Logging In to the Ranger Web UI

Ranger provides a centralized permission management framework to implement fine-grained permission control on components such as HDFS, HBase, Hive, and Yarn. In addition, Ranger also provides a web UI for system administrators to perform operations.

Ranger User Type

Ranger users are classified into admin, user, and auditor. Different users have different permissions to view and operate the Ranger management interface.

  • Admin: A security administrator can view all page content, manage permission management plug-ins and access control policies, view audit information, and set user types.

  • Auditor: An audit administrator can view the permission management plug-ins and access control policies.

  • User: A common user who can be assigned with specific permissions by the system administrator.

Logging In to the Ranger Web UI

Security mode (Kerberos authentication is enabled for clusters)

  1. Log in to FusionInsight Manager as user admin. For details, see Accessing FusionInsight Manager (MRS 3.x or Later). Choose Cluster > Services > Ranger. The Ranger service overview page is displayed.

  2. Click RangerAdmin in the Basic Information area. The Ranger web UI is displayed.

    • The admin user in Ranger belongs to the User type and can only view the Access Manager as well as Security Zone pages.

    • To view all management pages, switch to user rangeradmin or other users who have the Ranger administrator permissions.

      1. On the Ranger WebUI, click the user name in the upper right corner and choose Log Out to log out of the Ranger WebUI.

        image1

      2. Log in to the system as user rangeradmin (default password: Rangeradmin@123) or another user who has the Ranger administrator permissions.

Normal mode (Kerberos authentication is disabled for clusters)

  1. Log in to FusionInsight Manager as user admin. For details, see Accessing FusionInsight Manager (MRS 3.x or Later). Choose Cluster > Services > Ranger. The Ranger service overview page is displayed.

  2. Click RangerAdmin in the Basic Information area. The Ranger web UI is displayed.

    The admin user in Ranger belongs to the Admin type and can view all management pages of Ranger without switching to user rangeradmin.

    Note

    When a user logs in to the Ranger WebUI as user rangeradmin in normal mode, error 401 is reported.

On the homepage of Ranger web UI, you can view the permission management plug-ins of the services integrated in Ranger. The plug-ins can be used to set more fine-grained permissions. For details about functions of main operations you can perform on the page, see Table 1.

Table 1 Functions of each operation portal on the Ranger page

Portal

Function

Access Manager

You can view the permission management plug-ins of each service integrated in Ranger. The plug-ins can be used to set more fine-grained permissions. For details, see Configuring Component Permission Policies.

Audit

You can view the audit logs related to Ranger running and permission control. For details, see Viewing Ranger Audit Information.

Security Zone

System administrators can divide resources of each component into multiple security zones where different administrators set security policies for specified resources of services to facilitate management. For details, see Configuring a Security Zone.

Settings

You can view Ranger permission settings, such as users, user groups, and roles. For details, see Viewing Ranger Permission Information.