ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gau...@apache.org
Subject [1/2] ranger git commit: RANGER-1546 : Code Improvement To Follow Best Practices
Date Thu, 27 Apr 2017 20:03:50 GMT
Repository: ranger
Updated Branches:
  refs/heads/ranger-0.7 a7bb8e732 -> 0a5265a54


RANGER-1546 : Code Improvement To Follow Best Practices

Signed-off-by: Gautam Borad <gautam@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/5e858afc
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/5e858afc
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/5e858afc

Branch: refs/heads/ranger-0.7
Commit: 5e858afc6e3e140f9b07eca98787019672c6b137
Parents: a7bb8e7
Author: Bhavik Patel <bhavikpatel552@gmail.com>
Authored: Thu Apr 27 11:47:00 2017 +0530
Committer: Gautam Borad <gautam@apache.org>
Committed: Fri Apr 28 01:33:13 2017 +0530

----------------------------------------------------------------------
 .../apache/ranger/audit/provider/MiscUtil.java    | 18 +++++++++++++++---
 .../ranger/utils/install/PasswordGenerator.java   |  3 +--
 .../ranger/services/knox/client/KnoxClient.java   |  4 ++--
 .../java/org/apache/ranger/biz/RangerBizUtil.java |  6 +++---
 4 files changed, 21 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/5e858afc/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
----------------------------------------------------------------------
diff --git a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
index 1485c0f..7a1d458 100644
--- a/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
+++ b/agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java
@@ -44,6 +44,7 @@ import javax.security.auth.Subject;
 import javax.security.auth.login.AppConfigurationEntry;
 import javax.security.auth.login.Configuration;
 import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
 
 import org.apache.commons.lang.ArrayUtils;
 import org.apache.commons.lang.StringUtils;
@@ -677,7 +678,8 @@ public class MiscUtil {
 			logger.debug("<=== MiscUtil.setUGIFromJAASConfig() jaasConfigAppName: " + jaasConfigAppName
+ " UGI: " + ugi + " principal: " + principal + " keytab: " + keytabFile);
 		}
 	}
-	public static void authWithConfig(String appName, Configuration config) {
+        public static void authWithConfig(String appName, Configuration config) throws LoginException
{
+                LoginContext loginContext = null;
 		try {
 			if (config != null) {
 				logger.info("Getting AppConfigrationEntry[] for appName="
@@ -698,7 +700,7 @@ public class MiscUtil {
 					}
 				}
 
-				LoginContext loginContext = new LoginContext(appName,
+                                loginContext = new LoginContext(appName,
 						new Subject(), null, config);
 				logger.info("Login in for appName=" + appName);
 				loginContext.login();
@@ -723,6 +725,10 @@ public class MiscUtil {
 		} catch (Throwable t) {
 			logger.fatal("Error logging as appName=" + appName + ", config="
 					+ config.toString() + ", error=" + t.getMessage());
+                } finally {
+                        if (loginContext != null) {
+                                loginContext.logout();
+                        }
 		}
 	}
 
@@ -735,6 +741,7 @@ public class MiscUtil {
 		Subject serverSubject = new Subject();
 		int successLoginCount = 0;
 		String[] spnegoPrincipals = null;
+
 		try {
 			if (principal.equals("*")) {
 				spnegoPrincipals = KerberosUtil.getPrincipalNames(keytab,
@@ -753,6 +760,7 @@ public class MiscUtil {
 			boolean useKeytab = true;
 			if (!useKeytab) {
 				logger.info("Creating UGI with subject");
+                                LoginContext loginContext = null;
 				List<LoginContext> loginContexts = new ArrayList<LoginContext>();
 				for (String spnegoPrincipal : spnegoPrincipals) {
 					try {
@@ -760,7 +768,7 @@ public class MiscUtil {
 								+ ", for principal " + spnegoPrincipal);
 						final KerberosConfiguration kerberosConfiguration = new KerberosConfiguration(
 								keytab, spnegoPrincipal);
-						final LoginContext loginContext = new LoginContext("",
+                                                loginContext = new LoginContext("",
 								serverSubject, null, kerberosConfiguration);
 						loginContext.login();
 						successLoginCount++;
@@ -785,6 +793,10 @@ public class MiscUtil {
 						} catch (Throwable e) {
 							logger.error("Error creating UGI from subject. subject="
 									+ serverSubject);
+                                                } finally {
+                                                        if (loginContext != null) {
+                                                                loginContext.logout();
+                                                        }
 						}
 					} else {
 						logger.error("Total logins were successfull from keytab="

http://git-wip-us.apache.org/repos/asf/ranger/blob/5e858afc/agents-installer/src/main/java/org/apache/ranger/utils/install/PasswordGenerator.java
----------------------------------------------------------------------
diff --git a/agents-installer/src/main/java/org/apache/ranger/utils/install/PasswordGenerator.java
b/agents-installer/src/main/java/org/apache/ranger/utils/install/PasswordGenerator.java
index a2c5193..a829957 100644
--- a/agents-installer/src/main/java/org/apache/ranger/utils/install/PasswordGenerator.java
+++ b/agents-installer/src/main/java/org/apache/ranger/utils/install/PasswordGenerator.java
@@ -18,7 +18,6 @@ package org.apache.ranger.utils.install;
 
 import java.security.SecureRandom;
 import java.util.ArrayList;
-import java.util.Random;
 
 public class PasswordGenerator {
 
@@ -66,7 +65,7 @@ public class PasswordGenerator {
 		else {
 			
 			int diff = Math.abs(maximumPasswordLength - minimumPasswordLength) + 1;
-			ret = minimumPasswordLength + new Random().nextInt(diff);
+                        ret = minimumPasswordLength + new SecureRandom().nextInt(diff);
 		}
 		return (ret);
 	}

http://git-wip-us.apache.org/repos/asf/ranger/blob/5e858afc/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
----------------------------------------------------------------------
diff --git a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
index ec08ae8..e3bd2c6 100644
--- a/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
+++ b/knox-agent/src/main/java/org/apache/ranger/services/knox/client/KnoxClient.java
@@ -50,8 +50,8 @@ public class KnoxClient {
 	
 	/*
    Sample curl calls to Knox to discover topologies
-	 curl -ivk -u admin:admin-password https://localhost:8443/gateway/admin/api/v1/topologies
-	 curl -ivk -u admin:admin-password https://localhost:8443/gateway/admin/api/v1/topologies/admin
+         curl -ivk -u <user-name>:<user-password> https://localhost:8443/gateway/admin/api/v1/topologies
+         curl -ivk -u <user-name>:<user-password> https://localhost:8443/gateway/admin/api/v1/topologies/admin
 	*/
 	
 	public KnoxClient(String knoxUrl, String userName, String password) {

http://git-wip-us.apache.org/repos/asf/ranger/blob/5e858afc/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 5521ae8..4d6227d 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -20,13 +20,13 @@
 package org.apache.ranger.biz;
 
 import java.io.File;
+import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.Random;
 import java.util.Set;
 
 import org.apache.commons.io.FilenameUtils;
@@ -96,7 +96,7 @@ public class RangerBizUtil {
 	int maxDisplayNameLength = 150;
 	public final String EMPTY_CONTENT_DISPLAY_NAME = "...";
 	boolean enableResourceAccessControl;
-	private Random random;
+        private SecureRandom random;
 	private static final String PATH_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst0123456789-_.";
 	private static char[] PATH_CHAR_SET = PATH_CHARS.toCharArray();
 	private static int PATH_CHAR_SET_LEN = PATH_CHAR_SET.length;
@@ -119,7 +119,7 @@ public class RangerBizUtil {
 				auditDBType).toLowerCase();
 		logger.info("java.library.path is " + System.getProperty("java.library.path"));
 		logger.info("Audit datasource is " + auditDBType);
-		random = new Random();
+                random = new SecureRandom();
 	}
 
 	public <T extends XXDBBase> List<? extends XXDBBase> getParentObjects(


Mime
View raw message