You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by al...@apache.org on 2016/03/03 01:06:52 UTC
[28/50] [abbrv] incubator-ranger git commit: RANGER-637 : Make REFERRAL property in Ranger User sync configurable

RANGER-637 : Make REFERRAL property in Ranger User sync configurable

Signed-off-by: Velmurugan Periasamy <ve...@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/36740018
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/36740018
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/36740018

Branch: refs/heads/HDP-2.3.2-groupid
Commit: 36740018f27a8a691429dad065262c482956564b
Parents: af8510a
Author: Gautam Borad <gb...@gmail.com>
Authored: Thu Sep 3 03:25:19 2015 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Mon Sep 7 01:34:06 2015 -0400

----------------------------------------------------------------------
 jisql/src/main/java/org/apache/util/sql/Jisql.java    |  1 -
 .../ldapusersync/process/LdapUserGroupBuilder.java    |  7 ++++---
 .../unixusersync/config/UserGroupSyncConfig.java      | 14 ++++++++++++++
 unixauthservice/scripts/install.properties            |  2 ++
 .../scripts/templates/installprop2xml.properties      |  1 +
 .../scripts/templates/ranger-ugsync-template.xml      |  4 ++++
 6 files changed, 25 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/jisql/src/main/java/org/apache/util/sql/Jisql.java
----------------------------------------------------------------------
diff --git a/jisql/src/main/java/org/apache/util/sql/Jisql.java b/jisql/src/main/java/org/apache/util/sql/Jisql.java
index 9c74356..cf7563c 100644
--- a/jisql/src/main/java/org/apache/util/sql/Jisql.java
+++ b/jisql/src/main/java/org/apache/util/sql/Jisql.java
@@ -755,7 +755,6 @@ public class Jisql {
                     + sqle.getErrorCode());
             sqle = sqle.getNextException();
         }
-        System.out.println("java.library.path:"+System.getProperty("java.library.path"));
     }
 
     /**

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
index 93893ef..66c6e28 100644
--- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
@@ -57,7 +57,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
   private String ldapBindDn;
   private String ldapBindPassword;
   private String ldapAuthenticationMechanism;
-
+  private String ldapReferral;
   private String searchBase;
 
   private String userSearchBase;
@@ -135,7 +135,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
     ldapBindPassword = config.getLdapBindPassword();
     //ldapBindPassword = "admin-password";
     ldapAuthenticationMechanism = config.getLdapAuthenticationMechanism();
-
+    ldapReferral = config.getContextReferral();
 		Properties env = new Properties();
 		env.put(Context.INITIAL_CONTEXT_FACTORY, 
 		    "com.sun.jndi.ldap.LdapCtxFactory");
@@ -144,7 +144,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
 		env.put(Context.SECURITY_PRINCIPAL, ldapBindDn);
 		env.put(Context.SECURITY_CREDENTIALS, ldapBindPassword);
 		env.put(Context.SECURITY_AUTHENTICATION, ldapAuthenticationMechanism);
-		env.put(Context.REFERRAL, "follow") ;
+		env.put(Context.REFERRAL, ldapReferral) ;
 
 		ldapContext = new InitialLdapContext(env, null);
 
@@ -235,6 +235,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
           + ",  groupMemberAttributeName: " + groupMemberAttributeName
           + ",  groupNameAttribute: " + groupNameAttribute
           + ",  groupUserMapSyncEnabled: " + groupUserMapSyncEnabled
+          + ",  ldapReferral: " + ldapReferral
       );
 		}
 

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
index f8b68f2..7240fce 100644
--- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
+++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
@@ -172,6 +172,8 @@ public class UserGroupSyncConfig  {
 
 	private static final String DEFAULT_POLICYMGR_PASSWORD = "rangerusersync";
 	private static final String SYNC_SOURCE = "ranger.usersync.sync.source";
+	private static final String LGSYNC_REFERRAL = "ranger.usersync.ldap.referral";
+	private static final String DEFAULT_LGSYNC_REFERRAL = "ignore";
 	private Properties prop = new Properties() ;
 	
 	private static volatile UserGroupSyncConfig me = null ;
@@ -715,4 +717,16 @@ public class UserGroupSyncConfig  {
 		}
 		return syncSource;
 	}
+	public String getContextReferral() {
+		String referral="ignore";
+		if(prop!=null && prop.containsKey(LGSYNC_REFERRAL)){
+			referral=prop.getProperty(LGSYNC_REFERRAL);
+			if(referral==null||referral.trim().isEmpty()){
+				referral=DEFAULT_LGSYNC_REFERRAL;
+			}else{
+				referral=referral.trim().toLowerCase();
+			}
+		}
+		return referral;
+	}
 }

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/unixauthservice/scripts/install.properties
----------------------------------------------------------------------
diff --git a/unixauthservice/scripts/install.properties b/unixauthservice/scripts/install.properties
index 5215620..f206d0a 100644
--- a/unixauthservice/scripts/install.properties
+++ b/unixauthservice/scripts/install.properties
@@ -169,3 +169,5 @@ SYNC_PAGED_RESULTS_ENABLED=
 # search results would be returned page by page with the specified number of entries per page
 # default value: 500
 SYNC_PAGED_RESULTS_SIZE=
+#LDAP context referral could be ignore or follow
+SYNC_LDAP_REFERRAL =ignore

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/unixauthservice/scripts/templates/installprop2xml.properties
----------------------------------------------------------------------
diff --git a/unixauthservice/scripts/templates/installprop2xml.properties b/unixauthservice/scripts/templates/installprop2xml.properties
index f102b52..77b8eac 100644
--- a/unixauthservice/scripts/templates/installprop2xml.properties
+++ b/unixauthservice/scripts/templates/installprop2xml.properties
@@ -48,3 +48,4 @@ AUTH_SSL_KEYSTORE_PASSWORD = ranger.usersync.keystore.password
 AUTH_SSL_TRUSTSTORE_FILE = ranger.usersync.truststore.file
 AUTH_SSL_TRUSTSTORE_PASSWORD = ranger.usersync.truststore.password
 AUTH_SSL_ENABLED = ranger.usersync.enabled
+SYNC_LDAP_REFERRAL = ranger.usersync.ldap.referral

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/36740018/unixauthservice/scripts/templates/ranger-ugsync-template.xml
----------------------------------------------------------------------
diff --git a/unixauthservice/scripts/templates/ranger-ugsync-template.xml b/unixauthservice/scripts/templates/ranger-ugsync-template.xml
index 268deb3..2bf5562 100644
--- a/unixauthservice/scripts/templates/ranger-ugsync-template.xml
+++ b/unixauthservice/scripts/templates/ranger-ugsync-template.xml
@@ -181,4 +181,8 @@
 		<name>ranger.usersync.sync.source</name>
 		<value></value>
 	</property>
+	<property>
+		<name>ranger.usersync.ldap.referral</name>
+		<value></value>
+	</property>
 </configuration>