You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2015/05/20 00:14:42 UTC
[04/13] incubator-ranger git commit: RANGER-492: Added new ldap/ad
properties in windows install
RANGER-492: Added new ldap/ad properties in windows install
Signed-off-by: sneethiraj <sn...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/5dc535e6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/5dc535e6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/5dc535e6
Branch: refs/heads/tag-policy
Commit: 5dc535e61185a305c74d567c83963752338e21f0
Parents: 8034858
Author: Velmurugan Periasamy <ve...@apache.org>
Authored: Tue May 19 01:50:49 2015 -0400
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Tue May 19 15:08:22 2015 -0700
----------------------------------------------------------------------
security-admin/src/bin/ranger_install.py | 74 +++++++++++++++++++-
.../handler/RangerAuthenticationProvider.java | 12 ++--
2 files changed, 78 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5dc535e6/security-admin/src/bin/ranger_install.py
----------------------------------------------------------------------
diff --git a/security-admin/src/bin/ranger_install.py b/security-admin/src/bin/ranger_install.py
index a3c7836..346f292 100644
--- a/security-admin/src/bin/ranger_install.py
+++ b/security-admin/src/bin/ranger_install.py
@@ -893,11 +893,81 @@ def update_properties():
else:
propertyName="ranger.jpa.jdbc.password"
newPropertyValue=os.getenv("RANGER_ADMIN_DB_PASSWORD")
- cObj.set('dummysection',propertyName,newPropertyValue)
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
propertyName="ranger.jpa.audit.jdbc.password"
newPropertyValue=os.getenv("RANGER_AUDIT_DB_PASSWORD")
- cObj.set('dummysection',propertyName,newPropertyValue)
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ if os.getenv("RANGER_AUTHENTICATION_METHOD") == "LDAP":
+ propertyName="ranger.authentication.method"
+ newPropertyValue=os.getenv("RANGER_AUTHENTICATION_METHOD")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.url"
+ newPropertyValue=os.getenv("RANGER_LDAP_URL")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.user.dnpattern"
+ newPropertyValue=os.getenv("RANGER_LDAP_USERDNPATTERN")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.group.searchbase"
+ newPropertyValue=os.getenv("RANGER_LDAP_GROUPSEARCHBASE")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.group.searchfilter"
+ newPropertyValue=os.getenv("RANGER_LDAP_GROUPSEARCHFILTER")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.group.roleattribute"
+ newPropertyValue=os.getenv("RANGER_LDAP_GROUPROLEATTRIBUTE")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.base.dn"
+ newPropertyValue=os.getenv("RANGER_LDAP_BASE_DN")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.bind.dn"
+ newPropertyValue=os.getenv("RANGER_LDAP_BIND_DN")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.bind.password"
+ newPropertyValue="_"
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.referral"
+ newPropertyValue=os.getenv("RANGER_LDAP_REFERRAL")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ elif os.getenv("RANGER_AUTHENTICATION_METHOD") == "ACTIVE_DIRECTORY":
+ propertyName="ranger.authentication.method"
+ newPropertyValue=os.getenv("RANGER_AUTHENTICATION_METHOD")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.ad.domain"
+ newPropertyValue=os.getenv("RANGER_LDAP_AD_DOMAIN")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.ad.url"
+ newPropertyValue=os.getenv("RANGER_LDAP_AD_URL")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.ad.base.dn"
+ newPropertyValue=os.getenv("RANGER_LDAP_AD_BASE_DN")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.ad.bind.dn"
+ newPropertyValue=os.getenv("RANGER_LDAP_AD_BIND_DN")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ldap.ad.bind.password"
+ newPropertyValue="_"
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
+
+ propertyName="ranger.ad.referral"
+ newPropertyValue=os.getenv("RANGER_LDAP_AD_REFERRAL")
+ updatePropertyToFilePy(propertyName ,newPropertyValue ,to_file_ranger)
def setup_authentication(authentication_method, xmlPath):
if authentication_method == "UNIX":
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/5dc535e6/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
index 5446dc4..3275a8e 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
@@ -230,12 +230,12 @@ public class RangerAuthenticationProvider implements AuthenticationProvider {
.authenticate(finalAuthentication);
return authentication;
} else {
- return null;
+ return authentication;
}
} catch (Exception e) {
logger.debug("LDAP Authentication Failed:", e);
}
- return null;
+ return authentication;
}
public Authentication getADAuthentication(Authentication authentication) {
@@ -272,7 +272,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider {
.authenticate(finalAuthentication);
return authentication;
} else {
- return null;
+ return authentication;
}
}catch (Exception e) {
logger.debug("AD Authentication Failed:", e);
@@ -330,7 +330,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider {
.authenticate(finalAuthentication);
return authentication;
} else {
- return null;
+ return authentication;
}
} catch (Exception e) {
logger.debug("Unix Authentication Failed:", e);
@@ -402,7 +402,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider {
authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
return authentication;
} else {
- return null;
+ return authentication;
}
} catch (Exception e) {
logger.debug("AD Authentication Failed:", e);
@@ -463,7 +463,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider {
authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
return authentication;
} else {
- return null;
+ return authentication;
}
} catch (Exception e) {
logger.debug("LDAP Authentication Failed:", e);