ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhavik patel <bhavikpatel...@gmail.com>
Subject Re: Review Request 72591: RANGER-2861 : Support username and keytab to authenticate ES service to use as an Ranger Audit Store
Date Mon, 06 Jul 2020 05:42:58 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72591/
-----------------------------------------------------------

(Updated July 6, 2020, 5:42 a.m.)


Review request for ranger, Attila Bukor, Ankita Sinha, Bolke de Bruin, Don Bosco Durai, bhavik
patel, Colm O hEigeartaigh, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh,
Nitin Galave, pengjianhua, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu,
and Velmurugan Periasamy.


Bugs: RANGER-2861
    https://issues.apache.org/jira/browse/RANGER-2861


Repository: ranger


Description
-------

Currently, Ranger admin support only Basic Authentication for ES as an Audit Store, also required
to support username and keytab.


Diffs (updated)
-----

  agents-audit/src/main/java/org/apache/ranger/audit/destination/ElasticSearchAuditDestination.java
bda582a 
  agents-cred/src/main/java/org/apache/ranger/authorization/credutils/CredentialsProviderUtil.java
PRE-CREATION 
  agents-cred/src/main/java/org/apache/ranger/authorization/credutils/kerberos/AbstractJaasConf.java
PRE-CREATION 
  agents-cred/src/main/java/org/apache/ranger/authorization/credutils/kerberos/KerberosCredentialsProvider.java
PRE-CREATION 
  agents-cred/src/main/java/org/apache/ranger/authorization/credutils/kerberos/KeytabJaasConf.java
PRE-CREATION 
  distro/src/main/assembly/admin-web.xml a632011 
  embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/ElasticSearchIndexBootStrapper.java
886091e 
  security-admin/src/main/java/org/apache/ranger/elasticsearch/ElasticSearchMgr.java a060877



Diff: https://reviews.apache.org/r/72591/diff/2/

Changes: https://reviews.apache.org/r/72591/diff/1-2/


Testing
-------

After setting the ES username and passowrd(keytab) in install.properties ranger admin is able
to read audit logs from ES also ranger plugins able to write the logs to ES.


Thanks,

bhavik patel


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message