You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ve...@apache.org on 2016/08/11 04:16:36 UTC
[1/5] incubator-ranger git commit: RANGER-1124: Good coding practices
Repository: incubator-ranger
Updated Branches:
refs/heads/ranger-0.6 11e8d07b7 -> ee47136ab
RANGER-1124: Good coding practices
Signed-off-by: Madhan Neethiraj <ma...@apache.org>
(cherry picked from commit d8e8890ba228a21ea046c70bb4e2ee4c7e6f07b9)
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/d6912887
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/d6912887
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/d6912887
Branch: refs/heads/ranger-0.6
Commit: d6912887437e6d3bdb7fa141801a708629363d06
Parents: 11e8d07
Author: Abhay Kulkarni <ak...@hortonworks.com>
Authored: Tue Jul 26 13:31:48 2016 -0700
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Thu Aug 11 09:33:25 2016 +0530
----------------------------------------------------------------------
.../plugin/audit/RangerDefaultAuditHandler.java | 4 +++-
.../conditionevaluator/RangerTimeOfDayMatcher.java | 3 ++-
.../model/validation/RangerPolicyValidator.java | 2 +-
.../RangerDefaultPolicyResourceMatcher.java | 2 +-
.../apache/ranger/plugin/store/file/TagFileStore.java | 14 ++++++++++----
.../org/apache/ranger/plugin/util/SearchFilter.java | 12 ------------
.../ranger/common/RangerServicePoliciesCache.java | 4 +++-
.../apache/ranger/common/RangerServiceTagsCache.java | 4 +++-
.../tagsync/sink/tagadmin/TagAdminRESTSink.java | 9 +++++++--
.../tagsync/source/atlas/AtlasNotificationMapper.java | 14 +++++++++-----
10 files changed, 39 insertions(+), 29 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
index 66cee76..60d3b0c 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/audit/RangerDefaultAuditHandler.java
@@ -67,7 +67,9 @@ public class RangerDefaultAuditHandler implements RangerAccessResultProcessor {
Collection<AuthzAuditEvent> events = getAuthzEvents(results);
- logAuthzAudits(events);
+ if (events != null) {
+ logAuthzAudits(events);
+ }
if(LOG.isDebugEnabled()) {
LOG.debug("<== RangerDefaultAuditHandler.processResults(" + results + ")");
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTimeOfDayMatcher.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTimeOfDayMatcher.java b/agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTimeOfDayMatcher.java
index f65f29e..a1ea326 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTimeOfDayMatcher.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerTimeOfDayMatcher.java
@@ -20,6 +20,7 @@
package org.apache.ranger.plugin.conditionevaluator;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
@@ -126,7 +127,7 @@ public class RangerTimeOfDayMatcher extends RangerAbstractConditionEvaluator {
}
if(LOG.isDebugEnabled()) {
- LOG.debug("<== RangerTimeOfDayMatcher.extractDuration(" + value + "): duration[" + result + "]");
+ LOG.debug("<== RangerTimeOfDayMatcher.extractDuration(" + value + "): duration:" + Arrays.toString(result));
}
return result;
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
index a89ec19..62bd100 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/model/validation/RangerPolicyValidator.java
@@ -776,7 +776,7 @@ public class RangerPolicyValidator extends RangerValidator {
}
if(LOG.isDebugEnabled()) {
- LOG.debug(String.format("<== RangerPolicyValidator.isValid(%s, %s): %s", accesses, failures, serviceDef, valid));
+ LOG.debug(String.format("<== RangerPolicyValidator.isValid(%s, %s, %s): %b", accesses, failures, serviceDef, valid));
}
return valid;
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java
index 6ea194d..733049f 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyresourcematcher/RangerDefaultPolicyResourceMatcher.java
@@ -162,7 +162,7 @@ public class RangerDefaultPolicyResourceMatcher implements RangerPolicyResourceM
String keysString = sb.toString();
String serviceDefName = serviceDef == null ? "" : serviceDef.getName();
String validHierarchy = "";
- if (CollectionUtils.isNotEmpty(firstValidResourceDefHierarchy)) {
+ if (serviceDef != null && CollectionUtils.isNotEmpty(firstValidResourceDefHierarchy)) {
RangerServiceDefHelper serviceDefHelper = new RangerServiceDefHelper(serviceDef, false);
List<String> resourceDefNameOrderedList = serviceDefHelper.getAllResourceNamesOrdered(firstValidResourceDefHierarchy);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java
index a20a9f8..780d379 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/store/file/TagFileStore.java
@@ -195,7 +195,7 @@ public class TagFileStore extends AbstractTagStore {
RangerTagDef existing = getTagDefByName(name);
- if (existing == null) {
+ if (existing != null) {
try {
deleteTagDef(existing);
} catch (Exception excp) {
@@ -422,7 +422,9 @@ public class TagFileStore extends AbstractTagStore {
try {
RangerTag tag = getTag(id);
- deleteTag(tag);
+ if (tag != null) {
+ deleteTag(tag);
+ }
} catch (Exception excp) {
throw new Exception("failed to delete tag with ID=" + id, excp);
}
@@ -667,7 +669,9 @@ public class TagFileStore extends AbstractTagStore {
try {
RangerServiceResource resource = getServiceResource(id);
- deleteServiceResource(resource);
+ if (resource != null) {
+ deleteServiceResource(resource);
+ }
} catch (Exception excp) {
throw new Exception("failed to delete service-resource with ID=" + id, excp);
}
@@ -686,7 +690,9 @@ public class TagFileStore extends AbstractTagStore {
try {
RangerServiceResource resource = getServiceResourceByGuid(guid);
- deleteServiceResource(resource);
+ if (resource != null) {
+ deleteServiceResource(resource);
+ }
} catch (Exception excp) {
throw new Exception("failed to delete service-resource with GUID=" + guid, excp);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
----------------------------------------------------------------------
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
index cac0181..038c1c1 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/util/SearchFilter.java
@@ -96,18 +96,6 @@ public class SearchFilter {
return params == null ? null : params.get(name);
}
- public Long getParamAsLong(String name) {
-
- String stringValue = params == null ? null : params.get(name);
- Long ret = null;
- try {
- ret = Long.valueOf(stringValue);
- } catch (NumberFormatException exception) {
- // Ignore
- }
- return ret;
- }
-
public void setParam(String name, String value) {
if(StringUtils.isEmpty(name) || StringUtils.isEmpty(value)) {
return;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java b/security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java
index a68b215..1cc9793 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerServicePoliciesCache.java
@@ -77,7 +77,9 @@ public class RangerServicePoliciesCache {
ServicePoliciesWrapper cachedServicePoliciesWrapper = null;
for (String serviceName : serviceNames) {
- cachedServicePoliciesWrapper = servicePoliciesMap.get(serviceName);
+ synchronized (this) {
+ cachedServicePoliciesWrapper = servicePoliciesMap.get(serviceName);
+ }
if (LOG.isDebugEnabled()) {
LOG.debug("serviceName:" + serviceName + ", Cached-MetaData:" + cachedServicePoliciesWrapper);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java b/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
index 66c1562..5521523 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/RangerServiceTagsCache.java
@@ -77,7 +77,9 @@ public class RangerServiceTagsCache {
ServiceTagsWrapper cachedServiceTagsWrapper = null;
for (String serviceName : serviceNames) {
- cachedServiceTagsWrapper = serviceTagsMap.get(serviceName);
+ synchronized (this) {
+ cachedServiceTagsWrapper = serviceTagsMap.get(serviceName);
+ }
if (LOG.isDebugEnabled()) {
LOG.debug("serviceName:" + serviceName + ", Cached-MetaData:" + cachedServiceTagsWrapper);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
----------------------------------------------------------------------
diff --git a/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java b/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
index dfc3fdb..885b44e 100644
--- a/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
+++ b/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
@@ -247,8 +247,13 @@ public class TagAdminRESTSink implements TagSink, Runnable {
try {
ServiceTags uploaded = doUpload(toUpload);
- // ServiceTags uploaded successfully
- uploadWorkItem.uploadCompleted(uploaded);
+ if (uploaded == null) { // Treat this as if an Exception is thrown by doUpload
+ doRetry = true;
+ Thread.sleep(rangerAdminConnectionCheckInterval);
+ } else {
+ // ServiceTags uploaded successfully
+ uploadWorkItem.uploadCompleted(uploaded);
+ }
} catch (InterruptedException interrupted) {
LOG.error("Caught exception..: ", interrupted);
return;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/d6912887/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
----------------------------------------------------------------------
diff --git a/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java b/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
index 793ac28..06e4d95 100644
--- a/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
+++ b/tagsync/src/main/java/org/apache/ranger/tagsync/source/atlas/AtlasNotificationMapper.java
@@ -153,13 +153,17 @@ public class AtlasNotificationMapper {
ret.getServiceResources().add(serviceResource);
} else {
ret = buildServiceTags(entityWithTraits, null);
- // tag-definitions should NOT be deleted as part of service-resource delete
- ret.setTagDefinitions(MapUtils.EMPTY_MAP);
- // Ranger deletes tags associated with deleted service-resource
- ret.setTags(MapUtils.EMPTY_MAP);
+ if (ret != null) {
+ // tag-definitions should NOT be deleted as part of service-resource delete
+ ret.setTagDefinitions(MapUtils.EMPTY_MAP);
+ // Ranger deletes tags associated with deleted service-resource
+ ret.setTags(MapUtils.EMPTY_MAP);
+ }
}
- ret.setOp(ServiceTags.OP_DELETE);
+ if (ret != null) {
+ ret.setOp(ServiceTags.OP_DELETE);
+ }
return ret;
}
[4/5] incubator-ranger git commit: RANGER-1124: Fixes for CID#s
131473, 150594, 150789
Posted by ve...@apache.org.
RANGER-1124: Fixes for CID#s 131473, 150594, 150789
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
(cherry picked from commit 09b52b939bcd957be7e5a6a85a138c0fee29f9df)
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/ce7edb25
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/ce7edb25
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/ce7edb25
Branch: refs/heads/ranger-0.6
Commit: ce7edb25bd3bf5f1a5be2996ebdb3810ecde5e60
Parents: b795649
Author: Sailaja Polavarapu <sp...@hortonworks.com>
Authored: Thu Jul 28 09:52:10 2016 -0700
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Thu Aug 11 09:33:41 2016 +0530
----------------------------------------------------------------------
.../ranger/ldapconfigcheck/LdapConfigCheckMain.java | 9 ++++++++-
.../ranger/authentication/unix/jaas/PamLoginModule.java | 5 +++--
.../authentication/UnixAuthenticationService.java | 12 +++++++++---
3 files changed, 20 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ce7edb25/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
----------------------------------------------------------------------
diff --git a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
index fe9326f..3bcb840 100644
--- a/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
+++ b/ugsync/ldapconfigchecktool/ldapconfigcheck/src/main/java/org/apache/ranger/ldapconfigcheck/LdapConfigCheckMain.java
@@ -58,7 +58,7 @@ public class LdapConfigCheckMain {
PrintStream logFile = null;
PrintStream ambariProps = null;
PrintStream installProps = null;
- LdapContext ldapContext;
+ LdapContext ldapContext = null;
try {
logFile = new PrintStream(new File(outputDir + LOG_FILE));
@@ -136,6 +136,13 @@ public class LdapConfigCheckMain {
if (installProps != null) {
installProps.close();
}
+ try {
+ if (ldapContext != null) {
+ ldapContext.close();
+ }
+ } catch (NamingException ne){
+ System.out.println("Failed to close LdapContext!");
+ }
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ce7edb25/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamLoginModule.java
----------------------------------------------------------------------
diff --git a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamLoginModule.java b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamLoginModule.java
index d1107ef..1465b9d 100644
--- a/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamLoginModule.java
+++ b/unixauthclient/src/main/java/org/apache/ranger/authentication/unix/jaas/PamLoginModule.java
@@ -137,8 +137,9 @@ public class PamLoginModule extends Object implements LoginModule
private void initPassword(PasswordCallback passwordCallback)
{
char[] password = passwordCallback.getPassword();
- _password = new String(password);
-
+ if (password != null) {
+ _password = new String(password);
+ }
passwordCallback.clearPassword();
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ce7edb25/unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java
----------------------------------------------------------------------
diff --git a/unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java b/unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java
index acb0b37..863a56a 100644
--- a/unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java
+++ b/unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java
@@ -351,9 +351,15 @@ public class UnixAuthenticationService {
Socket client = null ;
- while ( (client = socket.accept()) != null ) {
- Thread clientValidatorThread = new Thread(new PasswordValidator(client)) ;
- clientValidatorThread.start();
+ try {
+
+ while ( (client = socket.accept()) != null ) {
+ Thread clientValidatorThread = new Thread(new PasswordValidator(client)) ;
+ clientValidatorThread.start();
+ }
+ } catch (IOException e) {
+ socket.close();
+ throw(e);
}
}
[2/5] incubator-ranger git commit: RANGER-1124:Good coding practices
in Ranger recommended by static code analysis-High Impact
Posted by ve...@apache.org.
RANGER-1124:Good coding practices in Ranger recommended by static code analysis-High Impact
(cherry picked from commit 3caa698f3c6957ec5fe65b6e5bb0b59dc757dc34)
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/e8bc76f4
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/e8bc76f4
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/e8bc76f4
Branch: refs/heads/ranger-0.6
Commit: e8bc76f4d0d74d86ad512be5e2a72383d2c7f6eb
Parents: d691288
Author: rmani <rm...@hortonworks.com>
Authored: Thu Jul 28 23:00:05 2016 -0700
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Thu Aug 11 09:33:31 2016 +0530
----------------------------------------------------------------------
.../ranger/audit/provider/AuditProviderFactory.java | 14 ++++++++------
.../audit/provider/solr/SolrAuditProvider.java | 10 ++++++----
.../audit/utils/InMemoryJAASConfiguration.java | 15 ++++++++-------
.../java/org/apache/ranger/common/db/BaseDao.java | 6 ++++++
4 files changed, 28 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e8bc76f4/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
index e3e818c..e3c3508 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
@@ -67,7 +67,7 @@ public class AuditProviderFactory {
private static final int RANGER_AUDIT_SHUTDOWN_HOOK_PRIORITY = 30;
- private static AuditProviderFactory sFactory;
+ private volatile static AuditProviderFactory sFactory = null;
private AuditHandler mProvider = null;
private String componentAppType = "";
@@ -80,15 +80,17 @@ public class AuditProviderFactory {
}
public static AuditProviderFactory getInstance() {
- if (sFactory == null) {
- synchronized (AuditProviderFactory.class) {
- if (sFactory == null) {
- sFactory = new AuditProviderFactory();
+ AuditProviderFactory ret = sFactory;
+ if(ret == null) {
+ synchronized(AuditProviderFactory.class) {
+ ret = sFactory;
+ if(ret == null) {
+ ret = sFactory = new AuditProviderFactory();
}
}
}
- return sFactory;
+ return ret;
}
public static AuditHandler getAuditProvider() {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e8bc76f4/agents-audit/src/main/java/org/apache/ranger/audit/provider/solr/SolrAuditProvider.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/solr/SolrAuditProvider.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/solr/SolrAuditProvider.java
index 9388914..8b42be0 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/solr/SolrAuditProvider.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/solr/SolrAuditProvider.java
@@ -42,7 +42,7 @@ public class SolrAuditProvider extends AuditDestination {
public static final String AUDIT_RETRY_WAIT_PROP = "xasecure.audit.solr.retry.ms";
static final Object lock = new Object();
- SolrClient solrClient = null;
+ volatile SolrClient solrClient = null;
Date lastConnectTime = null;
long lastFailTime = 0;
@@ -61,9 +61,11 @@ public class SolrAuditProvider extends AuditDestination {
}
void connect() {
- if (solrClient == null) {
+ SolrClient me = solrClient;
+ if (me == null) {
synchronized (lock) {
- if (solrClient == null) {
+ me = solrClient;
+ if (me == null) {
String solrURL = MiscUtil.getStringProperty(props,
"xasecure.audit.solr.solr_url");
@@ -89,7 +91,7 @@ public class SolrAuditProvider extends AuditDestination {
try {
// TODO: Need to support SolrCloud also
- solrClient = new HttpSolrClient(solrURL);
+ me = solrClient = new HttpSolrClient(solrURL);
if (solrClient instanceof HttpSolrClient) {
HttpSolrClient httpSolrClient = (HttpSolrClient) solrClient;
httpSolrClient.setAllowCompression(true);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e8bc76f4/agents-audit/src/main/java/org/apache/ranger/audit/utils/InMemoryJAASConfiguration.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/utils/InMemoryJAASConfiguration.java b/agents-audit/src/main/java/org/apache/ranger/audit/utils/InMemoryJAASConfiguration.java
index be9cdd3..2e8b768 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/utils/InMemoryJAASConfiguration.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/utils/InMemoryJAASConfiguration.java
@@ -148,14 +148,15 @@ public final class InMemoryJAASConfiguration extends Configuration {
properties.load(in);
init(properties);
} catch (IOException e) {
- if (in != null) {
- try {
- in.close();
- } catch (Exception exception) {
- // Ignore
- }
- }
throw new Exception("Failed to load JAAS application properties", e);
+ } finally {
+ if ( in != null) {
+ try {
+ in.close();
+ } catch ( Exception e) {
+ //Ignore
+ }
+ }
}
LOG.debug("<== InMemoryJAASConfiguration.init( {} ) ", propFile);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/e8bc76f4/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
index 13607d3..e3ba5a6 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
@@ -233,6 +233,12 @@ public abstract class BaseDao<T> {
conn.createStatement().execute("SET IDENTITY_INSERT " + tableName + " " + identityInsertStr);
} catch (SQLException e) {
logger.error("Error while settion identity_insert " + identityInsertStr, e);
+ } finally {
+ try {
+ conn.close();
+ } catch ( SQLException sqe ) {
+ logger.error("Error while settion identity_insert " + identityInsertStr, sqe);
+ }
}
}
[3/5] incubator-ranger git commit: RANGER-1124:Good coding practices
Posted by ve...@apache.org.
RANGER-1124:Good coding practices
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
(cherry picked from commit a684b48c5a09b2432017249eefad70bc8e36123a)
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/b7956495
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/b7956495
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/b7956495
Branch: refs/heads/ranger-0.6
Commit: b7956495617d855660309e4d1cb4081b95d905e2
Parents: e8bc76f
Author: pradeep agrawal <pr...@freestoneinfotech.com>
Authored: Fri Jul 29 07:19:30 2016 +0530
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Thu Aug 11 09:33:36 2016 +0530
----------------------------------------------------------------------
.../hadoop/crypto/key/RangerKeyStore.java | 50 ++-
.../services/kms/client/KMSResourceMgr.java | 12 +-
.../java/org/apache/ranger/biz/KmsKeyMgr.java | 383 ++++++++++---------
.../org/apache/ranger/biz/RangerBizUtil.java | 5 +-
.../org/apache/ranger/biz/ServiceDBStore.java | 19 +-
.../java/org/apache/ranger/biz/ServiceMgr.java | 12 +-
.../java/org/apache/ranger/biz/SessionMgr.java | 4 -
.../java/org/apache/ranger/biz/UserMgr.java | 4 +-
.../java/org/apache/ranger/biz/XUserMgr.java | 58 +--
.../org/apache/ranger/common/SearchField.java | 4 +-
.../org/apache/ranger/common/ServiceUtil.java | 2 +-
.../org/apache/ranger/common/db/BaseDao.java | 17 +-
.../java/org/apache/ranger/db/XXPolicyDao.java | 4 +-
.../ranger/db/XXServiceVersionInfoDao.java | 4 -
.../ranger/entity/XXContextEnricherDef.java | 6 +-
.../org/apache/ranger/entity/XXPolicyBase.java | 6 +-
.../ranger/entity/XXPolicyConditionDef.java | 6 +-
.../ranger/entity/XXPolicyItemUserPerm.java | 6 +-
.../java/org/apache/ranger/rest/AssetREST.java | 16 +-
.../org/apache/ranger/rest/ServiceREST.java | 22 +-
.../java/org/apache/ranger/rest/TagREST.java | 4 +-
.../handler/RangerAuthenticationProvider.java | 11 +-
.../RangerAuthenticationEntryPoint.java | 3 +-
.../filter/RangerSSOAuthenticationFilter.java | 17 +-
.../RangerSecurityContextFormationFilter.java | 5 +-
.../ranger/service/RangerPolicyService.java | 2 +-
.../java/org/apache/ranger/solr/SolrMgr.java | 8 +-
27 files changed, 386 insertions(+), 304 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java
----------------------------------------------------------------------
diff --git a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java
index abfab25..f91fc50 100644
--- a/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java
+++ b/kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java
@@ -69,12 +69,12 @@ public class RangerKeyStore extends KeyStoreSpi {
// keys
private static class KeyEntry {
- Date date; // the creation date of this entry
+ Date date=new Date(); // the creation date of this entry
};
// Secret key
private static final class SecretKeyEntry {
- Date date; // the creation date of this entry
+ Date date=new Date(); // the creation date of this entry
SealedObject sealedKey;
String cipher_field;
int bit_length;
@@ -127,12 +127,15 @@ public class RangerKeyStore extends KeyStoreSpi {
@Override
public Date engineGetCreationDate(String alias) {
Object entry = keyEntries.get(convertAlias(alias));
+ Date date=null;
if (entry != null) {
- return new Date(((KeyEntry)entry).date.getTime());
- } else {
- return null;
- }
- }
+ KeyEntry keyEntry=(KeyEntry)entry;
+ if(keyEntry.date!=null){
+ date=new Date(keyEntry.date.getTime());
+ }
+ }
+ return date;
+ }
public void addKeyEntry(String alias, Key key, char[] password, String cipher, int bitLength, String description, int version, String attributes)
@@ -331,10 +334,14 @@ public class RangerKeyStore extends KeyStoreSpi {
}
keyEntries.clear();
- md = getKeyedMessageDigest(password);
+ if(password!=null){
+ md = getKeyedMessageDigest(password);
+ }
- byte computed[];
- computed = md.digest();
+ byte computed[]={};
+ if(md!=null){
+ computed = md.digest();
+ }
for(XXRangerKeyStore rangerKey : rangerKeyDetails){
String encoded = rangerKey.getEncoded();
byte[] data = DatatypeConverter.parseBase64Binary(encoded);
@@ -555,18 +562,19 @@ public class RangerKeyStore extends KeyStoreSpi {
KeyStore ks;
try {
ks = KeyStore.getInstance(fileFormat);
- ks.load(null, storePass);
- String alias = null;
- engineLoad(null, masterKey);
- Enumeration<String> e = engineAliases();
- Key key;
- while (e.hasMoreElements()) {
- alias = e.nextElement();
- key = engineGetKey(alias, masterKey);
- ks.setKeyEntry(alias, key, keyPass, null);
+ if(ks!=null){
+ ks.load(null, storePass);
+ String alias = null;
+ engineLoad(null, masterKey);
+ Enumeration<String> e = engineAliases();
+ Key key;
+ while (e.hasMoreElements()) {
+ alias = e.nextElement();
+ key = engineGetKey(alias, masterKey);
+ ks.setKeyEntry(alias, key, keyPass, null);
+ }
+ ks.store(stream, storePass);
}
-
- ks.store(stream, storePass);
} catch (Throwable t) {
logger.error("Unable to load keystore file ", t);
throw new IOException(t) ;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
----------------------------------------------------------------------
diff --git a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
index e61d0bc..bf1f493 100755
--- a/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
+++ b/plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java
@@ -84,9 +84,11 @@ public class KMSResourceMgr {
public static List<String> getKMSResource(String url, String username, String password, String rangerPrincipal, String rangerKeytab, String nameRules, String authType, String kmsKeyName, List<String> kmsKeyList) {
List<String> topologyList = null;
final KMSClient KMSClient = KMSConnectionMgr.getKMSClient(url, username, password, rangerPrincipal, rangerKeytab, nameRules, authType);
- synchronized(KMSClient){
- topologyList = KMSClient.getKeyList(kmsKeyName, kmsKeyList);
- }
- return topologyList;
- }
+ if(KMSClient!=null){
+ synchronized(KMSClient){
+ topologyList = KMSClient.getKeyList(kmsKeyName, kmsKeyList);
+ }
+ }
+ return topologyList;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
index 693e959..d565ebf 100755
--- a/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java
@@ -125,52 +125,54 @@ public class KmsKeyMgr {
} catch (Exception e1) {
logger.error("checkKerberos(" + repoName + ") failed", e1);
}
- for (int i = 0; i < providers.length; i++) {
- Client c = getClient();
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
- String keyLists = KMS_KEY_LIST_URI.replaceAll(
- Pattern.quote("${userName}"), currentUserLoginId);
- connProvider = providers[i];
- String uri = providers[i]
- + (providers[i].endsWith("/") ? keyLists : ("/" + keyLists));
- if(!isKerberos){
- uri = uri.concat("?user.name="+currentUserLoginId);
- }else{
- uri = uri.concat("?doAs="+currentUserLoginId);
- }
- final WebResource r = c.resource(uri);
- try {
- String response = null;
+ if(providers!=null){
+ for (int i = 0; i < providers.length; i++) {
+ Client c = getClient();
+ String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+ String keyLists = KMS_KEY_LIST_URI.replaceAll(
+ Pattern.quote("${userName}"), currentUserLoginId);
+ connProvider = providers[i];
+ String uri = providers[i]
+ + (providers[i].endsWith("/") ? keyLists : ("/" + keyLists));
if(!isKerberos){
- response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
+ uri = uri.concat("?user.name="+currentUserLoginId);
}else{
- Subject sub = getSubjectForKerberos(repoName);
- response = Subject.doAs(sub, new PrivilegedAction<String>() {
- @Override
- public String run() {
- return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
- }
- });
+ uri = uri.concat("?doAs="+currentUserLoginId);
}
- Gson gson = new GsonBuilder().create();
- logger.debug(" Search Key RESPONSE: [" + response + "]");
- keys = gson.fromJson(response, List.class);
- Collections.sort(keys);
- VXKmsKeyList vxKmsKeyList2 = new VXKmsKeyList();
- List<VXKmsKey> vXKeys2 = new ArrayList<VXKmsKey>();
- for (String name : keys) {
- VXKmsKey key = new VXKmsKey();
- key.setName(name);
- vXKeys2.add(key);
+ final WebResource r = c.resource(uri);
+ try {
+ String response = null;
+ if(!isKerberos){
+ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
+ }else{
+ Subject sub = getSubjectForKerberos(repoName);
+ response = Subject.doAs(sub, new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
+ }
+ });
+ }
+ Gson gson = new GsonBuilder().create();
+ logger.debug(" Search Key RESPONSE: [" + response + "]");
+ keys = gson.fromJson(response, List.class);
+ Collections.sort(keys);
+ VXKmsKeyList vxKmsKeyList2 = new VXKmsKeyList();
+ List<VXKmsKey> vXKeys2 = new ArrayList<VXKmsKey>();
+ for (String name : keys) {
+ VXKmsKey key = new VXKmsKey();
+ key.setName(name);
+ vXKeys2.add(key);
+ }
+ vxKmsKeyList2.setVXKeys(vXKeys2);
+ vxKmsKeyList = getFilteredKeyList(request, vxKmsKeyList2);
+ break;
+ } catch (Exception e) {
+ if (e instanceof UniformInterfaceException || i == providers.length - 1)
+ throw e;
+ else
+ continue;
}
- vxKmsKeyList2.setVXKeys(vXKeys2);
- vxKmsKeyList = getFilteredKeyList(request, vxKmsKeyList2);
- break;
- } catch (Exception e) {
- if (e instanceof UniformInterfaceException || i == providers.length - 1)
- throw e;
- else
- continue;
}
}
//details
@@ -186,7 +188,7 @@ public class KmsKeyMgr {
request.getParameter("pageSize"), 0,
"Invalid value for parameter pageSize",
MessageEnums.INVALID_INPUT_DATA, null, "pageSize");
- pageSize = pageSize < 0 ? 0 : pageSize;
+ pageSize = pageSize < 0 ? 0 : pageSize;
vxKmsKeyList.setResultSize(lstKMSKey.size());
vxKmsKeyList.setTotalCount(lstKMSKey.size());
@@ -196,14 +198,20 @@ public class KmsKeyMgr {
startIndex = startIndex >= lstKMSKey.size() ? 0 : startIndex;
lstKMSKey = lstKMSKey.subList(startIndex, lstKMSKey.size());
}
- for (VXKmsKey kmsKey : lstKMSKey) {
- VXKmsKey key = getKeyFromUri(connProvider, kmsKey.getName(), isKerberos, repoName);
- vXKeys.add(key);
- }
+ if(CollectionUtils.isNotEmpty(lstKMSKey)){
+ for (VXKmsKey kmsKey : lstKMSKey) {
+ if(kmsKey!=null){
+ VXKmsKey key = getKeyFromUri(connProvider, kmsKey.getName(), isKerberos, repoName);
+ vXKeys.add(key);
+ }
+ }
+ }
vxKmsKeyList.setStartIndex(startIndex);
vxKmsKeyList.setPageSize(pageSize);
}
- vxKmsKeyList.setVXKeys(vXKeys);
+ if(vxKmsKeyList!=null){
+ vxKmsKeyList.setVXKeys(vXKeys);
+ }
return vxKmsKeyList;
}
@@ -221,40 +229,42 @@ public class KmsKeyMgr {
} catch (Exception e1) {
logger.error("checkKerberos(" + provider + ") failed", e1);
}
- for (int i = 0; i < providers.length; i++) {
- Client c = getClient();
- String rollRest = KMS_ROLL_KEY_URI.replaceAll(Pattern.quote("${alias}"), vXKey.getName());
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
- String uri = providers[i] + (providers[i].endsWith("/") ? rollRest : ("/" + rollRest));
- if(!isKerberos){
- uri = uri.concat("?user.name="+currentUserLoginId);
- }else{
- uri = uri.concat("?doAs="+currentUserLoginId);
- }
- final WebResource r = c.resource(uri);
- Gson gson = new GsonBuilder().create();
- final String jsonString = gson.toJson(vXKey);
- try {
- String response = null;
+ if(providers!=null){
+ for (int i = 0; i < providers.length; i++) {
+ Client c = getClient();
+ String rollRest = KMS_ROLL_KEY_URI.replaceAll(Pattern.quote("${alias}"), vXKey.getName());
+ String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+ String uri = providers[i] + (providers[i].endsWith("/") ? rollRest : ("/" + rollRest));
if(!isKerberos){
- response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);}
- else{
- Subject sub = getSubjectForKerberos(provider);
- response = Subject.doAs(sub, new PrivilegedAction<String>() {
- @Override
- public String run() {
- return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
- }
- });
- }
- logger.debug("Roll RESPONSE: [" + response + "]");
- ret = gson.fromJson(response, VXKmsKey.class);
- break;
- } catch (Exception e) {
- if (e instanceof UniformInterfaceException || i == providers.length - 1)
- throw e;
- else
- continue;
+ uri = uri.concat("?user.name="+currentUserLoginId);
+ }else{
+ uri = uri.concat("?doAs="+currentUserLoginId);
+ }
+ final WebResource r = c.resource(uri);
+ Gson gson = new GsonBuilder().create();
+ final String jsonString = gson.toJson(vXKey);
+ try {
+ String response = null;
+ if(!isKerberos){
+ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);}
+ else{
+ Subject sub = getSubjectForKerberos(provider);
+ response = Subject.doAs(sub, new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
+ }
+ });
+ }
+ logger.debug("Roll RESPONSE: [" + response + "]");
+ ret = gson.fromJson(response, VXKmsKey.class);
+ break;
+ } catch (Exception e) {
+ if (e instanceof UniformInterfaceException || i == providers.length - 1)
+ throw e;
+ else
+ continue;
+ }
}
}
return ret;
@@ -273,39 +283,41 @@ public class KmsKeyMgr {
} catch (Exception e1) {
logger.error("checkKerberos(" + provider + ") failed", e1);
}
- for (int i = 0; i < providers.length; i++) {
- Client c = getClient();
- String deleteRest = KMS_DELETE_KEY_URI.replaceAll(Pattern.quote("${alias}"), name);
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
- String uri = providers[i] + (providers[i].endsWith("/") ? deleteRest : ("/" + deleteRest));
- if(!isKerberos){
- uri = uri.concat("?user.name="+currentUserLoginId);
- }else{
- uri = uri.concat("?doAs="+currentUserLoginId);
- }
- final WebResource r = c.resource(uri);
- try {
- String response = null;
+ if(providers!=null){
+ for (int i = 0; i < providers.length; i++) {
+ Client c = getClient();
+ String deleteRest = KMS_DELETE_KEY_URI.replaceAll(Pattern.quote("${alias}"), name);
+ String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+ String uri = providers[i] + (providers[i].endsWith("/") ? deleteRest : ("/" + deleteRest));
if(!isKerberos){
- response = r.delete(String.class) ;
+ uri = uri.concat("?user.name="+currentUserLoginId);
}else{
- Subject sub = getSubjectForKerberos(provider);
- response = Subject.doAs(sub, new PrivilegedAction<String>() {
- @Override
- public String run() {
- return r.delete(String.class);
- }
- });
+ uri = uri.concat("?doAs="+currentUserLoginId);
+ }
+ final WebResource r = c.resource(uri);
+ try {
+ String response = null;
+ if(!isKerberos){
+ response = r.delete(String.class) ;
+ }else{
+ Subject sub = getSubjectForKerberos(provider);
+ response = Subject.doAs(sub, new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return r.delete(String.class);
+ }
+ });
+ }
+ logger.debug("delete RESPONSE: [" + response + "]") ;
+ break;
+ } catch (Exception e) {
+ if (e instanceof UniformInterfaceException || i == providers.length - 1)
+ throw e;
+ else
+ continue;
}
- logger.debug("delete RESPONSE: [" + response + "]") ;
- break;
- } catch (Exception e) {
- if (e instanceof UniformInterfaceException || i == providers.length - 1)
- throw e;
- else
- continue;
}
- }
+ }
}
public VXKmsKey createKey(String provider, VXKmsKey vXKey) throws Exception{
@@ -323,39 +335,41 @@ public class KmsKeyMgr {
} catch (Exception e1) {
logger.error("checkKerberos(" + provider + ") failed", e1);
}
- for (int i = 0; i < providers.length; i++) {
- Client c = getClient();
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
- String uri = providers[i] + (providers[i].endsWith("/") ? KMS_ADD_KEY_URI : ("/" + KMS_ADD_KEY_URI));
- if(!isKerberos){
- uri = uri.concat("?user.name="+currentUserLoginId);
- }else{
- uri = uri.concat("?doAs="+currentUserLoginId);
- }
- final WebResource r = c.resource(uri);
- Gson gson = new GsonBuilder().create();
- final String jsonString = gson.toJson(vXKey);
- try {
- String response = null;
+ if(providers!=null){
+ for (int i = 0; i < providers.length; i++) {
+ Client c = getClient();
+ String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+ String uri = providers[i] + (providers[i].endsWith("/") ? KMS_ADD_KEY_URI : ("/" + KMS_ADD_KEY_URI));
if(!isKerberos){
- response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
+ uri = uri.concat("?user.name="+currentUserLoginId);
}else{
- Subject sub = getSubjectForKerberos(provider);
- response = Subject.doAs(sub, new PrivilegedAction<String>() {
- @Override
- public String run() {
- return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
- }
- });
+ uri = uri.concat("?doAs="+currentUserLoginId);
+ }
+ final WebResource r = c.resource(uri);
+ Gson gson = new GsonBuilder().create();
+ final String jsonString = gson.toJson(vXKey);
+ try {
+ String response = null;
+ if(!isKerberos){
+ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
+ }else{
+ Subject sub = getSubjectForKerberos(provider);
+ response = Subject.doAs(sub, new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).post(String.class, jsonString);
+ }
+ });
+ }
+ logger.debug("Create RESPONSE: [" + response + "]");
+ ret = gson.fromJson(response, VXKmsKey.class);
+ return ret;
+ } catch (Exception e) {
+ if (e instanceof UniformInterfaceException || i == providers.length - 1)
+ throw e;
+ else
+ continue;
}
- logger.debug("Create RESPONSE: [" + response + "]");
- ret = gson.fromJson(response, VXKmsKey.class);
- return ret;
- } catch (Exception e) {
- if (e instanceof UniformInterfaceException || i == providers.length - 1)
- throw e;
- else
- continue;
}
}
return ret;
@@ -374,39 +388,41 @@ public class KmsKeyMgr {
} catch (Exception e1) {
logger.error("checkKerberos(" + provider + ") failed", e1);
}
- for (int i = 0; i < providers.length; i++) {
- Client c = getClient();
- String keyRest = KMS_KEY_METADATA_URI.replaceAll(Pattern.quote("${alias}"), name);
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
- String uri = providers[i] + (providers[i].endsWith("/") ? keyRest : ("/" + keyRest));
- if(!isKerberos){
- uri = uri.concat("?user.name="+currentUserLoginId);
- }else{
- uri = uri.concat("?doAs="+currentUserLoginId);
- }
- final WebResource r = c.resource(uri);
- try {
- String response = null;
+ if(providers!=null){
+ for (int i = 0; i < providers.length; i++) {
+ Client c = getClient();
+ String keyRest = KMS_KEY_METADATA_URI.replaceAll(Pattern.quote("${alias}"), name);
+ String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+ String uri = providers[i] + (providers[i].endsWith("/") ? keyRest : ("/" + keyRest));
if(!isKerberos){
- response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
+ uri = uri.concat("?user.name="+currentUserLoginId);
}else{
- Subject sub = getSubjectForKerberos(provider);
- response = Subject.doAs(sub, new PrivilegedAction<String>() {
- @Override
- public String run() {
- return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
- }
- });
+ uri = uri.concat("?doAs="+currentUserLoginId);
+ }
+ final WebResource r = c.resource(uri);
+ try {
+ String response = null;
+ if(!isKerberos){
+ response = r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
+ }else{
+ Subject sub = getSubjectForKerberos(provider);
+ response = Subject.doAs(sub, new PrivilegedAction<String>() {
+ @Override
+ public String run() {
+ return r.accept(MediaType.APPLICATION_JSON_TYPE).type(MediaType.APPLICATION_JSON_TYPE).get(String.class);
+ }
+ });
+ }
+ Gson gson = new GsonBuilder().create();
+ logger.debug("RESPONSE: [" + response + "]");
+ VXKmsKey key = gson.fromJson(response, VXKmsKey.class);
+ return key;
+ } catch (Exception e) {
+ if (e instanceof UniformInterfaceException || i == providers.length - 1)
+ throw e;
+ else
+ continue;
}
- Gson gson = new GsonBuilder().create();
- logger.debug("RESPONSE: [" + response + "]");
- VXKmsKey key = gson.fromJson(response, VXKmsKey.class);
- return key;
- } catch (Exception e) {
- if (e instanceof UniformInterfaceException || i == providers.length - 1)
- throw e;
- else
- continue;
}
}
return null;
@@ -415,7 +431,7 @@ public class KmsKeyMgr {
public VXKmsKey getKeyFromUri(String provider, String name, boolean isKerberos, String repoName) throws Exception {
Client c = getClient();
String keyRest = KMS_KEY_METADATA_URI.replaceAll(Pattern.quote("${alias}"), name);
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+ String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
String uri = provider + (provider.endsWith("/") ? keyRest : ("/" + keyRest));
if(!isKerberos){
uri = uri.concat("?user.name="+currentUserLoginId);
@@ -438,7 +454,7 @@ public class KmsKeyMgr {
Gson gson = new GsonBuilder().create();
logger.debug("RESPONSE: [" + response + "]");
VXKmsKey key = gson.fromJson(response, VXKmsKey.class);
- return key;
+ return key;
}
private String[] getKMSURL(String name) throws Exception{
@@ -446,21 +462,24 @@ public class KmsKeyMgr {
RangerService rangerService = null;
try {
rangerService = svcStore.getServiceByName(name);
- String kmsUrl = rangerService.getConfigs().get(KMS_URL_CONFIG);
- String dbKmsUrl = kmsUrl;
- if(providerList.containsKey(kmsUrl)){
- kmsUrl = providerList.get(kmsUrl);
+ if(rangerService!=null){
+ String kmsUrl = rangerService.getConfigs().get(KMS_URL_CONFIG);
+ String dbKmsUrl = kmsUrl;
+ if(providerList.containsKey(kmsUrl)){
+ kmsUrl = providerList.get(kmsUrl);
+ }else{
+ providerList.put(kmsUrl, kmsUrl);
+ }
+ providers = createProvider(dbKmsUrl,kmsUrl);
}else{
- providerList.put(kmsUrl, kmsUrl);
+ throw new Exception("Service " + name + " not found");
}
- providers = createProvider(dbKmsUrl,kmsUrl);
} catch (Exception excp) {
logger.error("getServiceByName(" + name + ") failed", excp);
throw new Exception("getServiceByName(" + name + ") failed", excp);
}
-
- if (rangerService == null || providers == null) {
- throw new Exception("Provider " + name + " not found");
+ if (providers == null) {
+ throw new Exception("Providers for service " + name + " not found");
}
return providers;
}
@@ -554,7 +573,7 @@ public class KmsKeyMgr {
}
private String getKMSPassword(String srvName) throws Exception {
- XXService rangerService = rangerDaoManagerBase.getXXService().findByName(srvName);
+ XXService rangerService = rangerDaoManagerBase.getXXService().findByName(srvName);
XXServiceConfigMap xxConfigMap = rangerDaoManagerBase.getXXServiceConfigMap().findByServiceAndConfigKey(rangerService.getId(), KMS_PASSWORD);
String encryptedPwd = xxConfigMap.getConfigvalue();
String pwd = PasswordUtils.decryptPassword(encryptedPwd);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index e0a9840..32ffef9 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -1061,7 +1061,10 @@ public class RangerBizUtil {
} else {
int interval = max - min;
int randomNum = random.nextInt();
- return ((Math.abs(randomNum) % interval) + min);
+ if(randomNum<0){
+ randomNum=Math.abs(randomNum);
+ }
+ return ((randomNum % interval) + min);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
index 9af5b5f..27bc277 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceDBStore.java
@@ -2023,9 +2023,20 @@ public class ServiceDBStore extends AbstractServiceStore {
}
finally {
- in.close();
- out.flush();
- out.close();
+ try{
+ if(in!=null){
+ in.close();
+ in=null;
+ }
+ }catch(Exception ex){
+ }
+ try{
+ if(out!=null){
+ out.flush();
+ out.close();
+ }
+ }catch(Exception ex){
+ }
}
}
@@ -3285,7 +3296,7 @@ public class ServiceDBStore extends AbstractServiceStore {
break;
}
- if (serviceTypeId == 100) {
+ if (serviceTypeId!=null && serviceTypeId.equals(Long.valueOf(100L))) {
Map<String, RangerPolicyResource> resources = policy.getResources();
if (resources != null) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
index 0059884..65d41fb 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java
@@ -159,12 +159,12 @@ public class ServiceMgr {
service.getConfigs().put(HadoopConfigHolder.RANGER_AUTH_TYPE, authType);
}
}
-
- Map<String, String> newConfigs = rangerSvcService.getConfigsWithDecryptedPassword(service);
- service.setConfigs(newConfigs);
-
- RangerBaseService svc = getRangerServiceByService(service, svcStore);
-
+ RangerBaseService svc=null;
+ if(service!=null){
+ Map<String, String> newConfigs = rangerSvcService.getConfigsWithDecryptedPassword(service);
+ service.setConfigs(newConfigs);
+ svc = getRangerServiceByService(service, svcStore);
+ }
if(LOG.isDebugEnabled()) {
LOG.debug("==> ServiceMgr.validateConfig for Service: (" + svc + ")");
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
index 2e9d6d5..f591eb4 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java
@@ -96,10 +96,6 @@ public class SessionMgr {
private static final Long SESSION_UPDATE_INTERVAL_IN_MILLIS = 30 * DateUtils.MILLIS_PER_MINUTE;
- public UserSessionBase processSuccessLogin(int authType, String userAgent) {
- return processSuccessLogin(authType, userAgent, null);
- }
-
public UserSessionBase processSuccessLogin(int authType, String userAgent,
HttpServletRequest httpRequest) {
boolean newSessionCreation = true;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index a508926..6c305c4 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -742,8 +742,8 @@ public class UserMgr {
// Get total count first
Query query = createUserSearchQuery(countQueryStr, null, searchCriteria);
Long count = (Long) query.getSingleResult();
- int resultSize = Integer.parseInt(count.toString());
- if (count == null || count.longValue() == 0) {
+ int resultSize = count!=null ? count.intValue() :0;
+ if (resultSize == 0) {
return returnList;
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
index 242a27e..6dc1e2f 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/XUserMgr.java
@@ -234,35 +234,39 @@ public class XUserMgr extends XUserMgrBase {
}
//
xaBizUtil.createTrxLog(trxLogList);
-
- assignPermissionToUser(vXPortalUser, true);
+ if(vXPortalUser!=null){
+ assignPermissionToUser(vXPortalUser, true);
+ }
return createdXUser;
}
public void assignPermissionToUser(VXPortalUser vXPortalUser, boolean isCreate) {
HashMap<String, Long> moduleNameId = getAllModuleNameAndIdMap();
+ if(moduleNameId!=null && vXPortalUser!=null){
+ if(CollectionUtils.isNotEmpty(vXPortalUser.getUserRoleList())){
+ for (String role : vXPortalUser.getUserRoleList()) {
+
+ if (role.equals(RangerConstants.ROLE_USER)) {
+
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
+ } else if (role.equals(RangerConstants.ROLE_SYS_ADMIN)) {
+
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_AUDIT), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_USER_GROUPS), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_TAG_BASED_POLICIES), isCreate);
+ } else if (role.equals(RangerConstants.ROLE_KEY_ADMIN)) {
+
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
+ createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
+ }
- for (String role : vXPortalUser.getUserRoleList()) {
-
- if (role.equals(RangerConstants.ROLE_USER)) {
-
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
- } else if (role.equals(RangerConstants.ROLE_SYS_ADMIN)) {
-
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_AUDIT), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_USER_GROUPS), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_TAG_BASED_POLICIES), isCreate);
- } else if (role.equals(RangerConstants.ROLE_KEY_ADMIN)) {
-
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_KEY_MANAGER), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_REPORTS), isCreate);
- createOrUpdateUserPermisson(vXPortalUser, moduleNameId.get(RangerConstants.MODULE_RESOURCE_BASED_POLICIES), isCreate);
+ }
}
-
}
}
@@ -1606,7 +1610,10 @@ public class XUserMgr extends XUserMgrBase {
}
XXPortalUserDao xXPortalUserDao=daoManager.getXXPortalUser();
XXPortalUser xXPortalUser=xXPortalUserDao.findByLoginId(vXUser.getName().trim());
- VXPortalUser vXPortalUser=xPortalUserService.populateViewBean(xXPortalUser);
+ VXPortalUser vXPortalUser=null;
+ if(xXPortalUser!=null){
+ vXPortalUser=xPortalUserService.populateViewBean(xXPortalUser);
+ }
if(vXPortalUser==null ||StringUtil.isEmpty(vXPortalUser.getLoginId())){
throw restErrorUtil.createRESTException("No user found with id=" + id);
}
@@ -1772,11 +1779,8 @@ public class XUserMgr extends XUserMgrBase {
xXPortalUserDao.remove(xXPortalUserId);
List<XXTrxLog> trxLogList =xUserService.getTransactionLog(xUserService.populateViewBean(xXUser), "delete");
xaBizUtil.createTrxLog(trxLogList);
- if (xXPortalUser != null) {
- trxLogList=xPortalUserService
- .getTransactionLog(xPortalUserService.populateViewBean(xXPortalUser), "delete");
- xaBizUtil.createTrxLog(trxLogList);
- }
+ trxLogList=xPortalUserService.getTransactionLog(xPortalUserService.populateViewBean(xXPortalUser), "delete");
+ xaBizUtil.createTrxLog(trxLogList);
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/common/SearchField.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/SearchField.java b/security-admin/src/main/java/org/apache/ranger/common/SearchField.java
index 1891edb..2d6ab14 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/SearchField.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/SearchField.java
@@ -213,5 +213,7 @@ public class SearchField {
public String getCustomCondition() {
return customCondition;
}
-
+ public void setCustomCondition(String conditions) {
+ customCondition=conditions;
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java b/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
index 7355e3d..8252bca 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java
@@ -1286,7 +1286,7 @@ public class ServiceUtil {
if ( AppConstants.getEnumFor_XAPermType(perm) != 0 ) {
if (perm.equalsIgnoreCase("Admin")) {
delegatedAdmin=true;
- if ( assetType != RangerCommonEnums.ASSET_HBASE) {
+ if (assetType!=null && assetType.intValue() != RangerCommonEnums.ASSET_HBASE) {
continue;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
index e3ba5a6..f64cc2d 100644
--- a/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/common/db/BaseDao.java
@@ -244,16 +244,17 @@ public abstract class BaseDao<T> {
public void updateUserIDReference(String paramName,long oldID) {
Table table = tClass.getAnnotation(Table.class);
- if(table == null) {
+ if(table != null) {
+ String tableName = table.name();
+ String query = "update " + tableName + " set " + paramName+"=null"
+ + " where " +paramName+"=" + oldID;
+ int count=getEntityManager().createNativeQuery(query).executeUpdate();
+ if(count>0){
+ logger.warn(count + " records updated in table '" + tableName + "' with: set " + paramName + "=null where " + paramName + "=" + oldID);
+ }
+ }else{
logger.warn("Required annotation `Table` not found");
}
- String tableName = table.name();
- String query = "update " + tableName + " set " + paramName+"=null"
- + " where " +paramName+"=" + oldID;
- int count=getEntityManager().createNativeQuery(query).executeUpdate();
- if(count>0){
- logger.warn(count + " records updated in table '" + tableName + "' with: set " + paramName + "=null where " + paramName + "=" + oldID);
- }
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
index e25540b..5623517 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXPolicyDao.java
@@ -123,7 +123,7 @@ public class XXPolicyDao extends BaseDao<XXPolicy> {
updateSequence("X_POLICY_SEQ", maxId + 1);
}
public List<XXPolicy> findByUserId(Long userId) {
- if(userId == null || userId.equals(0)) {
+ if(userId == null || userId.equals(Long.valueOf(0L))) {
return new ArrayList<XXPolicy>();
}
try {
@@ -135,7 +135,7 @@ public class XXPolicyDao extends BaseDao<XXPolicy> {
}
}
public List<XXPolicy> findByGroupId(Long groupId) {
- if(groupId == null || groupId.equals(0)) {
+ if(groupId == null || groupId.equals(Long.valueOf(0L))) {
return new ArrayList<XXPolicy>();
}
try {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/db/XXServiceVersionInfoDao.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/db/XXServiceVersionInfoDao.java b/security-admin/src/main/java/org/apache/ranger/db/XXServiceVersionInfoDao.java
index 5291045..f1535fe 100644
--- a/security-admin/src/main/java/org/apache/ranger/db/XXServiceVersionInfoDao.java
+++ b/security-admin/src/main/java/org/apache/ranger/db/XXServiceVersionInfoDao.java
@@ -120,10 +120,6 @@ public class XXServiceVersionInfoDao extends BaseDao<XXServiceVersionInfo> {
currentTagVersion = Long.valueOf(0);
}
- if (updateTime == null) {
- updateTime = new Date();
- }
-
serviceVersionInfo.setTagVersion(currentTagVersion + 1);
serviceVersionInfo.setTagUpdateTime(updateTime);
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/entity/XXContextEnricherDef.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXContextEnricherDef.java b/security-admin/src/main/java/org/apache/ranger/entity/XXContextEnricherDef.java
index e035e58..77eb061 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXContextEnricherDef.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXContextEnricherDef.java
@@ -313,10 +313,14 @@ public class XXContextEnricherDef extends XXDBBase implements
*/
@Override
public String toString() {
- return "XXContextEnricherDef [id=" + id + ", defId=" + defId + ", itemId=" + itemId
+ String str = "XXContextEnricherDef={";
+ str += super.toString();
+ str+=" [id=" + id + ", defId=" + defId + ", itemId=" + itemId
+ ", name=" + name + ", enricher=" + enricherOptions
+ ", enricherOptions=" + enricherOptions + ", order=" + order
+ "]";
+ str += "}";
+ return str;
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
index 8564d43..aebe38c 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyBase.java
@@ -352,9 +352,13 @@ public abstract class XXPolicyBase extends XXDBBase {
*/
@Override
public String toString() {
- return "XXPolicyBase [guid=" + guid + ", version=" + version + ", service=" + service + ", name=" + name
+ String str = "XXPolicyBase={";
+ str += super.toString();
+ str += " [guid=" + guid + ", version=" + version + ", service=" + service + ", name=" + name
+ ", policyType=" + policyType + ", description=" + description + ", resourceSignature="
+ resourceSignature + ", isEnabled=" + isEnabled + ", isAuditEnabled=" + isAuditEnabled + "]";
+ str += "}";
+ return str;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyConditionDef.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyConditionDef.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyConditionDef.java
index d738841..6b12d94 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyConditionDef.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyConditionDef.java
@@ -558,7 +558,9 @@ public class XXPolicyConditionDef extends XXDBBase implements
*/
@Override
public String toString() {
- return "XXPolicyConditionDef [id=" + id + ", defId=" + defId + ", itemId=" + itemId
+ String str = "XXPolicyConditionDef={";
+ str += super.toString();
+ str += " [id=" + id + ", defId=" + defId + ", itemId=" + itemId
+ ", name=" + name + ", evaluator=" + evaluator
+ ", evaluatorOptions=" + evaluatorOptions + ", label=" + label
+ ", validationRegEx=" + validationRegEx
@@ -568,6 +570,8 @@ public class XXPolicyConditionDef extends XXDBBase implements
+ ", rbKeyValidationMessage=" + rbKeyValidationMessage
+ ", rbKeyDescription=" + rbKeyDescription + ", order=" + order
+ "]";
+ str += "}";
+ return str;
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemUserPerm.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemUserPerm.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemUserPerm.java
index 874ca20..69c47df 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemUserPerm.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPolicyItemUserPerm.java
@@ -205,9 +205,13 @@ public class XXPolicyItemUserPerm extends XXDBBase implements
*/
@Override
public String toString() {
- return "XXPolicyItemUserPerm [id=" + id + ", policyItemId="
+ String str = "XXPolicyItemUserPerm={";
+ str += super.toString();
+ str += " [id=" + id + ", policyItemId="
+ policyItemId + ", userId=" + userId + ", order=" + order
+ "]";
+ str += "}";
+ return str;
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
index 3d649df..b1a2159 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
@@ -39,6 +39,7 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
+import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.ranger.admin.client.datatype.RESTResponse;
import org.apache.ranger.biz.AssetMgr;
@@ -502,12 +503,17 @@ public class AssetREST {
VXResource resource = getXResource(id);
- File file = assetMgr.getXResourceFile(resource, fileType);
- return Response
- .ok(file, MediaType.APPLICATION_OCTET_STREAM)
- .header("Content-Disposition",
- "attachment;filename=" + file.getName()).build();
+ Response response=null;
+ if(resource!=null && StringUtils.isNotEmpty(fileType)){
+ File file = null;
+ file=assetMgr.getXResourceFile(resource, fileType);
+ if(file!=null){
+ response=Response.ok(file, MediaType.APPLICATION_OCTET_STREAM).header("Content-Disposition","attachment;filename=" + file.getName()).build();
+ file=null;
+ }
+ }
+ return response;
}
@GET
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index 0d1e552..c491021 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -1325,7 +1325,7 @@ public class ServiceREST {
throw restErrorUtil.createRESTException(exception.getMessage());
}
} else {
- throw restErrorUtil.createRESTException("Non-existing service specified:" + policy == null ? null : policy.getService());
+ throw restErrorUtil.createRESTException("Non-existing service specified:");
}
if (LOG.isDebugEnabled()) {
@@ -1863,10 +1863,12 @@ public class ServiceREST {
if (isKeyAdmin) {
isAllowed = true;
}else {
- isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Download);
- if(!isAllowed){
- isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Grant_Revoke);
- }
+ if(rangerService!=null){
+ isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Download);
+ if(!isAllowed){
+ isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Grant_Revoke);
+ }
+ }
}
}else{
rangerService = svcStore.getServiceByName(serviceName);
@@ -1874,10 +1876,12 @@ public class ServiceREST {
isAllowed = true;
}
else{
- isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Download);
- if(!isAllowed){
- isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Grant_Revoke);
- }
+ if(rangerService!=null){
+ isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Download);
+ if(!isAllowed){
+ isAllowed = bizUtil.isUserAllowed(rangerService, Allowed_User_List_For_Grant_Revoke);
+ }
+ }
}
}
if (isAllowed) {
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
index 3dfb250..8aef9a8 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/TagREST.java
@@ -191,7 +191,9 @@ public class TagREST {
try {
RangerTagDef exist = tagStore.getTagDefByGuid(guid);
- tagStore.deleteTagDef(exist.getId());
+ if(exist!=null){
+ tagStore.deleteTagDef(exist.getId());
+ }
} catch(Exception excp) {
LOG.error("deleteTagDef(" + guid + ") failed", excp);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
index 3fa3436..00541cb 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
@@ -569,12 +569,15 @@ public class RangerAuthenticationProvider implements AuthenticationProvider {
}
authenticator.setSaltSource(saltSource);
-
- String userName = authentication.getName();
+ String userName ="";
String userPassword = "";
- if (authentication.getCredentials() != null) {
- userPassword = authentication.getCredentials().toString();
+ if(authentication!=null){
+ userName = authentication.getName();
+ if (authentication.getCredentials() != null) {
+ userPassword = authentication.getCredentials().toString();
+ }
}
+
String rangerLdapDefaultRole = PropertiesUtil.getProperty("ranger.ldap.default.role", "ROLE_USER");
if (userName != null && userPassword != null && !userName.trim().isEmpty()&& !userPassword.trim().isEmpty()) {
final List<GrantedAuthority> grantedAuths = new ArrayList<>();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
index 2c06f58..8a7c641 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.java
@@ -129,9 +129,10 @@ public class RangerAuthenticationEntryPoint extends
response.sendError(ajaxReturnCode, "");
} else if (!(requestURL.startsWith(reqServletPath))) {
if(requestURL.contains(RangerSSOAuthenticationFilter.LOCAL_LOGIN_URL)){
- if (request.getSession() != null)
+ if (request.getSession() != null){
request.getSession().setAttribute("locallogin","true");
request.getServletContext().setAttribute(request.getSession().getId(), "locallogin");
+ }
}
if(request.getHeader("x-forwarded-server") != null){
super.setUseForward(true);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java
index d431bc1..4783608 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java
@@ -115,14 +115,15 @@ public class RangerSSOAuthenticationFilter implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest)servletRequest;
- if (httpRequest.getRequestedSessionId() != null && !httpRequest.isRequestedSessionIdValid())
- {
- if(httpRequest.getServletContext().getAttribute(httpRequest.getRequestedSessionId()) != null && httpRequest.getServletContext().getAttribute(httpRequest.getRequestedSessionId()).toString().equals("locallogin")){
- ssoEnabled = false;
- httpRequest.getSession().setAttribute("locallogin","true");
- httpRequest.getServletContext().removeAttribute(httpRequest.getRequestedSessionId());
- }
- }
+ if (httpRequest.getRequestedSessionId() != null && !httpRequest.isRequestedSessionIdValid()){
+ synchronized(httpRequest.getServletContext()){
+ if(httpRequest.getServletContext().getAttribute(httpRequest.getRequestedSessionId()) != null && httpRequest.getServletContext().getAttribute(httpRequest.getRequestedSessionId()).toString().equals("locallogin")){
+ ssoEnabled = false;
+ httpRequest.getSession().setAttribute("locallogin","true");
+ httpRequest.getServletContext().removeAttribute(httpRequest.getRequestedSessionId());
+ }
+ }
+ }
RangerSecurityContext context = RangerContextHolder.getSecurityContext();
UserSessionBase session = context != null ? context.getUserSession() : null;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
index 7314782..f02b875 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
@@ -97,7 +97,10 @@ public class RangerSecurityContextFormationFilter extends GenericFilterBean {
HttpSession httpSession = httpRequest.getSession(false);
// [1]get the context from session
- RangerSecurityContext context = (RangerSecurityContext) httpSession.getAttribute(AKA_SC_SESSION_KEY);
+ RangerSecurityContext context = null;
+ if(httpSession!=null){
+ context=(RangerSecurityContext) httpSession.getAttribute(AKA_SC_SESSION_KEY);
+ }
int clientTimeOffset = 0;
if (context == null) {
context = new RangerSecurityContext();
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
index 4b792de..5616406 100644
--- a/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
+++ b/security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
@@ -281,7 +281,7 @@ public class RangerPolicyService extends RangerPolicyServiceBase<XXPolicy, Range
oldValue = String.valueOf(processIsEnabledClassFieldNameForTrxLog(oldPolicy.getIsEnabled()));
}
}
- if (oldValue == null || value.equalsIgnoreCase(oldValue)) {
+ if (oldValue == null || oldValue.equalsIgnoreCase(value)) {
return null;
} else if (fieldName.equalsIgnoreCase(POLICY_RESOURCE_CLASS_FIELD_NAME)) {
// Compare old and new resources
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/b7956495/security-admin/src/main/java/org/apache/ranger/solr/SolrMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/solr/SolrMgr.java b/security-admin/src/main/java/org/apache/ranger/solr/SolrMgr.java
index 1b5793f..b924646 100644
--- a/security-admin/src/main/java/org/apache/ranger/solr/SolrMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/solr/SolrMgr.java
@@ -184,8 +184,12 @@ public class SolrMgr {
}
public SolrClient getSolrClient() {
- if (solrClient == null) {
- connect();
+ if(solrClient!=null){
+ return solrClient;
+ }else{
+ synchronized(this){
+ connect();
+ }
}
return solrClient;
}
[5/5] incubator-ranger git commit: RANGER-1124 : Good coding
practices in Ranger recommended by static code analysis - medium impact
Posted by ve...@apache.org.
RANGER-1124 : Good coding practices in Ranger recommended by static code analysis - medium impact
(cherry picked from commit 24a100081eb05276bca7aa07b3a8c2255646c21a)
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/ee47136a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/ee47136a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/ee47136a
Branch: refs/heads/ranger-0.6
Commit: ee47136abe973e8630f970b868ad8b292ca9e443
Parents: ce7edb2
Author: rmani <rm...@hortonworks.com>
Authored: Fri Jul 29 23:09:19 2016 -0700
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Thu Aug 11 09:33:45 2016 +0530
----------------------------------------------------------------------
.../audit/destination/SolrAuditDestination.java | 127 ++++++++++---------
.../apache/ranger/audit/provider/MiscUtil.java | 6 +-
.../ranger/audit/queue/AuditFileSpool.java | 2 +-
.../services/hbase/client/HBaseClient.java | 11 +-
.../ranger/services/hdfs/client/HdfsClient.java | 4 +-
.../hive/authorizer/RangerHiveAuthorizer.java | 5 +-
.../kafka/authorizer/RangerKafkaAuthorizer.java | 40 +++---
.../solr/authorizer/RangerSolrAuthorizer.java | 14 +-
.../RangerPluginClassLoaderUtil.java | 2 +-
9 files changed, 115 insertions(+), 96 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java b/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java
index 46f33a5..738c091 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/destination/SolrAuditDestination.java
@@ -54,7 +54,7 @@ public class SolrAuditDestination extends AuditDestination {
public static final String DEFAULT_COLLECTION_NAME = "ranger_audits";
public static final String PROP_JAVA_SECURITY_AUTH_LOGIN_CONFIG = "java.security.auth.login.config";
- SolrClient solrClient = null;
+ private volatile SolrClient solrClient = null;
public SolrAuditDestination() {
}
@@ -74,77 +74,80 @@ public class SolrAuditDestination extends AuditDestination {
}
synchronized void connect() {
- if (solrClient == null) {
- if (solrClient == null) {
- String urls = MiscUtil.getStringProperty(props, propPrefix
- + "." + PROP_SOLR_URLS);
- if (urls != null) {
- urls = urls.trim();
- }
- if (urls != null && urls.equalsIgnoreCase("NONE")) {
- urls = null;
- }
-
- List<String> solrURLs = new ArrayList<String>();
- String zkHosts = null;
- solrURLs = MiscUtil.toArray(urls, ",");
- zkHosts = MiscUtil.getStringProperty(props, propPrefix + "."
- + PROP_SOLR_ZK);
- if (zkHosts != null && zkHosts.equalsIgnoreCase("NONE")) {
- zkHosts = null;
- }
-
- String collectionName = MiscUtil.getStringProperty(props,
- propPrefix + "." + PROP_SOLR_COLLECTION);
- if (collectionName == null
- || collectionName.equalsIgnoreCase("none")) {
- collectionName = DEFAULT_COLLECTION_NAME;
- }
-
- LOG.info("Solr zkHosts=" + zkHosts + ", solrURLs=" + urls
- + ", collectionName=" + collectionName);
-
- if (zkHosts != null && !zkHosts.isEmpty()) {
- LOG.info("Connecting to solr cloud using zkHosts="
- + zkHosts);
- try {
- // Instantiate
- HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
- CloudSolrClient solrCloudClient = new CloudSolrClient(
- zkHosts);
- solrCloudClient.setDefaultCollection(collectionName);
- solrClient = solrCloudClient;
- } catch (Throwable t) {
- LOG.fatal("Can't connect to Solr server. ZooKeepers="
- + zkHosts, t);
+ SolrClient me = solrClient;
+ if (me == null) {
+ synchronized(SolrAuditDestination.class) {
+ me = solrClient;
+ if (solrClient == null) {
+ String urls = MiscUtil.getStringProperty(props, propPrefix
+ + "." + PROP_SOLR_URLS);
+ if (urls != null) {
+ urls = urls.trim();
}
- finally {
- resetInitializerInSOLR() ;
+ if (urls != null && urls.equalsIgnoreCase("NONE")) {
+ urls = null;
}
- } else if (solrURLs != null && !solrURLs.isEmpty()) {
- try {
- LOG.info("Connecting to Solr using URLs=" + solrURLs);
- HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
- LBHttpSolrClient lbSolrClient = new LBHttpSolrClient(
- solrURLs.get(0));
- lbSolrClient.setConnectionTimeout(1000);
+ List<String> solrURLs = new ArrayList<String>();
+ String zkHosts = null;
+ solrURLs = MiscUtil.toArray(urls, ",");
+ zkHosts = MiscUtil.getStringProperty(props, propPrefix + "."
+ + PROP_SOLR_ZK);
+ if (zkHosts != null && zkHosts.equalsIgnoreCase("NONE")) {
+ zkHosts = null;
+ }
+ String collectionName = MiscUtil.getStringProperty(props,
+ propPrefix + "." + PROP_SOLR_COLLECTION);
+ if (collectionName == null
+ || collectionName.equalsIgnoreCase("none")) {
+ collectionName = DEFAULT_COLLECTION_NAME;
+ }
+
+ LOG.info("Solr zkHosts=" + zkHosts + ", solrURLs=" + urls
+ + ", collectionName=" + collectionName);
- for (int i = 1; i < solrURLs.size(); i++) {
- lbSolrClient.addSolrServer(solrURLs.get(i));
+ if (zkHosts != null && !zkHosts.isEmpty()) {
+ LOG.info("Connecting to solr cloud using zkHosts="
+ + zkHosts);
+ try {
+ // Instantiate
+ HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
+ CloudSolrClient solrCloudClient = new CloudSolrClient(
+ zkHosts);
+ solrCloudClient.setDefaultCollection(collectionName);
+ me = solrClient = solrCloudClient;
+ } catch (Throwable t) {
+ LOG.fatal("Can't connect to Solr server. ZooKeepers="
+ + zkHosts, t);
+ }
+ finally {
+ resetInitializerInSOLR() ;
+ }
+ } else if (solrURLs != null && !solrURLs.isEmpty()) {
+ try {
+ LOG.info("Connecting to Solr using URLs=" + solrURLs);
+ HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
+ LBHttpSolrClient lbSolrClient = new LBHttpSolrClient(
+ solrURLs.get(0));
+ lbSolrClient.setConnectionTimeout(1000);
+
+ for (int i = 1; i < solrURLs.size(); i++) {
+ lbSolrClient.addSolrServer(solrURLs.get(i));
+ }
+ me = solrClient = lbSolrClient;
+ } catch (Throwable t) {
+ LOG.fatal("Can't connect to Solr server. URL="
+ + solrURLs, t);
+ }
+ finally {
+ resetInitializerInSOLR() ;
}
- solrClient = lbSolrClient;
- } catch (Throwable t) {
- LOG.fatal("Can't connect to Solr server. URL="
- + solrURLs, t);
- }
- finally {
- resetInitializerInSOLR() ;
}
}
}
}
}
+
private void resetInitializerInSOLR() {
javax.security.auth.login.Configuration solrConfig = javax.security.auth.login.Configuration.getConfiguration();
String solrConfigClassName = solrConfig.getClass().getName() ;
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
index 3ab390a..f5b2795 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
@@ -184,7 +184,9 @@ public class MiscUtil {
}
public static String getJvmInstanceId() {
- String ret = Integer.toString(Math.abs(sJvmID.toString().hashCode()));
+ Integer val = Integer.valueOf(sJvmID.toString().hashCode());
+ long longVal = val.longValue();
+ String ret = Long.toString(Math.abs(longVal));
return ret;
}
@@ -719,7 +721,7 @@ public class MiscUtil {
}
} catch (Throwable t) {
- logger.error("Failed to login as [" + spnegoPrincipals + "]", t);
+ logger.error("Failed to login with given keytab and principal", t);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java b/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java
index 17ddab9..8e3c992 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java
@@ -663,7 +663,7 @@ public class AuditFileSpool implements Runnable {
}
});
- if (logFiles.length > maxArchiveFiles) {
+ if (logFiles != null && logFiles.length > maxArchiveFiles) {
int filesToDelete = logFiles.length - maxArchiveFiles;
BufferedReader br = new BufferedReader(new FileReader(
indexDoneFile));
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
index 65e7be6..443eb01 100644
--- a/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
+++ b/hbase-agent/src/main/java/org/apache/ranger/services/hbase/client/HBaseClient.java
@@ -251,10 +251,9 @@ public class HBaseClient extends BaseClient {
HBaseAdmin.checkHBaseAvailable(conf);
LOG.info("getTableList: no exception: HbaseAvailability true");
admin = new HBaseAdmin(conf) ;
- for (HTableDescriptor htd : admin.listTables(tableNameMatching)) {
- if (htd == null) {
- LOG.error("getTableList: null HTableDescription received from HBaseAdmin.listTables");
- } else {
+ HTableDescriptor [] htds = admin.listTables(tableNameMatching);
+ if (htds != null) {
+ for (HTableDescriptor htd : admin.listTables(tableNameMatching)) {
String tableName = htd.getNameAsString();
if (existingTableList != null && existingTableList.contains(tableName)) {
continue;
@@ -262,7 +261,9 @@ public class HBaseClient extends BaseClient {
tableList.add(htd.getNameAsString());
}
}
- }
+ } else {
+ LOG.error("getTableList: null HTableDescription received from HBaseAdmin.listTables");
+ }
} catch (ZooKeeperConnectionException zce) {
String msgDesc = "getTableList: Unable to connect to `ZooKeeper` "
+ "using given config parameters.";
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
----------------------------------------------------------------------
diff --git a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
index bc98d24..bfc2628 100644
--- a/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
+++ b/hdfs-agent/src/main/java/org/apache/ranger/services/hdfs/client/HdfsClient.java
@@ -87,7 +87,7 @@ public class HdfsClient extends BaseClient {
FileStatus[] fileStats = fs.listStatus(basePath) ;
if(LOG.isDebugEnabled()) {
- LOG.debug("<== HdfsClient fileStatus : " + fileStats + " PathList :" + pathList) ;
+ LOG.debug("<== HdfsClient fileStatus : " + fileStats.length + " PathList :" + pathList) ;
}
if (fileStats != null) {
@@ -185,7 +185,7 @@ public class HdfsClient extends BaseClient {
String baseDir = args[1] ;
String fileNameToMatch = (args.length == 2 ? null : args[2]) ;
- HdfsClient fs = new HdfsClient(repositoryName, null) ;
+ HdfsClient fs = new HdfsClient(repositoryName, new HashMap<String,String>()) ;
List<String> fsList = null;
try {
fsList = fs.listFiles(baseDir, fileNameToMatch,null);
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
----------------------------------------------------------------------
diff --git a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
index 69fa293..0fcf13f 100644
--- a/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
+++ b/hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
@@ -672,7 +672,10 @@ public class RangerHiveAuthorizer extends RangerHiveAuthorizerBase {
if(isDataMaskEnabled(result)) {
String maskType = result.getMaskType();
RangerDataMaskTypeDef maskTypeDef = result.getMaskTypeDef();
- String transformer = maskTypeDef.getTransformer();
+ String transformer = null;
+ if (maskTypeDef != null) {
+ transformer = maskTypeDef.getTransformer();
+ }
if(StringUtils.equalsIgnoreCase(maskType, MASK_TYPE_NULL)) {
ret = "NULL";
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
index 1afedd5..452698b 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
@@ -75,27 +75,31 @@ public class RangerKafkaAuthorizer implements Authorizer {
*/
@Override
public void configure(Map<String, ?> configs) {
- if (rangerPlugin == null) {
- try {
- LoginManager loginManager = LoginManager.acquireLoginManager(LoginType.SERVER, true, configs);
- Subject subject = loginManager.subject();
- UserGroupInformation ugi = MiscUtil
- .createUGIFromSubject(subject);
- if (ugi != null) {
- MiscUtil.setUGILoginUser(ugi, subject);
+ RangerBasePlugin me = rangerPlugin;
+ if (me == null) {
+ synchronized(RangerKafkaAuthorizer.class) {
+ me = rangerPlugin;
+ if (me == null) {
+ try {
+ LoginManager loginManager = LoginManager.acquireLoginManager(LoginType.SERVER, true, configs);
+ Subject subject = loginManager.subject();
+ UserGroupInformation ugi = MiscUtil
+ .createUGIFromSubject(subject);
+ if (ugi != null) {
+ MiscUtil.setUGILoginUser(ugi, subject);
+ }
+ logger.info("LoginUser=" + MiscUtil.getUGILoginUser());
+ } catch (Throwable t) {
+ logger.error("Error getting principal.", t);
+ }
+ me = rangerPlugin = new RangerBasePlugin("kafka", "kafka");
}
- logger.info("LoginUser=" + MiscUtil.getUGILoginUser());
- } catch (Throwable t) {
- logger.error("Error getting principal.", t);
}
-
- rangerPlugin = new RangerBasePlugin("kafka", "kafka");
- logger.info("Calling plugin.init()");
- rangerPlugin.init();
-
- RangerDefaultAuditHandler auditHandler = new RangerDefaultAuditHandler();
- rangerPlugin.setResultProcessor(auditHandler);
}
+ logger.info("Calling plugin.init()");
+ rangerPlugin.init();
+ RangerDefaultAuditHandler auditHandler = new RangerDefaultAuditHandler();
+ rangerPlugin.setResultProcessor(auditHandler);
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
----------------------------------------------------------------------
diff --git a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
index d8e24ba..c994b02 100644
--- a/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
+++ b/plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
@@ -105,11 +105,17 @@ public class RangerSolrAuthorizer implements AuthorizationPlugin {
}
try {
- if (solrPlugin == null) {
- logger.info("RangerSolrAuthorizer(): init called");
- solrPlugin = new RangerBasePlugin("solr", "solr");
- solrPlugin.init();
+ RangerBasePlugin me = solrPlugin;
+ if (me == null) {
+ synchronized(RangerSolrAuthorizer.class) {
+ me = solrPlugin;
+ logger.info("RangerSolrAuthorizer(): init called");
+ if (me == null) {
+ me = solrPlugin = new RangerBasePlugin("solr", "solr");
+ }
+ }
}
+ solrPlugin.init();
} catch (Throwable t) {
logger.fatal("Error creating and initializing RangerBasePlugin()");
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/ee47136a/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java
----------------------------------------------------------------------
diff --git a/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java b/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java
index ea18883..fb33dcb 100644
--- a/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java
+++ b/ranger-plugin-classloader/src/main/java/org/apache/ranger/plugin/classloader/RangerPluginClassLoaderUtil.java
@@ -38,7 +38,7 @@ public class RangerPluginClassLoaderUtil {
private static final Logger LOG = LoggerFactory.getLogger(RangerPluginClassLoaderUtil.class) ;
- private static RangerPluginClassLoaderUtil config = null;
+ private static volatile RangerPluginClassLoaderUtil config = null;
private static String rangerPluginLibDir = "ranger-%-plugin-impl";
public static RangerPluginClassLoaderUtil getInstance() {