java source code of LdapPolicyMgrUserGroupBuilder

ranger-master
- plugin-kudu
  - src
    - main
      - java
        org
        apache
        ranger
        services
        kudu
        RangerServiceKudu.java
  - pom.xml
  - .gitignore
- NOTICE.txt
- embeddedwebserver
  - src
    - main
      - java
        org
        apache
        ranger
        server
        tomcat
        ElasticSearchIndexBootStrapper.java
        EmbeddedServer.java
        EmbeddedServerUtil.java
        SolrCollectionBootstrapper.java
        StopEmbeddedServer.java
  - pom.xml
  - scripts
    - ranger-admin-initd
    - ranger-admin-services.sh
    - stop-ranger-admin.sh
    - start-ranger-admin.sh
  - .gitignore
- agents-audit
  - src
    - main
      - resources
        META-INF
        persistence.xml
      - java
        org
        apache
        ranger
        audit
        dao
        DaoManagerBase.java
        BaseDao.java
        DaoManager.java
        AuthzAuditEventDao.java
        utils
        RollingTimeUtil.java
        SolrAppUtil.java
        InMemoryJAASConfiguration.java
        provider
        kafka
        KafkaAuditProvider.java
        BaseAuditHandler.java
        AsyncAuditProvider.java
        LogDestination.java
        MiscUtil.java
        Log4jAuditProvider.java
        AuditProviderFactory.java
        AuditHandler.java
        DummyAuditProvider.java
        LocalFileLogBuffer.java
        hdfs
        HdfsLogDestination.java
        HdfsAuditProvider.java
        Log4jTracer.java
        MultiDestAuditProvider.java
        DbAuditProvider.java
        StandAloneAuditProviderFactory.java
        solr
        SolrAuditProvider.java
        AuditMessageException.java
        LogBuffer.java
        DebugTracer.java
        AuditFileCacheProvider.java
        BufferedAuditProvider.java
        entity
        AuthzAuditEventDbObj.java
        destination
        ElasticSearchAuditDestination.java
        AuditDestination.java
        SolrAuditDestination.java
        FileAuditDestination.java
        Log4JAuditDestination.java
        DBAuditDestination.java
        HDFSAuditDestination.java
        test
        TestEvents.java
        model
        AuditEventBase.java
        EnumRepositoryType.java
        AuthzAuditEvent.java
        queue
        AuditQueue.java
        AuditFileCacheProviderSpool.java
        AuditSummaryQueue.java
        AuditBatchQueue.java
        AuditFileSpool.java
        AuditAsyncQueue.java
  - pom.xml
  - .gitignore
- hbase-agent
  - src
    - main
      - java
        org
        apache
        ranger
        services
        hbase
        client
        HBaseClient.java
        HBaseResourceMgr.java
        HBaseConnectionMgr.java
        RangerServiceHBase.java
        authorization
        hbase
        HbaseUserUtils.java
        HbaseUserUtilsImpl.java
        HbaseAuthUtils.java
        ColumnIterator.java
        HbaseAuditHandler.java
        HbaseAuthUtilsImpl.java
        RangerAuthorizationCoprocessor.java
        HbaseAuditHandlerImpl.java
        AuthorizationSession.java
        RangerAuthorizationFilter.java
        HbaseFactory.java
        RangerHBaseResource.java
    - test
      - resources
        log4j.properties
        ranger-hbase-security.xml
        hbase-policies-tag.json
        hbase-policies.json
        policyengine
        test_policyengine_hbase.json
      - java
        org
        apache
        ranger
        services
        hbase
        TestRangerServiceHBase.java
        authorization
        hbase
        RangerAuthorizationFilterTest.java
        RangerAuthorizationCoprocessorTest.java
        HbaseAuthUtilsImplTest.java
        ColumnIteratorTest.java
        HBaseRangerAuthorizationTest.java
        AuthorizationSessionTest.java
        RangerAdminClientImpl.java
        TestPolicyEngine.java
  - disable-conf
    - hbase-site-changes.cfg
  - pom.xml
  - scripts
    - uninstall.sh
    - install.properties
    - install.sh
  - .gitignore
  - conf
    - hbase-site-changes.cfg
    - ranger-hbase-security.xml
    - ranger-hbase-audit.xml
    - ranger-policymgr-ssl-changes.cfg
    - ranger-hbase-audit-changes.cfg
    - ranger-policymgr-ssl.xml
    - ranger-hbase-security-changes.cfg
- release-build.xml
- unixauthservice
  - src
    - main
      - resources
        log4j.properties
      - java
        org
        apache
        ranger
        authentication
        UnixAuthenticationService.java
        PasswordValidator.java
  - pom.xml
  - scripts
    - initd
    - stop.sh
    - templates
      - installprop2xml.properties
      - ranger-ugsync-template.xml
    - set_globals.sh
    - updatepolicymgrpassword.sh
    - install.properties
    - setup.py
    - ranger-usersync-services.sh
    - start.sh
    - updatepolicymgrpassword.py
    - update_property.py
    - setup.sh
  - conf.dist
    - log4j.properties
    - ranger-ugsync-default.xml
    - jaas.conf
    - log4j.xml
  - .gitignore
- ranger-tools
  - src
    - main
      - java
        org
        apache
        ranger
        policyengine
        RangerResourceDeserializer.java
        PerfTestOptions.java
        PerfTestEngine.java
        RangerPluginPerfTester.java
        RangerAccessRequestDeserializer.java
        PerfTestClient.java
        CommandLineParser.java
        perftest
        v2
        RangerPolicyFactory.java
        RangerPolicyenginePerfTester.java
    - test
      - resources
        log4j.properties
        testdata
        test_servicetags_hive.json
        test_requests_hive.json
        test_servicepolicies_hive.json
        single-request-template.json
        performance-chart.template
        single-policy-template.json
        test_modules.txt
        ranger-config.xml
        commandline
      - java
        org
        apache
        ranger
        policyengine
        PerfTesterTest.java
        RangerPolicyEnginePerformanceTest.java
  - pom.xml
  - testdata
    - test_requests_hive.json
    - test_modules.txt
    - ranger-config.xml
  - scripts
    - summary.awk
    - ranger-plugin-perftester.sh
    - README.txt
    - ranger-perftester.sh
  - .gitignore
  - conf
    - log4j.properties
- unixauthnative
  - src
    - main
      - c
        credValidator.c
  - pom.xml
  - .gitignore
- ranger-examples
  - pom.xml
  - README.txt
  - distro
    - src
      - main
        assembly
        plugin-sampleapp.xml
        sampleapp.xml
    - pom.xml
    - .gitignore
  - plugin-sampleapp
    - src
      - main
        java
        org
        apache
        ranger
        examples
        sampleapp
        IAuthorizer.java
        RangerAuthorizer.java
    - pom.xml
    - .gitignore
    - conf
      - ranger-sampleapp-security.xml
      - ranger-policymgr-ssl.xml
      - ranger-sampleapp-audit.xml
  - sampleapp
    - src
      - main
        java
        org
        apache
        ranger
        examples
        sampleapp
        SampleApp.java
        DefaultAuthorizer.java
        IAuthorizer.java
    - pom.xml
    - scripts
      - run-sampleapp.sh
    - .gitignore
    - conf
      - log4j.xml
  - conditions-enrichers
    - src
      - main
        java
        org
        apache
        ranger
        plugin
        contextenricher
        RangerSampleCountryProvider.java
        RangerSampleProjectProvider.java
        conditionevaluator
        RangerSampleSimpleMatcher.java
        RangerPolicyConditionSampleSimpleMatcher.java
      - test
        java
        org
        apache
        ranger
        plugin
        conditionevaluator
        RangerSampleSimpleMatcherTest.java
    - pom.xml
    - .gitignore
  - dev-support
    - findbugsIncludeFile.xml
    - ranger-pmd-ruleset.xml
  - .gitignore
- kms
  - src
    - main
      - resources
        mini-kms-acls-default.xml
        log4j-kmsaudit.properties
        log4j.properties
        META-INF
        services
        org.apache.hadoop.crypto.key.KeyProviderFactory
        persistence.xml
        kms_jpa_named_queries.xml
        WEB-INF
        web.xml
      - java
        org
        apache
        hadoop
        crypto
        key
        kms
        server
        KMSAuditLogger.java
        KMSWebApp.java
        KMSACLsType.java
        KMSJSONReader.java
        KMS.java
        KMSConfiguration.java
        KMSACLs.java
        KMSMetricUtil.java
        KMSAuthenticationFilter.java
        KMSAudit.java
        KeyAuthorizationKeyProvider.java
        KMSExceptionsProvider.java
        KMSJSONWriter.java
        KMSServerJSONUtils.java
        KMSJMXServlet.java
        EagerKeyGeneratorKeyProviderCryptoExtension.java
        SimpleKMSAuditLogger.java
        KMSMDCFilter.java
        RangerHSM.java
        DB2HSMMKUtil.java
        RangerKeyVaultKeyGenerator.java
        JKS2RangerUtil.java
        HSM2DBMKUtil.java
        RangerSafenetKeySecure.java
        RangerKeyStoreProvider.java
        ConsoleUtil.java
        KeySecureToRangerDBMKUtil.java
        VerifyIsDBMasterkeyCorrect.java
        RangerMasterKey.java
        RangerKeyStore.java
        VerifyIsHSMMasterkeyCorrect.java
        DBToAzureKeyVault.java
        Ranger2JKSUtil.java
        DBToKeySecure.java
        AzureKeyVaultClientAuthenticator.java
        RangerKMSDB.java
        RangerKMSMKI.java
        ranger
        kms
        dao
        DaoManagerBase.java
        RangerKMSDao.java
        BaseDao.java
        DaoManager.java
        RangerMasterKeyDao.java
        biz
        RangerKMSStartUp.java
        entity
        XXDBBase.java
        XXRangerMasterKey.java
        XXRangerKeyStore.java
      - webapp
        WEB-INF
        web.xml
    - test
      - resources
        kms
        dbks-site.xml
        kms-site.xml
      - java
        org
        apache
        hadoop
        crypto
        key
        kms
        TestRangerKeyStore.java
        server
        TestKMSACLs.java
        DerbyTestUtils.java
        RangerKeyStoreProviderTest.java
        TestKMSAudit.java
        RangerMasterKeyTest.java
        TestKeyAuthorizationKeyProvider.java
  - pom.xml
  - config
    - webserver
      - ranger-kms-site.xml
    - kms-webapp
      - dbks-site.xml
      - kms-log4j.properties
      - kms-site.xml
  - scripts
    - ranger-kms-initd
    - VerifyIsDBMasterkeyCorrect.sh
    - dba_script.py
    - db_setup.py
    - db
      - sqlserver
        kms_core_db_sqlserver.sql
      - sqlanywhere
        kms_core_db_sqlanywhere.sql
      - oracle
        kms_core_db_oracle.sql
      - mysql
        kms_core_db.sql
      - postgres
        kms_core_db_postgres.sql
    - KEYSECUREMKTOKMSDB.sh
    - DBMKTOKEYSECURE.sh
    - install.properties
    - importJCEKSKeys.sh
    - HSMMK2DB.sh
    - VerifyIsHSMMasterkeyCorrect.sh
    - DBMKTOAZUREKEYVAULT.sh
    - ranger-kms
    - exportKeysToJCEKS.sh
    - update_property.py
    - DBMK2HSM.sh
    - setup.sh
  - dev-support
    - findbugsExcludeFile.xml
  - .gitignore
- ranger-atlas-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        atlas
        authorizer
        RangerAtlasAuthorizer.java
  - pom.xml
  - .gitignore
- plugin-atlas
  - src
    - main
      - java
        org
        apache
        ranger
        services
        atlas
        json
        model
        ResourceTermResponse.java
        ResourceOperationResponse.java
        ResourceTypeResponse.java
        ResourceTaxonomyResponse.java
        ResourceEntityResponse.java
        RangerServiceAtlas.java
        authorization
        atlas
        authorizer
        RangerAtlasAuthorizer.java
    - test
      - resource
        log4j.properties
  - pom.xml
  - template
    - configuration.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-atlas-security.xml
    - ranger-atlas-audit-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - ranger-atlas-audit.xml
    - ranger-policymgr-ssl.xml
    - ranger-atlas-security-changes.cfg
- ranger-knox-plugin-shim
  - src
    - main
      - resources
        META-INF
        services
        org.apache.knox.gateway.deploy.ProviderDeploymentContributor
      - java
        com
        xasecure
        pdp
        knox
        filter
        XASecurePDPKnoxFilter.java
        org
        apache
        ranger
        authorization
        knox
        deploy
        RangerPDPKnoxDeploymentContributor.java
        RangerPDPKnoxFilter.java
  - pom.xml
  - .gitignore
- plugin-solr
  - src
    - main
      - java
        org
        apache
        ranger
        services
        solr
        RangerServiceSolr.java
        client
        ServiceSolrConnectionMgr.java
        ServiceSolrClient.java
        authorization
        solr
        authorizer
        SubsetQueryPlugin.java
        RangerSolrAuthorizer.java
        RangerSolrAuditHandler.java
        FieldToAttributeMapping.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-solr-audit.xml
    - ranger-policymgr-ssl-changes.cfg
    - ranger-solr-security.xml
    - ranger-policymgr-ssl.xml
    - ranger-solr-security-changes.cfg
    - ranger-solr-audit-changes.cfg
- hive-agent
  - src
    - main
      - java
        com
        xasecure
        authorization
        hive
        authorizer
        XaSecureHiveAuthorizerFactory.java
        org
        apache
        ranger
        services
        hive
        client
        HiveConnectionMgr.java
        HiveResourceMgr.java
        HiveClient.java
        RangerServiceHive.java
        authorization
        hive
        constants
        RangerHiveConstants.java
        authorizer
        RangerHiveResourceACLs.java
        RangerHiveAuthorizerBase.java
        RangerHiveAccessRequest.java
        RangerHiveAuditHandler.java
        RangerHiveResource.java
        RangerHiveAuthorizer.java
        RangerHiveAuthorizerFactory.java
        RangerHivePolicyProvider.java
    - test
      - resources
        log4j.properties
        ranger-hive-security.xml
        hive-policies.json
        hive-policies-tag.json
        wordcount.txt
      - java
        org
        apache
        ranger
        services
        hive
        TestAllHiveOperationInRanger.java
        HIVERangerAuthorizerTest.java
        RangerHiveOperationType.java
        RangerAdminClientImpl.java
  - disable-conf
    - hiveserver2-site-changes.cfg
  - pom.xml
  - template
    - configuration.xml
  - scripts
    - uninstall.sh
    - install.properties
    - install.sh
  - .gitignore
  - conf
    - ranger-hive-audit.xml
    - ranger-hive-security.xml
    - hiveserver2-site-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - ranger-hive-audit-changes.cfg
    - ranger-policymgr-ssl.xml
    - ranger-hive-security-changes.cfg
- agents-cred
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        hadoop
        utils
        RangerCredentialProvider.java
    - test
      - resources
        log4j.properties
      - java
        org
        apache
        ranger
        authorization
        hadoop
        utils
        RangerCredentialProviderTest.java
  - pom.xml
  - .gitignore
- plugin-schema-registry
  - src
    - main
      - java
        org
        apache
        ranger
        services
        schema
        registry
        client
        AutocompletionAgent.java
        connection
        DefaultSchemaRegistryClient.java
        ISchemaRegistryClient.java
        util
        SecurityUtils.java
        SchemaRegistryResourceMgr.java
        RangerServiceSchemaRegistry.java
    - test
      - resources
        truststore.jks
        keystore.jks
        ssl-schema-registry.yaml
        schema-text3.avcs
        ssl-schema-registry-client.yaml
      - java
        org
        apache
        ranger
        services
        schema
        registry
        client
        SchemaRegistryResourceMgrTest.java
        util
        AcceptAllHostnameVerifier.java
        TestAutocompletionAgent.java
        DefaultSchemaRegistryClientForTesting.java
        connection
        DefaultSchemaRegistryClientTest.java
        util
        SecurityUtilsTest.java
        AutocompletionAgentTest.java
  - pom.xml
  - .gitignore
- storm-agent
  - src
    - main
      - java
        org
        apache
        ranger
        services
        storm
        client
        StormConnectionMgr.java
        StormClient.java
        StormResourceMgr.java
        json
        model
        Topology.java
        TopologyListResponse.java
        RangerServiceStorm.java
        authorization
        storm
        StormRangerPlugin.java
        authorizer
        RangerStormAuthorizer.java
    - test
      - resources
        storm-policies-tag.json
        ranger-storm-security.xml
        storm.yaml
        storm-policies.json
        words.txt
      - java
        org
        apache
        ranger
        authorization
        storm
        StormRangerAuthorizerTest.java
        WordSpout.java
        RangerAdminClientImpl.java
        WordCounterBolt.java
  - pom.xml
  - scripts
    - uninstall.sh
    - install.properties
    - install.sh
  - .gitignore
  - conf
    - ranger-storm-audit.xml
    - ranger-storm-security.xml
    - ranger-policymgr-ssl-changes.cfg
    - ranger-policymgr-ssl.xml
    - ranger-storm-audit-changes.cfg
    - ranger-storm-security-changes.cfg
- pom.xml
- plugin-kafka
  - src
    - main
      - java
        org
        apache
        ranger
        services
        kafka
        RangerServiceKafka.java
        client
        ServiceKafkaConnectionMgr.java
        ServiceKafkaClient.java
        authorization
        kafka
        authorizer
        RangerKafkaAuthorizer.java
        RangerKafkaAuditHandler.java
    - test
      - resources
        kafka_kerberos.jaas
        log4j.properties
        kafka_plain.jaas
        kafka-policies.json
        kafka-policies-tag.json
        ranger-kafka-security.xml
      - java
        org
        apache
        ranger
        authorization
        kafka
        authorizer
        KafkaRangerTopicCreationTest.java
        KafkaRangerAuthorizerSASLSSLTest.java
        KafkaRangerAuthorizerGSSTest.java
        RangerAdminClientImpl.java
        KafkaRangerAuthorizerTest.java
        KafkaTestUtils.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-kafka-audit-changes.cfg
    - ranger-kafka-audit.xml
    - ranger-policymgr-ssl-changes.cfg
    - ranger-policymgr-ssl.xml
    - ranger-kafka-security.xml
    - kafka-ranger-env.sh
    - ranger-kafka-security-changes.cfg
- ranger-hbase-plugin-shim
  - src
    - main
      - test
        org
        apache
        hadoop
        hbase
        security
        access
        RangerAccessControlListsTest.java
      - java
        com
        xasecure
        authorization
        hbase
        XaSecureAuthorizationCoprocessor.java
        org
        apache
        hadoop
        hbase
        security
        access
        RangerAccessControlLists.java
        ranger
        authorization
        hbase
        RangerAuthorizationCoprocessor.java
  - pom.xml
  - .gitignore
- unixauthpam
  - src
    - main
      - c
        pamCredValidator.c
  - pom.xml
  - .gitignore
- ranger-storm-plugin-shim
  - src
    - main
      - java
        com
        xasecure
        authorization
        storm
        authorizer
        XaSecureStormAuthorizer.java
        org
        apache
        ranger
        authorization
        storm
        authorizer
        RangerStormAuthorizer.java
  - pom.xml
  - .gitignore
- ranger-kylin-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        kylin
        authorizer
        RangerKylinAuthorizer.java
  - pom.xml
  - .gitignore
- migration-util
  - ambari2.1-hdp2.3-ranger0.50
    - bin
      - ranger_admin_install.properties
      - import_ranger_to_ambari.py
    - doc
      - README.TXT
  - ambari2.0-hdp2.2-ranger0.40
    - bin
      - ranger_admin_install.properties
      - import_ranger_to_ambari.py
    - doc
      - README.TXT
- ranger-hive-plugin-shim
  - src
    - main
      - java
        com
        xasecure
        authorization
        hive
        authorizer
        XaSecureHiveAuthorizerFactory.java
        org
        apache
        ranger
        authorization
        hive
        authorizer
        RangerHiveAuthorizerFactory.java
  - pom.xml
  - .gitignore
- ranger-kms-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        kms
        authorizer
        RangerKmsAuthorizer.java
  - pom.xml
  - .gitignore
- ranger-plugin-classloader
  - src
    - main
      - java
        org
        apache
        ranger
        plugin
        classloader
        RangerPluginClassLoader.java
        RangerPluginClassLoaderUtil.java
    - test
      - java
        org
        apache
        ranger
        plugin
        classloader
        test
        Impl
        TestPrint.java
        TestChildFistClassLoader.java
        TestPluginImpl.java
        TestPrintParent.java
        TestPlugin.java
  - pom.xml
  - .gitignore
- README.txt
- ranger-util
  - src
    - main
      - java
        org
        apache
        ranger
        common
        RangerVersionInfo.java
        RangerVersionAnnotation.java
    - scripts
      - saveVersion.py
    - .gitignore
  - pom.xml
  - .gitignore
- ranger-sqoop-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        sqoop
        authorizer
        RangerSqoopAuthorizer.java
  - pom.xml
  - .gitignore
- plugin-nifi
  - src
    - main
      - java
        org
        apache
        ranger
        services
        nifi
        client
        NiFiAuthType.java
        NiFiConfigs.java
        NiFiClient.java
        NiFiConnectionMgr.java
        RangerServiceNiFi.java
    - test
      - java
        org
        apache
        ranger
        services
        nifi
        client
        TestNiFiConnectionMgr.java
        TestNiFiClient.java
  - pom.xml
  - .gitignore
- .gitattributes
- security-admin
  - src
    - main
      - resources
        internationalization
        messages_zh_CN.properties
        messages_uk_UA.properties
        messages_es_ES.properties
        messages_pt_BR.properties
        messages_pl.properties
        messages_lt.properties
        messages_it.properties
        messages.properties
        messages_de.properties
        messages_pt_PT.properties
        messages_fr.properties
        messages_ko_KR.properties
        messages_cs_CZ.properties
        META-INF
        persistence.xml
        infinispan-cache-config.xml
        jpa_named_queries.xml
        db_message_bundle.properties
        resourcenamemap.properties
        conf.dist
        ranger-admin-default-site.xml
        security-applicationContext.xml
        ranger-admin-site.xml
        log4jdbc.properties
      - java
        org
        apache
        ranger
        security
        web
        authentication
        RangerSessionFixationProtectionStrategy.java
        CustomLogoutSuccessHandler.java
        RangerAuthFailureHandler.java
        RangerAuthSuccessHandler.java
        RangerAuthenticationEntryPoint.java
        filter
        RangerSecurityContextFormationFilter.java
        RangerSSOAuthenticationFilter.java
        RangerKrbFilter.java
        SSOAuthenticationProperties.java
        SSOAuthentication.java
        RangerUsernamePasswordAuthenticationFilter.java
        RangerKRBAuthenticationFilter.java
        MyRememberMeFilter.java
        RangerCSRFPreventionFilter.java
        standalone
        StandaloneSecurityHandler.java
        context
        RangerAdminOpContext.java
        RangerAPIMapping.java
        RangerSecurityContext.java
        RangerAPIList.java
        RangerContextHolder.java
        RangerPreAuthSecurityHandler.java
        handler
        RangerDomainObjectSecurityHandler.java
        RangerAuthenticationProvider.java
        Permission.java
        listener
        SpringEventListener.java
        RangerHttpSessionListener.java
        patch
        PatchTagModulePermission_J10005.java
        PatchForPrestoToSupportPresto333_J10038.java
        PatchForAtlasResourceAndAccessTypeUpdate_J10016.java
        PatchForHiveServiceDefUpdate_J10030.java
        PatchForHiveServiceDefUpdate_J10007.java
        PatchForUpdatingPolicyJson_J10019.java
        PatchGrantAuditPermissionToKeyRoleUser_J10014.java
        PatchForKafkaServiceDefUpdate_J10015.java
        PatchForMigratingRangerServiceResource_J10037.java
        PatchPermissionModel_J10003.java
        PatchForTagServiceDefUpdate_J10008.java
        PatchAssignSecurityZonePersmissionToAdmin_J10026.java
        PatchForHiveServiceDefUpdate_J10006.java
        cliutil
        ChangeUserNameUtil.java
        UpdateUserAndGroupNamesInJson.java
        MetricUtil.java
        ChangePasswordUtil.java
        XXTrxLogUpdateUtil.java
        DbToSolrMigrationUtil.java
        RoleBasedUserSearchUtil.java
        PatchForServiceVersionInfo_J10004.java
        BaseLoader.java
        PatchForKafkaServiceDefUpdate_J10025.java
        PatchMigration_J10002.java
        PatchForUpdatingTagsJson_J10020.java
        PatchForAllServiceDefUpdateForResourceSpecificAccesses_J10012.java
        PatchPasswordEncryption_J10001.java
        PatchForXGlobalState_J10036.java
        PatchForKafkaServiceDefUpdate_J10033.java
        PatchForHiveServiceDefUpdate_J10010.java
        PatchForHBaseServiceDefUpdate_J10035.java
        PatchForAtlasServiceDefUpdate_J10013.java
        PatchForNifiResourceUpdateExclude_J10011.java
        PatchForHiveServiceDefUpdate_J10027.java
        PatchForHiveServiceDefUpdate_J10017.java
        PatchForHiveServiceDefUpdate_J10009.java
        PatchForTagServiceDefUpdate_J10028.java
        PatchForAtlasToAddEntityLabelAndBusinessMetadata_J10034.java
        entity
        XXServiceResourceElement.java
        XXPolicyRefGroup.java
        XXServiceDef.java
        XXSecurityZoneRefResource.java
        XXPolicyRefUser.java
        XXSecurityZoneRefGroup.java
        XXPolicyRefCondition.java
        XXUserPermission.java
        XXPolicyLabelMap.java
        XXPolicyChangeLog.java
        XXPolicyConditionDef.java
        XXTagResourceMap.java
        XXContextEnricherDef.java
        XXPolicyWithAssignedId.java
        XXPolicyResourceMap.java
        XXTagDef.java
        XXAccessAudit.java
        XXDBBase.java
        XXServiceDefWithAssignedId.java
        XXServiceResourceElementValue.java
        XXPolicyRefResource.java
        XXAccessAuditV5.java
        XXRoleRefRole.java
        XXRoleBase.java
        XXServiceBase.java
        XXPolicyItemCondition.java
        XXDataMaskTypeDef.java
        XXSecurityZoneBase.java
        XXPermMap.java
        XXServiceVersionInfo.java
        XXSecurityZone.java
        XXTagChangeLog.java
        XXPolicyRefAccessType.java
        XXPolicyItemGroupPerm.java
        XXSecurityZoneRefTagService.java
        XXServiceConfigMap.java
        XXAccessTypeDefGrants.java
        XXServiceResource.java
        XXPolicyItemAccess.java
        XXPolicyItemRowFilterInfo.java
        XXServiceConfigDef.java
        XXSecurityZoneRefUser.java
        XXAccessTypeDef.java
        XXAccessAuditBase.java
        XXAccessAuditV4.java
        XXResource.java
        XXTag.java
        XXPolicyRefDataMaskType.java
        XXRole.java
        XXServiceWithAssignedId.java
        XXAuthSession.java
        XXSecurityZoneRefService.java
        XXGroupUser.java
        XXServiceDefBase.java
        XXPolicyExportAudit.java
        XXUgsyncAuditInfo.java
        XXPolicy.java
        view
        VXXTrxLog.java
        XXResourceDef.java
        XXGroup.java
        XXCredentialStore.java
        XXAuditMap.java
        XXPolicyResource.java
        XXPluginInfo.java
        XXEnumElementDef.java
        XXTagAttributeDef.java
        XXGlobalStateBase.java
        XXGroupGroup.java
        XXModuleDef.java
        XXRoleRefUser.java
        XXPolicyItemDataMaskInfo.java
        XXGroupPermission.java
        XXTrxLog.java
        XXDataHist.java
        XXPolicyRefRole.java
        XXPolicyItem.java
        XXEnumDef.java
        XXPolicyItemUserPerm.java
        XXRoleRefGroup.java
        XXAsset.java
        XXPortalUserRole.java
        XXPortalUser.java
        XXPolicyBase.java
        XXTagAttribute.java
        XXPolicyLabel.java
        XXGlobalState.java
        XXService.java
        XXUser.java
        db
        XXGlobalStateDao.java
        XXAssetDao.java
        XXPolicyLabelDao.java
        XXAuthSessionDao.java
        XXRoleRefRoleDao.java
        RangerDaoManagerBase.java
        XXGroupGroupDao.java
        XXResourceDefDao.java
        XXAccessTypeDefDao.java
        XXPolicyResourceDao.java
        XXAuditMapDao.java
        XXModuleDefDao.java
        XXContextEnricherDefDao.java
        XXServiceConfigMapDao.java
        XXGroupDao.java
        XXPolicyRefGroupDao.java
        XXPolicyChangeLogDao.java
        XXPolicyExportAuditDao.java
        XXTagAttributeDefDao.java
        XXServiceResourceElementValueDao.java
        XXSecurityZoneRefTagServiceDao.java
        XXPolicyItemUserPermDao.java
        XXRoleRefGroupDao.java
        XXTagAttributeDao.java
        XXGroupPermissionDao.java
        XXServiceWithAssignedIdDao.java
        XXPolicyItemConditionDao.java
        XXPolicyItemDataMaskInfoDao.java
        XXSecurityZoneRefResourceDao.java
        XXPolicyItemRowFilterInfoDao.java
        XXPolicyRefResourceDao.java
        XXUgsyncAuditInfoDao.java
        XXUserDao.java
        XXDBBaseDao.java
        XXPolicyItemAccessDao.java
        XXAccessTypeDefGrantsDao.java
        XXServiceConfigDefDao.java
        XXTagDao.java
        RangerDaoManager.java
        XXPolicyRefAccessTypeDao.java
        XXDataHistDao.java
        XXEnumElementDefDao.java
        XXServiceResourceDao.java
        XXDataMaskTypeDefDao.java
        XXCredentialStoreDao.java
        XXPolicyDao.java
        XXGroupUserDao.java
        XXSecurityZoneDao.java
        XXPluginInfoDao.java
        XXSecurityZoneRefServiceDao.java
        XXServiceDefWithAssignedIdDao.java
        XXRoleRefUserDao.java
        XXTagDefDao.java
        XXPolicyItemGroupPermDao.java
        XXTagResourceMapDao.java
        XXUserPermissionDao.java
        XXServiceResourceElementDao.java
        XXSecurityZoneRefGroupDao.java
        XXServiceDao.java
        XXPolicyRefConditionDao.java
        XXResourceDao.java
        XXServiceDefDao.java
        XXPolicyRefRoleDao.java
        XXTrxLogDao.java
        XXRoleDao.java
        XXTagChangeLogDao.java
        XXPolicyLabelMapDao.java
        XXPolicyItemDao.java
        XXPermMapDao.java
        XXServiceVersionInfoDao.java
        XXPortalUserRoleDao.java
        XXPolicyConditionDefDao.java
        XXSecurityZoneRefUserDao.java
        XXPolicyRefUserDao.java
        XXPortalUserDao.java
        XXEnumDefDao.java
        XXPolicyResourceMapDao.java
        XXAccessAuditDao.java
        XXPolicyWithAssignedIdDao.java
        XXPolicyRefDataMaskTypeDao.java
        authentication
        unix
        jaas
        RoleUserAuthorityGranter.java
        elasticsearch
        ElasticSearchMgr.java
        ElasticSearchAccessAuditsService.java
        ElasticSearchUtil.java
        credentialapi
        CredentialReader.java
        common
        ContextUtil.java
        SearchValue.java
        StringUtil.java
        TimedEventUtil.java
        RangerValidatorFactory.java
        db
        RangerTransactionSynchronizationAdapter.java
        BaseDao.java
        JPABeanCallbacks.java
        MyCallBack.java
        XMLPropertiesUtil.java
        RangerConstants.java
        UserSessionBase.java
        RangerSearchUtil.java
        RangerJAXBContextResolver.java
        SearchUtil.java
        RangerCommonEnums.java
        SearchField.java
        HTTPUtil.java
        ServiceUtil.java
        GUIDUtil.java
        ErrorMessageUtil.java
        SortField.java
        SearchGroup.java
        RangerServicePoliciesCache.java
        JSONUtil.java
        AppConstants.java
        MapUtil.java
        SearchCriteria.java
        TimedExecutor.java
        RequestContext.java
        DateUtil.java
        view
        VList.java
        VTrxLogAttr.java
        ViewBaseBean.java
        VEnum.java
        VEnumElement.java
        RangerFactory.java
        RangerProperties.java
        PropertiesUtil.java
        RESTErrorUtil.java
        TimedExecutorConfigurator.java
        MessageEnums.java
        annotation
        RangerAnnotationRestAPI.java
        RangerAnnotationJSMgrName.java
        RangerAnnotationClassName.java
        RangerServiceTagsCache.java
        RangerAdminTagEnricher.java
        RangerUserStoreCache.java
        RangerRoleCache.java
        RangerConfigUtil.java
        util
        RangerMetricsUtil.java
        RangerEnumUtil.java
        RangerRestUtil.java
        RestUtil.java
        CLIUtil.java
        service
        XModuleDefServiceBase.java
        XAccessAuditServiceBase.java
        XPermMapService.java
        UserService.java
        UserServiceBase.java
        XAssetServiceBase.java
        XPolicyExportAuditServiceBase.java
        RangerPluginInfoService.java
        RangerServiceResourceService.java
        XUgsyncAuditInfoServiceBase.java
        XUgsyncAuditInfoService.java
        RangerServiceServiceBase.java
        XAccessAuditService.java
        PublicAPIServiceBase.java
        XGroupUserService.java
        RangerRoleService.java
        XGroupGroupService.java
        RangerTagDefServiceBase.java
        AbstractBaseResourceService.java
        AuthSessionService.java
        RangerTagDefService.java
        XCredentialStoreService.java
        RangerPolicyWithAssignedIdService.java
        XPolicyExportAuditService.java
        XResourceService.java
        XPortalUserService.java
        RangerPolicyService.java
        RangerTagResourceMapServiceBase.java
        XGroupPermissionServiceBase.java
        XRepositoryService.java
        RangerPluginActivityLogger.java
        XAssetService.java
        XUserService.java
        RangerSecurityZoneServiceBase.java
        XGroupUserServiceBase.java
        XUserServiceBase.java
        XPolicyService.java
        RangerPolicyServiceBase.java
        XPermMapServiceBase.java
        XTrxLogService.java
        XGroupGroupServiceBase.java
        XAuditMapServiceBase.java
        XTrxLogServiceBase.java
        RangerServiceService.java
        XGroupPermissionService.java
        RangerPolicyLabelsService.java
        RangerServiceWithAssignedIdService.java
        XUserPermissionService.java
        RangerServiceResourceServiceBase.java
        RangerTagService.java
        RangerAuditFields.java
        XResourceServiceBase.java
        XUserPermissionServiceBase.java
        RangerDataHistService.java
        XCredentialStoreServiceBase.java
        RangerTagResourceMapService.java
        RangerTagServiceBase.java
        RangerBaseModelService.java
        RangerPolicyLabelHelper.java
        filter
        RangerRESTAPIFilter.java
        XModuleDefService.java
        RangerSecurityZoneServiceService.java
        RangerTransactionService.java
        XGroupServiceBase.java
        XGroupService.java
        XPortalUserServiceBase.java
        RangerServiceDefWithAssignedIdService.java
        RangerRoleServiceBase.java
        RangerServiceDefService.java
        XAuditMapService.java
        RangerServiceDefServiceBase.java
        view
        VXResource.java
        VXLong.java
        VXKmsKeyList.java
        RangerPluginInfoList.java
        RangerSecurityZoneList.java
        RangerServiceList.java
        VXModuleDefList.java
        VXUserGroupInfo.java
        VXString.java
        VXMetricServiceCount.java
        VXUnixSyncSourceInfo.java
        VXKmsKey.java
        VXTrxLogList.java
        RangerRoleList.java
        VXAsset.java
        VXPolicyList.java
        VXMetricPolicyWithServiceNameCount.java
        VXPasswordChange.java
        VXStringList.java
        VXCredentialStore.java
        VXMetricUserGroupCount.java
        VXUserPermission.java
        VXPortalUser.java
        RangerPolicyList.java
        VXPolicyLabel.java
        VXGroupGroupList.java
        VXDataObject.java
        VXPermObjList.java
        VXAuthSession.java
        VXResourceList.java
        VXPermMap.java
        VXMetricAuditDetailsCount.java
        VXUserList.java
        VXAuditMapList.java
        VXMetricPolicyCount.java
        VXPermMapList.java
        VXAssetList.java
        VXFileSyncSourceInfo.java
        VXRepositoryList.java
        VXPolicyExportAuditList.java
        VXUgsyncAuditInfoList.java
        VXPolicyLabelList.java
        VXPolicyExportAudit.java
        VXUserPermissionList.java
        VXPortalUserList.java
        VXResponse.java
        VXUgsyncAuditInfo.java
        RangerServiceDefList.java
        VXAccessAudit.java
        VXPermObj.java
        VXGroupPermissionList.java
        VXGroupUserInfo.java
        VXAuditRecord.java
        VXLdapSyncSourceInfo.java
        VXUser.java
        VXAuditMap.java
        VXMessage.java
        VXModuleDef.java
        VXGroupUser.java
        VXAccessAuditList.java
        VXTrxLog.java
        VXGroupGroup.java
        VXMetricServiceNameCount.java
        VXGroup.java
        VXMetricContextEnricher.java
        VXCredentialStoreList.java
        VXGroupList.java
        VXAuditRecordList.java
        VXPolicy.java
        VXGroupUserList.java
        RangerExportPolicyList.java
        VXGroupPermission.java
        VXAuthSessionList.java
        VXRepository.java
        AccessAuditsService.java
        biz
        RangerBizUtil.java
        ServiceMgr.java
        AssetMgr.java
        RangerPolicyRetriever.java
        RoleRefUpdater.java
        RangerPolicyAdminCacheForEngineOptions.java
        XAuditMgr.java
        AssetMgrBase.java
        RangerPolicyAdmin.java
        TagDBStore.java
        RangerPolicyAdminCache.java
        SessionMgr.java
        RoleDBStore.java
        KmsKeyMgr.java
        SecurityZoneRefUpdater.java
        XUserMgrBase.java
        BaseMgr.java
        RangerPolicyAdminImpl.java
        XUserMgr.java
        RangerTagDBRetriever.java
        UserMgr.java
        SecurityZoneDBStore.java
        UserMgrBase.java
        XAuditMgrBase.java
        PolicyRefUpdater.java
        solr
        SolrAccessAuditsService.java
        SolrMgr.java
        SolrUtil.java
        json
        JsonDateSerializer.java
        Folder.java
        rest
        SecurityZoneREST.java
        RoleREST.java
        MetricsREST.java
        XAuditREST.java
        TagREST.java
        XUserREST.java
        ServiceRESTUtil.java
        ServiceTagsProcessor.java
        AssetREST.java
        PublicAPIs.java
        ServiceREST.java
        TagRESTConstants.java
        PublicAPIsv2.java
        XKeyREST.java
        UserREST.java
      - webapp
        robots.txt
        libs
        fsOverrides
        BBFOverrides.js
        bower
        bootstrap
        js
        bootstrap.min.js
        bootstrap.js
        underscore-amd
        js
        underscore-min.js
        underscore.js
        backbone.babysitter
        js
        backbone.babysitter.min.js
        backbone.babysitter.js
        backbone-pageable
        js
        backbone-pageable.min.js
        backbone-pageable.js
        bootbox
        js
        bootbox.js
        backgrid-filter
        js
        backgrid-filter.js
        css
        backgrid-filter.css
        require-handlebars-plugin
        js
        Handlebars.js
        hbs.js
        i18nprecompile.js
        backgrid-paginator
        js
        backgrid-paginator.js
        css
        backgrid-paginator.css
        backbone.wreqr
        js
        backbone.wreqr.js
        backbone.wreqr.min.js
        tag-it
        js
        tag-it.min.js
        tag-it.js
        css
        jquery.tagit.css
        backbone
        js
        backbone.js
        backbone-min.js
        bootstrap-notify
        js
        bootstrap-notify.js
        css
        bootstrap-notify.css
        backbone.localstorage
        backbone.localStorage.js
        backbone-amd
        js
        backbone.js
        backbone-min.js
        esprima
        esprima.js
        jquery
        js
        jquery-3.4.1.min.js
        jquery-toggles
        js
        toggles.min.js
        css
        toggles.css
        backbone.marionette
        js
        backbone.marionette.min.js
        backbone.marionette.js
        x-editable
        img
        js
        css
        bootstrap-editable.css
        backbone.bootstrap-modal
        js
        backbone.bootstrap-modal.js
        backbone-forms
        js
        backbone-forms.min.js
        old.js
        list.min.js
        list.js
        backbone-forms.js
        bootstrap.js
        css
        bootstrap.css
        select2
        select2.js
        select2-spinner.gif
        select2.css
        globalize
        .npmignore
        lib
        globalize.js
        .bower.json
        .gitignore
        underscore
        js
        underscore-min.js
        underscore.js
        moment
        js
        moment-timezone-with-data.min.js
        requirejs
        js
        require.js
        other
        backgrid
        backgrid.js
        backgrid.css
        jquery-ui
        js
        css
        jquery-ui.min.css
        images
        animated-overlay.gif
        jquery-ui.css
        datepicker
        less
        datepicker.less
        js
        bootstrap-datepicker.js
        css
        datepicker.css
        jquery-cookie
        js
        bower.json
        cookie.jquery.json
        package.json
        jquery.cookie.js
        bootstrap-datetimepicker
        js
        bootstrap-datetimepicker.min.js
        css
        bootstrap-datetimepicker.min.css
        visualsearch
        images
        embed
        icons
        .bower.json
        js
        visualsearch.js
        css
        icons.css
        workspace.css
        backbone.fetch-cache.js
        images
        blank.gif
        loading.gif
        favicon.ico
        blockLoading.gif
        templates
        kms
        KmsTableLayout_tmpl.html
        KmsKeyCreate_tmpl.html
        KmsKeyForm_tmpl.html
        reports
        AuditLayout_tmpl.html
        UserSyncInfo_tmpl.html
        UserUpdateOperationDiff_tmpl.html
        PlugableServicePolicyDeleteDiff_tmpl.html
        RoleOperationDiff_tmpl.html
        GroupOperationDiff_tmpl.html
        AssetOperationDiff_tmpl.html
        RoleUpdateOperationDiff_tmpl.html
        AuditAccessLogDetail_tmpl.html
        UserAccessLayout_tmpl.html
        AssetUpdateOperationDiff_tmpl.html
        UserOperationDiff_tmpl.html
        ZoneOperationDiff_tmpl.html
        LoginSessionDetail_tmpl.html
        ZoneUpdateOperationDiff_tmpl.html
        PlugableServicePolicyUpdateDiff_tmpl.html
        GroupUpdateOperationDiff_tmpl.html
        PlugableServicePolicyDiff_tmpl.html
        policies
        RangerPolicyTableLayout_tmpl.html
        RangerPolicyCreate_tmpl.html
        PolicyTimeItem_tmpl.html
        RangerPolicyForm_tmpl.html
        RangerPolicyRO_tmpl.html
        PolicyConditionsItem_tmpl.html
        PermissionItem.html
        PolicyTimeList_tmpl.html
        PermissionList.html
        user
        UserProfileForm_tmpl.html
        UserProfile_tmpl.html
        security_zone
        ZoneAdministration_tmpl.html
        SecurityZone_tmpl.html
        ZoneResourceForm_tmpl.html
        ZoneResourceItem_tmpl.html
        ZoneResourceList_tmpl.html
        ZoneResources_tmpl.html
        ZoneCreateForm_tmpl.html
        ZoneCreate_tmpl.html
        ZoneResourcesForm_tmpl.html
        helpers
        XAHelpers.js
        common
        loading_tmpl.html
        ProfileBar_tmpl.html
        breadcrumbs.html
        ErrorView_tmpl.html
        uploadservicepolicy_tmpl.html
        UserPermissionItem.html
        Footer_tmpl.html
        AddGroup_tmpl.html
        TopNav_tmpl.html
        XATableLayout_tmpl.html
        ServiceManagerLayout_tmpl.html
        ServiceManagerSidebarLayout_tmpl.html
        downloadservicepolicy_tmpl.html
        UserPermissionList.html
        ServiceMappingItem.html
        service
        ConfigurationItem_tmpl.html
        ConfigurationList_tmpl.html
        ServiceForm_tmpl.html
        RangerServiceViewDetail_tmpl.html
        ServiceTableLayout_tmpl.html
        ServiceCreate_tmpl.html
        users
        RoleCreate_tmpl.html
        RoleForm_tmpl.html
        UserTableLayout_tmpl.html
        UserInfo_tmpl.html
        GroupCreate_tmpl.html
        GroupForm_tmpl.html
        UserForm_tmpl.html
        UserCreate_tmpl.html
        AddUserOrGroupsItem_tmpl.html
        AddUserOrGroupsList_tmpl.html
        permissions
        ModulePermsTableLayout_tmpl.html
        ModulePermissionForm_tmpl.html
        ModulePermissionCreate_tmpl.html
        dashboard
        DashboardLayout_tmpl.html
        package-lock.json
        .htaccess
        404.html
        META-INF
        scheduler-applicationContext.xml
        context.xml
        asynctask-applicationContext.xml
        applicationContext.xml
        contextXML
        unix_security_settings.xml
        ldap_security_settings.xml
        ad_bean_settings.xml
        ldap_bean_settings.xml
        ad_security_settings.xml
        unix_bean_settings.xml
        MANIFEST.MF
        fonts
        fontawesome
        fontawesome-webfont.woff
        fontawesome-webfont.eot
        FontAwesome.otf
        fontawesome-webfont.ttf
        fontawesome-webfont.svg
        fontopensans
        open-sans-600.woff
        open-sans-300.woff
        open-sans-600i.woff
        open-sans-400.woff
        README.txt
        open-sans-300i.woff
        open-sans-700i.woff
        open-sans-700.woff
        open-sans-400i.woff
        fontapachecomponent
        apache_component_font.ttf
        apache_component_font.woff
        apache_component_font.eot
        apache_component_font.svg
        WEB-INF
        log4j.properties
        db_patch.log4j.xml
        log4j.xml
        log4j.dev.xml
        web.xml
        package.json
        scripts
        utils
        XAGlobals.js
        XAEnums.js
        XALangSupport.js
        XAUtils.js
        XAViewUtils.js
        views
        UploadServicePolicy.js
        DownloadServicePolicy.js
        kms
        KMSTableLayout.js
        KmsKeyForm.js
        KmsKeyCreate.js
        reports
        LoginSessionDetail.js
        OperationDiffDetail.js
        AuditLayout.js
        UserAccessLayout.js
        AuditAccessLogDetailView.js
        PlugableServiceDiffDetail.js
        policies
        PolicyTimeList.js
        RangerPolicyRO.js
        PermissionList.js
        RangerPolicyForm.js
        RangerPolicyConditions.js
        RangerPolicyCreate.js
        NRangerPolicyTableLayout.js
        RangerPolicyTableLayout.js
        user
        UserProfileForm.js
        UserProfile.js
        security_zone
        ZoneResourceForm.js
        ZoneAdministration.js
        ZoneCreate.js
        zoneResource.js
        ZoneCreateForm.js
        SecurityZone.js
        policymanager
        NServiceLayout.js
        ServiceLayout.js
        ServiceLayoutSidebar.js
        common
        Footer.js
        ErrorView.js
        UserPermissionList.js
        XABackgrid.js
        XATableLayout.js
        TopNav.js
        CustomSubgrid.js
        Spinner.js
        AddGroup.js
        ProfileBar.js
        DashboardLayout.js
        BreadCrumbs.js
        service
        RangerServiceViewDetail.js
        ServiceForm.js
        ServiceCreate.js
        ConfigurationList.js
        users
        AddUsersOrGroupsList.js
        GroupForm.js
        UserInfo.js
        GroupCreate.js
        UserCreate.js
        UserForm.js
        RoleForm.js
        RoleCreate.js
        UserTableLayout.js
        permissions
        ModulePermissionCreate.js
        ModulePermsTableLayout.js
        ModulePermissionForm.js
        Main.js
        models
        VXPasswordChange.js
        UserPermission.js
        VXPortalUser.js
        VXUser.js
        RangerService.js
        RangerPolicy.js
        XABaseModel.js
        VXPolicyExportAudit.js
        VAppState.js
        VXResource.js
        VXPermMap.js
        VXAccessAudit.js
        VXAsset.js
        VXModuleDef.js
        BackboneFormDataType.js
        VXAuditMap.js
        RangerServiceDef.js
        VXKmsKey.js
        VXAuthSession.js
        VXGroup.js
        RangerZone.js
        VXTrxLog.js
        RangerPolicyResource.js
        VXRole.js
        collection_bases
        RangerPolicyListBase.js
        UserPermissionListBase.js
        VXUserListBase.js
        VXRoleListBase.js
        VXAuditMapListBase.js
        RangerZoneListBase.js
        VXPolicyExportAuditListBase.js
        VXAccessAuditListBase.js
        VXGroupListBase.js
        RangerServiceListBase.js
        VXPermMapListBase.js
        VXModuleDefListBase.js
        VXTrxLogListBase.js
        VXAssetListBase.js
        VXPortalUserListBase.js
        VXKmsKeyListBase.js
        VXResourceListBase.js
        RangerServiceDefListBase.js
        RangerPolicyResourceListBase.js
        VXAuthSessionListBase.js
        prelogin
        XAPrelogin.js
        communicator.js
        controllers
        Controller.js
        NController.js
        RegionManager.js
        App.js
        collections
        XABaseCollection.js
        VXModuleDefList.js
        VXAuditMapList.js
        UserPermissionList.js
        VXResourceList.js
        VXAccessAuditList.js
        VXGroupList.js
        RangerPolicyList.js
        VXKmsKeyList.js
        VXAssetList.js
        RangerServiceDefList.js
        VXPortalUserList.js
        VXPermMapList.js
        VXUserList.js
        RangerPolicyResourceList.js
        VXRoleList.js
        RangerServiceList.js
        VXTrxLogList.js
        VXAuthSessionList.js
        RangerZoneList.js
        VXPolicyExportAuditList.js
        routers
        Router.js
        mgrs
        SessionMgr.js
        modules
        RestCsrf.js
        XALinks.js
        Vent.js
        XAOverrides.js
        globalize
        message
        en.js
        model_bases
        RangerServiceBase.js
        RangerServiceDefBase.js
        VXModuleDefBase.js
        VXRoleBase.js
        RangerPolicyBase.js
        VXTrxLogBase.js
        VXPortalUserBase.js
        RangerZoneBase.js
        VXAuditMapBase.js
        VXPermMapBase.js
        VXUserBase.js
        VXPolicyExportAuditBase.js
        VXAuthSessionBase.js
        VXPasswordChangeBase.js
        VXAssetBase.js
        VXGroupBase.js
        VXKmsKeyBase.js
        VXResourceBase.js
        VXAccessAuditBase.js
        UserPermissionBase.js
        RangerPolicyResourceBase.js
        Init.js
        styles
        app-font.css
        bootstrap.min.css
        bootstrap.css
        xa.css
        login.jsp
        index.html
        minify.build.js
    - test
      - resources
        admin
        service-defs
        test-hdfs-servicedef.json
        test-hbase-servicedef.json
        test-tag-servicedef.json
        test-hive-servicedef.json
        log4j.xml
        biz
        test_policydb_hdfs.json
        test_policydb_hive.json
      - javascript
        karma-common.conf.js
        package-lock.json
        test-main.js
        karma-dev.conf.js
        karma-prd.conf.js
        package.json
        tests
        main-test.js
      - java
        org
        apache
        ranger
        security
        web
        filter
        TestRangerCSRFPreventionFilter.java
        patch
        cliutil
        TestRoleBasedUserSearchUtil.java
        audit
        TestAuditQueue.java
        TestConsumer.java
        elasticsearch
        ElasticSearchAccessAuditsServiceTest.java
        common
        TestStringUtil.java
        TestDateUtil.java
        TestTimedExecutor.java
        TestServiceUtil.java
        TestContextUtil.java
        TestRangerConfigUtil.java
        TestPropertiesUtil.java
        TestJSONUtil.java
        util
        BaseTest.java
        TestRangerEnumUtil.java
        service
        TestRangerPluginActivityLogger.java
        TestRangerServiceDefServiceBase.java
        TestXAccessAuditService.java
        TestRangerTagService.java
        TestAuthSessionService.java
        TestRangerPolicyService.java
        TestRangerServiceDefService.java
        TestRangerTagResourceMapService.java
        TestRangerServiceWithAssignedIdService.java
        PasswordComparisonAuthenticator.java
        TestRangerServiceService.java
        TestXGroupService.java
        TestXAuditMapService.java
        TestXAssetService.java
        TestRangerServiceServiceBase.java
        TestXPermMapService.java
        TestRangerTagDefService.java
        TestUserService.java
        TestRangerAuditFields.java
        TestRangerTagDefServiceBase.java
        TestRangerTransactionService.java
        TestXGroupPermissionService.java
        filter
        TestRangerRESTAPIFilter.java
        TestRangerDataHistService.java
        TestXGroupUserService.java
        TestRangerPolicyServiceBase.java
        biz
        TestServiceDBStore.java
        TestRangerBizUtil.java
        TestSecurityZoneDBStore.java
        TestXUserMgr.java
        TestUserMgr.java
        TestPolicyDb.java
        rest
        importPolicy
        import_policy_test_file.json
        TestServiceTagProcessor.java
        TestSecurityZoneREST.java
        TestPublicAPIs.java
        TestTagREST.java
        TestServiceREST.java
        TestPublicAPIsv2.java
        TestXAuditREST.java
        TestXUserREST.java
        TestXKeyREST.java
        TestUserREST.java
        TestAssetREST.java
    - bin
      - service_start.py
      - ranger_usersync.py
      - install.properties
      - ranger_install.py
  - db
    - sqlserver
      - create_dbversion_catalog.sql
      - optimized
        current
        ranger_core_db_sqlserver.sql
      - xa_audit_db_sqlserver.sql
      - patches
        046-insert-statename-in-x-ranger-global-state.sql
        035-update-schema-for-x-policy.sql
        027-sortorder-column-size.sql
        026-add-column-in-x_policy_export_audit.sql
        047-sortorder-column-size.sql
        043-add-tag-change-log-table.sql
        audit
        017-add-new-column-to-store-tags.sql
        016-updated-schema-for-tag-based-policy.sql
        029-add-unique-constraint-on-table-x_group.sql
        040-modify-unique-constraint-on-policy-table.sql
        031-create-schema-for-usersync-audit-info.sql
        037-create-security-zone-schema.sql
        024-sortorder-column-size.sql
        030-policy-labels-schema.sql
        018-createtagsyncuser.sql
        042-add-index-on-xdatahist-table.sql
        036-denormalize-tag-tables.sql
        041-create-role-schema.sql
        033-add-unique-constraint-on-table-x_policy.sql
        020-datamask-policy.sql
        038-add-policy-change-log-table.sql
        025-create-schema-for-plugin-info.sql
        028-delete-xgroup-duplicate-references.sql
        023-add-unique-constraint-on-table-x_user.sql
        044-add-role-version-in-serviceVersionInfo.sql
        045-add-displayName-col-in-x_service_def_and_x_service.sql
        022-split-service-table.sql
        019-create-indexes.sql
        021-update-tag-for-owner.sql
        039-add-column-version-in-x_policy_export_audit.sql
        032-add-options-to-policy-and-tag-for-time-based-processing.sql
      - xa_core_db_sqlserver.sql
    - sqlanywhere
      - create_dbversion_catalog.sql
      - xa_core_db_sqlanywhere.sql
      - xa_audit_db_sqlanywhere.sql
      - optimized
        current
        ranger_core_db_sqlanywhere.sql
      - patches
        046-insert-statename-in-x-ranger-global-state.sql
        035-update-schema-for-x-policy.sql
        027-sortorder-column-size.sql
        026-add-column-in-x_policy_export_audit.sql
        047-sortorder-column-size.sql
        043-add-tag-change-log-table.sql
        audit
        017-add-new-column-to-store-tags.sql
        016-updated-schema-for-tag-based-policy.sql
        029-add-unique-constraint-on-table-x_group.sql
        040-modify-unique-constraint-on-policy-table.sql
        031-create-schema-for-usersync-audit-info.sql
        037-create-security-zone-schema.sql
        024-sortorder-column-size.sql
        030-policy-labels-schema.sql
        018-createtagsyncuser.sql
        042-add-index-on-xdatahist-table.sql
        036-denormalize-tag-tables.sql
        041-create-role-schema.sql
        033-add-unique-constraint-on-table-x_policy.sql
        020-datamask-policy.sql
        038-add-policy-change-log-table.sql
        025-create-schema-for-plugin-info.sql
        028-delete-xgroup-duplicate-references.sql
        023-add-unique-constraint-on-table-x_user.sql
        044-add-role-version-in-serviceVersionInfo.sql
        045-add-displayName-col-in-x_service_def_and_x_service.sql
        022-split-service-table.sql
        019-create-indexes.sql
        021-update-tag-for-owner.sql
        039-add-column-version-in-x_policy_export_audit.sql
        032-add-options-to-policy-and-tag-for-time-based-processing.sql
    - oracle
      - xa_audit_db_oracle.sql
      - create_dbversion_catalog.sql
      - reset_audit_db_oracle.sql
      - xa_core_db_oracle.sql
      - optimized
        current
        ranger_core_db_oracle.sql
      - patches
        046-insert-statename-in-x-ranger-global-state.sql
        035-update-schema-for-x-policy.sql
        027-sortorder-column-size.sql
        026-add-column-in-x_policy_export_audit.sql
        009-updated_schema.sql
        010-users-and-groups-visibility.sql
        047-sortorder-column-size.sql
        043-add-tag-change-log-table.sql
        001-groupsource.sql
        audit
        011-auditcolumnssize.sql
        017-add-new-column-to-store-tags.sql
        015-auditlogaggregation.sql
        006-createdefaultpublicgroup.sql
        016-updated-schema-for-tag-based-policy.sql
        029-add-unique-constraint-on-table-x_group.sql
        040-modify-unique-constraint-on-policy-table.sql
        031-create-schema-for-usersync-audit-info.sql
        037-create-security-zone-schema.sql
        024-sortorder-column-size.sql
        013-permissionmodel.sql
        030-policy-labels-schema.sql
        014-createkeyadmin.sql
        018-createtagsyncuser.sql
        012-createusersyncuser.sql
        042-add-index-on-xdatahist-table.sql
        036-denormalize-tag-tables.sql
        041-create-role-schema.sql
        033-add-unique-constraint-on-table-x_policy.sql
        020-datamask-policy.sql
        038-add-policy-change-log-table.sql
        025-create-schema-for-plugin-info.sql
        028-delete-xgroup-duplicate-references.sql
        023-add-unique-constraint-on-table-x_user.sql
        003-knoxrepo.sql
        044-add-role-version-in-serviceVersionInfo.sql
        045-add-displayName-col-in-x_service_def_and_x_service.sql
        022-split-service-table.sql
        019-create-indexes.sql
        021-update-tag-for-owner.sql
        002-policyname.sql
        039-add-column-version-in-x_policy_export_audit.sql
        032-add-options-to-policy-and-tag-for-time-based-processing.sql
      - reset_core_db_oracle.sql
    - mysql
      - xa_audit_db.sql
      - reset_audit_mysql.sh
      - create_dbversion_catalog.sql
      - init
        reset_db_with_seed.sh
        create_dev_backup_mysql.sh
        create_xa_core_db.sh
        mysql_seed_data.sql
        backup_mysql_db.sh
        create_dev_backup_mysql_loaded.sh
        schema_mysql.sql
        reset_db.sh
      - xa_db.sql
      - reset_core_mysql.sh
      - reset_asset.sql
      - xa_core_db.sql
      - create_dev_user.sh
      - optimized
        current
        ranger_core_db_mysql.sql
      - create_dev_user.sql
      - patches
        046-insert-statename-in-x-ranger-global-state.sql
        007-updateBlankPolicyName.sql
        035-update-schema-for-x-policy.sql
        027-sortorder-column-size.sql
        026-add-column-in-x_policy_export_audit.sql
        008-removeTrailingSlash.sql
        004-assetconfigsize.sql
        009-updated_schema.sql
        010-users-and-groups-visibility.sql
        047-sortorder-column-size.sql
        043-add-tag-change-log-table.sql
        001-groupsource.sql
        audit
        011-auditcolumnssize.sql
        017-add-new-column-to-store-tags.sql
        015-auditlogaggregation.sql
        006-createdefaultpublicgroup.sql
        016-updated-schema-for-tag-based-policy.sql
        029-add-unique-constraint-on-table-x_group.sql
        040-modify-unique-constraint-on-policy-table.sql
        031-create-schema-for-usersync-audit-info.sql
        037-create-security-zone-schema.sql
        024-sortorder-column-size.sql
        013-permissionmodel.sql
        030-policy-labels-schema.sql
        014-createkeyadmin.sql
        018-createtagsyncuser.sql
        012-createusersyncuser.sql
        042-add-index-on-xdatahist-table.sql
        005-xtrxlogcolumnsize.sql
        034-x_data_histContentSize.sql
        036-denormalize-tag-tables.sql
        041-create-role-schema.sql
        033-add-unique-constraint-on-table-x_policy.sql
        020-datamask-policy.sql
        038-add-policy-change-log-table.sql
        025-create-schema-for-plugin-info.sql
        028-delete-xgroup-duplicate-references.sql
        023-add-unique-constraint-on-table-x_user.sql
        003-knoxrepo.sql
        044-add-role-version-in-serviceVersionInfo.sql
        045-add-displayName-col-in-x_service_def_and_x_service.sql
        022-split-service-table.sql
        019-create-indexes.sql
        021-update-tag-for-owner.sql
        002-policyname.sql
        039-add-column-version-in-x_policy_export_audit.sql
        032-add-options-to-policy-and-tag-for-time-based-processing.sql
      - resetdb_dev_mysql.sh
      - xa_db_bare.sql
    - postgres
      - xa_audit_db_postgres.sql
      - create_dbversion_catalog.sql
      - xa_core_db_postgres.sql
      - optimized
        current
        ranger_core_db_postgres.sql
      - patches
        046-insert-statename-in-x-ranger-global-state.sql
        035-update-schema-for-x-policy.sql
        027-sortorder-column-size.sql
        026-add-column-in-x_policy_export_audit.sql
        047-sortorder-column-size.sql
        043-add-tag-change-log-table.sql
        audit
        017-add-new-column-to-store-tags.sql
        016-updated-schema-for-tag-based-policy.sql
        029-add-unique-constraint-on-table-x_group.sql
        040-modify-unique-constraint-on-policy-table.sql
        031-create-schema-for-usersync-audit-info.sql
        037-create-security-zone-schema.sql
        024-sortorder-column-size.sql
        030-policy-labels-schema.sql
        018-createtagsyncuser.sql
        042-add-index-on-xdatahist-table.sql
        036-denormalize-tag-tables.sql
        041-create-role-schema.sql
        033-add-unique-constraint-on-table-x_policy.sql
        020-datamask-policy.sql
        038-add-policy-change-log-table.sql
        025-create-schema-for-plugin-info.sql
        028-delete-xgroup-duplicate-references.sql
        023-add-unique-constraint-on-table-x_user.sql
        044-add-role-version-in-serviceVersionInfo.sql
        045-add-displayName-col-in-x_service_def_and_x_service.sql
        022-split-service-table.sql
        019-create-indexes.sql
        021-update-tag-for-owner.sql
        039-add-column-version-in-x_policy_export_audit.sql
        032-add-options-to-policy-and-tag-for-time-based-processing.sql
  - pom.xml
  - scripts
    - upgrade.sh
    - rolebasedusersearchutil.py
    - deleteUserGroupUtil.py
    - dba_script.py
    - db_setup.py
    - ranger_credential_helper.py
    - changepasswordutil.py
    - restrict_permissions.py
    - updateUserAndGroupNamesInJson.py
    - set_globals.sh
    - install.properties
    - changeusernameutil.py
    - setup_authentication.sh
    - ranger-admin-site-template.xml
    - update_property.py
    - upgrade_admin.py
    - setup.sh
  - .gitignore
  - contrib
    - elasticsearch_for_audit_setup
      - create_index.sh
      - install_es.sh
      - README.txt
      - enable_auth.sh
      - conf
        ranger_es_schema.json
    - audit_hdfs_folders
      - create_hdfs_folders_for_audit_secure.sh
      - create_hdfs_folders_for_audit_non_secure.sh
    - solr_for_audit_setup
      - resources
        log4j.properties.j2
      - solr_standalone
        solr.xml
        ranger_audits
        core.properties.j2
        scripts
        start_solr.sh.j2
        solr.sh.j2
        solr.in.sh.j2
        stop_solr.sh.j2
      - README.txt
      - install.properties
      - solr_cloud
        solr.xml.j2
        scripts
        add_ranger_audits_conf_to_zk.sh.j2
        create_ranger_audits_collection.sh.j2
        start_solr.sh.j2
        solr.sh.j2
        solr.in.sh.j2
        stop_solr.sh.j2
      - conf
        solrconfig.xml.j2
        admin-extra.html
        admin-extra.menu-top.html
        managed-schema
        solrconfig.xml
        admin-extra.menu-bottom.html
        elevate.xml
      - setup.sh
- enunciate.xml
- plugin-presto
  - src
    - main
      - java
        org
        apache
        ranger
        services
        presto
        client
        PrestoClient.java
        PrestoResourceManager.java
        PrestoConnectionManager.java
        RangerServicePresto.java
        authorization
        presto
        authorizer
        RangerSystemAccessControl.java
    - test
      - resources
        ranger-presto-security.xml
        log4j.properties
        presto-policies.json
      - java
        org
        apache
        ranger
        authorization
        presto
        authorizer
        RangerSystemAccessControlTest.java
        RangerAdminClientImpl.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-presto-audit-changes.cfg
    - ranger-presto-security.xml
    - ranger-presto-security-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - ranger-presto-audit.xml
    - ranger-policymgr-ssl.xml
- jisql
  - src
    - main
      - java
        org
        apache
        util
        sql
        Jisql.java
        MaskingThread.java
        MySQLPLRunner.java
        outputformatter
        CSVFormatter.java
        DefaultFormatter.java
        JisqlFormatter.java
        XMLFormatter.java
  - pom.xml
  - .gitignore
- ranger-hdfs-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        hadoop
        RangerHdfsAuthorizer.java
  - pom.xml
  - .gitignore
- knox-agent
  - src
    - main
      - java
        org
        apache
        ranger
        services
        knox
        client
        KnoxConnectionMgr.java
        KnoxClient.java
        KnoxResourceMgr.java
        RangerServiceKnox.java
        admin
        client
        RangerAdminJersey2RESTClient.java
        authorization
        knox
        KnoxRangerPlugin.java
        RangerPDPKnoxFilter.java
    - test
      - resources
        webhbase-table-list.xml
        knox-policies.json
        ranger-knox-security.xml
        log4j.properties
        query_response.xml
        cluster-configuration.json
        webhdfs-liststatus-test.json
        users.ldif
      - java
        org
        apache
        ranger
        services
        knox
        KnoxRangerTest.java
        RangerAdminClientImpl.java
  - pom.xml
  - scripts
    - uninstall.sh
    - install.properties
    - install.sh
  - .gitignore
  - conf
    - ranger-knox-security.xml
    - ranger-knox-audit.xml
    - ranger-policymgr-ssl-changes.cfg
    - ranger-knox-security-changes.cfg
    - ranger-policymgr-ssl.xml
    - ranger-knox-audit-changes.cfg
- plugin-kms
  - src
    - main
      - java
        org
        apache
        ranger
        services
        kms
        client
        KMSResourceMgr.java
        KMSClient.java
        json
        model
        KMSSchedulerResponse.java
        KMSConnectionMgr.java
        RangerServiceKMS.java
        authorization
        kms
        authorizer
        RangerKmsAuthorizer.java
    - test
      - resources
        kms
        dbks-site.xml
        kms-log4j.properties
        kms-site.xml
        kms-policies.json
        ranger-kms-security.xml
      - java
        org
        apache
        ranger
        authorization
        kms
        authorizer
        DerbyTestUtils.java
        RangerAdminClientImpl.java
        RangerKmsAuthorizerTest.java
  - pom.xml
  - scripts
    - enable-kms-plugin.sh
  - bin
    - .gitignore
  - .gitignore
  - conf
    - ranger-kms-audit-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - ranger-kms-audit.xml
    - ranger-kms-security.xml
    - ranger-policymgr-ssl.xml
    - ranger-kms-security-changes.cfg
- ranger-ozone-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        ozone
        authorizer
        RangerOzoneAuthorizer.java
  - pom.xml
  - .gitignore
- ranger-kafka-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        kafka
        authorizer
        RangerKafkaAuthorizer.java
  - pom.xml
  - .gitignore
- ranger-elasticsearch-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        elasticsearch
        plugin
        utils
        RequestUtils.java
        RangerElasticsearchPlugin.java
        authc
        user
        UsernamePasswordToken.java
        action
        filter
        RangerSecurityActionFilter.java
        rest
        filter
        RangerSecurityRestFilter.java
        authorizer
        RangerElasticsearchAuthorizer.java
        RangerElasticsearchAccessControl.java
  - pom.xml
  - .gitignore
  - conf
    - plugin-descriptor.properties
    - plugin-security.policy
- ugsync
  - src
    - main
      - java
        org
        apache
        ranger
        ldapusersync
        process
        PolicyMgrUserGroupBuilder.java
        LdapDeltaUserGroupBuilder.java
        LdapPolicyMgrUserGroupBuilder.java
        CustomSSLSocketFactory.java
        LdapUserGroupBuilder.java
        usergroupsync
        RegEx.java
        Mapper.java
        UserGroupSync.java
        AbstractMapper.java
        UserGroupSource.java
        AbstractUserGroupSource.java
        UserSyncMetricsProducer.java
        UserGroupSink.java
        unixusersync
        config
        UserGroupSyncConfig.java
        process
        PolicyMgrUserGroupBuilder.java
        FileSourceUserGroupBuilder.java
        RangerUgSyncRESTClient.java
        UnixUserGroupBuilder.java
        poc
        RangerJSONParser.java
        RangerClientUserGroupMapping.java
        RangerUserGroupMapping.java
        InvalidUserException.java
        ListUserTest.java
        RestClientPost.java
        InvalidGroupException.java
        ListRangerUserGroup.java
        ListRangerUser.java
        ListUserGroupTest.java
        model
        FileSyncSourceInfo.java
        XGroupInfo.java
        XUserGroupInfo.java
        LdapSyncSourceInfo.java
        UgsyncAuditInfo.java
        MUserInfo.java
        UnixSyncSourceInfo.java
        GroupUserInfo.java
        XUserInfo.java
        UserGroupList.java
        UserGroupInfo.java
        GetXUserGroupListResponse.java
        GetXGroupListResponse.java
        GetXUserListResponse.java
    - test
      - resources
        usergroups.csv
        usergroups-other-delim.csv
        groupFile.txt
        ranger-ugsync-site.xml
        passwordFile.txt
        usergroups.json
        ADSchema.ldif
        usergroups-dns.csv
      - java
        org
        apache
        ranger
        usergroupsync
        PolicyMgrUserGroupBuilderTest.java
        TestRegEx.java
        TestLdapUserGroup.java
        LdapPolicyMgrUserGroupBuilderTest.java
        unixusersync
        process
        TestFileSourceUserGroupBuilder.java
        TestUnixUserGroupBuilder.java
  - pom.xml
  - ldapconfigchecktool
    - ldapconfigcheck
      - src
        main
        java
        org
        apache
        ranger
        ldapconfigcheck
        AuthenticationCheck.java
        LdapConfigCheckMain.java
        LdapConfig.java
        UserSync.java
        CommandLineOptions.java
      - pom.xml
      - scripts
        run.sh
      - .gitignore
      - conf
        input.properties
  - .gitignore
  - filesourceusersynctool
    - run-filesource-usersync.sh
- ranger-yarn-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        yarn
        authorizer
        RangerYarnAuthorizer.java
  - pom.xml
  - .gitignore
- distro
  - src
    - main
      - assembly
        plugin-presto.xml
        plugin-kms.xml
        admin-web.xml
        plugin-schema-registry.xml
        plugin-atlas.xml
        ranger-tools.xml
        kms.xml
        plugin-kafka.xml
        plugin-sqoop.xml
        hbase-agent.xml
        hdfs-agent.xml
        knox-agent.xml
        plugin-elasticsearch.xml
        usersync.xml
        solr_audit_conf.xml
        hive-agent.xml
        tagsync.xml
        plugin-solr.xml
        storm-agent.xml
        ranger-src.xml
        migration-util.xml
        plugin-ozone.xml
        plugin-kylin.xml
        plugin-yarn.xml
  - pom.xml
  - .gitignore
- tagsync
  - src
    - main
      - resources
        ranger-tagsync-default.xml
        ranger-tagsync-site.xml
        etc
        ranger
        data
        tags.json
      - java
        org
        apache
        ranger
        tagsync
        source
        atlas
        AtlasResourceMapper.java
        AtlasNotificationMapper.java
        AtlasResourceMapperUtil.java
        AtlasAdlsResourceMapper.java
        AtlasKafkaResourceMapper.java
        AtlasStormResourceMapper.java
        AtlasHiveResourceMapper.java
        EntityNotificationWrapper.java
        AtlasHbaseResourceMapper.java
        AtlasHdfsResourceMapper.java
        AtlasTagSource.java
        file
        FileTagSource.java
        atlasrest
        AtlasRESTTagSource.java
        RangerAtlasEntity.java
        RangerAtlasEntityWithTags.java
        sink
        tagadmin
        TagAdminRESTSink.java
        process
        TagSyncConfig.java
        TagSyncMetricsProducer.java
        TagSynchronizer.java
        model
        TagSource.java
        AbstractTagSource.java
        TagSink.java
    - test
      - resources
        log4j.properties
      - java
        org
        apache
        ranger
        tagsync
        process
        TestTagSynchronizer.java
        TestAdlsResourceMapper.java
        TestHiveResourceMapper.java
        TestKafkaResourceMapper.java
        TestHdfsResourceMapper.java
        TestHbaseResourceMapper.java
  - samples
    - tags.json
  - pom.xml
  - scripts
    - ranger-tagsync-upload.sh
    - install.properties
    - ranger-tagsync-services.sh
    - setup.py
    - updatetagadminpassword.py
    - ranger-tagsync.sh
    - update_property.py
    - setup.sh
  - conf.dist
    - log4j.properties
    - ranger-tagsync-env-setup-hadoop-home.sh
    - log4j.xml
  - .gitignore
  - conf
    - templates
      - installprop2xml.properties
      - ranger-tagsync-template.xml
- agents-installer
  - src
    - main
      - java
        org
        apache
        ranger
        utils
        install
        XmlConfigChanger.java
  - pom.xml
  - .gitignore
- plugin-nifi-registry
  - src
    - main
      - java
        org
        apache
        ranger
        services
        nifi
        registry
        client
        NiFiRegistryConnectionMgr.java
        NiFiRegistryAuthType.java
        NiFiRegistryConfigs.java
        NiFiRegistryClient.java
        RangerServiceNiFiRegistry.java
    - test
      - resources
        resources-response.json
      - java
        org
        apache
        ranger
        services
        nifi
        registry
        client
        TestNiFiRegistryClient.java
        TestNiFiRegistryConnectionMgr.java
  - pom.xml
  - .gitignore
- plugin-ozone
  - src
    - main
      - java
        org
        apache
        ranger
        services
        ozone
        client
        OzoneConnectionMgr.java
        OzoneResourceMgr.java
        OzoneClient.java
        RangerServiceOzone.java
        authorization
        ozone
        authorizer
        RangerOzoneAuthorizer.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-ozone-security.xml
    - ranger-policymgr-ssl-changes.cfg
    - ranger-ozone-audit-changes.cfg
    - ranger-policymgr-ssl.xml
    - ozone-ranger-env.sh
    - ranger-ozone-audit.xml
    - ranger-ozone-security-changes.cfg
- agents-common
  - src
    - main
      - resources
        service-defs
        ranger-servicedef-nifi-registry.json
        ranger-servicedef-hive.json
        ranger-servicedef-nifi.json
        ranger-servicedef-presto.json
        ranger-servicedef-yarn.json
        ranger-servicedef-elasticsearch.json
        ranger-servicedef-kudu.json
        ranger-servicedef-abfs.json
        ranger-servicedef-tag.json
        ranger-servicedef-solr.json
        ranger-servicedef-hdfs.json
        ranger-servicedef-storm.json
        ranger-servicedef-atlas.json
        ranger-servicedef-kms.json
        ranger-servicedef-knox.json
        ranger-servicedef-kylin.json
        ranger-servicedef-hbase.json
        ranger-servicedef-wasb.json
        ranger-servicedef-schema-registry.json
        ranger-servicedef-kafka.json
        ranger-servicedef-sqoop.json
        ranger-servicedef-ozone.json
        resourcenamemap.properties
        etc
        ranger
        geo
        geo_long.txt
        geo.txt
      - java
        org
        apache
        hadoop
        security
        KrbPasswordSaverLoginModule.java
        SecureClientLogin.java
        ranger
        services
        tag
        RangerServiceTag.java
        plugin
        policyresourcematcher
        RangerPolicyResourceEvaluator.java
        RangerPolicyResourceMatcher.java
        RangerDefaultPolicyResourceMatcher.java
        client
        BaseClient.java
        HadoopConfigHolder.java
        HadoopException.java
        contextenricher
        RangerAdminTagRetriever.java
        RangerFileBasedGeolocationProvider.java
        RangerContextEnricher.java
        RangerUserStoreRetriever.java
        RangerTagRetriever.java
        RangerAbstractGeolocationProvider.java
        RangerTagForEval.java
        RangerServiceResourceMatcher.java
        RangerAbstractContextEnricher.java
        RangerTagEnricher.java
        RangerUserStoreEnricher.java
        RangerUserStoreRefresher.java
        RangerFileBasedTagRetriever.java
        RangerAdminUserStoreRetriever.java
        audit
        RangerMultiResourceAuditHandler.java
        RangerDefaultAuditHandler.java
        geo
        BinarySearchTree.java
        RangerGeolocationData.java
        RangerGeolocationDatabase.java
        RangeChecker.java
        ValueProcessor.java
        GeolocationMetadata.java
        ValuePrinter.java
        util
        SearchFilter.java
        ServiceTags.java
        RangerPerfCollectorTracer.java
        RangerMetricsUtil.java
        RangerRolesProvider.java
        RangerRoles.java
        RangerPerfTracerFactory.java
        RangerUserStoreUtil.java
        RangerRequestedResources.java
        TimedEventUtil.java
        RangerUserStore.java
        DownloadTrigger.java
        GrantRevokeRequest.java
        PolicyRefresher.java
        RangerRESTUtils.java
        StringTokenReplacer.java
        XMLUtils.java
        KeySearchFilter.java
        RangerObjectFactory.java
        RangerPerfTracer.java
        RangerServiceNotFoundException.java
        RangerAccessRequestUtil.java
        GrantRevokeRoleRequest.java
        RangerCommonConstants.java
        RangerRESTClient.java
        RangerPluginCapability.java
        PasswordUtils.java
        RangerPolicyDeltaUtil.java
        DownloaderTask.java
        PerfDataRecorder.java
        URLEncoderUtil.java
        RangerServiceTagsDeltaUtil.java
        ServicePolicies.java
        ServiceDefUtil.java
        JsonUtilsV2.java
        RangerSslHelper.java
        RangerRolesUtil.java
        store
        EmbeddedServiceDefsUtil.java
        SecurityZoneStore.java
        ServicePredicateUtil.java
        PList.java
        ServiceStore.java
        TagPredicateUtil.java
        GeolocationStore.java
        TagValidator.java
        RolePredicateUtil.java
        AbstractPredicateUtil.java
        AbstractTagStore.java
        AbstractServiceStore.java
        file
        GeolocationFileStore.java
        RoleStore.java
        TagStore.java
        RangerServiceResourceSignature.java
        SecurityZonePredicateUtil.java
        service
        RangerDefaultService.java
        RangerBaseService.java
        RangerAuthContext.java
        RangerBasePlugin.java
        RangerAuthContextListener.java
        RangerDefaultRequestProcessor.java
        ResourceLookupContext.java
        resourcematcher
        RangerAbstractResourceMatcher.java
        RangerResourceMatcher.java
        ScheduledTimeExactMatcher.java
        RangerDefaultResourceMatcher.java
        ScheduledTimeRangeMatcher.java
        RangerURLResourceMatcher.java
        ScheduledTimeAlwaysMatcher.java
        RangerPathResourceMatcher.java
        ScheduledTimeMatcher.java
        ResourceMatcher.java
        policyevaluator
        RangerDefaultPolicyEvaluator.java
        RangerOptimizedPolicyEvaluator.java
        RangerDefaultRowFilterPolicyItemEvaluator.java
        RangerDefaultDataMaskPolicyItemEvaluator.java
        RangerCachedPolicyEvaluator.java
        RangerDefaultPolicyItemEvaluator.java
        RangerRowFilterPolicyItemEvaluator.java
        RangerPolicyItemEvaluator.java
        RangerAbstractPolicyItemEvaluator.java
        RangerDataMaskPolicyItemEvaluator.java
        RangerAbstractPolicyEvaluator.java
        RangerPolicyEvaluator.java
        RangerValidityScheduleEvaluator.java
        RangerCustomConditionEvaluator.java
        model
        RangerTagDef.java
        RangerServiceResource.java
        RangerTagResourceMap.java
        RangerValiditySchedule.java
        RangerPolicyDelta.java
        RangerValidityRecurrence.java
        RangerPluginInfo.java
        RangerBaseModelObject.java
        RangerPolicy.java
        RangerPolicyResourceSignature.java
        RangerServiceDef.java
        RangerSecurityZone.java
        RangerTag.java
        validation
        RangerSecurityZoneValidator.java
        RangerServiceDefValidator.java
        ValidationFailureDetails.java
        RangerRoleValidator.java
        RangerServiceValidator.java
        RangerValidator.java
        RangerZoneResourceMatcher.java
        ValidationFailureDetailsBuilder.java
        RangerPolicyValidator.java
        RangerValidityScheduleValidator.java
        RangerServiceDefHelper.java
        UserInfo.java
        RangerService.java
        GroupInfo.java
        RangerRole.java
        RangerMetrics.java
        conditionevaluator
        RangerHiveResourcesNotAccessedTogetherCondition.java
        RangerAnyOfExpectedTagsPresentConditionEvaluator.java
        RangerContextAttributeValueInCondition.java
        RangerScriptTemplateConditionEvaluator.java
        RangerAbstractConditionEvaluator.java
        RangerTagsAllPresentConditionEvaluator.java
        RangerScriptConditionEvaluator.java
        RangerConditionEvaluator.java
        RangerAccessedNotFromClusterCondition.java
        RangerScriptExecutionContext.java
        RangerNoneOfExpectedTagsPresentConditionEvaluator.java
        RangerContextAttributeValueNotInCondition.java
        RangerHiveResourcesAccessedTogetherCondition.java
        RangerAccessedNotFromClusterTypeCondition.java
        RangerIpMatcher.java
        RangerAccessedFromClusterTypeCondition.java
        RangerAccessedFromClusterCondition.java
        RangerTimeOfDayMatcher.java
        errors
        ValidationErrorCode.java
        policyengine
        RangerAccessRequestReadOnly.java
        RangerResourceACLs.java
        RangerAccessResult.java
        RangerTagAccessRequest.java
        RangerResourceTrie.java
        RangerMutableResource.java
        RangerAccessResourceReadOnly.java
        RangerTagResource.java
        RangerAccessResultProcessor.java
        RangerAccessRequestImpl.java
        RangerPolicyEngineImpl.java
        PolicyEngine.java
        RangerPluginContext.java
        RangerAccessRequestProcessor.java
        CacheMap.java
        RangerAccessRequest.java
        RangerResourceAccessInfo.java
        RangerPolicyEngineOptions.java
        RangerAccessResourceImpl.java
        RangerAccessResource.java
        RangerPolicyRepository.java
        RangerPolicyEngine.java
        PolicyEvaluatorForTag.java
        admin
        client
        AbstractRangerAdminClient.java
        RangerAdminClient.java
        datatype
        GrantRevokeData.java
        RESTResponse.java
        RangerAdminRESTClient.java
        authorization
        utils
        StringUtil.java
        JsonUtils.java
        hadoop
        config
        RangerConfiguration.java
        RangerPluginConfig.java
        RangerAuditConfig.java
        RangerLegacyConfigBuilder.java
        RangerConfigConstants.java
        RangerAdminConfig.java
        constants
        RangerHadoopConstants.java
    - test
      - resources
        policycondition
        test_multitag_policycondition-hive.json
        admin
        service-defs
        test-hdfs-servicedef.json
        test-hbase-servicedef.json
        test-tag-servicedef.json
        test-hive-servicedef.json
        contextenricher
        test_tagenricher_hive.json
        log4j.xml
        resourcematcher
        test_resourcematcher_dynamic.json
        test_defaultpolicyresourcematcher_for_hdfs_policy.json
        test_resourcematcher_wildcards_as_delimiters.json
        test_defaultpolicyresourcematcher.json
        test_defaultpolicyresourcematcher_for_hive_policy.json
        test_resourcematcher_default.json
        test_resourcematcher_path.json
        policyengine
        test_policyengine_with_roles.json
        test_policyengine_hbase_namespace.json
        test_policyengine_temporary.json
        test_policyengine_hive_with_partial_resource_policies.json
        test_policyengine_resource_access_info.json
        comparison
        fail
        otherServicePolicies.json
        otherServiceTags.json
        myServicePolicies.json
        myServiceTags.json
        success
        otherServicePolicies.json
        myServicePolicies.json
        test_compare_policyengines.json
        plugin
        test_auth_context.json
        test_plugin_capability.json
        resourceTags.json
        userText.txt
        test_policyengine_atlas.json
        test_policyengine_hdfs_resourcespec.json
        test_policyengine_hdfs_noaudit.json
        validityscheduler
        test-validity-schedules-invalid.json
        test-validity-schedules-valid-and-applicable.json
        test-validity-schedules-valid.json
        test_policyengine_hive.json
        test_policyengine_descendant_tags.json
        test_policyengine_owner.json
        test_policyengine_hdfs.json
        ACLResourceTags.json
        test_policyengine_policylevel_conditions.json
        test_policyengine_hive_default_policies.json
        test_policyengine_hbase.json
        test_policyengine_hbase_multiple_matching_policies.json
        test_policyengine_geo.json
        resourceTags.json
        test_policyengine_tag_hdfs.json
        test_policyengine_hive_mask_filter.json
        test_policyengine_hive_incremental_add.json
        test_policyengine_tag_hive_for_show_databases.json
        test_policyengine_tag_hive.json
        descendant_tags.json
        test_policyengine_hdfs_allaudit.json
        test_policyengine_super_user_groups.json
        test_policyengine_hive_incremental_delete.json
        test_policyengine_hive_mutex_conditions.json
        test_policyengine_tag_hive_filebased.json
        test_policyengine_tag_hive_mask.json
        test_policyengine_hdfs_zones.json
        test_policyengine_conditions.json
        test_policyengine_hive_incremental_update.json
        resourceTags_for_show_databases.json
        test_policyengine_audit_exclude_users_groups_roles.json
        test_aclprovider_default.json
        test_policyengine_priority.json
      - java
        org
        apache
        ranger
        plugin
        contextenricher
        TestTagEnricher.java
        util
        PasswordUtilsTest.java
        resourcematcher
        TestResourceMatcher.java
        RangerPathResourceMatcherTest.java
        RangerDefaultResourceMatcherTest.java
        RangerAbstractResourceMatcherTest.java
        TestDefaultPolicyResourceMatcher.java
        RangerURLResourceMatcherTest.java
        TestDefaultPolicyResourceMatcherForPolicy.java
        policyevaluator
        RangerDefaultPolicyEvaluatorTest.java
        model
        validation
        RangerSecurityZoneValidatorTest.java
        ValidationTestUtils.java
        TestDirectedGraph.java
        TestRangerServiceDefHelper.java
        TestRangerServiceDefValidator.java
        TestRangerValidator.java
        TestRangerPolicyValidator.java
        TestRangerServiceValidator.java
        TestRangerPolicy.java
        TestRangerPolicyResourceSignature.java
        conditionevaluator
        RangerCustomConditionMatcherTest.java
        RangerSimpleMatcher.java
        RangerTimeOfDayMatcherTest.java
        RangerIpMatcherTest.java
        errors
        TestValidationErrorCode.java
        policyengine
        TestCacheMap.java
        TestProjectProvider.java
        TestRangerPluginCapability.java
        TestPolicyACLs.java
        TestPolicyEngineComparison.java
        TestRangerAuthContext.java
        TestPolicyEngine.java
  - pom.xml
  - scripts
    - enable-agent.sh
    - upgrade-plugin.sh
    - upgrade-plugin.py
  - .gitignore
  - conf
    - log4j.properties
- ranger-presto-plugin-shim
  - src
    - main
      - resources
        META-INF
        services
        io.prestosql.spi.Plugin
      - java
        org
        apache
        ranger
        authorization
        presto
        authorizer
        RangerSystemAccessControl.java
        RangerSystemAccessControlFactory.java
        RangerConfig.java
        PrestoRangerPlugin.java
  - pom.xml
  - .gitignore
- plugin-sqoop
  - src
    - main
      - java
        org
        apache
        ranger
        services
        sqoop
        client
        SqoopClient.java
        json
        model
        SqoopLinksResponse.java
        SqoopConnectorsResponse.java
        SqoopJobsResponse.java
        SqoopJobResponse.java
        SqoopLinkResponse.java
        SqoopConnectorResponse.java
        SqoopResourceMgr.java
        RangerServiceSqoop.java
        authorization
        sqoop
        authorizer
        RangerSqoopAuthorizer.java
    - test
      - resources
        sqoop.properties
        ranger-sqoop-security.xml
        log4j.properties
        sqoop-policies.json
        sqoop_bootstrap.properties
      - java
        org
        apache
        ranger
        authorization
        sqoop
        authorizer
        RangerSqoopAuthorizerTest.java
        RangerAdminClientImpl.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-sqoop-audit.xml
    - ranger-sqoop-security.xml
    - ranger-sqoop-audit-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - ranger-sqoop-security-changes.cfg
    - ranger-policymgr-ssl.xml
- .travis.yml
- ranger-solr-plugin-shim
  - src
    - main
      - java
        org
        apache
        ranger
        authorization
        solr
        authorizer
        RangerSolrAuthorizer.java
  - pom.xml
  - .gitignore
- DISCLAIMER.txt
- plugin-kylin
  - src
    - main
      - java
        org
        apache
        ranger
        services
        kylin
        RangerServiceKylin.java
        client
        KylinResourceMgr.java
        KylinClient.java
        json
        model
        KylinProjectResponse.java
        authorization
        kylin
        authorizer
        RangerKylinAuthorizer.java
    - test
      - resources
        log4j.properties
        kylin-policies.json
        ranger-kylin-security.xml
        applicationContext.xml
        kylinSecurity.xml
        kylin.properties
      - java
        org
        apache
        ranger
        authorization
        kylin
        authorizer
        RangerKylinAuthorizerTest.java
        RangerAdminClientImpl.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-policymgr-ssl-changes.cfg
    - ranger-kylin-security.xml
    - ranger-kylin-audit.xml
    - ranger-policymgr-ssl.xml
    - ranger-kylin-audit-changes.cfg
    - ranger-kylin-security-changes.cfg
- hdfs-agent
  - src
    - main
      - resources
        META-INF
        MANIFEST.MF
      - java
        org
        apache
        ranger
        services
        hdfs
        RangerServiceHdfs.java
        client
        HdfsResourceMgr.java
        HdfsClient.java
        HdfsConnectionMgr.java
        authorization
        hadoop
        HDFSAccessVerifier.java
        exceptions
        RangerAccessControlException.java
        RangerHdfsAuthorizer.java
    - test
      - resources
        log4j.properties
        hdfs-policies-tag.json
        hdfs-policies.json
        ranger-hdfs-security.xml
        hdfs_version_3.0
        hdfs-policies-tag.json
        hdfs-policies.json
      - java
        org
        apache
        ranger
        services
        hdfs
        RangerHdfsAuthorizerTest.java
        HDFSRangerTest.java
        client
        HdfsClientTest.java
        RangerAdminClientImpl.java
  - disable-conf
    - hdfs-site-changes.cfg
  - pom.xml
  - scripts
    - uninstall.sh
    - install.properties
    - install.sh
  - .gitignore
  - conf
    - ranger-hdfs-audit-changes.cfg
    - hdfs-site-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - ranger-policymgr-ssl.xml
    - ranger-hdfs-security.xml
    - ranger-hdfs-audit.xml
    - ranger-hdfs-security-changes.cfg
- build_ranger_using_docker.sh
- dev-support
  - test-patch.sh
  - checkstyle.xml
  - checkstyle-suppressions.xml
  - findbugsIncludeFile.xml
  - ranger-pmd-ruleset.xml
  - smart-apply-patch.sh
- credentialbuilder
  - src
    - main
      - java
        org
        apache
        ranger
        credentialapi
        buildks.java
        CredentialReader.java
    - test
      - java
        org
        apache
        ranger
        credentialapi
        Testbuildks.java
        TestCredentialReader.java
  - pom.xml
  - .gitignore
- plugin-elasticsearch
  - src
    - main
      - java
        org
        apache
        ranger
        services
        elasticsearch
        client
        ElasticsearchResourceMgr.java
        ElasticsearchClient.java
        privilege
        IndexPrivilegeUtils.java
        IndexPrivilege.java
        RangerServiceElasticsearch.java
        authorization
        elasticsearch
        authorizer
        RangerElasticsearchAuthorizer.java
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-policymgr-ssl-changes.cfg
    - ranger-elasticsearch-audit.xml
    - ranger-elasticsearch-security.xml
    - ranger-policymgr-ssl.xml
    - ranger-elasticsearch-security-changes.cfg
    - ranger-elasticsearch-audit-changes.cfg
- .gitignore
- docs
  - src
    - site
      - resources
        logo
        ranger.jpg
      - xdoc
        download.xml
        quick_start_guide.xml
      - site.xml
      - apt
        index.apt.vm
      - fml
        faq.fml
  - DEPENDENCIES
  - pom.xml
  - LICENSE
  - README.txt
  - NOTICE
  - .gitignore
- LICENSE.txt
- unixauthclient
  - src
    - main
      - java
        org
        apache
        ranger
        authentication
        unix
        jaas
        RemoteUnixLoginModule.java
        UnixUserPrincipal.java
        UnixGroupPrincipal.java
        PamPrincipal.java
        PamLoginModule.java
        ConsolePromptCallbackHandler.java
        UsernamePasswordCallbackHandler.java
    - test
      - com
        xasecure
        test
        authentication
        UnixAuthenticationTester.java
  - pom.xml
  - .gitignore
- plugin-yarn
  - src
    - main
      - java
        org
        apache
        ranger
        services
        yarn
        client
        YarnConnectionMgr.java
        YarnClient.java
        YarnResourceMgr.java
        json
        model
        YarnSchedulerResponse.java
        RangerServiceYarn.java
        authorization
        yarn
        authorizer
        RangerYarnAuthorizer.java
  - disable-conf
    - yarn-site-changes.cfg
  - pom.xml
  - scripts
    - install.properties
  - .gitignore
  - conf
    - ranger-yarn-security.xml
    - ranger-yarn-audit-changes.cfg
    - ranger-policymgr-ssl-changes.cfg
    - yarn-site-changes.cfg
    - ranger-yarn-audit.xml
    - ranger-policymgr-ssl.xml
    - ranger-yarn-security-changes.cfg
- .project

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.ranger.ldapusersync.process;

import java.io.IOException;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.regex.Pattern;

import javax.security.auth.Subject;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Cookie;
import javax.ws.rs.core.NewCookie;

import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.MapUtils;
import org.apache.hadoop.security.SecureClientLogin;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.apache.ranger.plugin.util.URLEncoderUtil;
import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
import org.apache.ranger.unixusersync.model.*;
import org.apache.ranger.unixusersync.process.RangerUgSyncRESTClient;
import org.apache.ranger.usergroupsync.UserGroupSink;

import com.google.common.collect.Table;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.sun.jersey.api.client.ClientResponse;

public class LdapPolicyMgrUserGroupBuilder implements UserGroupSink {

private static final Logger LOG = Logger.getLogger(LdapPolicyMgrUserGroupBuilder.class);
	
	private static final String AUTHENTICATION_TYPE = "hadoop.security.authentication";	
	private String AUTH_KERBEROS = "kerberos";
	private static final String PRINCIPAL = "ranger.usersync.kerberos.principal";
	private static final String KEYTAB = "ranger.usersync.kerberos.keytab";
	private static final String NAME_RULE = "hadoop.security.auth_to_local";
	
	public static final String PM_USER_LIST_URI  = "/service/xusers/users/";				// GET
	private static final String PM_ADD_USER_GROUP_INFO_URI = "/service/xusers/users/userinfo";	// POST
	
	private static final String PM_ADD_GROUP_USER_INFO_URI = "/service/xusers/groups/groupinfo";	// POST
	
	public static final String PM_GROUP_LIST_URI = "/service/xusers/groups/";				// GET
	private static final String PM_ADD_GROUP_URI = "/service/xusers/groups/";				// POST
	
	private static final String PM_DEL_USER_GROUP_LINK_URI = "/service/xusers/group/${groupName}/user/${userName}"; // DELETE
	
	public static final String PM_USER_GROUP_MAP_LIST_URI = "/service/xusers/groupusers/";		// GET
	
	public static final String PM_GET_GROUP_USER_MAP_LIST_URI = "/service/xusers/groupusers/groupName/${groupName}";		// GET
	
	private static final String PM_ADD_LOGIN_USER_URI = "/service/users/default";			// POST

	private static final String PM_AUDIT_INFO_URI = "/service/xusers/ugsync/auditinfo/";				// POST

	private static final String GROUP_SOURCE_EXTERNAL ="1";

	private static String LOCAL_HOSTNAME = "unknown";
	private String recordsToPullPerCall = "1000";
	private boolean isMockRun = false;
	private String policyMgrBaseUrl;
	private Cookie sessionId=null;
	private boolean isValidRangerCookie=false;
	List<NewCookie> cookieList=new ArrayList<>();

	private UserGroupSyncConfig  config = UserGroupSyncConfig.getInstance();

	private UserGroupInfo				usergroupInfo = new UserGroupInfo();
	private GroupUserInfo				groupuserInfo = new GroupUserInfo();
	private volatile RangerUgSyncRESTClient ldapUgSyncClient;
	
	Table<String, String, String> groupsUsersTable;

	private String authenticationType = null;
	String principal;
	String keytab;
	String nameRules;
    Map<String, String> userMap = new LinkedHashMap<String, String>();
    Map<String, String> groupMap = new LinkedHashMap<String, String>();
    private boolean isRangerCookieEnabled;
    private String rangerCookieName;
	static {
		try {
			LOCAL_HOSTNAME = java.net.InetAddress.getLocalHost().getCanonicalHostName();
		} catch (UnknownHostException e) {
			LOCAL_HOSTNAME = "unknown";
		}
	}
	
	synchronized public void init() throws Throwable {
		recordsToPullPerCall = config.getMaxRecordsPerAPICall();
		policyMgrBaseUrl = config.getPolicyManagerBaseURL();
		isMockRun = config.isMockRunEnabled();
		isRangerCookieEnabled = config.isUserSyncRangerCookieEnabled();
		rangerCookieName = config.getRangerAdminCookieName();

		if (isMockRun) {
			LOG.setLevel(Level.DEBUG);
		}
		sessionId=null;
		String keyStoreFile =  config.getSSLKeyStorePath();
		String trustStoreFile = config.getSSLTrustStorePath();
		String keyStoreFilepwd = config.getSSLKeyStorePathPassword();
		String trustStoreFilepwd = config.getSSLTrustStorePathPassword();
		String keyStoreType = KeyStore.getDefaultType();
		String trustStoreType = KeyStore.getDefaultType();
		authenticationType = config.getProperty(AUTHENTICATION_TYPE,"simple");
		try {
			principal = SecureClientLogin.getPrincipal(config.getProperty(PRINCIPAL,""), LOCAL_HOSTNAME);
		} catch (IOException ignored) {
			 // do nothing
		}
		keytab = config.getProperty(KEYTAB,"");
		nameRules = config.getProperty(NAME_RULE,"DEFAULT");
		ldapUgSyncClient = new RangerUgSyncRESTClient(policyMgrBaseUrl, keyStoreFile, keyStoreFilepwd, keyStoreType,
				trustStoreFile, trustStoreFilepwd, trustStoreType, authenticationType, principal, keytab,
				config.getPolicyMgrUserName(), config.getPolicyMgrPassword());

        String userGroupRoles = config.getGroupRoleRules();
        if (userGroupRoles != null && !userGroupRoles.isEmpty()) {
            getRoleForUserGroups(userGroupRoles);
        }
        if (LOG.isDebugEnabled()) {
			LOG.debug("PolicyMgrUserGroupBuilder.init()==> PolMgrBaseUrl : "+policyMgrBaseUrl+" KeyStore File : "+keyStoreFile+" TrustStore File : "+trustStoreFile+ "Authentication Type : "+authenticationType);
		}
    }

	@Override
	public void addOrUpdateUser(String userName, List<String> groups) throws Throwable {

	}

	@Override
	public void addOrUpdateGroup(String groupName, Map<String, String> groupAttrs) throws Throwable {
		//* Build the group info object and do the rest call
			if ( ! isMockRun ) {
				if ( addGroupInfo(groupName, groupAttrs) == null) {
					String msg = "Failed to add addorUpdate group info";
					LOG.error(msg);
					throw new Exception(msg);
				}
			}

	}
	
	private XGroupInfo addGroupInfo(final String groupName, Map<String, String> groupAttrs){
		XGroupInfo ret = null;
		XGroupInfo group = null;

		if (LOG.isDebugEnabled()) {
			LOG.debug("INFO: addPMXAGroup(" + groupName + ")");
		}
		if (! isMockRun) {
			group = addXGroupInfo(groupName, groupAttrs);
		}
		if (authenticationType != null && AUTH_KERBEROS.equalsIgnoreCase(authenticationType) && SecureClientLogin.isKerberosCredentialExists(principal,keytab)) {
			try {
				LOG.info("Using principal = " + principal + " and keytab = " + keytab);
				Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
				final XGroupInfo groupInfo = group;
				ret = Subject.doAs(sub, new PrivilegedAction<XGroupInfo>() {
					@Override
					public XGroupInfo run() {
						try {
							return getAddedGroupInfo(groupInfo);
						} catch (Exception e) {
							LOG.error("Failed to build Group List : ", e);
						}
						return null;
					}
				});
				return ret;
			} catch (Exception e) {
				LOG.error("Failed to Authenticate Using given Principal and Keytab : ", e);
			}
			return null;
		} else {
			return getAddedGroupInfo(group);
		}	
	}
	
	private XGroupInfo addXGroupInfo(String aGroupName, Map<String, String> groupAttrs) {
		
		XGroupInfo addGroup = new XGroupInfo();
		
		addGroup.setName(aGroupName);
		
		addGroup.setDescription(aGroupName + " - add from Unix box");
		
		addGroup.setGroupType("1");

		addGroup.setGroupSource(GROUP_SOURCE_EXTERNAL);
		Gson gson = new Gson();
		addGroup.setOtherAttributes(gson.toJson(groupAttrs));
		groupuserInfo.setXgroupInfo(addGroup);

		return addGroup;
	}

	private XGroupInfo getAddedGroupInfo(XGroupInfo group){	
		XGroupInfo ret = null;
		String response = null;
		ClientResponse clientRes = null;
		Gson gson = new GsonBuilder().create();
		String jsonString = gson.toJson(group);
		String relativeUrl = PM_ADD_GROUP_URI;

		if(isRangerCookieEnabled){
			response = cookieBasedUploadEntity(group, relativeUrl);
		}
		else {
			if (LOG.isDebugEnabled()) {
				LOG.debug("Group" + jsonString);
			}
			try {
				clientRes = ldapUgSyncClient.post(relativeUrl, null, group);
				if (clientRes != null) {
					response = clientRes.getEntity(String.class);
				}
			}
			catch(Throwable t){
				LOG.error("Failed to get response, Error is : ", t);
			}
		}

		if ( LOG.isDebugEnabled() ) {
			LOG.debug("RESPONSE: [" + response + "]");
		}

		ret = gson.fromJson(response, XGroupInfo.class);

		return ret;
	}

	public static void main(String[] args) throws Throwable {
		LdapPolicyMgrUserGroupBuilder  ugbuilder = new LdapPolicyMgrUserGroupBuilder();
		ugbuilder.init();

	}

	@Override
	public void addOrUpdateUser(String userName) throws Throwable {

	}

	@Override
	public void addOrUpdateUser(String userName, Map<String, String> userAttrs, List<String> groups) throws Throwable {
		// First add to x_portal_user
		if (LOG.isDebugEnabled()) {
			LOG.debug("INFO: addPMAccount(" + userName + ")");
		}
		if (! isMockRun) {
			if (addMUser(userName, userAttrs) == null) {
				String msg = "Failed to add portal user";
				LOG.error(msg);
				throw new Exception(msg);
			}
		}
		//* Build the user group info object with empty groups and do the rest call
		if ( ! isMockRun ) {
			// If the rest call to ranger admin fails,
			// propagate the failure to the caller for retry in next sync cycle.
			if (addUserGroupInfo(userName, userAttrs, groups) == null ) {
				String msg = "Failed to add addorUpdate user group info";
				LOG.error(msg);
				throw new Exception(msg);
			}
		}
	}

	private UserGroupInfo addUserGroupInfo(String userName, Map<String, String> userAttrs, List<String> groups){
		if(LOG.isDebugEnabled()) {
	 		LOG.debug("==> LdapPolicyMgrUserGroupBuilder.addUserGroupInfo " + userName + " and groups");
	 	}
		UserGroupInfo ret = null;
		XUserInfo user = null;
		if (LOG.isDebugEnabled()) {
			LOG.debug("INFO: addPMXAUser(" + userName + ")");
		}
		
		if (! isMockRun) {
			user = addXUserInfo(userName, userAttrs);
		}
		if (CollectionUtils.isNotEmpty(groups)) {
			for (String g : groups) {
				if (LOG.isDebugEnabled()) {
					LOG.debug("INFO: addPMXAGroupToUser(" + userName + "," + g + ")");
				}
			}
		}
		if (! isMockRun ) {
			addXUserGroupInfo(user, groups);
		}

		if (authenticationType != null && AUTH_KERBEROS.equalsIgnoreCase(authenticationType) && SecureClientLogin.isKerberosCredentialExists(principal, keytab)){
			try {
				Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
				final UserGroupInfo result = ret;
				ret = Subject.doAs(sub, new PrivilegedAction<UserGroupInfo>() {
					@Override
					public UserGroupInfo run() {
						try {
							return getUsergroupInfo(result);
						} catch (Exception e) {
							LOG.error("Failed to add User Group Info : ", e);
						}
						return null;
					}
				});
				return ret;
			} catch (Exception e) {
				LOG.error("Failed to Authenticate Using given Principal and Keytab : " , e);
			}
			return null;
		}else{
			return getUsergroupInfo(ret);
		}
	}
	
	private XUserInfo addXUserInfo(String aUserName, Map<String, String> userAttrs) {

		if (LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.addXUserInfo " + aUserName + " and " + userAttrs);
		}

		XUserInfo xuserInfo = new XUserInfo();

		xuserInfo.setName(aUserName);

		xuserInfo.setDescription(aUserName + " - add from Unix box");
		if (MapUtils.isNotEmpty(userAttrs)) {
			Gson gson = new Gson();
			xuserInfo.setOtherAttributes(gson.toJson(userAttrs));
		}
        if (userMap.containsKey(aUserName)) {
            List<String> roleList = new ArrayList<String>();
            roleList.add(userMap.get(aUserName));
            xuserInfo.setUserRoleList(roleList);
        }
		usergroupInfo.setXuserInfo(xuserInfo);

		if(LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.addXUserInfo " + aUserName + " and " + userAttrs);
		}
		
		return xuserInfo;
	}

	private void addXUserGroupInfo(XUserInfo aUserInfo, List<String> aGroupList) {

		if(LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.addXUserGroupInfo ");
		}
		
		List<XGroupInfo> xGroupInfoList = new ArrayList<XGroupInfo>();

		if (CollectionUtils.isNotEmpty(aGroupList)) {
			for (String groupName : aGroupList) {
				XGroupInfo group = addXGroupInfo(groupName, null);
				xGroupInfoList.add(group);
				addXUserGroupInfo(aUserInfo, group);
			}
		}
		
		usergroupInfo.setXgroupInfo(xGroupInfoList);
		if(LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.addXUserGroupInfo ");
		}
	}
	
	private XUserGroupInfo addXUserGroupInfo(XUserInfo aUserInfo, XGroupInfo aGroupInfo) {
		
		
	    XUserGroupInfo ugInfo = new XUserGroupInfo();
		
		ugInfo.setUserId(aUserInfo.getId());
		
		ugInfo.setGroupName(aGroupInfo.getName());
		
		// ugInfo.setParentGroupId("1");
		
        return ugInfo;
	}

	private UserGroupInfo getUsergroupInfo(UserGroupInfo ret) {
		if(LOG.isDebugEnabled()){
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.getUsergroupInfo(UserGroupInfo ret)");
		}
		String response = null;
		ClientResponse clientRes = null;
		Gson gson = new GsonBuilder().create();
		String jsonString = gson.toJson(usergroupInfo);
		String relativeUrl = PM_ADD_USER_GROUP_INFO_URI;

		if (LOG.isDebugEnabled()) {
			LOG.debug("USER GROUP MAPPING" + jsonString);
		}
		if(isRangerCookieEnabled){
			response = cookieBasedUploadEntity(usergroupInfo,relativeUrl);
		}
		else {
			try {
				clientRes = ldapUgSyncClient.post(relativeUrl, null, usergroupInfo);
				if (clientRes != null) {
					response = clientRes.getEntity(String.class);
				}
			}
			catch(Throwable t){
				LOG.error("Failed to get response, Error is : ", t);
			}
		}
		if ( LOG.isDebugEnabled() ) {
			LOG.debug("RESPONSE: [" + response + "]");
		}
		ret = gson.fromJson(response, UserGroupInfo.class);

		if(LOG.isDebugEnabled()){
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.getUsergroupInfo (UserGroupInfo ret)");
		}
		return ret;
	}

	@Override
	public void addOrUpdateGroup(String groupName, List<String> users) throws Throwable {
	}

	@Override
	public void addOrUpdateGroup(String groupName, Map<String, String> groupAttrs, List<String> users) throws Throwable {
		// First get the existing group user mappings from Ranger admin.
		// Then compute the delta and send the updated group user mappings to ranger admin.
		if (LOG.isDebugEnabled()) {
			LOG.debug("addOrUpdateGroup for " + groupName + " with users: " + users);
		}
		GroupUserInfo groupUserInfo = null;
		if (authenticationType != null && AUTH_KERBEROS.equalsIgnoreCase(authenticationType) && SecureClientLogin.isKerberosCredentialExists(principal,keytab)) {
			try {
				LOG.info("Using principal = " + principal + " and keytab = " + keytab);
				Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
				final String gName = groupName;
				groupUserInfo = Subject.doAs(sub, new PrivilegedAction<GroupUserInfo>() {
					@Override
					public GroupUserInfo run() {
						try {
							return getGroupUserInfo(gName);
						} catch (Exception e) {
							LOG.error("Failed to build Group List : ", e);
						}
						return null;
					}
				});
			} catch (Exception e) {
				LOG.error("Failed to Authenticate Using given Principal and Keytab : ", e);
			}
		} else {
			groupUserInfo = getGroupUserInfo(groupName);
		}	
		
        List<String> oldUsers = new ArrayList<String>();
        Map<String, List<String>> oldUserMap = new HashMap<String, List<String>>();
        if (groupUserInfo != null && groupUserInfo.getXuserInfo() != null) {
            for (XUserInfo xUserInfo : groupUserInfo.getXuserInfo()) {
                oldUsers.add(xUserInfo.getName());
                oldUserMap.put(xUserInfo.getName(), xUserInfo.getUserRoleList());
            }
			if (LOG.isDebugEnabled()) {
				LOG.debug("Returned users for group " + groupUserInfo.getXgroupInfo().getName() + " are: " + oldUsers);
			}
		}
		
		List<String> addUsers = new ArrayList<String>();
		List<String> delUsers = new ArrayList<String>();
		
		for (String user : oldUsers) {
			if (!users.contains(user)) {
				delUsers.add(user);
			}
		}
		if (oldUsers.isEmpty()) {
			addUsers = users;
		} else {
            for (String user : users) {
                if (!oldUsers.contains(user)|| !(oldUserMap.get(user).contains(groupMap.get(groupName)))) {
                    addUsers.add(user);
                }
			}
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("addUsers = " + addUsers);
		}
		delXGroupUserInfo(groupName, delUsers);
		
		//* Add user to group mapping in the x_group_user table. 
		//* Here the assumption is that the user already exists in x_portal_user table.
		if ( ! isMockRun ) {
			// If the rest call to ranger admin fails, 
			// propagate the failure to the caller for retry in next sync cycle.
			if (addGroupUserInfo(groupName, groupAttrs, addUsers) == null ) {
				String msg = "Failed to add addorUpdate group user info";
				LOG.error(msg);
				throw new Exception(msg);
			}
		}
	}

	@Override
	public void postUserGroupAuditInfo(UgsyncAuditInfo ugsyncAuditInfo) throws Throwable {
		if (! isMockRun) {
			addUserGroupAuditInfo(ugsyncAuditInfo);
		}

	}

	private void addUserGroupAuditInfo(UgsyncAuditInfo auditInfo) {
		if (LOG.isDebugEnabled()) {
			LOG.debug("INFO: addAuditInfo(" + auditInfo.getNoOfNewUsers() + ", " + auditInfo.getNoOfNewGroups() +
					", " + auditInfo.getNoOfModifiedUsers() + ", " + auditInfo.getNoOfModifiedGroups() +
					", " + auditInfo.getSyncSource() + ")");
		}

		if (authenticationType != null
				&& AUTH_KERBEROS.equalsIgnoreCase(authenticationType)
				&& SecureClientLogin.isKerberosCredentialExists(principal,
				keytab)) {
			try {
				Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
				final UgsyncAuditInfo auditInfoFinal = auditInfo;
				Subject.doAs(sub, new PrivilegedAction<Void>() {
					@Override
					public Void run() {
						try {
							getUserGroupAuditInfo(auditInfoFinal);
						} catch (Exception e) {
							LOG.error("Failed to add User : ", e);
						}
						return null;
					}
				});
				return;
			} catch (Exception e) {
				LOG.error("Failed to Authenticate Using given Principal and Keytab : " , e);
			}
			return;
		} else {
			getUserGroupAuditInfo(auditInfo);
		}
	}


	private void getUserGroupAuditInfo(UgsyncAuditInfo userInfo) {
		if(LOG.isDebugEnabled()){
			LOG.debug("==> PolicyMgrUserGroupBuilder.getUserGroupAuditInfo()");
		}
		String response = null;
		ClientResponse clientRes = null;
		Gson gson = new GsonBuilder().create();
		String relativeUrl = PM_AUDIT_INFO_URI;

		if(isRangerCookieEnabled){
			response = cookieBasedUploadEntity(userInfo, relativeUrl);
		}
		else {
			try {
				clientRes = ldapUgSyncClient.post(relativeUrl, null, userInfo);
				if (clientRes != null) {
					response = clientRes.getEntity(String.class);
				}
			}
			catch(Throwable t){
				LOG.error("Failed to get response, Error is : ", t);
			}
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("RESPONSE[" + response + "]");
		}
		gson.fromJson(response, UgsyncAuditInfo.class);

		if(LOG.isDebugEnabled()){
			LOG.debug("AuditInfo Creation successful ");
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.getUserGroupAuditInfo()");
		}
	}

	private void delXGroupUserInfo(final String groupName, List<String> userList) {
		if(LOG.isDebugEnabled()) {
	 		LOG.debug("==> LdapPolicyMgrUserGroupBuilder.delXGroupUserInfo " + groupName + " and " + userList);
	 	}
		for(final String userName : userList) {
			if (authenticationType != null && AUTH_KERBEROS.equalsIgnoreCase(authenticationType) && SecureClientLogin.isKerberosCredentialExists(principal, keytab)) {
				try {
					LOG.info("Using principal = " + principal + " and keytab = " + keytab);
					Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
					Subject.doAs(sub, new PrivilegedAction<Void>() {
						@Override
						public Void run() {
							try {
								delXGroupUserInfo(groupName, userName);
							} catch (Exception e) {
								LOG.error("Failed to build Group List : ", e);
							}
							return null;
						}
					});
				} catch (Exception e) {
					LOG.error("Failed to Authenticate Using given Principal and Keytab : ",e);
				}
			} else {
				delXGroupUserInfo(groupName, userName);
			}
		}
	}

	private void delXGroupUserInfo(String groupName, String userName) {

		if (LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.delXUserGroupInfo()");
		}

		try {
			ClientResponse response = null;

			String relativeUrl = PM_DEL_USER_GROUP_LINK_URI.replaceAll(Pattern.quote("${groupName}"),
					   URLEncoderUtil.encodeURIParam(groupName)).replaceAll(Pattern.quote("${userName}"), URLEncoderUtil.encodeURIParam(userName));
			if (isRangerCookieEnabled) {
				if (sessionId != null && isValidRangerCookie) {
					response = ldapUgSyncClient.delete(relativeUrl, null, sessionId);
					if (response != null) {
						if (!(response.toString().contains(relativeUrl))) {
							response.setStatus(HttpServletResponse.SC_NOT_FOUND);
							sessionId = null;
							isValidRangerCookie = false;
						} else if (response.getStatus() == HttpServletResponse.SC_UNAUTHORIZED) {
							LOG.warn("response from ranger is 401 unauthorized");
							sessionId = null;
							isValidRangerCookie = false;
						} else if (response.getStatus() == HttpServletResponse.SC_NO_CONTENT
								|| response.getStatus() == HttpServletResponse.SC_OK) {
							cookieList = response.getCookies();
							for (NewCookie cookie : cookieList) {
								if (cookie.getName().equalsIgnoreCase(rangerCookieName)) {
									sessionId = cookie.toCookie();
									isValidRangerCookie = true;
									break;
								}
							}
						}

						if (response.getStatus() != HttpServletResponse.SC_OK && response.getStatus() != HttpServletResponse.SC_NO_CONTENT
								&& response.getStatus() != HttpServletResponse.SC_BAD_REQUEST) {
							sessionId = null;
							isValidRangerCookie = false;
						}
					}
				}
			}
			else {
				response = ldapUgSyncClient.delete(relativeUrl, null);
			}
		    if ( LOG.isDebugEnabled() ) {
		    	LOG.debug("RESPONSE: [" + response.toString() + "]");
		    }
		} catch (Exception e) {
			LOG.warn( "ERROR: Unable to delete GROUP: " + groupName  + " from USER:" + userName , e);
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.delXUserGroupInfo()");
		}
	}
	
	private GroupUserInfo addGroupUserInfo(String groupName, Map<String, String> groupAttrs, List<String> users){
		if(LOG.isDebugEnabled()) {
	 		LOG.debug("==> LdapPolicyMgrUserGroupBuilder.addGroupUserInfo " + groupName + " and " + users);
	 	}
		GroupUserInfo ret = null;
		XGroupInfo group = null;

		if (LOG.isDebugEnabled()) {
			LOG.debug("INFO: addPMXAGroup(" + groupName + ")");
		}
		if (! isMockRun) {
			group = addXGroupInfo(groupName, groupAttrs);
		}
		for(String u : users) {
			if (LOG.isDebugEnabled()) {
				LOG.debug("INFO: addPMXAGroupToUser(" + groupName + "," + u + ")");
			}
		}
		if (! isMockRun ) {
			addXGroupUserInfo(group, users);
		}
		if (authenticationType != null && AUTH_KERBEROS.equalsIgnoreCase(authenticationType) && SecureClientLogin.isKerberosCredentialExists(principal, keytab)){
			try {
				Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
				final GroupUserInfo result = ret;
				ret = Subject.doAs(sub, new PrivilegedAction<GroupUserInfo>() {
					@Override
					public GroupUserInfo run() {
						try {
							return getGroupUserInfo(result);
						} catch (Exception e) {
							LOG.error("Failed to add User Group Info : ", e);
						}
						return null;
					}
				});
				return ret;
			} catch (Exception e) {
				LOG.error("Failed to Authenticate Using given Principal and Keytab : " , e);
			}
			return null;
		}else{
			return getGroupUserInfo(ret);
		}
	}
	
	private void addXGroupUserInfo(XGroupInfo aGroupInfo, List<String> aUserList) {

		List<XUserInfo> xUserInfoList = new ArrayList<XUserInfo>();

		for(String userName : aUserList) {
			XUserInfo user = addXUserInfo(userName, null);
			xUserInfoList.add(user);
			addXUserGroupInfo(user, aGroupInfo);
		}

		groupuserInfo.setXuserInfo(xUserInfoList);
	}

	private GroupUserInfo getGroupUserInfo(GroupUserInfo ret) {
		if(LOG.isDebugEnabled()){
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.getGroupUserInfo(GroupUserInfo ret)");
		}
		String response = null;
		ClientResponse clientRes = null;
		String relativeUrl = PM_ADD_GROUP_USER_INFO_URI;
		Gson gson = new GsonBuilder().create();
		

        if (groupuserInfo != null
                && groupuserInfo.getXgroupInfo() != null
                && groupuserInfo.getXuserInfo() != null
                && groupMap
                        .containsKey(groupuserInfo.getXgroupInfo().getName())
                && groupuserInfo.getXuserInfo().size() > 0) {
            List<String> userRoleList = new ArrayList<String>();
            userRoleList.add(groupMap.get(groupuserInfo.getXgroupInfo()
                    .getName()));
            int i = groupuserInfo.getXuserInfo().size();
            for (int j = 0; j < i; j++) {
                if (userMap.containsKey(groupuserInfo.getXuserInfo().get(j)
                        .getName())) {
                    List<String> userRole = new ArrayList<String>();
                    userRole.add(userMap.get(groupuserInfo.getXuserInfo()
                            .get(j).getName()));
                    groupuserInfo.getXuserInfo().get(j)
                            .setUserRoleList(userRole);
                } else {
                    groupuserInfo.getXuserInfo().get(j)
                            .setUserRoleList(userRoleList);
                }
            }
        }
        String jsonString = gson.toJson(groupuserInfo);
        if (LOG.isDebugEnabled()) {
            LOG.debug("GROUP USER MAPPING" + jsonString);
        }

        if(isRangerCookieEnabled){
			response = cookieBasedUploadEntity(groupuserInfo,relativeUrl);
		}
        else {
			try {
				clientRes = ldapUgSyncClient.post(relativeUrl, null, groupuserInfo);
				if (clientRes != null) {
					response = clientRes.getEntity(String.class);
				}
			}catch(Throwable t){
				LOG.error("Failed to get response, Error is : ", t);
			}
        }
        if (LOG.isDebugEnabled()) {
			LOG.debug("RESPONSE: [" + response + "]");
		}
		ret = gson.fromJson(response, GroupUserInfo.class);
		if(LOG.isDebugEnabled()){
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.getGroupUserInfo(GroupUserInfo ret)");
		}
		return ret;
	}

	
	private MUserInfo addMUser(String aUserName, Map<String, String> userAttrs) {
		MUserInfo ret = null;
		MUserInfo userInfo = new MUserInfo();

		userInfo.setLoginId(aUserName);
		userInfo.setFirstName(aUserName);
        userInfo.setLastName(aUserName);
		Gson gson = new Gson();
        userInfo.setOtherAttributes(gson.toJson(userAttrs));
        String str[] = new String[1];
        if (userMap.containsKey(aUserName)) {
            str[0] = userMap.get(aUserName);
        }
        userInfo.setUserRoleList(str);
        if (authenticationType != null
                && AUTH_KERBEROS.equalsIgnoreCase(authenticationType)
                && SecureClientLogin.isKerberosCredentialExists(principal,
                        keytab)) {
            try {
				Subject sub = SecureClientLogin.loginUserFromKeytab(principal, keytab, nameRules);
				final MUserInfo result = ret;
				final MUserInfo userInfoFinal = userInfo;
				ret = Subject.doAs(sub, new PrivilegedAction<MUserInfo>() {
					@Override
					public MUserInfo run() {
						try {
							return getMUser(userInfoFinal, result);
						} catch (Exception e) {
							LOG.error("Failed to add User : ", e);
						}
						return null;
					}
				});
				return ret;
			} catch (Exception e) {
				LOG.error("Failed to Authenticate Using given Principal and Keytab : " , e);
			}
			return null;
		} else {
			return getMUser(userInfo, ret);
		}
	}


	private MUserInfo getMUser(MUserInfo userInfo, MUserInfo ret) {
		if(LOG.isDebugEnabled()){
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.getMUser()");
		}
		String response = null;
		ClientResponse clientRes = null;
		Gson gson = new GsonBuilder().create();
		String relativeUrl = PM_ADD_LOGIN_USER_URI;
		if (isRangerCookieEnabled) {
			response = cookieBasedUploadEntity(userInfo, relativeUrl);
		} else {
			try {
				clientRes = ldapUgSyncClient.post(relativeUrl, null, userInfo);
				if (clientRes != null) {
					response = clientRes.getEntity(String.class);
				}
			} catch (Exception e) {
				LOG.error("Failed to get response, Error is : " + e.getMessage());
			}
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("RESPONSE[" + response + "]");
		}
	    ret = gson.fromJson(response, MUserInfo.class);

	    if (LOG.isDebugEnabled()) {
			LOG.debug("MUser Creation successful " + ret);
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.getMUser()");
		}
		return ret;
	}
	
	public GroupUserInfo getGroupUserInfo(String groupName) {
		GroupUserInfo ret = null;
		if(LOG.isDebugEnabled()){
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.getGroupUserInfo(String groupName)");
		}
		try {
			String response = null;
			ClientResponse clientRes = null;
			Gson gson = new GsonBuilder().create();
			String relativeUrl = PM_GET_GROUP_USER_MAP_LIST_URI.replaceAll(Pattern.quote("${groupName}"),
					   URLEncoderUtil.encodeURIParam(groupName));

			if (isRangerCookieEnabled) {
				response = cookieBasedGetEntity(relativeUrl, 0);
			}
			else {
				clientRes = ldapUgSyncClient.get(relativeUrl, null);
				if (clientRes != null) {
					response = clientRes.getEntity(String.class);
				}
			}
			if(LOG.isDebugEnabled()){
				LOG.debug("RESPONSE for " + relativeUrl + ": [" + response + "]");
			}

		    ret = gson.fromJson(response, GroupUserInfo.class);

		} catch (Exception e) {

			LOG.warn( "ERROR: Unable to get group user mappings for: " + groupName, e);
		}
		if(LOG.isDebugEnabled()){
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.getGroupUserInfo(String groupName)");
		}
		return ret;
	}

	private String cookieBasedUploadEntity(Object obj, String apiURL ) {
		if (LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.cookieBasedUploadEntity()");
		}
		String response = null;
		if (sessionId != null && isValidRangerCookie) {
			response = tryUploadEntityWithCookie(obj, apiURL);
		}
		else{
			response = tryUploadEntityWithCred(obj, apiURL);
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.cookieBasedUploadEntity()");
		}
		return response;
	}

	private String cookieBasedGetEntity(String apiURL ,int retrievedCount) {
		if (LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.cookieBasedGetEntity()");
		}
		String response = null;
		if (sessionId != null && isValidRangerCookie) {
			response = tryGetEntityWithCookie(apiURL,retrievedCount);
		}
		else{
			response = tryGetEntityWithCred(apiURL,retrievedCount);
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.cookieBasedGetEntity()");
		}
		return response;
	}

	private String tryUploadEntityWithCookie(Object obj, String apiURL) {
		if (LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.tryUploadEntityWithCookie()");
		}
		String response = null;
		ClientResponse clientResp = null;
		try {
			clientResp = ldapUgSyncClient.post(apiURL, null, obj, sessionId);
		}
		catch(Throwable t){
			LOG.error("Failed to get response, Error is : ", t);
		}
		if (clientResp != null) {
			if (!(clientResp.toString().contains(apiURL))) {
				clientResp.setStatus(HttpServletResponse.SC_NOT_FOUND);
				sessionId = null;
				isValidRangerCookie = false;
			} else if (clientResp.getStatus() == HttpServletResponse.SC_UNAUTHORIZED) {
				sessionId = null;
				isValidRangerCookie = false;
			} else if (clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT || clientResp.getStatus() == HttpServletResponse.SC_OK) {
				List<NewCookie> respCookieList = clientResp.getCookies();
				for (NewCookie cookie : respCookieList) {
					if (cookie.getName().equalsIgnoreCase(rangerCookieName)) {
						if (!(sessionId.getValue().equalsIgnoreCase(cookie.toCookie().getValue()))) {
							sessionId = cookie.toCookie();
						}
						isValidRangerCookie = true;
						break;
					}
				}
			}

			if (clientResp.getStatus() != HttpServletResponse.SC_OK	&& clientResp.getStatus() != HttpServletResponse.SC_NO_CONTENT
					&& clientResp.getStatus() != HttpServletResponse.SC_BAD_REQUEST) {
				sessionId = null;
				isValidRangerCookie = false;
			}
			clientResp.bufferEntity();
			response = clientResp.getEntity(String.class);
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.tryUploadEntityWithCookie()");
		}
		return response;
	}


	private String tryUploadEntityWithCred(Object obj, String apiURL){
		if(LOG.isDebugEnabled()){
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.tryUploadEntityInfoWithCred()");
		}
		String response = null;
		ClientResponse clientResp = null;
		Gson gson = new GsonBuilder().create();
		String jsonString = gson.toJson(obj);

		if ( LOG.isDebugEnabled() ) {
		   LOG.debug("USER GROUP MAPPING" + jsonString);
		}
		try{
			clientResp = ldapUgSyncClient.post(apiURL, null, obj);
		}
		catch(Throwable t){
			LOG.error("Failed to get response, Error is : ", t);
		}
		if (clientResp != null) {
			if (!(clientResp.toString().contains(apiURL))) {
				clientResp.setStatus(HttpServletResponse.SC_NOT_FOUND);
			} else if (clientResp.getStatus() == HttpServletResponse.SC_UNAUTHORIZED) {
				LOG.warn("Credentials response from ranger is 401.");
			} else if (clientResp.getStatus() == HttpServletResponse.SC_OK || clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT) {
				cookieList = clientResp.getCookies();
				for (NewCookie cookie : cookieList) {
					if (cookie.getName().equalsIgnoreCase(rangerCookieName)) {
						sessionId = cookie.toCookie();
						isValidRangerCookie = true;
						LOG.info("valid cookie saved ");
						break;
					}
				}
			}
			if (clientResp.getStatus() != HttpServletResponse.SC_OK && clientResp.getStatus() != HttpServletResponse.SC_NO_CONTENT
					&& clientResp.getStatus() != HttpServletResponse.SC_BAD_REQUEST) {
				sessionId = null;
				isValidRangerCookie = false;
			}
			clientResp.bufferEntity();
			response = clientResp.getEntity(String.class);
		}

		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.tryUploadEntityInfoWithCred()");
		}
		return response;
	}

	private String tryGetEntityWithCred(String apiURL, int retrievedCount) {
		if(LOG.isDebugEnabled()){
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.tryGetEntityWithCred()");
		}
		String response = null;
		ClientResponse clientResp = null;

		Map<String, String> queryParams = new HashMap<String, String>();
		queryParams.put("pageSize", recordsToPullPerCall);
		queryParams.put("startIndex", String.valueOf(retrievedCount));
		try{
			clientResp = ldapUgSyncClient.get(apiURL, queryParams);
		}
		catch(Throwable t){
			LOG.error("Failed to get response, Error is : ", t);
		}
		if (clientResp != null) {
			if (!(clientResp.toString().contains(apiURL))) {
				clientResp.setStatus(HttpServletResponse.SC_NOT_FOUND);
			} else if (clientResp.getStatus() == HttpServletResponse.SC_UNAUTHORIZED) {
				LOG.warn("Credentials response from ranger is 401.");
			} else if (clientResp.getStatus() == HttpServletResponse.SC_OK || clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT) {
				cookieList = clientResp.getCookies();
				for (NewCookie cookie : cookieList) {
					if (cookie.getName().equalsIgnoreCase(rangerCookieName)) {
						sessionId = cookie.toCookie();
						isValidRangerCookie = true;
						LOG.info("valid cookie saved ");
						break;
					}
				}
			}
			if (clientResp.getStatus() != HttpServletResponse.SC_OK && clientResp.getStatus() != HttpServletResponse.SC_NO_CONTENT
					&& clientResp.getStatus() != HttpServletResponse.SC_BAD_REQUEST) {
				sessionId = null;
				isValidRangerCookie = false;
			}
			clientResp.bufferEntity();
			response = clientResp.getEntity(String.class);
		}

		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.tryGetEntityWithCred()");
		}
		return response;
	}


	private String tryGetEntityWithCookie(String apiURL, int retrievedCount) {
		if (LOG.isDebugEnabled()) {
			LOG.debug("==> LdapPolicyMgrUserGroupBuilder.tryGetEntityWithCookie()");
		}
		String response = null;
		ClientResponse clientResp = null;

		Map<String, String> queryParams = new HashMap<String, String>();
		queryParams.put("pageSize", recordsToPullPerCall);
		queryParams.put("startIndex", String.valueOf(retrievedCount));
		try {
			clientResp = ldapUgSyncClient.get(apiURL, queryParams, sessionId);
		}
		catch(Throwable t){
			LOG.error("Failed to get response, Error is : ", t);
		}
		if (clientResp != null) {
			if (!(clientResp.toString().contains(apiURL))) {
				clientResp.setStatus(HttpServletResponse.SC_NOT_FOUND);
				sessionId = null;
				isValidRangerCookie = false;
			} else if (clientResp.getStatus() == HttpServletResponse.SC_UNAUTHORIZED) {
				sessionId = null;
				isValidRangerCookie = false;
			} else if (clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT || clientResp.getStatus() == HttpServletResponse.SC_OK) {
				List<NewCookie> respCookieList = clientResp.getCookies();
				for (NewCookie cookie : respCookieList) {
					if (cookie.getName().equalsIgnoreCase(rangerCookieName)) {
						if (!(sessionId.getValue().equalsIgnoreCase(cookie.toCookie().getValue()))) {
							sessionId = cookie.toCookie();
						}
						isValidRangerCookie = true;
						break;
					}
				}
			}

			if (clientResp.getStatus() != HttpServletResponse.SC_OK	&& clientResp.getStatus() != HttpServletResponse.SC_NO_CONTENT
					&& clientResp.getStatus() != HttpServletResponse.SC_BAD_REQUEST) {
				sessionId = null;
				isValidRangerCookie = false;
			}
			clientResp.bufferEntity();
			response = clientResp.getEntity(String.class);
		}
		if (LOG.isDebugEnabled()) {
			LOG.debug("<== LdapPolicyMgrUserGroupBuilder.tryGetEntityWithCookie()");
		}
		return response;
	}

    private void getRoleForUserGroups(String userGroupRolesData) {
        String roleDelimiter = config.getRoleDelimiter();
        String userGroupDelimiter = config.getUserGroupDelimiter();
        String userNameDelimiter = config.getUserGroupNameDelimiter();
        if (roleDelimiter == null || roleDelimiter.isEmpty()) {
            roleDelimiter = "&";
        }
        if (userGroupDelimiter == null || userGroupDelimiter.isEmpty()) {
            userGroupDelimiter = ":";
        }
        if (userNameDelimiter == null || userNameDelimiter.isEmpty()) {
            userNameDelimiter = ",";
        }
        StringTokenizer str = new StringTokenizer(userGroupRolesData,
                roleDelimiter);
        int flag = 0;
        String userGroupCheck = null;
        String roleName = null;
        while (str.hasMoreTokens()) {
            flag = 0;
            String tokens = str.nextToken();
            if (tokens != null && !tokens.isEmpty()) {
                StringTokenizer userGroupRoles = new StringTokenizer(tokens,
                        userGroupDelimiter);
                if (userGroupRoles != null) {
                    while (userGroupRoles.hasMoreElements()) {
                        String userGroupRolesTokens = userGroupRoles
                                .nextToken();
                        if (userGroupRolesTokens != null
                                && !userGroupRolesTokens.isEmpty()) {
                            flag++;
                            switch (flag) {
                            case 1:
                                roleName = userGroupRolesTokens;
                                break;
                            case 2:
                                userGroupCheck = userGroupRolesTokens;
                                break;
                            case 3:
                                StringTokenizer userGroupNames = new StringTokenizer(
                                        userGroupRolesTokens, userNameDelimiter);
                                if (userGroupNames != null) {
                                    while (userGroupNames.hasMoreElements()) {
                                        String userGroup = userGroupNames
                                                .nextToken();
                                        if (userGroup != null
                                                && !userGroup.isEmpty()) {
                                            if (userGroupCheck.trim().equalsIgnoreCase("u")) {
                                                userMap.put(userGroup.trim(), roleName.trim());
                                            } else if (userGroupCheck.trim().equalsIgnoreCase("g")) {
                                                groupMap.put(userGroup.trim(),
                                                        roleName.trim());
                                            }
                                        }
                                    }
                                }
                                break;
                            default:
                                userMap.clear();
                                groupMap.clear();
                                break;
                            }
                        }
                    }
                }
            }
        }
    }
}