Support Questions

Find answers, ask questions, and share your expertise
Announcements
Check out our newest addition to the community, the Cloudera Data Analytics (CDA) group hub.

Problem when delete policy in ranger by name,How to delete a policy in Ranger with service name and policy name?

Explorer

Hi,

I try to delete ranger policy by name, but failed(delete by policy id succeeds):

curl -v -u admin:admin -X DELETE http://myhost:6080/service/public/v2/api/policy?servicename=myservice&policyname=mypolicy

It reports HTTP/1.1 400 Bad Request

Does anyone know the reasons?

,

Follow the document I user the Restapi to delete a policy

I can successfully delete policy by poicyid using curl, but failed to delete policy by name.

curl -v -u admin:admin -X DELETE http://35.167.43.5:6080/service/public/v2/api/policy?servicename=hawq&policyname=mypolicy

But it reports HTTP/1.1 400 Bad Request.

Does anyone know the reason?

Thanks

1 ACCEPTED SOLUTION

Cloudera Employee

@hubert zhang bIt should work. I used the following to delete a policy 'test' in service 'cl1_hadoop'

# curl -v -u admin:admin -X DELETE 'http://localhost:6080/service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test'
* About to connect() to localhost port 6080 (#0)
*   Trying ::1... connected
* Connected to localhost (::1) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: localhost:6080
> Accept: */*
>
< HTTP/1.1 204 No Content
< Server: Apache-Coyote/1.1
< Set-Cookie: RANGERADMINSESSIONID=3A91B6A9E428A09CBA0291AA5CA8D8A2; Path=/; HttpOnly
< X-Frame-Options: DENY
< Date: Thu, 09 Feb 2017 06:25:35 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0

Please note the single quotes above.

View solution in original post

4 REPLIES 4

Rising Star

Explorer

Yes, I could delete by id. But I find policy can be deleted by policy name in Ranger wiki. Doesn't it work?

Cloudera Employee

@hubert zhang bIt should work. I used the following to delete a policy 'test' in service 'cl1_hadoop'

# curl -v -u admin:admin -X DELETE 'http://localhost:6080/service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test'
* About to connect() to localhost port 6080 (#0)
*   Trying ::1... connected
* Connected to localhost (::1) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: localhost:6080
> Accept: */*
>
< HTTP/1.1 204 No Content
< Server: Apache-Coyote/1.1
< Set-Cookie: RANGERADMINSESSIONID=3A91B6A9E428A09CBA0291AA5CA8D8A2; Path=/; HttpOnly
< X-Frame-Options: DENY
< Date: Thu, 09 Feb 2017 06:25:35 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0

Please note the single quotes above.

Explorer

Thanks @akulkarni, the single quotes works.

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.