[jira] [Updated] (RANGER-1648) Ranger Kafka Plugin now should use the Short name from Kafka Session Object

Fri, 16 Jun 2017 16:23:34 -0700 

     [ 
https://issues.apache.org/jira/browse/RANGER-1648?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-1648:
--------------------------------
    Description: 
Ranger Kafka Plugin now should use the Short name from Kafka Session Object. 
Based on the change on https://issues.apache.org/jira/browse/AMBARI-21238, 
kafka will have the necessary rules for getting the short name and passing it 
in the Session object of Kafka Authorization. We don't need to specifically 
convert it to  get the shortname.
In non ambari install following file will have the rules like 
sasl.kerberos.principal.to.local.rules=RULE:[1:$1@$0](ambari-qa-...@example.com)s/.*/ambari-qa/,RULE:[1:$1@$0](hdfs-...@example.com)s/.*/hdfs/,RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//,RULE:[2:$1@$0](d...@example.com)s/.*/hdfs/,RULE:[2:$1@$0](n...@example.com)s/.*/hdfs/,DEFAULT
in file /etc/kafka/conf/server.properties for the correct user information to 
be passed.

  was:
Ranger Kafka Plugin now should use the Short name from Kafka Session Object. 
Based on the change on https://issues.apache.org/jira/browse/AMBARI-21238, 
kafka will have the necessary rules for getting the short name and passing it 
in the Session object of Kafka Authorization. We don't need to specifically 
convert it to  get the shortname.
In non ambari install following file will have the rules like 
sasl.kerberos.principal.to.local.rules=RULE:[1:$1@$0](ambari-qa-...@example.com)s/.*/ambari-qa/,RULE:[1:$1@$0](hdfs-...@example.com)s/.*/hdfs/,RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//,RULE:[2:$1@$0](d...@example.com)s/.*/hdfs/,RULE:[2:$1@$0](n...@example.com)s/.*/hdfs/,DEFAULT
in file /etc/kafka/conf/server.properties


> Ranger Kafka Plugin now should use the Short name from Kafka Session Object
> ---------------------------------------------------------------------------
>
>                 Key: RANGER-1648
>                 URL: https://issues.apache.org/jira/browse/RANGER-1648
>             Project: Ranger
>          Issue Type: Bug
>          Components: plugins, Ranger
>    Affects Versions: 1.0.0, master
>            Reporter: Ramesh Mani
>            Assignee: Ramesh Mani
>             Fix For: 1.0.0
>
>
> Ranger Kafka Plugin now should use the Short name from Kafka Session Object. 
> Based on the change on https://issues.apache.org/jira/browse/AMBARI-21238, 
> kafka will have the necessary rules for getting the short name and passing it 
> in the Session object of Kafka Authorization. We don't need to specifically 
> convert it to  get the shortname.
> In non ambari install following file will have the rules like 
> sasl.kerberos.principal.to.local.rules=RULE:[1:$1@$0](ambari-qa-...@example.com)s/.*/ambari-qa/,RULE:[1:$1@$0](hdfs-...@example.com)s/.*/hdfs/,RULE:[1:$1@$0](.*@EXAMPLE.COM)s/@.*//,RULE:[2:$1@$0](d...@example.com)s/.*/hdfs/,RULE:[2:$1@$0](n...@example.com)s/.*/hdfs/,DEFAULT
> in file /etc/kafka/conf/server.properties for the correct user information to 
> be passed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to