You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/12/12 02:30:19 UTC
[36/51] [partial] incubator-ranger git commit: RANGER-194: Rename
packages from xasecure to apache ranger
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java
----------------------------------------------------------------------
diff --git a/credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java b/credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java
new file mode 100644
index 0000000..fe94745
--- /dev/null
+++ b/credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java
@@ -0,0 +1,79 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ranger.credentialapi;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.ranger.credentialapi.buildks;
+import org.junit.Test;
+
+public class Testbuildks {
+ private final String keystoreFile =System.getProperty("user.home")+"/testkeystore.jceks";
+ @Test
+ public void testBuildKSsuccess() throws Exception {
+ buildks buildksOBJ=new buildks();
+ String[] argsCreateCommand = {"create", "TestCredential1", "-value", "PassworD123", "-provider", "jceks://file" + keystoreFile};
+ int rc1=buildksOBJ.createCredential(argsCreateCommand);
+ assertEquals( 0, rc1);
+ assertTrue(rc1==0);
+
+ String[] argsListCommand = {"list", "-provider","jceks://file" + keystoreFile};
+ int rc2=buildksOBJ.listCredential(argsListCommand);
+ assertEquals(0, rc2);
+ assertTrue(rc2==0);
+
+ String[] argsGetCommand = {"get", "TestCredential1", "-provider", "jceks://file" +keystoreFile };
+ String pw=buildksOBJ.getCredential(argsGetCommand);
+ assertEquals("PassworD123", pw);
+ assertTrue(pw.equals("PassworD123"));
+ boolean getCredentialPassed = pw.equals("PassworD123");
+
+ String[] argsDeleteCommand = {"delete", "TestCredential1", "-provider", "jceks://file" +keystoreFile };
+ int rc3=buildksOBJ.deleteCredential(argsDeleteCommand);
+ assertEquals(0, rc3);
+ assertTrue(rc3==0);
+
+ if(rc1==rc2 && rc2==rc3 && rc3==0 && getCredentialPassed){
+ System.out.println("Test Case has been completed successfully..");
+ }
+ }
+
+ @Test
+ public void testInvalidProvider() throws Exception {
+ buildks buildksOBJ=new buildks();
+ String[] argsCreateCommand = {"create", "TestCredential1", "-value", "PassworD123", "-provider", "jksp://file"+keystoreFile};
+ int rc1=buildksOBJ.createCredential(argsCreateCommand);
+ assertEquals(-1, rc1);
+ assertTrue(rc1==-1);
+ }
+
+ @Test
+ public void testInvalidCommand() throws Exception {
+ buildks buildksOBJ=new buildks();
+ String[] argsCreateCommand = {"creat", "TestCredential1", "-value", "PassworD123", "-provider", "jksp://file"+keystoreFile};
+ int rc1=buildksOBJ.createCredential(argsCreateCommand);
+ assertEquals(-1, rc1);
+ assertTrue(rc1==-1);
+ }
+ /*public static void main(String args[]) throws Exception{
+ Testbuildks tTestbuildks=new Testbuildks();
+ tTestbuildks.testBuildKSsuccess();
+ }*/
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/embededwebserver/scripts/start-ranger-admin.sh
----------------------------------------------------------------------
diff --git a/embededwebserver/scripts/start-ranger-admin.sh b/embededwebserver/scripts/start-ranger-admin.sh
index b560794..756bba7 100755
--- a/embededwebserver/scripts/start-ranger-admin.sh
+++ b/embededwebserver/scripts/start-ranger-admin.sh
@@ -45,5 +45,5 @@ if [ ! -d logs ]
then
mkdir logs
fi
-java -Dproc_rangeradmin ${JAVA_OPTS} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*" com.xasecure.server.tomcat.EmbededServer > logs/catalina.out 2>&1 &
+java -Dproc_rangeradmin ${JAVA_OPTS} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}:${JAVA_HOME}/lib/*" org.apache.ranger.server.tomcat.EmbededServer > logs/catalina.out 2>&1 &
echo "Apache Ranger Admin has started"
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/embededwebserver/scripts/stop-ranger-admin.sh
----------------------------------------------------------------------
diff --git a/embededwebserver/scripts/stop-ranger-admin.sh b/embededwebserver/scripts/stop-ranger-admin.sh
index 9fb9f04..57363a9 100755
--- a/embededwebserver/scripts/stop-ranger-admin.sh
+++ b/embededwebserver/scripts/stop-ranger-admin.sh
@@ -44,5 +44,5 @@ if [ ! -d logs ]
then
mkdir logs
fi
-java ${JAVA_OPTS} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}" com.xasecure.server.tomcat.StopEmbededServer > logs/catalina.out 2>&1
+java ${JAVA_OPTS} -Dcatalina.base=${XAPOLICYMGR_EWS_DIR} -cp "${XAPOLICYMGR_EWS_DIR}/webapp/WEB-INF/classes/conf:${XAPOLICYMGR_EWS_DIR}/lib/*:${RANGER_JAAS_LIB_DIR}/*:${RANGER_JAAS_CONF_DIR}" org.apache.ranger.server.tomcat.StopEmbededServer > logs/catalina.out 2>&1
echo "Apache Ranger Admin has been stopped."
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/embededwebserver/src/main/java/com/xasecure/server/tomcat/EmbededServer.java
----------------------------------------------------------------------
diff --git a/embededwebserver/src/main/java/com/xasecure/server/tomcat/EmbededServer.java b/embededwebserver/src/main/java/com/xasecure/server/tomcat/EmbededServer.java
deleted file mode 100644
index 9298a45..0000000
--- a/embededwebserver/src/main/java/com/xasecure/server/tomcat/EmbededServer.java
+++ /dev/null
@@ -1,240 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.server.tomcat;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.util.Properties;
-import java.util.logging.Logger;
-
-import javax.servlet.ServletException;
-
-import org.apache.catalina.Context;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.connector.Connector;
-import org.apache.catalina.startup.Tomcat;
-import org.apache.catalina.valves.AccessLogValve;
-
-public class EmbededServer {
-
- private static final Logger LOG = Logger.getLogger(EmbededServer.class.getName()) ;
-
- private static final String DEFAULT_CONFIG_FILENAME = "ranger_webserver.properties" ;
-
- private static String configFile = DEFAULT_CONFIG_FILENAME ;
-
- private Properties serverConfigProperties = new Properties() ;
-
- public static void main(String[] args) {
- new EmbededServer(args).start() ;
- }
-
-
- public EmbededServer(String[] args) {
- if (args.length > 0) {
- configFile = args[0] ;
- }
- initConfig() ;
- }
-
-
- private void initConfig() {
-
- String cfgFile = getResourceFileName(configFile) ;
-
- serverConfigProperties.clear() ;
-
- InputStream in = null ;
- try {
-
- in = new FileInputStream(cfgFile) ;
- serverConfigProperties.load(in);
- }
- catch(FileNotFoundException fnf) {
- LOG.severe("Unable to find config file [" + cfgFile + "]");
- fnf.printStackTrace();
- }
- catch(IOException ioe) {
- LOG.severe("Unable to load config file [" + cfgFile + "]");
- ioe.printStackTrace();
- }
- serverConfigProperties.list(System.out);
- }
-
- public static int DEFAULT_SHUTDOWN_PORT = 6185 ;
- public static String DEFAULT_SHUTDOWN_COMMAND = "SHUTDOWN" ;
-
-
- public void start() {
- Tomcat server = new Tomcat();
-
- String hostName = getConfig("service.host") ;
- int serverPort = getIntConfig("http.service.port", 6181) ;
- int sslPort = getIntConfig("https.service.port",-1) ;
- int shutdownPort = getIntConfig("service.shutdownPort", DEFAULT_SHUTDOWN_PORT ) ;
- String shutdownCommand = getConfig("service.shutdownCommand", DEFAULT_SHUTDOWN_COMMAND ) ;
-
- server.setHostname(hostName);
- server.setPort(serverPort);
- server.getServer().setPort(shutdownPort);
- server.getServer().setShutdown(shutdownCommand);
-
- if (sslPort > 0) {
- Connector ssl = new Connector() ;
- ssl.setPort(sslPort) ;
- ssl.setSecure(true);
- ssl.setScheme("https") ;
- ssl.setAttribute("SSLEnabled", getConfig("https.attrib.SSLEnabled", "true"));
- ssl.setAttribute("sslProtocol", getConfig("https.attrib.sslProtocol", "TLS")) ;
- ssl.setAttribute("clientAuth", getConfig("https.attrib.clientAuth", "false"));
- ssl.setAttribute("keyAlias", getConfig("https.attrib.keyAlias") ) ;
- ssl.setAttribute("keystorePass", getConfig("https.attrib.keystorePass"));
- ssl.setAttribute("keystoreFile", getConfig("https.attrib.keystoreFile")) ;
-
- String enabledProtocols = "SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2" ;
- ssl.setAttribute("sslEnabledProtocols", enabledProtocols ) ;
-
- server.getService().addConnector(ssl);
- }
-
-
- File baseDir = new File(".") ;
-
- File logDirectory = new File(baseDir, "logs") ;
- if (! logDirectory.exists()) {
- logDirectory.mkdirs() ;
- }
-
- AccessLogValve valve = new AccessLogValve() ;
- valve.setRotatable(true) ;
- valve.setAsyncSupported(true);
- valve.setBuffered(false);
- valve.setEnabled(true);
- valve.setFileDateFormat(getConfig("accesslog.dateformat","yyyy-MM-dd.HH")) ;
- valve.setDirectory(logDirectory.getAbsolutePath());
- valve.setRotatable(true);
- valve.setSuffix(".log");
-
- String logPattern = getConfig("accesslog.pattern", "%h %l %u %t \"%r\" %s %b") ;
- valve.setPattern(logPattern);
-
- server.getHost().getPipeline().addValve(valve);
-
- try {
- String webapp_dir= getConfig("xa.webapp.dir");
- if( webapp_dir == null || webapp_dir.trim().isEmpty()) {
- //If webapp location property is not set, then let's dervice from catalina_base
- String catalina_base = getConfig("catalina.base");
- if( catalina_base == null || catalina_base.trim().isEmpty()) {
- LOG.severe("Tomcat Server failed to start: catalina.base and/or xa.webapp.dir is not set") ;
- System.exit(1);
- }
- webapp_dir = catalina_base + File.separator + "webapp";
- LOG.info("Deriving webapp folder from catalina.base property. folder=" + webapp_dir);
- }
- LOG.info("Webapp folder=" + webapp_dir);
- Context webappCtx = server.addWebapp("/", new File(webapp_dir).getAbsolutePath()) ;
- webappCtx.init() ;
- } catch (ServletException e1) {
- LOG.severe("Tomcat Server failed to add webapp:" + e1.toString()) ;
- e1.printStackTrace();
- } catch(LifecycleException lce) {
- LOG.severe("Tomcat Server failed to start webapp:" + lce.toString()) ;
- lce.printStackTrace();
- }
-
- try {
- server.start();
- server.getServer().await();
- } catch (LifecycleException e) {
- LOG.severe("Tomcat Server failed to start:" + e.toString()) ;
- e.printStackTrace();
- }
- }
-
-
- protected String getConfig(String key) {
- String value = serverConfigProperties.getProperty(key) ;
- if ( value == null || value.trim().isEmpty()) {
- //Value not found in properties file, let's try to get from System's property
- value = System.getProperty(key);
- }
- return value;
- }
-
- protected String getConfig(String key, String defaultValue) {
- String ret = getConfig(key) ;
- if (key == null) {
- ret = defaultValue ;
- }
- return ret;
- }
-
- protected int getIntConfig(String key, int defaultValue) {
- int ret = 0 ;
- String retStr = getConfig(key) ;
- if (retStr == null) {
- ret = defaultValue ;
- }
- else {
- ret = Integer.parseInt(retStr) ;
- }
- return ret;
- }
-
- private String getResourceFileName(String aResourceName) {
-
- String ret = aResourceName ;
-
- ClassLoader cl = getClass().getClassLoader() ;
-
- for (String path : new String[] { aResourceName, "/" + aResourceName }) {
-
- try {
- URL lurl = cl.getResource(path) ;
-
- if (lurl != null) {
- ret = lurl.getFile() ;
- }
- }
- catch(Throwable t) {
- ret = null;
- }
- if (ret != null) {
- break ;
- }
-
- }
-
- if (ret == null) {
- ret = aResourceName ;
- }
-
- return ret ;
-
-
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/embededwebserver/src/main/java/com/xasecure/server/tomcat/StopEmbededServer.java
----------------------------------------------------------------------
diff --git a/embededwebserver/src/main/java/com/xasecure/server/tomcat/StopEmbededServer.java b/embededwebserver/src/main/java/com/xasecure/server/tomcat/StopEmbededServer.java
deleted file mode 100644
index 0ec2541..0000000
--- a/embededwebserver/src/main/java/com/xasecure/server/tomcat/StopEmbededServer.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.server.tomcat;
-
-import java.io.PrintWriter;
-import java.net.Socket;
-
-public class StopEmbededServer extends EmbededServer {
-
- private static final String SHUTDOWN_HOSTNAME = "localhost" ;
-
- public static void main(String[] args) {
- new StopEmbededServer(args).stop();
- }
-
- public StopEmbededServer(String[] args) {
- super(args);
- }
-
- public void stop() {
-
- try {
-
- int shutdownPort = getIntConfig("service.shutdownPort", DEFAULT_SHUTDOWN_PORT ) ;
-
- String shutdownCommand = getConfig("service.shutdownCommand", DEFAULT_SHUTDOWN_COMMAND ) ;
-
- Socket sock = new Socket(SHUTDOWN_HOSTNAME,shutdownPort) ;
-
- PrintWriter out = new PrintWriter(sock.getOutputStream(), true) ;
-
- out.println(shutdownCommand) ;
-
- out.flush();
-
- out.close();
- }
- catch(Throwable t) {
- System.err.println("Server could not be shutdown due to exception:" + t) ;
- System.exit(1);
- }
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbededServer.java
----------------------------------------------------------------------
diff --git a/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbededServer.java b/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbededServer.java
new file mode 100644
index 0000000..6025235
--- /dev/null
+++ b/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbededServer.java
@@ -0,0 +1,240 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+ package org.apache.ranger.server.tomcat;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.Properties;
+import java.util.logging.Logger;
+
+import javax.servlet.ServletException;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.LifecycleException;
+import org.apache.catalina.connector.Connector;
+import org.apache.catalina.startup.Tomcat;
+import org.apache.catalina.valves.AccessLogValve;
+
+public class EmbededServer {
+
+ private static final Logger LOG = Logger.getLogger(EmbededServer.class.getName()) ;
+
+ private static final String DEFAULT_CONFIG_FILENAME = "ranger_webserver.properties" ;
+
+ private static String configFile = DEFAULT_CONFIG_FILENAME ;
+
+ private Properties serverConfigProperties = new Properties() ;
+
+ public static void main(String[] args) {
+ new EmbededServer(args).start() ;
+ }
+
+
+ public EmbededServer(String[] args) {
+ if (args.length > 0) {
+ configFile = args[0] ;
+ }
+ initConfig() ;
+ }
+
+
+ private void initConfig() {
+
+ String cfgFile = getResourceFileName(configFile) ;
+
+ serverConfigProperties.clear() ;
+
+ InputStream in = null ;
+ try {
+
+ in = new FileInputStream(cfgFile) ;
+ serverConfigProperties.load(in);
+ }
+ catch(FileNotFoundException fnf) {
+ LOG.severe("Unable to find config file [" + cfgFile + "]");
+ fnf.printStackTrace();
+ }
+ catch(IOException ioe) {
+ LOG.severe("Unable to load config file [" + cfgFile + "]");
+ ioe.printStackTrace();
+ }
+ serverConfigProperties.list(System.out);
+ }
+
+ public static int DEFAULT_SHUTDOWN_PORT = 6185 ;
+ public static String DEFAULT_SHUTDOWN_COMMAND = "SHUTDOWN" ;
+
+
+ public void start() {
+ Tomcat server = new Tomcat();
+
+ String hostName = getConfig("service.host") ;
+ int serverPort = getIntConfig("http.service.port", 6181) ;
+ int sslPort = getIntConfig("https.service.port",-1) ;
+ int shutdownPort = getIntConfig("service.shutdownPort", DEFAULT_SHUTDOWN_PORT ) ;
+ String shutdownCommand = getConfig("service.shutdownCommand", DEFAULT_SHUTDOWN_COMMAND ) ;
+
+ server.setHostname(hostName);
+ server.setPort(serverPort);
+ server.getServer().setPort(shutdownPort);
+ server.getServer().setShutdown(shutdownCommand);
+
+ if (sslPort > 0) {
+ Connector ssl = new Connector() ;
+ ssl.setPort(sslPort) ;
+ ssl.setSecure(true);
+ ssl.setScheme("https") ;
+ ssl.setAttribute("SSLEnabled", getConfig("https.attrib.SSLEnabled", "true"));
+ ssl.setAttribute("sslProtocol", getConfig("https.attrib.sslProtocol", "TLS")) ;
+ ssl.setAttribute("clientAuth", getConfig("https.attrib.clientAuth", "false"));
+ ssl.setAttribute("keyAlias", getConfig("https.attrib.keyAlias") ) ;
+ ssl.setAttribute("keystorePass", getConfig("https.attrib.keystorePass"));
+ ssl.setAttribute("keystoreFile", getConfig("https.attrib.keystoreFile")) ;
+
+ String enabledProtocols = "SSLv2Hello, TLSv1, TLSv1.1, TLSv1.2" ;
+ ssl.setAttribute("sslEnabledProtocols", enabledProtocols ) ;
+
+ server.getService().addConnector(ssl);
+ }
+
+
+ File baseDir = new File(".") ;
+
+ File logDirectory = new File(baseDir, "logs") ;
+ if (! logDirectory.exists()) {
+ logDirectory.mkdirs() ;
+ }
+
+ AccessLogValve valve = new AccessLogValve() ;
+ valve.setRotatable(true) ;
+ valve.setAsyncSupported(true);
+ valve.setBuffered(false);
+ valve.setEnabled(true);
+ valve.setFileDateFormat(getConfig("accesslog.dateformat","yyyy-MM-dd.HH")) ;
+ valve.setDirectory(logDirectory.getAbsolutePath());
+ valve.setRotatable(true);
+ valve.setSuffix(".log");
+
+ String logPattern = getConfig("accesslog.pattern", "%h %l %u %t \"%r\" %s %b") ;
+ valve.setPattern(logPattern);
+
+ server.getHost().getPipeline().addValve(valve);
+
+ try {
+ String webapp_dir= getConfig("xa.webapp.dir");
+ if( webapp_dir == null || webapp_dir.trim().isEmpty()) {
+ //If webapp location property is not set, then let's dervice from catalina_base
+ String catalina_base = getConfig("catalina.base");
+ if( catalina_base == null || catalina_base.trim().isEmpty()) {
+ LOG.severe("Tomcat Server failed to start: catalina.base and/or xa.webapp.dir is not set") ;
+ System.exit(1);
+ }
+ webapp_dir = catalina_base + File.separator + "webapp";
+ LOG.info("Deriving webapp folder from catalina.base property. folder=" + webapp_dir);
+ }
+ LOG.info("Webapp folder=" + webapp_dir);
+ Context webappCtx = server.addWebapp("/", new File(webapp_dir).getAbsolutePath()) ;
+ webappCtx.init() ;
+ } catch (ServletException e1) {
+ LOG.severe("Tomcat Server failed to add webapp:" + e1.toString()) ;
+ e1.printStackTrace();
+ } catch(LifecycleException lce) {
+ LOG.severe("Tomcat Server failed to start webapp:" + lce.toString()) ;
+ lce.printStackTrace();
+ }
+
+ try {
+ server.start();
+ server.getServer().await();
+ } catch (LifecycleException e) {
+ LOG.severe("Tomcat Server failed to start:" + e.toString()) ;
+ e.printStackTrace();
+ }
+ }
+
+
+ protected String getConfig(String key) {
+ String value = serverConfigProperties.getProperty(key) ;
+ if ( value == null || value.trim().isEmpty()) {
+ //Value not found in properties file, let's try to get from System's property
+ value = System.getProperty(key);
+ }
+ return value;
+ }
+
+ protected String getConfig(String key, String defaultValue) {
+ String ret = getConfig(key) ;
+ if (key == null) {
+ ret = defaultValue ;
+ }
+ return ret;
+ }
+
+ protected int getIntConfig(String key, int defaultValue) {
+ int ret = 0 ;
+ String retStr = getConfig(key) ;
+ if (retStr == null) {
+ ret = defaultValue ;
+ }
+ else {
+ ret = Integer.parseInt(retStr) ;
+ }
+ return ret;
+ }
+
+ private String getResourceFileName(String aResourceName) {
+
+ String ret = aResourceName ;
+
+ ClassLoader cl = getClass().getClassLoader() ;
+
+ for (String path : new String[] { aResourceName, "/" + aResourceName }) {
+
+ try {
+ URL lurl = cl.getResource(path) ;
+
+ if (lurl != null) {
+ ret = lurl.getFile() ;
+ }
+ }
+ catch(Throwable t) {
+ ret = null;
+ }
+ if (ret != null) {
+ break ;
+ }
+
+ }
+
+ if (ret == null) {
+ ret = aResourceName ;
+ }
+
+ return ret ;
+
+
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/StopEmbededServer.java
----------------------------------------------------------------------
diff --git a/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/StopEmbededServer.java b/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/StopEmbededServer.java
new file mode 100644
index 0000000..d0c0b3b
--- /dev/null
+++ b/embededwebserver/src/main/java/org/apache/ranger/server/tomcat/StopEmbededServer.java
@@ -0,0 +1,62 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+ package org.apache.ranger.server.tomcat;
+
+import java.io.PrintWriter;
+import java.net.Socket;
+
+public class StopEmbededServer extends EmbededServer {
+
+ private static final String SHUTDOWN_HOSTNAME = "localhost" ;
+
+ public static void main(String[] args) {
+ new StopEmbededServer(args).stop();
+ }
+
+ public StopEmbededServer(String[] args) {
+ super(args);
+ }
+
+ public void stop() {
+
+ try {
+
+ int shutdownPort = getIntConfig("service.shutdownPort", DEFAULT_SHUTDOWN_PORT ) ;
+
+ String shutdownCommand = getConfig("service.shutdownCommand", DEFAULT_SHUTDOWN_COMMAND ) ;
+
+ Socket sock = new Socket(SHUTDOWN_HOSTNAME,shutdownPort) ;
+
+ PrintWriter out = new PrintWriter(sock.getOutputStream(), true) ;
+
+ out.println(shutdownCommand) ;
+
+ out.flush();
+
+ out.close();
+ }
+ catch(Throwable t) {
+ System.err.println("Server could not be shutdown due to exception:" + t) ;
+ System.exit(1);
+ }
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/.settings/org.eclipse.core.resources.prefs
----------------------------------------------------------------------
diff --git a/hbase-agent/.settings/org.eclipse.core.resources.prefs b/hbase-agent/.settings/org.eclipse.core.resources.prefs
index e9441bb..f9fe345 100644
--- a/hbase-agent/.settings/org.eclipse.core.resources.prefs
+++ b/hbase-agent/.settings/org.eclipse.core.resources.prefs
@@ -1,3 +1,4 @@
eclipse.preferences.version=1
encoding//src/main/java=UTF-8
+encoding//src/test/java=UTF-8
encoding/<project>=UTF-8
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/conf/hbase-site-changes.cfg
----------------------------------------------------------------------
diff --git a/hbase-agent/conf/hbase-site-changes.cfg b/hbase-agent/conf/hbase-site-changes.cfg
index ca1f68a..9b15375 100644
--- a/hbase-agent/conf/hbase-site-changes.cfg
+++ b/hbase-agent/conf/hbase-site-changes.cfg
@@ -16,7 +16,7 @@
hbase.security.authorization true mod create-if-not-exists
hbase.coprocessor.master.classes org.apache.hadoop.hbase.security.access.AccessController delval - ,
hbase.coprocessor.region.classes org.apache.hadoop.hbase.security.access.AccessController delval - ,
-hbase.coprocessor.master.classes com.xasecure.authorization.hbase.XaSecureAuthorizationCoprocessor append create-if-not-exists ,
-hbase.coprocessor.region.classes com.xasecure.authorization.hbase.XaSecureAuthorizationCoprocessor append create-if-not-exists ,
+hbase.coprocessor.master.classes org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor append create-if-not-exists ,
+hbase.coprocessor.region.classes org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor append create-if-not-exists ,
hbase.rpc.protection PRIVACY mod create-if-not-exists
hbase.rpc.engine org.apache.hadoop.hbase.ipc.SecureRpcEngine mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/conf/xasecure-hbase-security-changes.cfg
----------------------------------------------------------------------
diff --git a/hbase-agent/conf/xasecure-hbase-security-changes.cfg b/hbase-agent/conf/xasecure-hbase-security-changes.cfg
index 2400218..dc3ec1a 100644
--- a/hbase-agent/conf/xasecure-hbase-security-changes.cfg
+++ b/hbase-agent/conf/xasecure-hbase-security-changes.cfg
@@ -16,7 +16,7 @@
# Change the original policy parameter to work with policy manager based.
#
#
-hbase.authorization.verifier.classname com.xasecure.pdp.hbase.XASecureAuthorizer mod create-if-not-exists
+hbase.authorization.verifier.classname org.apache.ranger.pdp.hbase.RangerAuthorizer mod create-if-not-exists
xasecure.hbase.policymgr.url %POLICY_MGR_URL%/service/assets/policyList/%REPOSITORY_NAME% mod create-if-not-exists
xasecure.hbase.policymgr.url.saveAsFile /tmp/hbase_%REPOSITORY_NAME%_json mod create-if-not-exists
xasecure.hbase.policymgr.url.laststoredfile %POLICY_CACHE_FILE_PATH%/hbase_%REPOSITORY_NAME%_json mod create-if-not-exists
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/conf/xasecure-hbase-security.xml
----------------------------------------------------------------------
diff --git a/hbase-agent/conf/xasecure-hbase-security.xml b/hbase-agent/conf/xasecure-hbase-security.xml
index 486e06d..01e17a3 100644
--- a/hbase-agent/conf/xasecure-hbase-security.xml
+++ b/hbase-agent/conf/xasecure-hbase-security.xml
@@ -22,7 +22,7 @@
Authorizer Module (file-based, policy-manager based) -->
<property>
<name>hbase.authorization.verifier.classname</name>
- <value>com.xasecure.pdp.hbase.XASecureAuthorizer</value>
+ <value>org.apache.ranger.pdp.hbase.RangerAuthorizer</value>
<description>
Class Name of the authorization Module
</description>
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/disable-conf/hbase-site-changes.cfg
----------------------------------------------------------------------
diff --git a/hbase-agent/disable-conf/hbase-site-changes.cfg b/hbase-agent/disable-conf/hbase-site-changes.cfg
index a7804b0..300032e 100644
--- a/hbase-agent/disable-conf/hbase-site-changes.cfg
+++ b/hbase-agent/disable-conf/hbase-site-changes.cfg
@@ -12,5 +12,5 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-hbase.coprocessor.master.classes com.xasecure.authorization.hbase.XaSecureAuthorizationCoprocessor delval - ,
-hbase.coprocessor.region.classes com.xasecure.authorization.hbase.XaSecureAuthorizationCoprocessor delval - ,
+hbase.coprocessor.master.classes org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor delval - ,
+hbase.coprocessor.region.classes org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor delval - ,
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/scripts/install.sh
----------------------------------------------------------------------
diff --git a/hbase-agent/scripts/install.sh b/hbase-agent/scripts/install.sh
index 66c5d39..548314d 100644
--- a/hbase-agent/scripts/install.sh
+++ b/hbase-agent/scripts/install.sh
@@ -308,7 +308,7 @@ do
if [ $? -eq 0 ]
then
cp="${install_dir}/installer/lib/*:${hdp_dir}/*:${hdp_lib_dir}/*"
- java -cp "${cp}" com.xasecure.utils.install.XmlConfigChanger -i ${archivefn} -o ${newfn} -c ${f} ${PROP_ARGS}
+ java -cp "${cp}" org.apache.ranger.utils.install.XmlConfigChanger -i ${archivefn} -o ${newfn} -c ${f} ${PROP_ARGS}
if [ $? -eq 0 ]
then
diff -w ${newfn} ${fullpathorgfn} > /dev/null 2>&1
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/src/main/java/com/xasecure/authorization/hbase/Crypt.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/Crypt.java b/hbase-agent/src/main/java/com/xasecure/authorization/hbase/Crypt.java
deleted file mode 100644
index 415a33b..0000000
--- a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/Crypt.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.xasecure.authorization.hbase;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.apache.commons.codec.binary.Hex;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-public class Crypt {
-
- private static final Log LOG = LogFactory.getLog("SecurityLogger." + XaSecureAuthorizationCoprocessor.class.getName());
-
- private static byte[] IV = { 01, 21, 22, 86, 121, 45, 98, 28, 111, 72, 54, 39, 96, 47, 84, 13 };
- private static final byte[] encryptionKey = "324234sdff3a7d8e".getBytes();
- private static final String CIPHER_ALGO = "AES/CBC/PKCS5Padding";
- private static final String CIPHER_INIT_ALGO = "AES";
-
- private static Crypt me = null ;
-
- private Cipher encrypter = null;
- private Cipher descrypter = null;
-
-
- public static Crypt getInstance() {
- if (me == null) {
- synchronized (Crypt.class) {
- Crypt other = me ;
- if (other == null) {
- me = new Crypt() ;
- }
- }
- }
- return me ;
- }
-
- private Crypt() {
- try {
- encrypter = Cipher.getInstance(CIPHER_ALGO);
- SecretKeySpec enckey = new SecretKeySpec(encryptionKey, CIPHER_INIT_ALGO);
- encrypter.init(Cipher.ENCRYPT_MODE, enckey, new IvParameterSpec(IV));
-
- descrypter = Cipher.getInstance(CIPHER_ALGO);
- SecretKeySpec deckey = new SecretKeySpec(encryptionKey, CIPHER_INIT_ALGO);
- descrypter.init(Cipher.DECRYPT_MODE, deckey, new IvParameterSpec(IV));
- } catch (Throwable t) {
- LOG.error("Unable to initialzie Encrypt/Decrypt module - Exiting from HBase", t);
- System.exit(1);
- }
- }
-
- public synchronized byte[] encrypt(byte[] plainText) throws Exception {
- byte[] ret = encrypter.doFinal(plainText);
- LOG.debug("Encrypted plain text: [" + new String(plainText) + "] => {" + Hex.encodeHexString(ret) + "}") ;
- return ret ;
- }
-
- public synchronized byte[] decrypt(byte[] cipherText) throws Exception {
- byte[] ret = descrypter.doFinal(cipherText);
- LOG.debug("Decrypted From text: [" + Hex.encodeHexString(cipherText) + "] => {" + new String(ret) + "}") ;
- return ret ;
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessController.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessController.java b/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessController.java
deleted file mode 100644
index 6370668..0000000
--- a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessController.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.xasecure.authorization.hbase;
-
-import java.util.List;
-
-import org.apache.hadoop.hbase.security.User;
-import org.apache.hadoop.hbase.security.access.Permission.Action;
-import org.apache.hadoop.hbase.security.access.UserPermission;
-
-public interface HBaseAccessController {
- public boolean isAccessAllowed(User user, Action accessAction) ;
- public boolean isAccessAllowed(User user, byte[] tableName, Action accessAction) ;
- public boolean isAccessAllowed(User user, byte[] tableName, byte[] columnFamily, byte[] qualifier, Action accessAction) ;
- public boolean isEncrypted(byte[] tableName, byte[] columnFamily, byte[] qualifier) ;
- public boolean isAudited(byte[] tableName) ;
- public boolean isTableHasEncryptedColumn(byte[] tableName) ;
- public List<UserPermission> getUserPermissions(User user) ;
- public List<UserPermission> getUserPermissions(User user, byte[] tableName) ;
-
-
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessControllerFactory.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessControllerFactory.java b/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessControllerFactory.java
deleted file mode 100644
index a762bc8..0000000
--- a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/HBaseAccessControllerFactory.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.xasecure.authorization.hbase;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import com.xasecure.authorization.hadoop.config.XaSecureConfiguration;
-import com.xasecure.authorization.hadoop.constants.XaSecureHadoopConstants;
-
-public class HBaseAccessControllerFactory {
-
- private static final Log LOG = LogFactory.getLog(HBaseAccessControllerFactory.class) ;
-
- private static HBaseAccessController hBaseAccessController = null ;
-
- public static HBaseAccessController getInstance() {
- if (hBaseAccessController == null) {
- synchronized(HBaseAccessControllerFactory.class) {
- HBaseAccessController temp = hBaseAccessController ;
- if (temp == null) {
-
- String hBaseAccessControllerClassName = XaSecureConfiguration.getInstance().get(XaSecureHadoopConstants.HBASE_ACCESS_VERIFIER_CLASS_NAME_PROP, XaSecureHadoopConstants.HBASE_ACCESS_VERIFIER_CLASS_NAME_DEFAULT_VALUE) ;
- if (hBaseAccessControllerClassName != null) {
- try {
- hBaseAccessControllerClassName = hBaseAccessControllerClassName.trim();
- hBaseAccessController = (HBaseAccessController) (Class.forName(hBaseAccessControllerClassName).newInstance()) ;
- LOG.info("Created a new instance of class: [" + hBaseAccessControllerClassName + "] for HBase Access verification.");
- } catch (InstantiationException e) {
- LOG.error("Unable to create HBaseAccessController : [" + hBaseAccessControllerClassName + "]", e);
- } catch (IllegalAccessException e) {
- LOG.error("Unable to create HBaseAccessController : [" + hBaseAccessControllerClassName + "]", e);
- } catch (ClassNotFoundException e) {
- LOG.error("Unable to create HBaseAccessController : [" + hBaseAccessControllerClassName + "]", e);
- }
- }
- }
- }
- }
- return hBaseAccessController ;
-
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/hbase-agent/src/main/java/com/xasecure/authorization/hbase/XaSecureAccessControlFilter.java
----------------------------------------------------------------------
diff --git a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/XaSecureAccessControlFilter.java b/hbase-agent/src/main/java/com/xasecure/authorization/hbase/XaSecureAccessControlFilter.java
deleted file mode 100644
index 95e5827..0000000
--- a/hbase-agent/src/main/java/com/xasecure/authorization/hbase/XaSecureAccessControlFilter.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.xasecure.authorization.hbase;
-
-import java.io.IOException;
-
-import org.apache.hadoop.hbase.Cell;
-import org.apache.hadoop.hbase.filter.FilterBase;
-import org.apache.hadoop.hbase.security.User;
-import org.apache.hadoop.hbase.security.access.TablePermission;
-
-public class XaSecureAccessControlFilter extends FilterBase {
-
- private byte[] table = null;
- private User user = null;
-
- public XaSecureAccessControlFilter(User ugi, byte[] tableName) {
- table = tableName;
- user = ugi;
- }
-
-
- @SuppressWarnings("deprecation")
- @Override
- public ReturnCode filterKeyValue(Cell kv) throws IOException {
- HBaseAccessController accessController = HBaseAccessControllerFactory.getInstance();
- if (accessController.isAccessAllowed(user, table, kv.getFamily(), kv.getQualifier(), TablePermission.Action.READ)) {
- return ReturnCode.INCLUDE;
- } else {
- return ReturnCode.NEXT_COL;
- }
- }
-
-}