You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by al...@apache.org on 2016/03/03 01:06:52 UTC
[28/50] [abbrv] incubator-ranger git commit: RANGER-637 : Make
REFERRAL property in Ranger User sync configurable
RANGER-637 : Make REFERRAL property in Ranger User sync configurable
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/36740018
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/36740018
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/36740018
Branch: refs/heads/HDP-2.3.2-groupid
Commit: 36740018f27a8a691429dad065262c482956564b
Parents: af8510a
Author: Gautam Borad <gb...@gmail.com>
Authored: Thu Sep 3 03:25:19 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Mon Sep 7 01:34:06 2015 -0400
----------------------------------------------------------------------
jisql/src/main/java/org/apache/util/sql/Jisql.java | 1 -
.../ldapusersync/process/LdapUserGroupBuilder.java | 7 ++++---
.../unixusersync/config/UserGroupSyncConfig.java | 14 ++++++++++++++
unixauthservice/scripts/install.properties | 2 ++
.../scripts/templates/installprop2xml.properties | 1 +
.../scripts/templates/ranger-ugsync-template.xml | 4 ++++
6 files changed, 25 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/jisql/src/main/java/org/apache/util/sql/Jisql.java
----------------------------------------------------------------------
diff --git a/jisql/src/main/java/org/apache/util/sql/Jisql.java b/jisql/src/main/java/org/apache/util/sql/Jisql.java
index 9c74356..cf7563c 100644
--- a/jisql/src/main/java/org/apache/util/sql/Jisql.java
+++ b/jisql/src/main/java/org/apache/util/sql/Jisql.java
@@ -755,7 +755,6 @@ public class Jisql {
+ sqle.getErrorCode());
sqle = sqle.getNextException();
}
- System.out.println("java.library.path:"+System.getProperty("java.library.path"));
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
index 93893ef..66c6e28 100644
--- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
@@ -57,7 +57,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
private String ldapBindDn;
private String ldapBindPassword;
private String ldapAuthenticationMechanism;
-
+ private String ldapReferral;
private String searchBase;
private String userSearchBase;
@@ -135,7 +135,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
ldapBindPassword = config.getLdapBindPassword();
//ldapBindPassword = "admin-password";
ldapAuthenticationMechanism = config.getLdapAuthenticationMechanism();
-
+ ldapReferral = config.getContextReferral();
Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
@@ -144,7 +144,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
env.put(Context.SECURITY_PRINCIPAL, ldapBindDn);
env.put(Context.SECURITY_CREDENTIALS, ldapBindPassword);
env.put(Context.SECURITY_AUTHENTICATION, ldapAuthenticationMechanism);
- env.put(Context.REFERRAL, "follow") ;
+ env.put(Context.REFERRAL, ldapReferral) ;
ldapContext = new InitialLdapContext(env, null);
@@ -235,6 +235,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
+ ", groupMemberAttributeName: " + groupMemberAttributeName
+ ", groupNameAttribute: " + groupNameAttribute
+ ", groupUserMapSyncEnabled: " + groupUserMapSyncEnabled
+ + ", ldapReferral: " + ldapReferral
);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
index f8b68f2..7240fce 100644
--- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
+++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
@@ -172,6 +172,8 @@ public class UserGroupSyncConfig {
private static final String DEFAULT_POLICYMGR_PASSWORD = "rangerusersync";
private static final String SYNC_SOURCE = "ranger.usersync.sync.source";
+ private static final String LGSYNC_REFERRAL = "ranger.usersync.ldap.referral";
+ private static final String DEFAULT_LGSYNC_REFERRAL = "ignore";
private Properties prop = new Properties() ;
private static volatile UserGroupSyncConfig me = null ;
@@ -715,4 +717,16 @@ public class UserGroupSyncConfig {
}
return syncSource;
}
+ public String getContextReferral() {
+ String referral="ignore";
+ if(prop!=null && prop.containsKey(LGSYNC_REFERRAL)){
+ referral=prop.getProperty(LGSYNC_REFERRAL);
+ if(referral==null||referral.trim().isEmpty()){
+ referral=DEFAULT_LGSYNC_REFERRAL;
+ }else{
+ referral=referral.trim().toLowerCase();
+ }
+ }
+ return referral;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/unixauthservice/scripts/install.properties
----------------------------------------------------------------------
diff --git a/unixauthservice/scripts/install.properties b/unixauthservice/scripts/install.properties
index 5215620..f206d0a 100644
--- a/unixauthservice/scripts/install.properties
+++ b/unixauthservice/scripts/install.properties
@@ -169,3 +169,5 @@ SYNC_PAGED_RESULTS_ENABLED=
# search results would be returned page by page with the specified number of entries per page
# default value: 500
SYNC_PAGED_RESULTS_SIZE=
+#LDAP context referral could be ignore or follow
+SYNC_LDAP_REFERRAL =ignore
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/unixauthservice/scripts/templates/installprop2xml.properties
----------------------------------------------------------------------
diff --git a/unixauthservice/scripts/templates/installprop2xml.properties b/unixauthservice/scripts/templates/installprop2xml.properties
index f102b52..77b8eac 100644
--- a/unixauthservice/scripts/templates/installprop2xml.properties
+++ b/unixauthservice/scripts/templates/installprop2xml.properties
@@ -48,3 +48,4 @@ AUTH_SSL_KEYSTORE_PASSWORD = ranger.usersync.keystore.password
AUTH_SSL_TRUSTSTORE_FILE = ranger.usersync.truststore.file
AUTH_SSL_TRUSTSTORE_PASSWORD = ranger.usersync.truststore.password
AUTH_SSL_ENABLED = ranger.usersync.enabled
+SYNC_LDAP_REFERRAL = ranger.usersync.ldap.referral
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/unixauthservice/scripts/templates/ranger-ugsync-template.xml
----------------------------------------------------------------------
diff --git a/unixauthservice/scripts/templates/ranger-ugsync-template.xml b/unixauthservice/scripts/templates/ranger-ugsync-template.xml
index 268deb3..2bf5562 100644
--- a/unixauthservice/scripts/templates/ranger-ugsync-template.xml
+++ b/unixauthservice/scripts/templates/ranger-ugsync-template.xml
@@ -181,4 +181,8 @@
<name>ranger.usersync.sync.source</name>
<value></value>
</property>
+ <property>
+ <name>ranger.usersync.ldap.referral</name>
+ <value></value>
+ </property>
</configuration>