I'm able to list Knox topologies in Ranger and created Ranger policy for webhdfs. Ran the script ranger-knox-plugin.sh and created ranger-security, audits and policymgr-ssl xmls.
Configured one topology for webhdfs in knox and added below
<provider>
<role>authorization</role>
<name>XASecurePDPKnox</name>
<enabled>true</enabled>
</provider>
When I run curl to webhdfs I'm getting 403 error and I could see in Ranger audits access is denied by ranger-acl.
I could nail it down to policy not getting downloaded from Ranger but don't see any error in Knox gateway.log even after setting the logging to debug.
Knox is enabled with self-signed and ranger with no ssl. I imported knox cert to Ranger cacert.
Am I missing any steps in Knox configuration that could be preventing the policy download?
Any help is appreciated!