You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ha...@apache.org on 2016/03/02 19:46:27 UTC
incubator-sentry git commit: SENTRY-1056: Get service name from
Kafka's server properties. (Ashish K Singh,
reviewed by: Dapeng Sun and Hao Hao)
Repository: incubator-sentry
Updated Branches:
refs/heads/kafka 23fc31320 -> ed7b0bcc4
SENTRY-1056: Get service name from Kafka's server properties. (Ashish K Singh, reviewed by: Dapeng Sun and Hao Hao)
Change-Id: Ibb0abb9c01d50c05dc178e31d08295c0b3efb9b1
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/ed7b0bcc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/ed7b0bcc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/ed7b0bcc
Branch: refs/heads/kafka
Commit: ed7b0bcc443ee9a38cc177afb91efbda2031c636
Parents: 23fc313
Author: hahao <ha...@cloudera.com>
Authored: Wed Mar 2 10:44:28 2016 -0800
Committer: hahao <ha...@cloudera.com>
Committed: Wed Mar 2 10:44:28 2016 -0800
----------------------------------------------------------------------
.../sentry/kafka/authorizer/SentryKafkaAuthorizer.java | 7 ++++++-
.../org/apache/sentry/kafka/binding/KafkaAuthBinding.java | 9 ++++-----
.../sentry/kafka/binding/KafkaAuthBindingSingleton.java | 4 ++--
.../java/org/apache/sentry/kafka/conf/KafkaAuthConf.java | 6 +++---
4 files changed, 15 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ed7b0bcc/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java
index 9ffb971..5bf520b 100644
--- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java
+++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/authorizer/SentryKafkaAuthorizer.java
@@ -44,6 +44,7 @@ public class SentryKafkaAuthorizer implements Authorizer {
String sentry_site = null;
List<KafkaPrincipal> super_users = null;
+ String kafkaServiceInstanceName = KafkaAuthConf.AuthzConfVars.getDefault(KafkaAuthConf.KAFKA_SERVICE_INSTANCE_NAME);
public SentryKafkaAuthorizer() {
}
@@ -105,9 +106,13 @@ public class SentryKafkaAuthorizer implements Authorizer {
if (kafkaSuperUsersConfig != null) {
getSuperUsers(kafkaSuperUsersConfig.toString());
}
+ final Object kafkaServiceInstanceName = configs.get(KafkaAuthConf.KAFKA_SERVICE_INSTANCE_NAME);
+ if (kafkaServiceInstanceName != null) {
+ this.kafkaServiceInstanceName = kafkaServiceInstanceName.toString();
+ }
LOG.info("Configuring Sentry KafkaAuthorizer: " + sentry_site);
final KafkaAuthBindingSingleton instance = KafkaAuthBindingSingleton.getInstance();
- instance.configure(sentry_site);
+ instance.configure(this.kafkaServiceInstanceName, sentry_site);
this.binding = instance.getAuthBinding();
this.kafkaAuthConf = instance.getKafkaAuthConf();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ed7b0bcc/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
index 9e72d78..a54eb8f 100644
--- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
+++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
@@ -52,9 +52,9 @@ public class KafkaAuthBinding {
private final KafkaActionFactory actionFactory = KafkaActionFactory.getInstance();
- public KafkaAuthBinding(Configuration authConf) throws Exception {
+ public KafkaAuthBinding(String instanceName, Configuration authConf) throws Exception {
this.authConf = authConf;
- this.authProvider = createAuthProvider();
+ this.authProvider = createAuthProvider(instanceName);
}
/**
@@ -62,7 +62,7 @@ public class KafkaAuthBinding {
*
* @return {@link AuthorizationProvider}
*/
- private AuthorizationProvider createAuthProvider() throws Exception {
+ private AuthorizationProvider createAuthProvider(String instanceName) throws Exception {
/**
* get the authProvider class, policyEngine class, providerBackend class and resources from the
* kafkaAuthConf config
@@ -79,7 +79,6 @@ public class KafkaAuthBinding {
String policyEngineName =
authConf.get(AuthzConfVars.AUTHZ_POLICY_ENGINE.getVar(),
AuthzConfVars.AUTHZ_POLICY_ENGINE.getDefault());
- String instanceName = authConf.get(AuthzConfVars.AUTHZ_INSTANCE_NAME.getVar());
if (resourceName != null && resourceName.startsWith("classpath:")) {
String resourceFileName = resourceName.substring("classpath:".length());
resourceName = AuthorizationProvider.class.getClassLoader().getResource(resourceFileName).getPath();
@@ -100,7 +99,7 @@ public class KafkaAuthBinding {
resourceName});
if (providerBackend instanceof SentryGenericProviderBackend) {
((SentryGenericProviderBackend) providerBackend).setComponentType(COMPONENT_TYPE);
- ((SentryGenericProviderBackend) providerBackend).setServiceName("kafka" + instanceName);
+ ((SentryGenericProviderBackend) providerBackend).setServiceName(instanceName);
}
// Instantiate the configured policyEngine
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ed7b0bcc/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java
index 92e50e6..d7a5d1c 100644
--- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java
+++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBindingSingleton.java
@@ -56,10 +56,10 @@ public class KafkaAuthBindingSingleton {
return kafkaAuthConf;
}
- public void configure(String sentry_site) {
+ public void configure(String instanceName, String sentry_site) {
try {
kafkaAuthConf = loadAuthzConf(sentry_site);
- binding = new KafkaAuthBinding(kafkaAuthConf);
+ binding = new KafkaAuthBinding(instanceName, kafkaAuthConf);
log.info("KafkaAuthBinding created successfully");
} catch (Exception ex) {
log.error("Unable to create KafkaAuthBinding", ex);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/ed7b0bcc/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java
index e75ec7e..cff9418 100644
--- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java
+++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/conf/KafkaAuthConf.java
@@ -28,17 +28,17 @@ public class KafkaAuthConf extends Configuration {
public static final String SENTRY_KAFKA_SITE_URL = "sentry.kafka.site.url";
public static final String AUTHZ_SITE_FILE = "sentry-site.xml";
public static final String KAFKA_SUPER_USERS = "kafka.superusers";
+ public static final String KAFKA_SERVICE_INSTANCE_NAME = "sentry.kafka.service.instance";
/**
* Config setting definitions
*/
public static enum AuthzConfVars {
- AUTHZ_PROVIDER("sentry.kafka.provider",
- HadoopGroupResourceAuthorizationProvider.class.getName()),
+ AUTHZ_PROVIDER("sentry.kafka.provider", HadoopGroupResourceAuthorizationProvider.class.getName()),
AUTHZ_PROVIDER_RESOURCE("sentry.kafka.provider.resource", ""),
AUTHZ_PROVIDER_BACKEND("sentry.kafka.provider.backend", SentryGenericProviderBackend.class.getName()),
AUTHZ_POLICY_ENGINE("sentry.kafka.policy.engine", SimpleKafkaPolicyEngine.class.getName()),
- AUTHZ_INSTANCE_NAME("sentry.kafka.name", "");
+ AUTHZ_INSTANCE_NAME(KAFKA_SERVICE_INSTANCE_NAME, "kafka");
private final String varName;
private final String defaultVal;