ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From me...@apache.org
Subject ranger git commit: Revert "RANGER-2210:Ranger support for Apache Kafka 2.0.0"
Date Thu, 27 Sep 2018 15:01:10 GMT
Repository: ranger
Updated Branches:
  refs/heads/ranger-1 f01cd52f0 -> 8895214ae


Revert "RANGER-2210:Ranger support for Apache Kafka 2.0.0"

This reverts commit 1cc4b1e95dd4a583dfc8bbf988b458741772dddd.


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/8895214a
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/8895214a
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/8895214a

Branch: refs/heads/ranger-1
Commit: 8895214ae518ef57dabe03bb7577d4b5b8184770
Parents: f01cd52
Author: Mehul Parikh <mehul@apache.org>
Authored: Thu Sep 27 19:40:10 2018 +0530
Committer: Mehul Parikh <mehul@apache.org>
Committed: Thu Sep 27 19:40:10 2018 +0530

----------------------------------------------------------------------
 .../kafka/authorizer/RangerKafkaAuthorizer.java              | 8 +++-----
 .../kafka/authorizer/KafkaRangerAuthorizerTest.java          | 6 ++++--
 pom.xml                                                      | 4 ++--
 3 files changed, 9 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/8895214a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
index eab869a..b5d151e 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
@@ -26,6 +26,7 @@ import javax.security.auth.Subject;
 
 import org.apache.kafka.common.network.ListenerName;
 import org.apache.kafka.common.security.JaasContext;
+import org.apache.kafka.common.security.JaasContext.Type;
 import org.apache.kafka.common.security.auth.KafkaPrincipal;
 import org.apache.kafka.common.security.auth.SecurityProtocol;
 
@@ -36,9 +37,7 @@ import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.kafka.common.config.SaslConfigs;
 import org.apache.kafka.common.security.authenticator.LoginManager;
-import org.apache.kafka.common.security.kerberos.KerberosLogin;
 import org.apache.ranger.audit.provider.MiscUtil;
 import org.apache.ranger.plugin.audit.RangerDefaultAuditHandler;
 import org.apache.ranger.plugin.policyengine.RangerAccessRequestImpl;
@@ -96,9 +95,8 @@ public class RangerKafkaAuthorizer implements Authorizer {
 						final String listenerName = (jaasContext instanceof String
 								&& StringUtils.isNotEmpty((String) jaasContext)) ? (String) jaasContext
 										: SecurityProtocol.SASL_PLAINTEXT.name();
-						final String saslMechanism = SaslConfigs.GSSAPI_MECHANISM;
-						JaasContext context = JaasContext.loadServerContext(new ListenerName(listenerName),
saslMechanism, configs);
-						LoginManager loginManager = LoginManager.acquireLoginManager(context, saslMechanism,
KerberosLogin.class, configs);
+						JaasContext context = JaasContext.load(Type.SERVER, new ListenerName(listenerName),
configs);
+						LoginManager loginManager = LoginManager.acquireLoginManager(context, true, configs);
 						Subject subject = loginManager.subject();
 						UserGroupInformation ugi = MiscUtil
 								.createUGIFromSubject(subject);

http://git-wip-us.apache.org/repos/asf/ranger/blob/8895214a/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
----------------------------------------------------------------------
diff --git a/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
b/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
index 8d2f0a4..bccdb80 100644
--- a/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
+++ b/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
@@ -82,8 +82,8 @@ public class KafkaRangerAuthorizerTest {
     @org.junit.BeforeClass
     public static void setup() throws Exception {
     	// Create keys
-        String serviceDN = "CN=localhost,O=Apache,L=Dublin,ST=Leinster,C=IE";
-        String clientDN = "CN=localhost,O=Apache,L=Dublin,ST=Leinster,C=IE";
+    	String serviceDN = "CN=Service,O=Apache,L=Dublin,ST=Leinster,C=IE";
+    	String clientDN = "CN=Client,O=Apache,L=Dublin,ST=Leinster,C=IE";
     	
     	// Create a truststore
     	KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
@@ -257,6 +257,7 @@ public class KafkaRangerAuthorizerTest {
         producerProps.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, "security");
         
         final Producer<String, String> producer = new KafkaProducer<>(producerProps);
+        
         // Send a message
         Future<RecordMetadata> record = 
             producer.send(new ProducerRecord<String, String>("dev", "somekey", "somevalue"));
@@ -295,6 +296,7 @@ public class KafkaRangerAuthorizerTest {
             record = producer.send(new ProducerRecord<String, String>("dev", "somekey",
"somevalue"));
             producer.flush();
             record.get();
+            Assert.fail("Authorization failure expected");
         } catch (Exception ex) {
             Assert.assertTrue(ex.getMessage().contains("Not authorized to access topics"));
         }

http://git-wip-us.apache.org/repos/asf/ranger/blob/8895214a/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 2e82848..f87cfb2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -185,7 +185,7 @@
         <jsonsmart.version>2.3</jsonsmart.version>
         <jsr305.version>1.3.9</jsr305.version>
         <junit.version>4.12</junit.version>
-        <kafka.version>2.0.0</kafka.version>
+        <kafka.version>1.0.0</kafka.version>
         <kerby.version>1.0.0</kerby.version>
         <knox.gateway.version>1.0.0</knox.gateway.version>
         <kylin.version>2.3.0</kylin.version>
@@ -207,7 +207,7 @@
         <scala.xml.version>1.0.4</scala.xml.version>
         <security-agent-install-dir>hadoop-security/plugins</security-agent-install-dir>
         <servlet.api.version>2.5</servlet.api.version>
-        <slf4j-api.version>1.7.25</slf4j-api.version>
+        <slf4j-api.version>1.7.5</slf4j-api.version>
         <solr.version>5.5.4</solr.version>
         <spring-ldap-core.version>2.3.2.RELEASE</spring-ldap-core.version>
         <springframework.security.version>4.2.4.RELEASE</springframework.security.version>


Mime
View raw message