[
https://issues.apache.org/jira/browse/RANGER-3231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17511852#comment-17511852
]
alain pellegrino edited comment on RANGER-3231 at 3/24/22, 1:10 PM:
--------------------------------------------------------------------
Previous error seems to doesn't have an incidence of the installation.
So, I still have the same error in the log. Here is the entire log :
{code:java}
2022-03-24 13:02:43,635 ERROR [main]
apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer
(RangerKafkaAuthorizer.java:214) - Error getting principal.
java.lang.IllegalArgumentException: Could not find a 'KafkaServer' or
'sasl_plaintext.KafkaServer' entry in the JAAS configuration. System property
'java.security.auth.login.config' is kafka_client_jaas.conf
at
org.apache.kafka.common.security.JaasContext.defaultContext(JaasContext.java:131)
at
org.apache.kafka.common.security.JaasContext.load(JaasContext.java:96)
at
org.apache.kafka.common.security.JaasContext.loadServerContext(JaasContext.java:69)
at
org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer.configure(RangerKafkaAuthorizer.java:209)
at
org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer.configure(RangerKafkaAuthorizer.java:94)
at kafka.server.KafkaServer.$anonfun$startup$11(KafkaServer.scala:371)
at
kafka.server.KafkaServer.$anonfun$startup$11$adapted(KafkaServer.scala:371)
at scala.Option.foreach(Option.scala:437)
at kafka.server.KafkaServer.startup(KafkaServer.scala:371)
at kafka.Kafka$.main(Kafka.scala:109)
at kafka.Kafka.main(Kafka.scala)
2022-03-24 13:02:43,713 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-policymgr-ssl.xml): couldn't find resource
file location
2022-03-24 13:02:43,755 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-CLUSTERNAME_kafka-audit.xml): couldn't find
resource file location
2022-03-24 13:02:43,755 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-CLUSTERNAME_kafka-security.xml): couldn't
find resource file location
2022-03-24 13:02:43,756 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-CLUSTERNAME_kafka-policymgr-ssl.xml):
couldn't find resource file location
2022-03-24 13:02:45,285 WARN [main]
org.apache.ranger.plugin.util.ScriptEngineUtil (ScriptEngineUtil.java:62) -
failed to initialize script engine 'JavaScript' in a default manner. Will try
to get script-engine from plugin-class-loader
2022-03-24 13:02:45,286 ERROR [main]
org.apache.ranger.plugin.util.ScriptEngineUtil (ScriptEngineUtil.java:73) -
Cannot get script-engine from null pluginClassLoader
2022-03-24 13:02:45,286 ERROR [main]
org.apache.ranger.plugin.conditionevaluator.RangerScriptConditionEvaluator
(RangerScriptConditionEvaluator.java:77) - failed to initialize condition
'accessed-after-expiry': script engine 'JavaScript' was not created
2022-03-24 13:02:45,579 ERROR [data-plane-kafka-request-handler-4]
apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer
(RangerKafkaAuthorizer.java:167) - Ranger Plugin returned null or empty.
Returning Denied for all
{code}
was (Author: alain.pellegr...@alithya.com):
Previous error seems to doesn't have an incidence of the installation.
So, I still have the same error in the log. Here is the entire log :
{code:java}
2022-03-24 13:02:43,635 ERROR [main]
apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer
(RangerKafkaAuthorizer.java:214) - Error getting principal.
java.lang.IllegalArgumentException: Could not find a 'KafkaServer' or
'sasl_plaintext.KafkaServer' entry in the JAAS configuration. System property
'java.security.auth.login.config' is kafka_client_jaas.conf at
org.apache.kafka.common.security.JaasContext.defaultContext(JaasContext.java:131)
at
org.apache.kafka.common.security.JaasContext.load(JaasContext.java:96)
at
org.apache.kafka.common.security.JaasContext.loadServerContext(JaasContext.java:69)
at
org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer.configure(RangerKafkaAuthorizer.java:209)
at
org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer.configure(RangerKafkaAuthorizer.java:94)
at kafka.server.KafkaServer.$anonfun$startup$11(KafkaServer.scala:371)
at
kafka.server.KafkaServer.$anonfun$startup$11$adapted(KafkaServer.scala:371)
at scala.Option.foreach(Option.scala:437) at
kafka.server.KafkaServer.startup(KafkaServer.scala:371) at
kafka.Kafka$.main(Kafka.scala:109) at kafka.Kafka.main(Kafka.scala)
2022-03-24 13:02:43,713 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-policymgr-ssl.xml): couldn't find resource
file location 2022-03-24 13:02:43,755 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-cluster_kafka-audit.xml): couldn't find
resource file location 2022-03-24 13:02:43,755 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-cluster_kafka-security.xml): couldn't find
resource file location 2022-03-24 13:02:43,756 ERROR [main]
apache.ranger.authorization.hadoop.config.RangerConfiguration
(RangerConfiguration.java:61) -
addResourceIfReadable(ranger-kafka-cluster_kafka-policymgr-ssl.xml): couldn't
find resource file location 2022-03-24 13:02:45,285 WARN [main]
org.apache.ranger.plugin.util.ScriptEngineUtil (ScriptEngineUtil.java:62) -
failed to initialize script engine 'JavaScript' in a default manner. Will try
to get script-engine from plugin-class-loader 2022-03-24 13:02:45,286 ERROR
[main] org.apache.ranger.plugin.util.ScriptEngineUtil
(ScriptEngineUtil.java:73) - Cannot get script-engine from null
pluginClassLoader 2022-03-24 13:02:45,286 ERROR [main]
org.apache.ranger.plugin.conditionevaluator.RangerScriptConditionEvaluator
(RangerScriptConditionEvaluator.java:77) - failed to initialize condition
'accessed-after-expiry': script engine 'JavaScript' was not created 2022-03-24
13:02:45,579 ERROR [data-plane-kafka-request-handler-4]
apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer
(RangerKafkaAuthorizer.java:167) - Ranger Plugin returned null or empty.
Returning Denied for all{code}
> Ranger should use kafka Authorizer from KIP-504
> -----------------------------------------------
>
> Key: RANGER-3231
> URL: https://issues.apache.org/jira/browse/RANGER-3231
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
> Reporter: Ismael Juma
> Assignee: Andras Katona
> Priority: Major
> Time Spent: 1h 40m
> Remaining Estimate: 0h
>
> As described in the KIP, `org.apache.kafka.server.authorizer.Authorizer` is
> an improvement over `kafka.security.auth.Authorizer` and it's a pure Java
> interface (instead of Scala).
> `kafka.security.auth.Authorizer` has been deprecated since December 2019 and
> it will be removed in Apache Kafka 3.0 (roughly planned for July/August).
> See the KIP for more details:
> https://cwiki.apache.org/confluence/display/KAFKA/KIP-504+-+Add+new+Java+Authorizer+Interface
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
