Open HariSekhon opened 7 years ago
Hey I have implemented prestodb integration with Ranger successfully in my environment
Hi all, Is this thread still active ?
No?
@shekarrreddy568 would you mind sharing the environment you used to test the ranger integration?
hey ,
Currently i am on vacation, can be able to help after 10 days.
On Fri, Mar 20, 2020, 7:28 AM Kenton Parton notifications@github.com wrote:
@shekarrreddy568 https://github.com/shekarrreddy568 would you mind sharing the environment you used to test the ranger integration?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/prestodb/presto/issues/8980#issuecomment-601494433, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALI7QXELTZQ2OD6O5A62SLLRILETPANCNFSM4D3CREYA .
@shekarrreddy568 That would be great, thank you!
Is this documentation still up to date? https://cwiki.apache.org/confluence/display/RANGER/Presto+Plugin
If not, would someone mind providing a link please. Thank you!
@shekarrreddy568 We would appreciate a summary of your environment
@shekarrreddy568-zz @shekarreddy568 taking a gamble here on whether you are reachable? Still wondering if you can share your experience with using Ranger.
@aweisberg I'm working on the connector access control implementation for ranger authorization. Here is the proposed design.
Is anyone still actively working on this?
Yes, I have WIP implementation, will share the PR by sometime next week.
@rohanpednekar Is active development going on for this? When can we expect it to be released tentatively
@sridhartw, yes we are actively working on this. Subscribe to https://github.com/prestodb/presto/pull/15519 for the live updates. Thanks!
For help with PrestoDB, please join the Presto Community Slack channel at https://prestodb.slack.com.
ERROR main io.trino.server.Server Unable to create injector, see the following errors:
1) [Guice/ErrorInjectingConstructor]: RuntimeException: InvocationTargetException
at RangerSystemAccessControl.
Learn more: https://github.com/google/guice/wiki/ERROR_INJECTING_CONSTRUCTOR
1 error
com.google.inject.CreationException: Unable to create injector, see the following errors:
1) [Guice/ErrorInjectingConstructor]: RuntimeException: InvocationTargetException
at RangerSystemAccessControl.
Learn more: https://github.com/google/guice/wiki/ERROR_INJECTING_CONSTRUCTOR
1 error
at com.google.inject.internal.Errors.throwCreationExceptionIfErrorsExist(Errors.java:576)
at com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:190)
at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:113)
at com.google.inject.Guice.createInjector(Guice.java:87)
at io.airlift.bootstrap.Bootstrap.initialize(Bootstrap.java:262)
at org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControlFactory.create(RangerSystemAccessControlFactory.java:53)
at io.trino.security.AccessControlManager.createSystemAccessControl(AccessControlManager.java:182)
at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
at java.base/java.util.Collections$2.tryAdvance(Collections.java:4853)
at java.base/java.util.Collections$2.forEachRemaining(Collections.java:4861)
at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509)
at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499)
at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:921)
at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:682)
at io.trino.security.AccessControlManager.loadSystemAccessControl(AccessControlManager.java:151)
at io.trino.server.Server.doStart(Server.java:157)
at io.trino.server.Server.lambda$start$0(Server.java:88)
at io.trino.$gen.Trino_403_amzn_0____20240626_061636_1.run(Unknown Source)
at io.trino.server.Server.start(Server.java:88)
at io.trino.server.TrinoServer.main(TrinoServer.java:38)
Caused by: java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
at org.apache.ranger.authorization.trino.authorizer.RangerSystemAccessControl.
2024-06-26T06:16:53.690Z INFO Thread-100 io.airlift.bootstrap.LifeCycleManager JVM is shutting down, cleaning up 2024-06-26T06:16:53.691Z INFO Thread-102 io.airlift.bootstrap.LifeCycleManager JVM is shutting down, cleaning up 2024-06-26T06:16:53.691Z INFO Thread-98 io.airlift.bootstrap.LifeCycleManager JVM is shutting down, cleaning up 2024-06-26T06:16:53.691Z INFO Thread-102 io.airlift.bootstrap.LifeCycleManager Life cycle stopping... 2024-06-26T06:16:53.691Z INFO Thread-100 io.airlift.bootstrap.LifeCycleManager Life cycle stopping...
Feature Request to add Apache Ranger integration support for Presto.
This will solve authorization very nicely for most people who are running the widely used standard open source Hortonworks Hadoop platform and provide granular access controls down to the column level, as well as integrating to the single-pane-of-glass for security configuration and auditing across all data access components on a Hadoop cluster.
Also, is there any chance this project could go in to the Apache Foundation? I think this combined with Ranger integration would massively increase Presto's market, especially if Hortonworks were to adopt it (they usually require their integrated components to be in the Apache Foundation).
Great work so far on this distributed SQL engine btw! :)