From f83a5d87065c46fbb62696e8efc4143cef3db5a1 Mon Sep 17 00:00:00 2001
From: Madhan Neethiraj <madhan@apache.org>
Date: Thu, 23 Oct 2025 09:39:52 -0700
Subject: [PATCH 1/3] RANGER-5382: update admin server installation to support
 configurations for kerberized Solr

---
 security-admin/scripts/setup.sh               | 19 +++++++++++
 .../resources/conf.dist/ranger-admin-site.xml | 32 +++++++++++++++++++
 2 files changed, 51 insertions(+)

diff --git a/security-admin/scripts/setup.sh b/security-admin/scripts/setup.sh
index 1fef99ee45..727ae580e5 100755
--- a/security-admin/scripts/setup.sh
+++ b/security-admin/scripts/setup.sh
@@ -263,6 +263,16 @@ updatePropertyToFilePy(){
         check_ret_status $? "Update property failed for: " $1
 }
 
+#Update Properties to File if value is not empty
+#$1 -> propertyName $2 -> newPropertyValue $3 -> fileName
+updatePropertyToFilePyIfNotEmpty(){
+    if [ "${2}" != "" ]
+    then
+        $PYTHON_COMMAND_INVOKER update_property.py $1 "${2}" $3
+        check_ret_status $? "Update property failed for: " $1
+    fi
+}
+
 init_variables(){
 	curDt=`date '+%Y%m%d%H%M%S'`
 	VERSION=`cat ${PWD}/version`
@@ -975,6 +985,15 @@ update_properties() {
 		fi
 	fi
 
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.loginModuleName' "$(get_prop_or_default 'audit_jaas_client_loginModuleName' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.loginModuleControlFlag' "$(get_prop_or_default 'audit_jaas_client_loginModuleControlFlag' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.option.useKeyTab' "$(get_prop_or_default 'audit_jaas_client_option_useKeyTab' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.option.storeKey' "$(get_prop_or_default 'audit_jaas_client_option_storeKey' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.option.useTicketCache' "$(get_prop_or_default 'audit_jaas_client_option_useTicketCache' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.option.serviceName' "$(get_prop_or_default 'audit_jaas_client_option_serviceName' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.option.keyTab' "$(get_prop_or_default 'audit_jaas_client_option_keyTab' $PROPFILE '')" $to_file_ranger
+	updatePropertyToFilePyIfNotEmpty 'xasecure.audit.jaas.Client.option.principal' "$(get_prop_or_default 'audit_jaas_client_option_principal' $PROPFILE '')" $to_file_ranger
+
 	if [ "${sso_enabled}" == "" ]
 	then
 		sso_enabled="false"
diff --git a/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml b/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
index 717004dce4..2da6f1c436 100644
--- a/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
+++ b/security-admin/src/main/resources/conf.dist/ranger-admin-site.xml
@@ -407,4 +407,36 @@
 			</name>
 			<value>0</value>
 		</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.loginModuleName</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.loginModuleControlFlag</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.option.useKeyTab</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.option.storeKey</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.option.useTicketCache</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.option.serviceName</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.option.keyTab</name>
+		<value></value>
+	</property>
+	<property>
+		<name>xasecure.audit.jaas.Client.option.principal</name>
+		<value></value>
+	</property>
 </configuration>

From fce85f15a74c8122f3316d58d821e481ee167527 Mon Sep 17 00:00:00 2001
From: Madhan Neethiraj <madhan@apache.org>
Date: Thu, 23 Oct 2025 10:07:49 -0700
Subject: [PATCH 2/3] RANGER-5382: addressed review suggestion

---
 security-admin/scripts/setup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security-admin/scripts/setup.sh b/security-admin/scripts/setup.sh
index 727ae580e5..ca9c9ebe5f 100755
--- a/security-admin/scripts/setup.sh
+++ b/security-admin/scripts/setup.sh
@@ -266,7 +266,7 @@ updatePropertyToFilePy(){
 #Update Properties to File if value is not empty
 #$1 -> propertyName $2 -> newPropertyValue $3 -> fileName
 updatePropertyToFilePyIfNotEmpty(){
-    if [ "${2}" != "" ]
+    if [ -n "${2}" ]
     then
         $PYTHON_COMMAND_INVOKER update_property.py $1 "${2}" $3
         check_ret_status $? "Update property failed for: " $1

From c926a9996ebe9f0c0d97a4d310519d251825af91 Mon Sep 17 00:00:00 2001
From: Madhan Neethiraj <madhan@apache.org>
Date: Fri, 24 Oct 2025 11:16:28 -0700
Subject: [PATCH 3/3] RANGER-5382: added new configurations to default
 install.properties of Ranger admin

---
 security-admin/scripts/install.properties | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/security-admin/scripts/install.properties b/security-admin/scripts/install.properties
index eb157f943e..0f5a093f6a 100644
--- a/security-admin/scripts/install.properties
+++ b/security-admin/scripts/install.properties
@@ -230,6 +230,14 @@ admin_principal=
 admin_keytab=
 lookup_principal=
 lookup_keytab=
+audit_jaas_client_loginModuleName=
+audit_jaas_client_loginModuleControlFlag=
+audit_jaas_client_option_useKeyTab=
+audit_jaas_client_option_storeKey=
+audit_jaas_client_option_useTicketCache=
+audit_jaas_client_option_serviceName=
+audit_jaas_client_option_keyTab=
+audit_jaas_client_option_principal=
 hadoop_conf=/etc/hadoop/conf
 #
 #-------- SSO CONFIG - Start ------------------