You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Ankita Sinha <an...@freestoneinfotech.com> on 2016/04/28 09:33:44 UTC
Review Request 46764: Modify ranger kms to use service identity to
download policies from ranger admin in kerberos environment
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46764/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-957
https://issues.apache.org/jira/browse/RANGER-957
Repository: ranger
Description
-------
As Ranger now supports Kerberos authentication, Make changes in download policies section for Ranger KMS to use Ranger KMS Kerberos credential.
Also handle lookup and Test connection for Ranger KMS in kerberized environment.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java afa347e
agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java 1f3987f
agents-common/src/main/resources/resourcenamemap.properties 9bfaf61
kms/config/kms-webapp/dbks-site.xml f649264
kms/pom.xml af2138a
kms/scripts/install.properties fceae8f
kms/scripts/ranger-kms 74ecd05
kms/scripts/setup.sh 6019526
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java 79652f3
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java f4f9d3e
kms/src/main/webapp/WEB-INF/web.xml 6aef672
plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java 34ac4b9
plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java 6a79433
plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSConnectionMgr.java 5e96a1c
plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java 6b96515
security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java 82dc190
security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java e0f22d2
security-admin/src/main/resources/resourcenamemap.properties 16bf704
src/main/assembly/kms.xml 44276cc
Diff: https://reviews.apache.org/r/46764/diff/
Testing
-------
1. Tested Ranger KMS on simple environment with installation.
2. Tested Key operation on simple environment.
3. Tested Ranger KMS on kerberos environment with installation.
4. Tested Key operation on kerberos environment.
5. Tested download policy, test connection and resource lookup in kerberos environment.
Thanks,
Ankita Sinha
Re: Review Request 46764: Modify ranger kms to use service identity to
download policies from ranger admin in kerberos environment
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/46764/#review130913
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On April 28, 2016, 7:33 a.m., Ankita Sinha wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/46764/
> -----------------------------------------------------------
>
> (Updated April 28, 2016, 7:33 a.m.)
>
>
> Review request for ranger, Alok Lal, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-957
> https://issues.apache.org/jira/browse/RANGER-957
>
>
> Repository: ranger
>
>
> Description
> -------
>
> As Ranger now supports Kerberos authentication, Make changes in download policies section for Ranger KMS to use Ranger KMS Kerberos credential.
>
> Also handle lookup and Test connection for Ranger KMS in kerberized environment.
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/admin/client/RangerAdminRESTClient.java afa347e
> agents-common/src/main/java/org/apache/ranger/plugin/client/HadoopConfigHolder.java 1f3987f
> agents-common/src/main/resources/resourcenamemap.properties 9bfaf61
> kms/config/kms-webapp/dbks-site.xml f649264
> kms/pom.xml af2138a
> kms/scripts/install.properties fceae8f
> kms/scripts/ranger-kms 74ecd05
> kms/scripts/setup.sh 6019526
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java 79652f3
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSConfiguration.java f4f9d3e
> kms/src/main/webapp/WEB-INF/web.xml 6aef672
> plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java 34ac4b9
> plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSClient.java 6a79433
> plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSConnectionMgr.java 5e96a1c
> plugin-kms/src/main/java/org/apache/ranger/services/kms/client/KMSResourceMgr.java 6b96515
> security-admin/src/main/java/org/apache/ranger/biz/KmsKeyMgr.java 82dc190
> security-admin/src/main/java/org/apache/ranger/biz/ServiceMgr.java e0f22d2
> security-admin/src/main/resources/resourcenamemap.properties 16bf704
> src/main/assembly/kms.xml 44276cc
>
> Diff: https://reviews.apache.org/r/46764/diff/
>
>
> Testing
> -------
>
> 1. Tested Ranger KMS on simple environment with installation.
> 2. Tested Key operation on simple environment.
> 3. Tested Ranger KMS on kerberos environment with installation.
> 4. Tested Key operation on kerberos environment.
> 5. Tested download policy, test connection and resource lookup in kerberos environment.
>
>
> Thanks,
>
> Ankita Sinha
>
>