Revert "RANGER-2210:Ranger support for Apache Kafka 2.0.0"
This reverts commit 1cc4b1e95dd4a583dfc8bbf988b458741772dddd.
diff --git a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
index eab869a..b5d151e 100644
--- a/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
+++ b/plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java
@@ -26,6 +26,7 @@
import org.apache.kafka.common.network.ListenerName;
import org.apache.kafka.common.security.JaasContext;
+import org.apache.kafka.common.security.JaasContext.Type;
import org.apache.kafka.common.security.auth.KafkaPrincipal;
import org.apache.kafka.common.security.auth.SecurityProtocol;
@@ -36,9 +37,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.kafka.common.config.SaslConfigs;
import org.apache.kafka.common.security.authenticator.LoginManager;
-import org.apache.kafka.common.security.kerberos.KerberosLogin;
import org.apache.ranger.audit.provider.MiscUtil;
import org.apache.ranger.plugin.audit.RangerDefaultAuditHandler;
import org.apache.ranger.plugin.policyengine.RangerAccessRequestImpl;
@@ -96,9 +95,8 @@
final String listenerName = (jaasContext instanceof String
&& StringUtils.isNotEmpty((String) jaasContext)) ? (String) jaasContext
: SecurityProtocol.SASL_PLAINTEXT.name();
- final String saslMechanism = SaslConfigs.GSSAPI_MECHANISM;
- JaasContext context = JaasContext.loadServerContext(new ListenerName(listenerName), saslMechanism, configs);
- LoginManager loginManager = LoginManager.acquireLoginManager(context, saslMechanism, KerberosLogin.class, configs);
+ JaasContext context = JaasContext.load(Type.SERVER, new ListenerName(listenerName), configs);
+ LoginManager loginManager = LoginManager.acquireLoginManager(context, true, configs);
Subject subject = loginManager.subject();
UserGroupInformation ugi = MiscUtil
.createUGIFromSubject(subject);
diff --git a/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java b/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
index 8d2f0a4..bccdb80 100644
--- a/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
+++ b/plugin-kafka/src/test/java/org/apache/ranger/authorization/kafka/authorizer/KafkaRangerAuthorizerTest.java
@@ -82,8 +82,8 @@
@org.junit.BeforeClass
public static void setup() throws Exception {
// Create keys
- String serviceDN = "CN=localhost,O=Apache,L=Dublin,ST=Leinster,C=IE";
- String clientDN = "CN=localhost,O=Apache,L=Dublin,ST=Leinster,C=IE";
+ String serviceDN = "CN=Service,O=Apache,L=Dublin,ST=Leinster,C=IE";
+ String clientDN = "CN=Client,O=Apache,L=Dublin,ST=Leinster,C=IE";
// Create a truststore
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
@@ -257,6 +257,7 @@
producerProps.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, "security");
final Producer<String, String> producer = new KafkaProducer<>(producerProps);
+
// Send a message
Future<RecordMetadata> record =
producer.send(new ProducerRecord<String, String>("dev", "somekey", "somevalue"));
@@ -295,6 +296,7 @@
record = producer.send(new ProducerRecord<String, String>("dev", "somekey", "somevalue"));
producer.flush();
record.get();
+ Assert.fail("Authorization failure expected");
} catch (Exception ex) {
Assert.assertTrue(ex.getMessage().contains("Not authorized to access topics"));
}
diff --git a/pom.xml b/pom.xml
index 2e82848..f87cfb2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -185,7 +185,7 @@
<jsonsmart.version>2.3</jsonsmart.version>
<jsr305.version>1.3.9</jsr305.version>
<junit.version>4.12</junit.version>
- <kafka.version>2.0.0</kafka.version>
+ <kafka.version>1.0.0</kafka.version>
<kerby.version>1.0.0</kerby.version>
<knox.gateway.version>1.0.0</knox.gateway.version>
<kylin.version>2.3.0</kylin.version>
@@ -207,7 +207,7 @@
<scala.xml.version>1.0.4</scala.xml.version>
<security-agent-install-dir>hadoop-security/plugins</security-agent-install-dir>
<servlet.api.version>2.5</servlet.api.version>
- <slf4j-api.version>1.7.25</slf4j-api.version>
+ <slf4j-api.version>1.7.5</slf4j-api.version>
<solr.version>5.5.4</solr.version>
<spring-ldap-core.version>2.3.2.RELEASE</spring-ldap-core.version>
<springframework.security.version>4.2.4.RELEASE</springframework.security.version>
