mneethiraj
diff --git a/‎hbase-agent/conf/ranger-hbase-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions b/‎hbase-agent/conf/ranger-hbase-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎hbase-agent/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions b/‎hbase-agent/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎hdfs-agent/conf/ranger-hdfs-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions b/‎hdfs-agent/conf/ranger-hdfs-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎hdfs-agent/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions b/‎hdfs-agent/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎hive-agent/conf/ranger-hive-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions b/‎hive-agent/conf/ranger-hive-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎hive-agent/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions b/‎hive-agent/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎kms/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions b/‎kms/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎knox-agent/conf/ranger-knox-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions b/‎knox-agent/conf/ranger-knox-audit-changes.cfg‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎knox-agent/scripts/install.properties‎
Lines changed: 11 additions & 1 deletion b/‎knox-agent/scripts/install.properties‎
Lines changed: 11 additions & 1 deletion
diff --git a/‎plugin-atlas/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions b/‎plugin-atlas/scripts/install.properties‎
Lines changed: 10 additions & 0 deletions
@@ -47,6 +47,16 @@ xasecure.audit.destination.solr.user %XAAUDIT.SOLR.USER% mod create-if-not-exist
 xasecure.audit.destination.solr.password %XAAUDIT.SOLR.PASSWORD% mod create-if-not-exists
 xasecure.audit.destination.solr.zookeepers %XAAUDIT.SOLR.ZOOKEEPER% mod create-if-not-exists
 xasecure.audit.destination.solr.batch.filespool.dir %XAAUDIT.SOLR.FILE_SPOOL_DIR% mod create-if-not-exists
+xasecure.audit.destination.solr.force.use.inmemory.jaas.config %XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG% mod create-if-not-exists
+
+xasecure.audit.jaas.Client.loginModuleName        %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME%         mod create-if-not-exists
+xasecure.audit.jaas.Client.loginModuleControlFlag %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG% mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useKeyTab       %XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB%        mod create-if-not-exists
+xasecure.audit.jaas.Client.option.storeKey        %XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY%          mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useTicketCache  %XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE%   mod create-if-not-exists
+xasecure.audit.jaas.Client.option.serviceName     %XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME%       mod create-if-not-exists
+xasecure.audit.jaas.Client.option.keyTab          %XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB%            mod create-if-not-exists
+xasecure.audit.jaas.Client.option.principal       %XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL%          mod create-if-not-exists
 
 xasecure.audit.destination.elasticsearch                                    %XAAUDIT.ELASTICSEARCH.ENABLE%                              mod create-if-not-exists
 xasecure.audit.destination.elasticsearch.urls                               %XAAUDIT.ELASTICSEARCH.URL%                                 mod create-if-not-exists
 
@@ -55,6 +55,16 @@ XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
 XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/hbase/audit/solr/spool
+XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG=false
+
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME=com.sun.security.auth.module.Krb5LoginModule
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG=required
+XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB=true
+XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY=true
+XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE=false
+XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME=serviceName
+XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB=/path/to/service.keytab
+XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL=principal/hostname@REALM
 
 # Enable audit logs to ElasticSearch
 #Example
 
@@ -44,6 +44,16 @@ xasecure.audit.destination.solr.user %XAAUDIT.SOLR.USER% mod create-if-not-exist
 xasecure.audit.destination.solr.password %XAAUDIT.SOLR.PASSWORD% mod create-if-not-exists
 xasecure.audit.destination.solr.zookeepers                         %XAAUDIT.SOLR.ZOOKEEPER%                           mod create-if-not-exists
 xasecure.audit.destination.solr.batch.filespool.dir                %XAAUDIT.SOLR.FILE_SPOOL_DIR%                      mod create-if-not-exists
+xasecure.audit.destination.solr.force.use.inmemory.jaas.config     %XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG%               mod create-if-not-exists
+
+xasecure.audit.jaas.Client.loginModuleName        %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME%         mod create-if-not-exists
+xasecure.audit.jaas.Client.loginModuleControlFlag %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG% mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useKeyTab       %XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB%        mod create-if-not-exists
+xasecure.audit.jaas.Client.option.storeKey        %XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY%          mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useTicketCache  %XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE%   mod create-if-not-exists
+xasecure.audit.jaas.Client.option.serviceName     %XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME%       mod create-if-not-exists
+xasecure.audit.jaas.Client.option.keyTab          %XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB%            mod create-if-not-exists
+xasecure.audit.jaas.Client.option.principal       %XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL%          mod create-if-not-exists
 
 xasecure.audit.destination.elasticsearch                                    %XAAUDIT.ELASTICSEARCH.ENABLE%                              mod create-if-not-exists
 xasecure.audit.destination.elasticsearch.urls                               %XAAUDIT.ELASTICSEARCH.URL%                                 mod create-if-not-exists
 
@@ -49,6 +49,16 @@ XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
 XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/hadoop/hdfs/audit/solr/spool
+XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG=false
+
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME=com.sun.security.auth.module.Krb5LoginModule
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG=required
+XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB=true
+XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY=true
+XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE=false
+XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME=serviceName
+XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB=/path/to/service.keytab
+XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL=principal/hostname@REALM
 
 # Enable audit logs to ElasticSearch
 #Example
 
@@ -45,6 +45,16 @@ xasecure.audit.destination.solr.user %XAAUDIT.SOLR.USER% mod create-if-not-exist
 xasecure.audit.destination.solr.password %XAAUDIT.SOLR.PASSWORD% mod create-if-not-exists
 xasecure.audit.destination.solr.zookeepers                         %XAAUDIT.SOLR.ZOOKEEPER%                           mod create-if-not-exists
 xasecure.audit.destination.solr.batch.filespool.dir                %XAAUDIT.SOLR.FILE_SPOOL_DIR%                      mod create-if-not-exists
+xasecure.audit.destination.solr.force.use.inmemory.jaas.config     %XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG%               mod create-if-not-exists
+
+xasecure.audit.jaas.Client.loginModuleName        %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME%         mod create-if-not-exists
+xasecure.audit.jaas.Client.loginModuleControlFlag %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG% mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useKeyTab       %XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB%        mod create-if-not-exists
+xasecure.audit.jaas.Client.option.storeKey        %XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY%          mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useTicketCache  %XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE%   mod create-if-not-exists
+xasecure.audit.jaas.Client.option.serviceName     %XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME%       mod create-if-not-exists
+xasecure.audit.jaas.Client.option.keyTab          %XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB%            mod create-if-not-exists
+xasecure.audit.jaas.Client.option.principal       %XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL%          mod create-if-not-exists
 
 xasecure.audit.destination.elasticsearch                                    %XAAUDIT.ELASTICSEARCH.ENABLE%                              mod create-if-not-exists
 xasecure.audit.destination.elasticsearch.urls                               %XAAUDIT.ELASTICSEARCH.URL%                                 mod create-if-not-exists
 
@@ -52,6 +52,16 @@ XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
 XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/hive/audit/solr/spool
+XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG=false
+
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME=com.sun.security.auth.module.Krb5LoginModule
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG=required
+XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB=true
+XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY=true
+XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE=false
+XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME=serviceName
+XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB=/path/to/service.keytab
+XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL=principal/hostname@REALM
 
 # Enable audit logs to ElasticSearch
 #Example
 
@@ -197,6 +197,16 @@ XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
 XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/ranger/kms/audit/solr/spool
+XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG=false
+
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME=com.sun.security.auth.module.Krb5LoginModule
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG=required
+XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB=true
+XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY=true
+XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE=false
+XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME=serviceName
+XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB=/path/to/service.keytab
+XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL=principal/hostname@REALM
 
 # Enable audit logs to ElasticSearch
 #Example
 
@@ -45,6 +45,16 @@ xasecure.audit.destination.solr.user %XAAUDIT.SOLR.USER% mod create-if-not-exist
 xasecure.audit.destination.solr.password %XAAUDIT.SOLR.PASSWORD% mod create-if-not-exists
 xasecure.audit.destination.solr.zookeepers                         %XAAUDIT.SOLR.ZOOKEEPER%                           mod create-if-not-exists
 xasecure.audit.destination.solr.batch.filespool.dir                %XAAUDIT.SOLR.FILE_SPOOL_DIR%                      mod create-if-not-exists
+xasecure.audit.destination.solr.force.use.inmemory.jaas.config     %XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG%               mod create-if-not-exists
+
+xasecure.audit.jaas.Client.loginModuleName        %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME%         mod create-if-not-exists
+xasecure.audit.jaas.Client.loginModuleControlFlag %XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG% mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useKeyTab       %XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB%        mod create-if-not-exists
+xasecure.audit.jaas.Client.option.storeKey        %XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY%          mod create-if-not-exists
+xasecure.audit.jaas.Client.option.useTicketCache  %XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE%   mod create-if-not-exists
+xasecure.audit.jaas.Client.option.serviceName     %XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME%       mod create-if-not-exists
+xasecure.audit.jaas.Client.option.keyTab          %XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB%            mod create-if-not-exists
+xasecure.audit.jaas.Client.option.principal       %XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL%          mod create-if-not-exists
 
 xasecure.audit.destination.elasticsearch                                    %XAAUDIT.ELASTICSEARCH.ENABLE%                              mod create-if-not-exists
 xasecure.audit.destination.elasticsearch.urls                               %XAAUDIT.ELASTICSEARCH.URL%                                 mod create-if-not-exists
 
@@ -47,6 +47,16 @@ XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
 XAAUDIT.SOLR.FILE_SPOOL_DIR=/var/log/knox/audit/solr/spool
+XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG=false
+
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME=com.sun.security.auth.module.Krb5LoginModule
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG=required
+XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB=true
+XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY=true
+XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE=false
+XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME=serviceName
+XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB=/path/to/service.keytab
+XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL=principal/hostname@REALM
 
 # Enable audit logs to ElasticSearch
 #Example
@@ -173,4 +183,4 @@ CUSTOM_USER=knox
 # Custom component group
 # CUSTOM_COMPONENT_GROUP=<custom-group>
 # keep blank if component group is default
-CUSTOM_GROUP=knox
+CUSTOM_GROUP=knox
@@ -51,6 +51,16 @@ XAAUDIT.SOLR.URL=NONE
 XAAUDIT.SOLR.USER=NONE
 XAAUDIT.SOLR.PASSWORD=NONE
 XAAUDIT.SOLR.ZOOKEEPER=NONE
+XAAUDIT.SOLR.USE_INMEMORY_JAAS_CFG=false
+
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_NAME=com.sun.security.auth.module.Krb5LoginModule
+XAAUDIT.JAAS.CLIENT.LOGIN_MODULE_CONTROL_FLAG=required
+XAAUDIT.JAAS.CLIENT.OPTION.USE_KEY_TAB=true
+XAAUDIT.JAAS.CLIENT.OPTION.STORE_KEY=true
+XAAUDIT.JAAS.CLIENT.OPTION.USE_TICKET_CACHE=false
+XAAUDIT.JAAS.CLIENT.OPTION.SERVICE_NAME=serviceName
+XAAUDIT.JAAS.CLIENT.OPTION.KEY_TAB=/path/to/service.keytab
+XAAUDIT.JAAS.CLIENT.OPTION.PRINCIPAL=principal/hostname@REALM
 
 # Enable audit logs to ElasticSearch
 #Example