Support Questions

hzhang · ‎02-09-2017

Hi,

I try to delete ranger policy by name, but failed(delete by policy id succeeds):

curl -v -u admin:admin -X DELETE http://myhost:6080/service/public/v2/api/policy?servicename=myservice&policyname=mypolicy

It reports HTTP/1.1 400 Bad Request

Does anyone know the reasons?

,

Follow the document I user the Restapi to delete a policy

I can successfully delete policy by poicyid using curl, but failed to delete policy by name.

curl -v -u admin:admin -X DELETE http://35.167.43.5:6080/service/public/v2/api/policy?servicename=hawq&policyname=mypolicy

But it reports HTTP/1.1 400 Bad Request.

Does anyone know the reason?

Thanks

akulkarni1 · ‎02-09-2017

@hubert zhang bIt should work. I used the following to delete a policy 'test' in service 'cl1_hadoop'

# curl -v -u admin:admin -X DELETE 'http://localhost:6080/service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test'
* About to connect() to localhost port 6080 (#0)
*   Trying ::1... connected
* Connected to localhost (::1) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: localhost:6080
> Accept: */*
>
< HTTP/1.1 204 No Content
< Server: Apache-Coyote/1.1
< Set-Cookie: RANGERADMINSESSIONID=3A91B6A9E428A09CBA0291AA5CA8D8A2; Path=/; HttpOnly
< X-Frame-Options: DENY
< Date: Thu, 09 Feb 2017 06:25:35 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0

Please note the single quotes above.

View solution in original post

ahallam · ‎02-09-2017

you can delete by using the policy ID

check here : https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.4.3/bk_Security_Guide/content/ranger_rest_api_d...

hzhang · ‎02-09-2017

Yes, I could delete by id. But I find policy can be deleted by policy name in Ranger wiki. Doesn't it work?

akulkarni1 · ‎02-09-2017

@hubert zhang bIt should work. I used the following to delete a policy 'test' in service 'cl1_hadoop'

# curl -v -u admin:admin -X DELETE 'http://localhost:6080/service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test'
* About to connect() to localhost port 6080 (#0)
*   Trying ::1... connected
* Connected to localhost (::1) port 6080 (#0)
* Server auth using Basic with user 'admin'
> DELETE /service/public/v2/api/policy?servicename=cl1_hadoop&policyname=test HTTP/1.1
> Authorization: Basic YWRtaW46YWRtaW4=
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: localhost:6080
> Accept: */*
>
< HTTP/1.1 204 No Content
< Server: Apache-Coyote/1.1
< Set-Cookie: RANGERADMINSESSIONID=3A91B6A9E428A09CBA0291AA5CA8D8A2; Path=/; HttpOnly
< X-Frame-Options: DENY
< Date: Thu, 09 Feb 2017 06:25:35 GMT
<
* Connection #0 to host localhost left intact
* Closing connection #0

Please note the single quotes above.

hzhang · ‎02-10-2017

Thanks @akulkarni, the single quotes works.

Cloudera Community

Cloudera Community

Support Questions

Problem when delete policy in ranger by name,How to delete a policy in Ranger with service name and policy name?