Hi Muthu It seemed, the agent logs are showing in the Ranger Admin. Or it is not?
What state are you in now? From your previous email, it seem the policies were enforced. Thanks Bosco > On Dec 16, 2014, at 10:12 PM, Muthu Pandi <[email protected]> wrote: > > Am seeing this Repository name not found exception in xaautit logs, same > error is repeating every 30 sec or 1 minute. I can see the Agent in Ranger > console. > > 2014-12-17 11:39:52,484 [http-bio-6080-exec-6] ERROR > com.xasecure.biz.AssetMgr (AssetMgr.java:791) - Requested repository not found > 2014-12-17 11:39:52,484 [http-bio-6080-exec-6] INFO > com.xasecure.common.RESTErrorUtil (RESTErrorUtil.java:66) - Request failed. > SessionId=null, loginId=null, logMessage=No Data Found. > javax.ws.rs.WebApplicationException > at > com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:57) > at > com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:281) > at com.xasecure.biz.AssetMgr.getLatestRepoPolicy(AssetMgr.java:792) > at com.xasecure.rest.AssetREST.getResourceJSON(AssetREST.java:501) > at > com.xasecure.rest.AssetREST$$FastClassByCGLIB$$90363ab.invoke(<generated>) > at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191) > at > org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) > at > org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) > at > org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622) > at > com.xasecure.rest.AssetREST$$EnhancerByCGLIB$$9f2d0d58.getResourceJSON(<generated>) > at sun.reflect.GeneratedMethodAccessor44.invoke(Unknown Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at > com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:168) > at > com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:70) > at > com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:279) > at > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) > at > com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:86) > at > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) > at > com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:74) > at > com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1357) > at > com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1289) > at > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1239) > at > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1229) > at > com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:420) > at > com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:497) > at > com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:684) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:186) > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) > at > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Thread.java:744) > 2014-12-17 11:39:52,485 [http-bio-6080-exec-6] INFO > com.xasecure.common.RESTErrorUtil (RESTErrorUtil.java:282) - Operation error. > response=VXResponse={com.xasecure.view.VXResponse@4e0f9a01statusCode={1} > msgDesc={No Data Found.} > messageList={[VXMessage={com.xasecure.view.VXMessage@6247dfb0name={DATA_NOT_FOUND} > rbKey={xa.error.data_not_found} message={Data not found} objectId={null} > fieldName={null} }]} } > javax.ws.rs.WebApplicationException > at > com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:57) > at > com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:281) > at com.xasecure.biz.AssetMgr.getLatestRepoPolicy(AssetMgr.java:792) > at com.xasecure.rest.AssetREST.getResourceJSON(AssetREST.java:501) > at > com.xasecure.rest.AssetREST$$FastClassByCGLIB$$90363ab.invoke(<generated>) > at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191) > at > org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) > at > org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) > at > org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) > at > org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622) > at > com.xasecure.rest.AssetREST$$EnhancerByCGLIB$$9f2d0d58.getResourceJSON(<generated>) > at sun.reflect.GeneratedMethodAccessor44.invoke(Unknown Source) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at > com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:168) > at > com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:70) > at > com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:279) > at > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) > at > com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:86) > at > com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) > at > com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:74) > at > com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1357) > at > com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1289) > at > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1239) > at > com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1229) > at > com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:420) > at > com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:497) > at > com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:684) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:186) > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) > at > org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Thread.java:744) > > Regards > Muthupandi.K > > Think before you print. > > > > > > > > On Wed, Dec 17, 2014 at 10:56 AM, Muthu Pandi <[email protected] > <mailto:[email protected]>> wrote: > Hi Don Bosco Durai > > > I has the same scenario as amitsha but i can see the agent in the rager > console but when i try to put a file in HDFS using the created ranger > authorization permission > in denied for the user and when checked in namenode log it shows > > 2014-12-17 10:50:15,524 INFO org.apache.hadoop.ipc.Server: IPC Server handler > 4 on 54310, call org.apache.hadoop.hdfs.protocol.ClientProtocol.create from > 10.10.10.72:49897 <http://10.10.10.72:49897/> > Call#0 Retry#0: org.apache.hadoop.security.AccessControlException: Permission > denied: user=ami, access=WRITE, inode="/ami.txt":hadoop:supergroup:-rw-r--r-- > > @Amitsha Pls check xasecure-hdfs-security.xml file at conf/ there the > property "xasecure.hdfs.policymgr.url" which has the url for ranger has white > space in URL, clear that and restart > > hadoop Agent will be in Ranger Web console. > > > > > > Regards > Muthupandi.K > > Think before you print. > > > > > > > > On Wed, Dec 17, 2014 at 2:50 AM, Don Bosco Durai <[email protected] > <mailto:[email protected]>> wrote: > Hi Amithsha > > Seems one step was missing in the document. I have updated the Wiki, but here > it is: > Create a repository in Ranger Policy Manager. E.g. "local_hdfs". The same > name needs to be configured during plugin setup > > Please let me know whether this works? > > Thanks > > Bosco > >> On Dec 16, 2014, at 4:06 AM, Amith sha <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hi Bosco, >> >> As you mentioned earlier to check the log for HDFS i Found this >> >> 2014-12-16 17:32:53,391 [http-bio-6080-exec-9] ERROR >> com.xasecure.biz.AssetMgr (AssetMgr.java:791) - Requested repository >> not found >> 2014-12-16 17:32:53,391 [http-bio-6080-exec-9] INFO >> com.xasecure.common.RESTErrorUtil (RESTErrorUtil.java:66) - Request >> failed. SessionId=null, loginId=null, logMessage=No Data Found. >> javax.ws.rs.WebApplicationException >> at >> com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:57) >> at >> com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:281) >> at com.xasecure.biz.AssetMgr.getLatestRepoPolicy(AssetMgr.java:792) >> at com.xasecure.rest.AssetREST.getResourceJSON(AssetREST.java:501) >> at >> com.xasecure.rest.AssetREST$$FastClassByCGLIB$$90363ab.invoke(<generated>) >> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191) >> at >> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) >> at >> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622) >> at >> com.xasecure.rest.AssetREST$$EnhancerByCGLIB$$9f2d0d58.getResourceJSON(<generated>) >> at sun.reflect.GeneratedMethodAccessor44.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:606) >> at >> com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:168) >> at >> com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:70) >> at >> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:279) >> at >> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) >> at >> com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:86) >> at >> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) >> at >> com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:74) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1357) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1289) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1239) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1229) >> at >> com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:420) >> at >> com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:497) >> at >> com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:684) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at >> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:186) >> at >> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) >> at >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) >> at >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) >> at >> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) >> at >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070) >> at >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) >> at >> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> at java.lang.Thread.run(Thread.java:744) >> 2014-12-16 17:32:53,392 [http-bio-6080-exec-9] INFO >> com.xasecure.common.RESTErrorUtil (RESTErrorUtil.java:282) - Operation >> error. >> response=VXResponse={com.xasecure.view.VXResponse@2ba07a78statusCode={1} >> msgDesc={No Data Found.} >> messageList={[VXMessage={com.xasecure.view.VXMessage@34c872a8name={DATA_NOT_FOUND} >> rbKey={xa.error.data_not_found} message={Data not found} >> objectId={null} fieldName={null} }]} } >> javax.ws.rs.WebApplicationException >> at >> com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:57) >> at >> com.xasecure.common.RESTErrorUtil.createRESTException(RESTErrorUtil.java:281) >> at com.xasecure.biz.AssetMgr.getLatestRepoPolicy(AssetMgr.java:792) >> at com.xasecure.rest.AssetREST.getResourceJSON(AssetREST.java:501) >> at >> com.xasecure.rest.AssetREST$$FastClassByCGLIB$$90363ab.invoke(<generated>) >> at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:191) >> at >> org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) >> at >> org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622) >> at >> com.xasecure.rest.AssetREST$$EnhancerByCGLIB$$9f2d0d58.getResourceJSON(<generated>) >> at sun.reflect.GeneratedMethodAccessor44.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:606) >> at >> com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$TypeOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:168) >> at >> com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:70) >> at >> com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:279) >> at >> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) >> at >> com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:86) >> at >> com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:136) >> at >> com.sun.jersey.server.impl.uri.rules.RootResourceClassesRule.accept(RootResourceClassesRule.java:74) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1357) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl._handleRequest(WebApplicationImpl.java:1289) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1239) >> at >> com.sun.jersey.server.impl.application.WebApplicationImpl.handleRequest(WebApplicationImpl.java:1229) >> at >> com.sun.jersey.spi.container.servlet.WebComponent.service(WebComponent.java:420) >> at >> com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:497) >> at >> com.sun.jersey.spi.container.servlet.ServletContainer.service(ServletContainer.java:684) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at >> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:186) >> at >> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) >> at >> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) >> at >> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) >> at >> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) >> at >> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) >> at >> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070) >> at >> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) >> at >> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:314) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >> at >> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >> at java.lang.Thread.run(Thread.java:744) >> >> On Tue, Dec 16, 2014 at 11:36 AM, Amith sha <[email protected] >> <mailto:[email protected]>> wrote: >>> Hi Bosco, >>> >>> Thanks for your Kind reply from which i understood the >>> ranger role exactly,I have a one more doubt i made a users and >>> policies in ranger but how can i check those policies either using >>> back end or any 3rd party software >>> >>> ex:- i created a user called bigdata who is not a unix user in hadoop >>> machine but here i set a policies for that user with all >>> privileges.now how can i access the HDFS using bigdata user ? same >>> thing for Hive >>> >>> Thanks and Regards >>> >>> Amithsha S >>> >>> On Tue, Dec 16, 2014 at 5:05 AM, Don Bosco Durai <[email protected] >>> <mailto:[email protected]>> wrote: >>>> Hi Amitsha >>>> >>>> My answers are embedded... >>>> >>>> >>>> On Dec 15, 2014, at 4:25 AM, Amith sha <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Hi Bosco, >>>> >>>> As per the past instructions.I have installed the Apache Ranger >>>> successfully.By which i can access the Ranger web interface but i got >>>> some following Errors, >>>> >>>> 1.No Access Audit found! >>>> I installed Hdfs,Hive,Knox and etc by which >>>> i should get some Agent files in web Interface of Audit as you >>>> mentioned in the document ****** You can verify by logging into the >>>> Ranger Admin Web interface -> Audit -> Agents ****** But i got .No >>>> Access Audit found! in web Interface.i tried to find out the process >>>> by where i traced the username and db for the rangeraudit and i >>>> checked out the db ( ranger_audit) and table ( xa_access_audit ) in >>>> mysql where there is no records in the table. >>>> >>>> Common cause is mismatch in the repository name given in the PolicyAdmin >>>> and >>>> install.properties of the plugin. >>>> >>>> Let’s pick one component for testing the plugin connection and after >>>> restart >>>> of the component, check in the component logs (hivesever2.log or NameNode >>>> log) and see if you see any exceptions. FYI, the plugin connection logs are >>>> in x_policy_export_audit table. >>>> >>>> >>>> 2.knox.url and Common Name For Certificate >>>> Here i have configured knox successfully >>>> and able to acces the hdfs information using Knox gateway via knox >>>> Users,But i want to know the exact knox.url ex:- I used the following >>>> link to access my Hdfs Status >>>> curl -k -u guest:guest-password >>>> 'https://127.0.0.1:8443/gateway/knox_sample/webhdfs/v1?op=LISTSTATUS' >>>> <https://127.0.0.1:8443/gateway/knox_sample/webhdfs/v1?op=LISTSTATUS'> >>>> >>>> Here which is my knox url and i have to >>>> provide the Certificate name so how can i? >>>> I provided while creating the repository for Knox >>>> https://127.0.0.1:8443/gateway/knox_sample >>>> <https://127.0.0.1:8443/gateway/knox_sample> as Knox url and so on but >>>> while testing i got Connection error. >>>> >>>> Not sure I understood your question here. Are you able to “telnet 127.0.0.1 >>>> 8443” ? >>>> >>>> 3.As a Beginner For Apache knox and Ranger i want to Clarify Some Doubts >>>> *knox is also a security Agent to provide Security for >>>> hdfs,hive,hbase etc so why we need ApacheRanger >>>> >>>> Different purpose. Knox is service level coarse grain authorization. And >>>> more importantly, it is API gateway, which provides single URL (hostname) >>>> for access all the services and authentication mapping (e.g. your Hadoop >>>> could be Kerberoized, but you can still access it via Knox with LDAP >>>> authentication). Ranger provides more finer grain access control, central >>>> administration and centralized auditing. >>>> >>>> *In Hortonworks After Configuring Ranger they Checked using knox >>>> >>>> Knox is one of the component where you can use Ranger for managing policy >>>> administration and centralized auditing. So not sure what your question is. >>>> >>>> *So Ranger is only to see graphically the users Login and Logs >>>> >>>> Ranger does administration, policy enforcement and audit collection. The >>>> policies can be configured via UI or via REST APIs. So UI is just a tool >>>> over the core Ranger features. >>>> >>>> *Can u provide a examples to run using Ranger as examples >>>> Available Like sqoop2,hive etc >>>> >>>> Few examples are: >>>> 1. HDFS folder/file permission. Different users and groups can have >>>> different level of permission. >>>> 2. In HiveServer2, database, table and column level access control. >>>> 3. For scoop, you will setup the policies at the DB level. If it is >>>> HiveCLI, >>>> then at the HDFS level. >>>> 4. Centralized auditing of access to data >>>> 5. Auditing of admin actions. >>>> >>>> >>>> >>>> Since we are Planing to Secure the Hadoop process we are so interested >>>> in Ranger In-depth.but unfortunatly there is no examples around the >>>> search engines.kindly Provide a solution for us >>>> >>>> We are working on the documentation and providing more use cases. Let me >>>> see >>>> if there are better way in the meanwhile. >>>> >>>> >>>> >>>> Thank you, >>>> Amithsha >>>> >>>> On Thu, Dec 11, 2014 at 11:24 AM, Amith sha <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Hi Bosco, >>>> >>>> Thanks for your reply, I have checked out the log files Actually i did the >>>> mistake where file named setup.sh i didnt set the mysql,rangeradmin and >>>> rangerlogger password.so finally have made a entry in that file and started >>>> the script have got the access for web console. >>>> >>>> Thanks for your guidance and will ping u after completing further >>>> installation. >>>> >>>> On Thu, Dec 11, 2014 at 11:16 AM, Amith sha <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> >>>> Hi Bosco, >>>> >>>> >>>> On Thu, Dec 11, 2014 at 12:21 AM, Don Bosco Durai <[email protected] >>>> <mailto:[email protected]>> >>>> wrote: >>>> >>>> >>>> Hi Amith >>>> >>>> Seems MySQL is down or not reachable. Can you check the logs in: >>>> >>>> Logs are in ews/logs folder. The path is relative to where you have >>>> installed ranger-admin. Check xa_portal.log and catalina.out files for >>>> ERROR >>>> and WARN log messages >>>> >>>> I have updated the installation wiki with the above comment (for log >>>> location). >>>> >>>> Thanks >>>> >>>> Bosco >>>> >>>> On Dec 10, 2014, at 4:09 AM, Amith sha <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Hi Bosco, >>>> >>>> Thanks for your update.So far it is fine to build and got the web >>>> console. But cannot login the web console using default authentication >>>> username and password admin,admin. Is there any File to edit or Login >>>> Information is Required. >>>> >>>> Thanks >>>> >>>> On Wed, Dec 10, 2014 at 3:23 PM, Amith sha <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> >>>> Hi bosco, >>>> Thanks for ur reply.Will check and Ping you soon. >>>> >>>> On Wed, Dec 10, 2014 at 1:17 PM, Don Bosco Durai <[email protected] >>>> <mailto:[email protected]>> >>>> wrote: >>>> >>>> >>>> Hi Amith >>>> >>>> I was trying to find from where ranger-script-env.sh was getting >>>> invoked, but couldn’t. >>>> >>>> Below are the instructions to build and run. Happy to get your feedback >>>> based on this document. >>>> >>>> >>>> https://cwiki.apache.org/confluence/display/RANGER/Ranger+Installation+Guide >>>> >>>> <https://cwiki.apache.org/confluence/display/RANGER/Ranger+Installation+Guide> >>>> >>>> >>>> Thanks >>>> >>>> Bosco >>>> >>>> On Dec 9, 2014, at 9:38 PM, Amith sha <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Hi all, >>>> As advised by Madhan,I was able to build the Ranger >>>> Successfully.And got the tar.gz files and finally by unzipping >>>> it.Tried >>>> to install (ranger-admin)using the shell script setup.sh where it got >>>> some inputs and finally it shows *Installation of XASecure >>>> PolicyManager Web Application is completed.* >>>> >>>> But i cant access the service in the port 6080 have alse checked >>>> whether >>>> any service is running on that port >>>> >>>> finally goggled and got this file location >>>> incubator-ranger-master/ >>>> embededwebserver/scripts >>>> Below files are found >>>> logs ranger-admin startcopy >>>> start-ranger-admin.sh stop-ranger-admin.sh >>>> >>>> tried ./start-ranger-admin.sh >>>> This script trying to find a file ranger-script-env.sh >>>> But it cannot found >>>> >>>> Can anyone help or suggest !!!! >>>> Is that possible to work before the new release . >>>> Thank u >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >
