security-admin/src/main/resources/conf.dist/ranger-admin-site.xml - ranger - Git at Google

 <!--
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

     http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License. See accompanying LICENSE file.
 -->


 <configuration>
 <!-- # DB Info -->
 	<property>
 		<name>ranger.jpa.jdbc.driver</name>
 		<value>net.sf.log4jdbc.DriverSpy</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.jpa.jdbc.url</name>
 		<value>jdbc:log4jdbc:mysql://localhost/ranger</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.jpa.jdbc.user</name>
 		<value>rangeradmin</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.jpa.jdbc.password</name>
 		<value>rangeradmin</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.externalurl</name>
 		<value>http://localhost:6080</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.scheduler.enabled</name>
 		<value>true</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.audit.solr.urls</name>
 		<value>http://##solr_host##:6083/solr/ranger_audits</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.audit.source.type</name>
 		<value>db</value>
 		<description></description>
 	</property>

 	<property>
 		<name>ranger.service.http.enabled</name>
 		<value>true</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.authentication.method</name>
 		<value>NONE</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.url</name>
 		<value>ldap://</value>
 		<description></description>
 	</property>
 		<property>
 		<name>ranger.ldap.user.dnpattern</name>
 		<value>uid={0},ou=users,dc=xasecure,dc=net</value>
 		<description></description>
 	</property>
 		<property>
 		<name>ranger.ldap.group.searchbase</name>
 		<value>ou=groups,dc=xasecure,dc=net</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.group.searchfilter</name>
 		<value>(member=uid={0},ou=users,dc=xasecure,dc=net)</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.group.roleattribute</name>
 		<value>cn</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.base.dn</name>
 		<value></value>
 		<description>LDAP base dn or search base</description>
 	</property>
 	<property>
 		<name>ranger.ldap.bind.dn</name>
 		<value></value>
 		<description>LDAP bind dn or manager dn</description>
 	</property>
 	<property>
 		<name>ranger.ldap.bind.password</name>
 		<value></value>
 		<description>LDAP bind password</description>
 	</property>
 	<property>
 		<name>ranger.ldap.default.role</name>
 		<value>ROLE_USER</value>
 	</property>
 	<property>
 		<name>ranger.ldap.referral</name>
 		<value></value>
 		<description>follow or ignore</description>
 	</property>
 	<property>
 		<name>ranger.ldap.ad.domain</name>
 		<value>example.com</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.ad.url</name>
 		<value></value>
 		<description>ldap://</description>
 	</property>

 	<property>
 		<name>ranger.ldap.ad.base.dn</name>
 		<value>dc=example,dc=com</value>
 		<description>AD base dn or search base</description>
 	</property>
 	<property>
 		<name>ranger.ldap.ad.bind.dn</name>
 		<value>cn=administrator,ou=users,dc=example,dc=com</value>
 		<description>AD bind dn or manager dn</description>
 	</property>
 	<property>
 		<name>ranger.ldap.ad.bind.password</name>
 		<value></value>
 		<description>AD bind password</description>
 	</property>

 	<property>
 		<name>ranger.ldap.ad.referral</name>
 		<value></value>
 		<description>follow or ignore</description>
 	</property>
 	<property>
 		<name>ranger.service.https.attrib.ssl.enabled</name>
 		<value>false</value>
 	</property>

 	<property>
 		<name>ranger.service.https.attrib.keystore.keyalias</name>
 		<value>myKey</value>
 	</property>

 	<property>
 		<name>ranger.service.https.attrib.keystore.pass</name>
 		<value>_</value>
 	</property>

 	<property>
 		<name>ranger.service.host</name>
 		<value>localhost</value>
 	</property>

 	<property>
 		<name>ranger.service.http.port</name>
 		<value>6080</value>
 	</property>

 	<property>
 		<name>ranger.service.https.port</name>
 		<value>6182</value>
 	</property>

 	<property>
 		<name>ranger.service.https.attrib.keystore.file</name>
 		<value>/etc/ranger/admin/keys/server.jks</value>
 	</property>

 	<property>
 		<name>ranger.solr.audit.user</name>
 		<value></value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.solr.audit.user.password</name>
 		<value></value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.audit.solr.zookeepers</name>
 		<value></value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.user.searchfilter</name>
 		<value>(uid={0})</value>
 		<description></description>
 	</property>
 	<property>
 		<name>ranger.ldap.ad.user.searchfilter</name>
 		<value>(sAMAccountName={0})</value>
 		<description></description>
 	</property>
 	<!-- SSO Properties Starts-->
 	<property>
 		<name>ranger.sso.providerurl</name>
 		<value>https://127.0.0.1:8443/gateway/knoxsso/api/v1/websso</value>
 	</property>
 	<property>
 		<name>ranger.sso.publicKey</name>
 		<value></value>
 	</property>
 	<property>
 		<name>ranger.sso.enabled</name>
 		<value>false</value>
 	</property>
 	<property>
 		<name>ranger.sso.browser.useragent</name>
 		<value>Mozilla,chrome</value>
 	</property>
 	<!-- SSO Properties Ends-->
 	<!-- Kerberos Properties starts-->
 	<property>
 		<name>ranger.admin.kerberos.token.valid.seconds</name>
 		<value>30</value>
 	</property>
 	<property>
 		<name>ranger.admin.kerberos.cookie.domain</name>
 		<value></value>
 	</property>
 	<property>
 		<name>ranger.admin.kerberos.cookie.path</name>
 		<value>/</value>
 	</property>
 	<property>
 		<name>ranger.admin.kerberos.principal</name>
 		<value>rangeradmin/_HOST@REALM</value>
 	</property>
 	<property>
 		<name>ranger.admin.kerberos.keytab</name>
 		<value></value>
 	</property>
 	<property>
 		<name>ranger.spnego.kerberos.principal</name>
 		<value>HTTP/_HOST@REALM</value>
 	</property>
 	<property>
 		<name>ranger.spnego.kerberos.keytab</name>
 		<value></value>
 	</property>
 	<property>
 		<name>ranger.lookup.kerberos.principal</name>
 		<value>rangerlookup/_HOST@REALM</value>
 	</property>
 	<property>
 		<name>ranger.lookup.kerberos.keytab</name>
 		<value></value>
 	</property>
 	<!-- Kerberos Properties ENDs-->
 	<property>
 		<name>ranger.supportedcomponents</name>
 		<value></value>
 	</property>
 	<property>
 		<name>ranger.downloadpolicy.session.log.enabled</name>
 		<value>false</value>
 	</property>
 	<!-- Service user for KMS -->
     <property>
     	<name>ranger.kms.service.user.hdfs</name>
         <value>hdfs</value>
     </property>
     <property>
         <name>ranger.kms.service.user.hive</name>
         <value>hive</value>
     </property>

     <property>
         <name>ranger.audit.hive.query.visibility</name>
         <value>true</value>
         <description></description>
     </property>
     <property>
 		<name>ranger.service.https.attrib.keystore.credential.alias</name>
 		<value>keyStoreCredentialAlias</value>
 	</property>
 	<property>
 		<name>ranger.tomcat.ciphers</name>
 		<value></value>
 	</property>
                 <!-- Solr related porps -->
         <property>
                 <name>ranger.audit.solr.collection.name</name>
                 <value></value>
         </property>
         <property>
                 <name>ranger.audit.solr.config.name</name>
                 <value></value>
         </property>
         <property>
                 <name>ranger.audit.solr.no.shards</name>
                 <value></value>
         </property>
         <property>
                 <name>ranger.audit.solr.max.shards.per.node</name>
                 <value></value>
         </property>
         <property>
                 <name>ranger.audit.solr.no.replica</name>
                 <value></value>
         </property>
         <property>
                 <name>ranger.audit.solr.acl.user.list.sasl</name>
                 <value></value>
         </property>
         <property>
                 <name>ranger.audit.solr.bootstrap.enabled</name>
                 <value></value>
         </property>
         <property>
 				<name>ranger.audit.solr.max.retry</name>
 				<value></value>
 				<description>Maximum no. of retry to setup solr</description>
 		</property>
 </configuration>
	<!--
	Licensed under the Apache License, Version 2.0 (the "License");
	you may not use this file except in compliance with the License.
	You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License. See accompanying LICENSE file.
	-->


	<configuration>
	<!-- # DB Info -->
	<property>
	<name>ranger.jpa.jdbc.driver</name>
	<value>net.sf.log4jdbc.DriverSpy</value>
	<description></description>
	</property>
	<property>
	<name>ranger.jpa.jdbc.url</name>
	<value>jdbc:log4jdbc:mysql://localhost/ranger</value>
	<description></description>
	</property>
	<property>
	<name>ranger.jpa.jdbc.user</name>
	<value>rangeradmin</value>
	<description></description>
	</property>
	<property>
	<name>ranger.jpa.jdbc.password</name>
	<value>rangeradmin</value>
	<description></description>
	</property>
	<property>
	<name>ranger.externalurl</name>
	<value>http://localhost:6080</value>
	<description></description>
	</property>
	<property>
	<name>ranger.scheduler.enabled</name>
	<value>true</value>
	<description></description>
	</property>
	<property>
	<name>ranger.audit.solr.urls</name>
	<value>http://##solr_host##:6083/solr/ranger_audits</value>
	<description></description>
	</property>
	<property>
	<name>ranger.audit.source.type</name>
	<value>db</value>
	<description></description>
	</property>

	<property>
	<name>ranger.service.http.enabled</name>
	<value>true</value>
	<description></description>
	</property>
	<property>
	<name>ranger.authentication.method</name>
	<value>NONE</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.url</name>
	<value>ldap://</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.user.dnpattern</name>
	<value>uid={0},ou=users,dc=xasecure,dc=net</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.group.searchbase</name>
	<value>ou=groups,dc=xasecure,dc=net</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.group.searchfilter</name>
	<value>(member=uid={0},ou=users,dc=xasecure,dc=net)</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.group.roleattribute</name>
	<value>cn</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.base.dn</name>
	<value></value>
	<description>LDAP base dn or search base</description>
	</property>
	<property>
	<name>ranger.ldap.bind.dn</name>
	<value></value>
	<description>LDAP bind dn or manager dn</description>
	</property>
	<property>
	<name>ranger.ldap.bind.password</name>
	<value></value>
	<description>LDAP bind password</description>
	</property>
	<property>
	<name>ranger.ldap.default.role</name>
	<value>ROLE_USER</value>
	</property>
	<property>
	<name>ranger.ldap.referral</name>
	<value></value>
	<description>follow or ignore</description>
	</property>
	<property>
	<name>ranger.ldap.ad.domain</name>
	<value>example.com</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.ad.url</name>
	<value></value>
	<description>ldap://</description>
	</property>

	<property>
	<name>ranger.ldap.ad.base.dn</name>
	<value>dc=example,dc=com</value>
	<description>AD base dn or search base</description>
	</property>
	<property>
	<name>ranger.ldap.ad.bind.dn</name>
	<value>cn=administrator,ou=users,dc=example,dc=com</value>
	<description>AD bind dn or manager dn</description>
	</property>
	<property>
	<name>ranger.ldap.ad.bind.password</name>
	<value></value>
	<description>AD bind password</description>
	</property>

	<property>
	<name>ranger.ldap.ad.referral</name>
	<value></value>
	<description>follow or ignore</description>
	</property>
	<property>
	<name>ranger.service.https.attrib.ssl.enabled</name>
	<value>false</value>
	</property>

	<property>
	<name>ranger.service.https.attrib.keystore.keyalias</name>
	<value>myKey</value>
	</property>

	<property>
	<name>ranger.service.https.attrib.keystore.pass</name>
	<value>_</value>
	</property>

	<property>
	<name>ranger.service.host</name>
	<value>localhost</value>
	</property>

	<property>
	<name>ranger.service.http.port</name>
	<value>6080</value>
	</property>

	<property>
	<name>ranger.service.https.port</name>
	<value>6182</value>
	</property>

	<property>
	<name>ranger.service.https.attrib.keystore.file</name>
	<value>/etc/ranger/admin/keys/server.jks</value>
	</property>

	<property>
	<name>ranger.solr.audit.user</name>
	<value></value>
	<description></description>
	</property>
	<property>
	<name>ranger.solr.audit.user.password</name>
	<value></value>
	<description></description>
	</property>
	<property>
	<name>ranger.audit.solr.zookeepers</name>
	<value></value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.user.searchfilter</name>
	<value>(uid={0})</value>
	<description></description>
	</property>
	<property>
	<name>ranger.ldap.ad.user.searchfilter</name>
	<value>(sAMAccountName={0})</value>
	<description></description>
	</property>
	<!-- SSO Properties Starts-->
	<property>
	<name>ranger.sso.providerurl</name>
	<value>https://127.0.0.1:8443/gateway/knoxsso/api/v1/websso</value>
	</property>
	<property>
	<name>ranger.sso.publicKey</name>
	<value></value>
	</property>
	<property>
	<name>ranger.sso.enabled</name>
	<value>false</value>
	</property>
	<property>
	<name>ranger.sso.browser.useragent</name>
	<value>Mozilla,chrome</value>
	</property>
	<!-- SSO Properties Ends-->
	<!-- Kerberos Properties starts-->
	<property>
	<name>ranger.admin.kerberos.token.valid.seconds</name>
	<value>30</value>
	</property>
	<property>
	<name>ranger.admin.kerberos.cookie.domain</name>
	<value></value>
	</property>
	<property>
	<name>ranger.admin.kerberos.cookie.path</name>
	<value>/</value>
	</property>
	<property>
	<name>ranger.admin.kerberos.principal</name>
	<value>rangeradmin/_HOST@REALM</value>
	</property>
	<property>
	<name>ranger.admin.kerberos.keytab</name>
	<value></value>
	</property>
	<property>
	<name>ranger.spnego.kerberos.principal</name>
	<value>HTTP/_HOST@REALM</value>
	</property>
	<property>
	<name>ranger.spnego.kerberos.keytab</name>
	<value></value>
	</property>
	<property>
	<name>ranger.lookup.kerberos.principal</name>
	<value>rangerlookup/_HOST@REALM</value>
	</property>
	<property>
	<name>ranger.lookup.kerberos.keytab</name>
	<value></value>
	</property>
	<!-- Kerberos Properties ENDs-->
	<property>
	<name>ranger.supportedcomponents</name>
	<value></value>
	</property>
	<property>
	<name>ranger.downloadpolicy.session.log.enabled</name>
	<value>false</value>
	</property>
	<!-- Service user for KMS -->
	<property>
	<name>ranger.kms.service.user.hdfs</name>
	<value>hdfs</value>
	</property>
	<property>
	<name>ranger.kms.service.user.hive</name>
	<value>hive</value>
	</property>

	<property>
	<name>ranger.audit.hive.query.visibility</name>
	<value>true</value>
	<description></description>
	</property>
	<property>
	<name>ranger.service.https.attrib.keystore.credential.alias</name>
	<value>keyStoreCredentialAlias</value>
	</property>
	<property>
	<name>ranger.tomcat.ciphers</name>
	<value></value>
	</property>
	<!-- Solr related porps -->
	<property>
	<name>ranger.audit.solr.collection.name</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.config.name</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.no.shards</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.max.shards.per.node</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.no.replica</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.acl.user.list.sasl</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.bootstrap.enabled</name>
	<value></value>
	</property>
	<property>
	<name>ranger.audit.solr.max.retry</name>
	<value></value>
	<description>Maximum no. of retry to setup solr</description>
	</property>
	</configuration>