.invoke()
>   at 
> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
>   at 
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:700)
>   at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
>   at 
> org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:64)
>   at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
>   at 
> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
>   at 
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
> {code}
> *Same issue present in case of the users*
> Expected Result: It should delete the user/groups.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Re: Review Request 62751: RANGER-1824 - Upgrade Spring Framework to 3.2.18

2017-10-03 Thread Alejandro Fernandez 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62751/#review186951
---


Ship it!




Ship It!

- Alejandro Fernandez


On Oct. 3, 2017, 2:09 p.m., Colm O hEigeartaigh wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/62751/
> ---
> 
> (Updated Oct. 3, 2017, 2:09 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-1824
> https://issues.apache.org/jira/browse/RANGER-1824
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> When starting the Admin console, the following appears in the logs:
> 
> 2017-10-02 10:00:35,651 [localhost-startStop-1] WARN 
> org.springframework.security.core.SpringSecurityCoreVersion 
> (SpringSecurityCoreVersion.java:60) -  You are advised to use Spring 
> 3.2.18.RELEASE or later with this version. You are running: 3.2.10.RELEASE
> 
> We should update Spring to 3.2.18
> 
> 
> Diffs
> -
> 
>   pom.xml 3958014c 
> 
> 
> Diff: https://reviews.apache.org/r/62751/diff/1/
> 
> 
> Testing
> ---
> 
> Tested the admin console started properly + can load policies etc.
> 
> 
> Thanks,
> 
> Colm O hEigeartaigh
> 
>

Review Request 62751: RANGER-1824 - Upgrade Spring Framework to 3.2.18

2017-10-03 Thread Colm O hEigeartaigh 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/62751/
---

Review request for ranger.


Bugs: RANGER-1824
https://issues.apache.org/jira/browse/RANGER-1824


Repository: ranger


Description
---

When starting the Admin console, the following appears in the logs:

2017-10-02 10:00:35,651 [localhost-startStop-1] WARN 
org.springframework.security.core.SpringSecurityCoreVersion 
(SpringSecurityCoreVersion.java:60) -  You are advised to use Spring 
3.2.18.RELEASE or later with this version. You are running: 3.2.10.RELEASE

We should update Spring to 3.2.18


Diffs
-

  pom.xml 3958014c 


Diff: https://reviews.apache.org/r/62751/diff/1/


Testing
---

Tested the admin console started properly + can load policies etc.


Thanks,

Colm O hEigeartaigh

[jira] [Updated] (RANGER-1824) Upgrade Spring Framework to 3.2.18

2017-10-03 Thread Colm O hEigeartaigh (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated RANGER-1824:

Attachment: 0001-RANGER-1824-Upgrade-Spring-Framework-to-3.2.18.patch

> Upgrade Spring Framework to 3.2.18
> --
>
> Key: RANGER-1824
> URL: https://issues.apache.org/jira/browse/RANGER-1824
> Project: Ranger
>  Issue Type: Improvement
>  Components: admin
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: 0001-RANGER-1824-Upgrade-Spring-Framework-to-3.2.18.patch
>
>
> When starting the Admin console, the following appears in the logs:
> 2017-10-02 10:00:35,651 [localhost-startStop-1] WARN  
> org.springframework.security.core.SpringSecurityCoreVersion 
> (SpringSecurityCoreVersion.java:60) -  You are advised to use Spring 
> 3.2.18.RELEASE or later with this version. You are running: 3.2.10.RELEASE
> We should update Spring to 3.2.18



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (RANGER-1824) Upgrade Spring Framework to 3.2.18

2017-10-03 Thread Colm O hEigeartaigh (JIRA) 
Colm O hEigeartaigh created RANGER-1824:
---

 Summary: Upgrade Spring Framework to 3.2.18
 Key: RANGER-1824
 URL: https://issues.apache.org/jira/browse/RANGER-1824
 Project: Ranger
  Issue Type: Improvement
  Components: admin
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Priority: Minor
 Fix For: 1.0.0


When starting the Admin console, the following appears in the logs:

2017-10-02 10:00:35,651 [localhost-startStop-1] WARN  
org.springframework.security.core.SpringSecurityCoreVersion 
(SpringSecurityCoreVersion.java:60) -  You are advised to use Spring 
3.2.18.RELEASE or later with this version. You are running: 3.2.10.RELEASE

We should update Spring to 3.2.18



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1823) Allowed TRUNCATE and INSERT to partition table when the policy item is only "SELECT"

2017-10-03 Thread Haihui Xu (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-1823:
--
Summary: Allowed TRUNCATE and INSERT to partition table when the policy 
item is only "SELECT"  (was: Allowed TRUNCATE/INSERT to partition table when 
the policy item is only "SELECT")

> Allowed TRUNCATE and INSERT to partition table when the policy item is only 
> "SELECT"
> 
>
> Key: RANGER-1823
> URL: https://issues.apache.org/jira/browse/RANGER-1823
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 0.5.3, 0.7.1
>Reporter: Haihui Xu
>Assignee: Haihui Xu
> Fix For: 0.5.4, 1.0.0
>
> Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition 
> table when the policy item is only SELECT.patch
>
>
> In beeline, useraa  create table hive_test, such as :  CREATE TABLE 
> hive_test(b string) PARTITIONED BY (a string); then  in ranger admin UI  add 
> a policy for userbb, the policy has only "SELECT"  of table hive_test;   in 
> beeline  userbb  execute "truncate table hive_test" / "insert into hive_test 
> partition(a=20171003) select 1 from hive_test"  is allowed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"

2017-10-03 Thread Haihui Xu (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-1823:
--
Attachment: RANGER-1823-Allowed TRUNCATE and INSERT to partition table when 
the policy item is only SELECT.patch

> Allowed TRUNCATE/INSERT to partition table when the policy item is only 
> "SELECT"
> 
>
> Key: RANGER-1823
> URL: https://issues.apache.org/jira/browse/RANGER-1823
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 0.5.3, 0.7.1
>Reporter: Haihui Xu
>Assignee: Haihui Xu
> Fix For: 0.5.4, 1.0.0
>
> Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition 
> table when the policy item is only SELECT.patch
>
>
> In beeline, useraa  create table hive_test, such as :  CREATE TABLE 
> hive_test(b string) PARTITIONED BY (a string); then  in ranger admin UI  add 
> a policy for userbb, the policy has only "SELECT"  of table hive_test;   in 
> beeline  userbb  execute "truncate table hive_test" / "insert into hive_test 
> partition(a=20171003) select 1 from hive_test"  is allowed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"

2017-10-03 Thread Haihui Xu (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-1823:
--
Attachment: (was: RANGER-1823-Allowed TRUNCATEINSERT to partition table 
when the policy item is only SELECT.patch)

> Allowed TRUNCATE/INSERT to partition table when the policy item is only 
> "SELECT"
> 
>
> Key: RANGER-1823
> URL: https://issues.apache.org/jira/browse/RANGER-1823
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 0.5.3, 0.7.1
>Reporter: Haihui Xu
>Assignee: Haihui Xu
> Fix For: 0.5.4, 1.0.0
>
> Attachments: RANGER-1823-Allowed TRUNCATE and INSERT to partition 
> table when the policy item is only SELECT.patch
>
>
> In beeline, useraa  create table hive_test, such as :  CREATE TABLE 
> hive_test(b string) PARTITIONED BY (a string); then  in ranger admin UI  add 
> a policy for userbb, the policy has only "SELECT"  of table hive_test;   in 
> beeline  userbb  execute "truncate table hive_test" / "insert into hive_test 
> partition(a=20171003) select 1 from hive_test"  is allowed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"

2017-10-03 Thread Haihui Xu (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-1823:
--
Attachment: RANGER-1823-Allowed TRUNCATEINSERT to partition table when the 
policy item is only SELECT.patch

> Allowed TRUNCATE/INSERT to partition table when the policy item is only 
> "SELECT"
> 
>
> Key: RANGER-1823
> URL: https://issues.apache.org/jira/browse/RANGER-1823
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 0.5.3, 0.7.1
>Reporter: Haihui Xu
>Assignee: Haihui Xu
> Fix For: 0.5.4, 1.0.0
>
> Attachments: RANGER-1823-Allowed TRUNCATEINSERT to partition table 
> when the policy item is only SELECT.patch
>
>
> In beeline, useraa  create table hive_test, such as :  CREATE TABLE 
> hive_test(b string) PARTITIONED BY (a string); then  in ranger admin UI  add 
> a policy for userbb, the policy has only "SELECT"  of table hive_test;   in 
> beeline  userbb  execute "truncate table hive_test" / "insert into hive_test 
> partition(a=20171003) select 1 from hive_test"  is allowed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"

2017-10-03 Thread Haihui Xu (JIRA) 

 [ 
https://issues.apache.org/jira/browse/RANGER-1823?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-1823:
--
Description: In beeline, useraa  create table hive_test, such as :  CREATE 
TABLE hive_test(b string) PARTITIONED BY (a string); then  in ranger admin UI  
add a policy for userbb, the policy has only "SELECT"  of table hive_test;   in 
beeline  userbb  execute "truncate table hive_test" /  

> Allowed TRUNCATE/INSERT to partition table when the policy item is only 
> "SELECT"
> 
>
> Key: RANGER-1823
> URL: https://issues.apache.org/jira/browse/RANGER-1823
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 0.5.3
>Reporter: Haihui Xu
>Assignee: Haihui Xu
> Fix For: 0.5.4, 1.0.0
>
>
> In beeline, useraa  create table hive_test, such as :  CREATE TABLE 
> hive_test(b string) PARTITIONED BY (a string); then  in ranger admin UI  add 
> a policy for userbb, the policy has only "SELECT"  of table hive_test;   in 
> beeline  userbb  execute "truncate table hive_test" /  



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (RANGER-1823) Allowed TRUNCATE/INSERT to partition table when the policy item is only "SELECT"

2017-10-03 Thread Haihui Xu (JIRA) 
Haihui Xu created RANGER-1823:
-

 Summary: Allowed TRUNCATE/INSERT to partition table when the 
policy item is only "SELECT"
 Key: RANGER-1823
 URL: https://issues.apache.org/jira/browse/RANGER-1823
 Project: Ranger
  Issue Type: Bug
  Components: plugins
Affects Versions: 0.5.3
Reporter: Haihui Xu
Assignee: Haihui Xu
 Fix For: 0.5.4, 1.0.0






--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Adding new plugin to ranger

2017-10-03 Thread Ronny Hidayat 
Hi all,

I want to add new plugin to ranger (glusterfs-agent), so GlusterFS
appears on Ranger-Admin website.
How to do that ?
Do you have any tutorial ?

Thank you.