ranger對應大數據組件擴展接口列表

鑑權方法的定義一定會體現出權限模型的三要素:用戶,資源,權限
如果方法返回類型是void的,則插件通過拋異常來通知組件鑑權失敗。
如果方法返回類型是boolean的,則插件通過返回false來通知組件鑑權失敗。

下表列出了Ranger插件對所有支持的系統的擴展接口:

Service  Extensible Interface   Ranger Implement Class
HDFS org.apache.hadoop.hdfs.server.namenode.INodeAttributeProvider  org.apache.ranger.authorization.hadoop.RangerHdfsAuthorizer
HBase   org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos.AccessControlService.Interface org.apache.ranger.authorization.hbase.RangerAuthorizationCoprocessor
Hive org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory org.apache.ranger.authorization.hive.authorizer.RangerHiveAuthorizerFactory
Sqoop org.apache.sqoop.security.AuthorizationValidator org.apache.ranger.authorization.sqoop.authorizer.RangerSqoopAuthorizer
Storm org.apache.storm.security.auth.IAuthorizer org.apache.ranger.authorization.storm.authorizer.RangerStormAuthorizer
Solr org.apache.solr.security.AuthorizationPlugin org.apache.ranger.authorization.solr.authorizer.RangerSolrAuthorizer
Kafka kafka.security.auth.Authorizer org.apache.ranger.authorization.kafka.authorizer.RangerKafkaAuthorizer
Knox org.apache.knox.gateway.deploy.ProviderDeploymentContributorBase org.apache.ranger.authorization.knox.deploy.RangerPDPKnoxDeploymentContributor
Kylin org.apache.kylin.rest.security.ExternalAclProvider org.apache.ranger.authorization.kylin.authorizer.RangerKylinAuthorizer
YARN org.apache.hadoop.yarn.security.YarnAuthorizationProvider org.apache.ranger.authorization.yarn.authorizer.RangerYarnAuthorizer
Atlas org.apache.atlas.authorize.AtlasAuthorizer org.apache.ranger.authorization.atlas.authorizer.RangerAtlasAuthorizer
Nifi NA NA
     
     
     
     
     
     
     


 

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章