You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by zh...@apache.org on 2017/07/27 01:02:33 UTC
ranger git commit: RANGER-1709:kms test case write logs to log file.
Repository: ranger
Updated Branches:
refs/heads/master 96b0c4860 -> 1685bacf0
RANGER-1709:kms test case write logs to log file.
Signed-off-by: peng.jianhua <pe...@zte.com.cn>
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/1685bacf
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/1685bacf
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/1685bacf
Branch: refs/heads/master
Commit: 1685bacf057b773210ae8ca055a6668ea2fa7dd5
Parents: 96b0c48
Author: peng.jianhua <pe...@zte.com.cn>
Authored: Tue Jul 25 23:29:00 2017 -0400
Committer: peng.jianhua <pe...@zte.com.cn>
Committed: Wed Jul 26 21:01:54 2017 -0400
----------------------------------------------------------------------
.../kms/authorizer/RangerKmsAuthorizerTest.java | 32 ++++++++++------
.../src/test/resources/kms/kms-log4j.properties | 40 ++++++++++++++++++++
plugin-kms/src/test/resources/kms/kms-site.xml | 5 +++
3 files changed, 65 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/1685bacf/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
----------------------------------------------------------------------
diff --git a/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java b/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
index 4c2d242..647f431 100644
--- a/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
+++ b/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
@@ -33,6 +33,7 @@ import org.apache.hadoop.crypto.key.kms.server.KMSConfiguration;
import org.apache.hadoop.crypto.key.kms.server.KMSWebApp;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AuthorizationException;
+import org.apache.log4j.Logger;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
@@ -51,6 +52,8 @@ import org.mockito.runners.MockitoJUnitRunner;
@RunWith(MockitoJUnitRunner.class)
public class RangerKmsAuthorizerTest {
+ private static final Logger LOG = Logger.getLogger(RangerKmsAuthorizerTest.class);
+
private static KMSWebApp kmsWebapp;
private static final boolean UNRESTRICTED_POLICIES_INSTALLED;
static {
@@ -81,7 +84,12 @@ public class RangerKmsAuthorizerTest {
DerbyTestUtils.startDerby();
Path configDir = Paths.get("src/test/resources/kms");
+ Path logDir = Paths.get("target");
+
System.setProperty(KMSConfiguration.KMS_CONFIG_DIR, configDir.toFile().getAbsolutePath());
+ System.setProperty("kms.log.dir", logDir.toFile().getAbsolutePath());
+ System.setProperty("hostname", "localhost");
+ System.setProperty("user", "autotest");
// Start KMSWebApp
ServletContextEvent servletContextEvent = Mockito.mock(ServletContextEvent.class);
@@ -122,7 +130,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.CREATE, ugi2, KMSOp.CREATE_KEY, "newkey2", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -137,7 +145,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.CREATE, ugi3, KMSOp.CREATE_KEY, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -169,7 +177,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.DELETE, ugi2, KMSOp.DELETE_KEY, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -184,7 +192,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.DELETE, ugi3, KMSOp.DELETE_KEY, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -217,7 +225,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.ROLLOVER, ugi2, KMSOp.ROLL_NEW_VERSION, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -232,7 +240,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.ROLLOVER, ugi3, KMSOp.ROLL_NEW_VERSION, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -265,7 +273,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.GET_KEYS, ugi2, KMSOp.GET_KEYS, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -307,7 +315,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.GET_METADATA, ugi2, KMSOp.GET_METADATA, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -350,7 +358,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.GENERATE_EEK, ugi2, KMSOp.GENERATE_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -365,7 +373,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.GENERATE_EEK, ugi3, KMSOp.GENERATE_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -398,7 +406,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.DECRYPT_EEK, ugi2, KMSOp.DECRYPT_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
@@ -413,7 +421,7 @@ public class RangerKmsAuthorizerTest {
KMSWebApp.getACLs().assertAccess(Type.DECRYPT_EEK, ugi3, KMSOp.DECRYPT_EEK, "newkey1", "127.0.0.1");
Assert.fail("Failure expected");
} catch (AuthorizationException ex) {
- // expected
+ LOG.error(ex);
}
return null;
}
http://git-wip-us.apache.org/repos/asf/ranger/blob/1685bacf/plugin-kms/src/test/resources/kms/kms-log4j.properties
----------------------------------------------------------------------
diff --git a/plugin-kms/src/test/resources/kms/kms-log4j.properties b/plugin-kms/src/test/resources/kms/kms-log4j.properties
new file mode 100755
index 0000000..2ebfe2e
--- /dev/null
+++ b/plugin-kms/src/test/resources/kms/kms-log4j.properties
@@ -0,0 +1,40 @@
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License. See accompanying LICENSE file.
+#
+
+# If the Java System property 'kms.log.dir' is not defined at KMS start up time
+# Setup sets its value to '${kms.home}/logs'
+
+log4j.appender.kms=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.kms.DatePattern='.'yyyy-MM-dd
+log4j.appender.kms.File=${kms.log.dir}/ranger-kms-${hostname}-${user}.log
+log4j.appender.kms.Append=true
+log4j.appender.kms.layout=org.apache.log4j.PatternLayout
+log4j.appender.kms.layout.ConversionPattern=%d{ISO8601} %-5p %c{1} - %m%n
+
+log4j.appender.kms-audit=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.kms-audit.DatePattern='.'yyyy-MM-dd
+log4j.appender.kms-audit.File=${kms.log.dir}/kms-audit-${hostname}-${user}.log
+log4j.appender.kms-audit.Append=true
+log4j.appender.kms-audit.layout=org.apache.log4j.PatternLayout
+log4j.appender.kms-audit.layout.ConversionPattern=%d{ISO8601} %m%n
+
+log4j.logger.kms-audit=INFO, kms-audit
+log4j.additivity.kms-audit=false
+
+log4j.logger=INFO, kms
+log4j.rootLogger=WARN, kms
+log4j.logger.org.apache.hadoop.conf=INFO
+log4j.logger.org.apache.hadoop=INFO
+log4j.logger.org.apache.ranger=INFO
+log4j.logger.com.sun.jersey.server.wadl.generators.WadlGeneratorJAXBGrammarGenerator=OFF
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ranger/blob/1685bacf/plugin-kms/src/test/resources/kms/kms-site.xml
----------------------------------------------------------------------
diff --git a/plugin-kms/src/test/resources/kms/kms-site.xml b/plugin-kms/src/test/resources/kms/kms-site.xml
index 5f2575a..4342518 100644
--- a/plugin-kms/src/test/resources/kms/kms-site.xml
+++ b/plugin-kms/src/test/resources/kms/kms-site.xml
@@ -189,4 +189,9 @@
<name>hadoop.kms.proxyuser.ranger.users</name>
<value>*</value>
</property>
+
+ <property>
+ <name>hadoop.kms.key.authorization.enable</name>
+ <value>true</value>
+ </property>
</configuration>