[jira] [Commented] (RANGER-3061) Default configuration error when enable ssl for ranger admin
[ https://issues.apache.org/jira/browse/RANGER-3061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17222020#comment-17222020 ] gaozhan ding commented on RANGER-3061: -- review request https://reviews.apache.org/r/72992/ > Default configuration error when enable ssl for ranger admin > > > Key: RANGER-3061 > URL: https://issues.apache.org/jira/browse/RANGER-3061 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: gaozhan ding >Priority: Minor > Attachments: > 0001-RANGER-3061-Default-configuration-error-when-enable-.patch > > > When enable ssl for ranger admin, all plugins such as hdfs, hive, need read > ssl configuration from file 'ranger-policymgr-ssl.xml' . But the > configuration for 'ranger-policymgr-ssl.xml' path was incorrect in file > 'ranger-xxx-security.xml' . The default configuration item comes from > ranger-xxx-security.cfg. We should change it. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-3061) Default configuration error when enable ssl for ranger admin
[ https://issues.apache.org/jira/browse/RANGER-3061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] gaozhan ding updated RANGER-3061: - Attachment: 0001-RANGER-3061-Default-configuration-error-when-enable-.patch > Default configuration error when enable ssl for ranger admin > > > Key: RANGER-3061 > URL: https://issues.apache.org/jira/browse/RANGER-3061 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: gaozhan ding >Priority: Minor > Attachments: > 0001-RANGER-3061-Default-configuration-error-when-enable-.patch > > > When enable ssl for ranger admin, all plugins such as hdfs, hive, need read > ssl configuration from file 'ranger-policymgr-ssl.xml' . But the > configuration for 'ranger-policymgr-ssl.xml' path was incorrect in file > 'ranger-xxx-security.xml' . The default configuration item comes from > ranger-xxx-security.cfg. We should change it. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-3061) Default configuration error when enable ssl for ranger admin
[ https://issues.apache.org/jira/browse/RANGER-3061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] gaozhan ding updated RANGER-3061: - Attachment: (was: RANGER-3061 Default configuration error when enable ssl for ranger admin.patch) > Default configuration error when enable ssl for ranger admin > > > Key: RANGER-3061 > URL: https://issues.apache.org/jira/browse/RANGER-3061 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: gaozhan ding >Priority: Minor > > When enable ssl for ranger admin, all plugins such as hdfs, hive, need read > ssl configuration from file 'ranger-policymgr-ssl.xml' . But the > configuration for 'ranger-policymgr-ssl.xml' path was incorrect in file > 'ranger-xxx-security.xml' . The default configuration item comes from > ranger-xxx-security.cfg. We should change it. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (RANGER-3061) Default configuration error when enable ssl for ranger admin
[ https://issues.apache.org/jira/browse/RANGER-3061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] gaozhan ding updated RANGER-3061: - Attachment: RANGER-3061 Default configuration error when enable ssl for ranger admin.patch > Default configuration error when enable ssl for ranger admin > > > Key: RANGER-3061 > URL: https://issues.apache.org/jira/browse/RANGER-3061 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 1.2.0 >Reporter: gaozhan ding >Priority: Minor > Attachments: RANGER-3061 Default configuration error when enable ssl > for ranger admin.patch > > > When enable ssl for ranger admin, all plugins such as hdfs, hive, need read > ssl configuration from file 'ranger-policymgr-ssl.xml' . But the > configuration for 'ranger-policymgr-ssl.xml' path was incorrect in file > 'ranger-xxx-security.xml' . The default configuration item comes from > ranger-xxx-security.cfg. We should change it. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (RANGER-3061) Default configuration error when enable ssl for ranger admin
gaozhan ding created RANGER-3061: Summary: Default configuration error when enable ssl for ranger admin Key: RANGER-3061 URL: https://issues.apache.org/jira/browse/RANGER-3061 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 1.2.0 Reporter: gaozhan ding When enable ssl for ranger admin, all plugins such as hdfs, hive, need read ssl configuration from file 'ranger-policymgr-ssl.xml' . But the configuration for 'ranger-policymgr-ssl.xml' path was incorrect in file 'ranger-xxx-security.xml' . The default configuration item comes from ranger-xxx-security.cfg. We should change it. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (RANGER-2200) Add-ons to support WASB in Ranger Authorization Model - Doesn't enforce
[ https://issues.apache.org/jira/browse/RANGER-2200?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17160884#comment-17160884 ] gaozhan ding commented on RANGER-2200: -- [~rmani] Is there a manual for me to support WASB in Ranger Authorization Model. > Add-ons to support WASB in Ranger Authorization Model - Doesn't enforce > --- > > Key: RANGER-2200 > URL: https://issues.apache.org/jira/browse/RANGER-2200 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 0.7.0 >Reporter: Abhishek Sakhuja >Assignee: Ramesh Mani >Priority: Major > Fix For: 0.7.0 > > > Earlier given solution: > _"Add-ons to support WASB in Ranger Authorization Model. This will gives an > option to add WASB as Service in the Ranger._ > _In ranger-admin-site.xml the parameter to include is > ranger.supportedcomponents=tag,hdfs,hbase,hive,kms,knox,storm,yarn,kafka,solr,atlas,wasb_ > > _This will add the WASB ServiceDef along with other services to Ranger."_ > But this solution doesn't enforce any WASB rules added in Ranger 0.7.0. It > more over looks like a template added to Ranger for WASB which doesn't > enforce any rules. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Closed] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding closed RANGER-2853.
patch has merged in master
> "Unauthenticated : Please check the permission in the policy for the user":
> An NPE in ranger admin when enable kms.
> ---
>
> Key: RANGER-2853
> URL: https://issues.apache.org/jira/browse/RANGER-2853
> Project: Ranger
> Issue Type: Bug
> Components: admin
>Affects Versions: 1.2.0
>Reporter: gaozhan ding
>Priority: Major
> Attachments:
> 0001-RANGER-2853-fix-NPE-error-in-ranger-admin-when-enabl.patch, image.png
>
>
> We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we
> got an error from ranger admin web ui. On the premise that all configurations
> have been completed, I can not list keys in ranger admin, errors are as
> follows: Unauthenticated : Please check the permission in the policy for the
> user.
> {panel:title=logs in ranger admin:}
> -XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
> org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
> failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
> permission in the policy for the user
> javax.ws.rs.WebApplicationException
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
> at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> ..
> {panel}
> I studied the problem and found that this problem have nothing to do with
> authentication, it is an exception caused by NPE. I try print that exception:
> {panel:title=NPE}
> -XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
> org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
> java.lang.NullPointerException
> at
> org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
> at org.apache.hadoop.security.User.(User.java:48)
> at
> org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
> at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
> at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> at
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
> at
> org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
> at
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
> at
> org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
> at
> com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
> at
> com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
> at
> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
> at
>
[jira] [Commented] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17129290#comment-17129290
]
gaozhan ding commented on RANGER-2853:
--
review request [https://reviews.apache.org/r/72579/]
> "Unauthenticated : Please check the permission in the policy for the user":
> An NPE in ranger admin when enable kms.
> ---
>
> Key: RANGER-2853
> URL: https://issues.apache.org/jira/browse/RANGER-2853
> Project: Ranger
> Issue Type: Bug
> Components: admin
>Affects Versions: 1.2.0
>Reporter: gaozhan ding
>Priority: Major
> Attachments:
> 0001-RANGER-2853-fix-NPE-error-in-ranger-admin-when-enabl.patch, image.png
>
>
> We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we
> got an error from ranger admin web ui. On the premise that all configurations
> have been completed, I can not list keys in ranger admin, errors are as
> follows: Unauthenticated : Please check the permission in the policy for the
> user.
> {panel:title=logs in ranger admin:}
> -XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
> org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
> failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
> permission in the policy for the user
> javax.ws.rs.WebApplicationException
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
> at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> ..
> {panel}
> I studied the problem and found that this problem have nothing to do with
> authentication, it is an exception caused by NPE. I try print that exception:
> {panel:title=NPE}
> -XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
> org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
> java.lang.NullPointerException
> at
> org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
> at org.apache.hadoop.security.User.(User.java:48)
> at
> org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
> at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
> at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> at
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
> at
> org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
> at
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
> at
> org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
> at
> com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
> at
> com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
> at
> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
> at
>
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
Here is the reason for the NPE exception:
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
The following patch solves this problem
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
The following patch solves this problem.
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Attachment: 0001-RANGER-2853-fix-NPE-error-in-ranger-admin-when-enabl.patch
> "Unauthenticated : Please check the permission in the policy for the user":
> An NPE in ranger admin when enable kms.
> ---
>
> Key: RANGER-2853
> URL: https://issues.apache.org/jira/browse/RANGER-2853
> Project: Ranger
> Issue Type: Bug
> Components: admin
>Affects Versions: 1.2.0
>Reporter: gaozhan ding
>Priority: Major
> Attachments:
> 0001-RANGER-2853-fix-NPE-error-in-ranger-admin-when-enabl.patch, image.png
>
>
> We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we
> got an error from ranger admin web ui. On the premise that all configurations
> have been completed, I can not list keys in ranger admin, errors are as
> follows: Unauthenticated : Please check the permission in the policy for the
> user.
> {panel:title=logs in ranger admin:}
> -XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
> org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
> failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
> permission in the policy for the user
> javax.ws.rs.WebApplicationException
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
> at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> ..
> {panel}
> I studied the problem and found that this problem have nothing to do with
> authentication, it is an exception caused by NPE. I try print that exception:
> {panel:title=NPE}
> -XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
> org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
> java.lang.NullPointerException
> at
> org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
> at org.apache.hadoop.security.User.(User.java:48)
> at
> org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
> at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
> at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> at
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
> at
> org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
> at
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
> at
> org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
> at
> com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
> at
> com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
> at
> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
> at
>
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
!image.png!
was:
We use ranger
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
!image.png!
was:
We use ranger with
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Attachment: image.png
> "Unauthenticated : Please check the permission in the policy for the user":
> An NPE in ranger admin when enable kms.
> ---
>
> Key: RANGER-2853
> URL: https://issues.apache.org/jira/browse/RANGER-2853
> Project: Ranger
> Issue Type: Bug
> Components: admin
>Affects Versions: 1.2.0
>Reporter: gaozhan ding
>Priority: Major
> Attachments: image.png
>
>
> We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we
> got an error from ranger admin web ui. On the premise that all configurations
> have been completed, I can not list keys in ranger admin, errors are as
> follows: Unauthenticated : Please check the permission in the policy for the
> user.
> {panel:title=logs in ranger admin:}
> -XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
> org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
> failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
> permission in the policy for the user
> javax.ws.rs.WebApplicationException
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
> at
> org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
> at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> ..
> {panel}
> I studied the problem and found that this problem have nothing to do with
> authentication, it is an exception caused by NPE. I try print that exception:
> {panel:title=NPE}
> -XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
> org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
> java.lang.NullPointerException
> at
> org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
> at org.apache.hadoop.security.User.(User.java:48)
> at
> org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
> at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
> at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
> at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
> at
> org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
> at
> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
> at
> org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
> at
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
> at
> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
> at
> org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
> at
> com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
> at
> com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
> at
> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
> at
> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
> at
>
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
!image-2020-06-09-13-08-45-975.png!
was:
[jira] [Updated] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
[
https://issues.apache.org/jira/browse/RANGER-2853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaozhan ding updated RANGER-2853:
-
Description:
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1419)
at
com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1409)
..
{panel}
was:
We use ranger with kerberos. When
[jira] [Created] (RANGER-2853) "Unauthenticated : Please check the permission in the policy for the user": An NPE in ranger admin when enable kms.
gaozhan ding created RANGER-2853:
Summary: "Unauthenticated : Please check the permission in the
policy for the user": An NPE in ranger admin when enable kms.
Key: RANGER-2853
URL: https://issues.apache.org/jira/browse/RANGER-2853
Project: Ranger
Issue Type: Bug
Components: admin
Affects Versions: 1.2.0
Reporter: gaozhan ding
We use ranger with kerberos. When enable ranger-kms for hdfs encryption, we got
an error from ranger admin web ui. On the premise that all configurations have
been completed, I can not list keys in ranger admin, errors are as follows:
Unauthenticated : Please check the permission in the policy for the user.
{panel:title=logs in ranger admin:}
-XX-XX 13:09:39,164 [http-bio-6182-exec-10] INFO
org.apache.ranger.common.RESTErrorUtil (RESTErrorUtil.java:63) - Request
failed. loginId=keyadmin, logMessage=Unauthenticated : Please check the
permission in the policy for the user
javax.ws.rs.WebApplicationException
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:56)
at
org.apache.ranger.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:325)
at org.apache.ranger.rest.XKeyREST.handleError(XKeyREST.java:215)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:87)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
..
{panel}
I studied the problem and found that this problem have nothing to do with
authentication, it is an exception caused by NPE. I try print that exception:
{panel:title=NPE}
-XX-XX 07:16:42,615 [http-bio-6182-exec-2] ERROR
org.apache.ranger.biz.KmsKeyMgr (KmsKeyMgr.java:176) - test_for_ranger:
java.lang.NullPointerException
at
org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:395)
at org.apache.hadoop.security.User.(User.java:48)
at
org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:66)
at org.apache.ranger.biz.KmsKeyMgr.getSubjectForKerberos(KmsKeyMgr.java:574)
at org.apache.ranger.biz.KmsKeyMgr.searchKeys(KmsKeyMgr.java:152)
at org.apache.ranger.rest.XKeyREST.searchKeys(XKeyREST.java:85)
at
org.apache.ranger.rest.XKeyREST$$FastClassBySpringCGLIB$$c5260d52.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
at
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
at
org.apache.ranger.rest.XKeyREST$$EnhancerBySpringCGLIB$$5010f39f.searchKeys()
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60)
at
com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:185)
at
com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75)
at
com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:302)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108)
at
com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147)
at
com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:84)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1542)
at
com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1473)
at
