You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hawq.apache.org by li...@apache.org on 2017/06/01 08:35:02 UTC
incubator-hawq git commit: HAWQ-1476. Augment enable-ranger-plugin.sh
to support kerberos. (close #1248)
Repository: incubator-hawq
Updated Branches:
refs/heads/master abd74ed1c -> ed5029c76
HAWQ-1476. Augment enable-ranger-plugin.sh to support kerberos.
(close #1248)
Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq/commit/ed5029c7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq/tree/ed5029c7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq/diff/ed5029c7
Branch: refs/heads/master
Commit: ed5029c76515d36cae0c41e96d19eee0b4710561
Parents: abd74ed
Author: stanlyxiang <st...@gmail.com>
Authored: Thu Jun 1 15:41:55 2017 +0800
Committer: Lili Ma <ic...@gmail.com>
Committed: Thu Jun 1 16:34:03 2017 +0800
----------------------------------------------------------------------
ranger-plugin/conf/ranger-servicedef-hawq.json | 2 +-
ranger-plugin/scripts/enable-ranger-plugin.sh | 28 ++++++++++++++++++++-
2 files changed, 28 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/ed5029c7/ranger-plugin/conf/ranger-servicedef-hawq.json
----------------------------------------------------------------------
diff --git a/ranger-plugin/conf/ranger-servicedef-hawq.json b/ranger-plugin/conf/ranger-servicedef-hawq.json
index 172eb3a..b8ce53e 100644
--- a/ranger-plugin/conf/ranger-servicedef-hawq.json
+++ b/ranger-plugin/conf/ranger-servicedef-hawq.json
@@ -244,7 +244,7 @@
"name": "authentication",
"type": "enum",
"subType": "authType",
- "mandatory": false,
+ "mandatory": true,
"validationRegEx": "",
"validationMessage": "",
"uiHint": "",
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/ed5029c7/ranger-plugin/scripts/enable-ranger-plugin.sh
----------------------------------------------------------------------
diff --git a/ranger-plugin/scripts/enable-ranger-plugin.sh b/ranger-plugin/scripts/enable-ranger-plugin.sh
index 5b702c9..0e839b7 100755
--- a/ranger-plugin/scripts/enable-ranger-plugin.sh
+++ b/ranger-plugin/scripts/enable-ranger-plugin.sh
@@ -20,7 +20,7 @@
#
function usage() {
- echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port] -w hawq_user -q hawq_password"
+ echo "USAGE: enable-ranger-plugin.sh -r ranger_host:ranger_port -u ranger_user -p ranger_password [-h hawq_host:hawq_port -t lookup_authentication_type -s hawq_kerberos_service_name] -w hawq_user -q hawq_password"
exit 1
}
@@ -131,6 +131,18 @@ function get_hawq_password() {
done
}
+function get_hawq_kerberos_service_name() {
+ if [[ -z "$HAWQ_KERBEROS_SERVICE_NAME" ]]; then
+ HAWQ_KERBEROS_SERVICE_NAME="postgres"
+ fi
+}
+
+function get_lookup_authentication_type() {
+ if [[ -z "$LOOKUP_AUTHENTICATION_TYPE" ]]; then
+ LOOKUP_AUTHENTICATION_TYPE="simple"
+ fi
+}
+
function parse_params() {
while [[ $# -gt 0 ]]
do
@@ -160,6 +172,14 @@ function parse_params() {
HAWQ_PASSWORD="$2"
shift
;;
+ -s)
+ HAWQ_KERBEROS_SERVICE_NAME="$2"
+ shift
+ ;;
+ -t)
+ LOOKUP_AUTHENTICATION_TYPE="$2"
+ shift
+ ;;
*)
usage
;;
@@ -175,6 +195,8 @@ function validate_params() {
get_hawq_url
get_hawq_user
get_hawq_password
+ get_hawq_kerberos_service_name
+ get_lookup_authentication_type
echo "RANGER URL = ${RANGER_URL}"
echo "RANGER User = ${RANGER_USER}"
echo "RANGER Password = $(mask ${RANGER_PASSWORD})"
@@ -182,6 +204,8 @@ function validate_params() {
echo "HAWQ PORT = ${HAWQ_PORT}"
echo "HAWQ User = ${HAWQ_USER}"
echo "HAWQ Password = $(mask ${HAWQ_PASSWORD})"
+ echo "HAWQ Lookup Authentication Type = ${LOOKUP_AUTHENTICATION_TYPE}"
+ echo "HAWQ Kerberos Service Name = ${HAWQ_KERBEROS_SERVICE_NAME}"
}
function check_hawq_service_definition() {
@@ -217,6 +241,8 @@ function create_hawq_service_instance() {
\"isEnabled\":true,
\"configs\":{\"username\":\"${HAWQ_USER}\",
\"password\":\"${HAWQ_PASSWORD}\",
+ \"authentication\":\"${LOOKUP_AUTHENTICATION_TYPE}\",
+ \"principal\":\"${HAWQ_KERBEROS_SERVICE_NAME}\",
\"hostname\":\"${HAWQ_HOST}\",
\"port\":\"${HAWQ_PORT}\"}}"