RANGER-5266: [Generated by Gemini AI]: (security-admin) REST endpoints to reload log configuration / set log level while service is running

[fateh288]

What changes were proposed in this pull request?

New REST endpoint to reload logging configuration to avoid restart of service while changing logging level to DEBUG.
Any new logging config as per requirement can be added to logback.xml which is be loaded when REST endpoint is hit and won't require service restart. Alternatively logLevel can be set for a specific package/class via the REST endpoint directly

How was this patch tested?

Manual testing in the docker setup.

1. Changed log level in /opt/ranger/admin/ews/webapp/WEB-INF/classes/conf/logback.xml to debug
2. Run curl command curl -u admin:rangerR0cks! -X POST http://localhost:6080/service/loggers/reload
   Run the curl command curl -X POST \ -H "Content-Type: application/json" \ -u "admin:rangerR0cks\!" \ -d '{"loggerName": "org.apache.ranger", "logLevel": "DEBUG"}' \ "http://localhost:6080/service/loggers/set-level"
   Log level for logger 'org.apache.ranger' has been set to 'DEBUG'

Python client testing script

from apache_ranger.client.ranger_client import RangerClient

def test_ranger_client():
    try:
        print("=== Testing Python Ranger Client ===")

        # Create client
        client = RangerClient("http://localhost:6080", ("admin", "rangerR0cks!"))

        # Test reload log configuration
        print("Testing reload log configuration...")
        result1 = client.reload_log_configuration()
        print(f"Reload result: {result1}")

        # Test set log level
        print("Testing set log level...")
        result2 = client.set_log_level("org.apache.ranger", "DEBUG")
        print(f"Set level result: {result2}")

        print("All tests passed!")

    except Exception as e:
        print(f"Test failed: {e}")
        import traceback
        traceback.print_exc()

if __name__ == "__main__":
    test_ranger_client()

3. See ranger admin log file which now contains DEBUG logs /var/log/ranger/ranger-admin-ranger.example.com-.log without docker container / ranger admin restart

Attaching screenshot

[rameeshm]

Does this endpoint need authentication and should be allowed only for ranger admin user?
https://github.com/apache/ranger/blob/master/security-admin/src/main/resources/conf.dist/security-applicationContext.xml

[Copilot]

Pull Request Overview

This PR adds a new REST endpoint /service/loggers/reload to dynamically reload logging configuration without requiring a service restart. This is particularly useful for changing log levels to DEBUG for troubleshooting purposes.

• Implements a new REST endpoint that can reload both Log4j2 and Logback configurations
• Uses reflection to detect and work with different SLF4J logging implementations
• Provides runtime log configuration reloading capability for Apache Ranger admin service

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.

File	Description
LogLevelREST.java	New REST controller providing the /loggers/reload endpoint
RangerLogLevelService.java	Service class that handles the actual log configuration reloading using reflection

[Copilot]

The comment mentions 'log4j2 properties file' but the implementation supports both Log4j2 and Logback configurations. The comment should be updated to reflect that it reloads logging configuration from the appropriate configuration file (logback.xml or log4j2 configuration).

Suggested change

	* log4j2 properties file on the classpath.
	* appropriate configuration file (e.g., logback.xml or a Log4j2 configuration file)
	* on the classpath.

[Copilot]

The newInstance() method is deprecated since Java 9. Consider using joranConfiguratorClass.getDeclaredConstructor().newInstance() instead for better compatibility with newer Java versions.

[Copilot]

The hardcoded configuration file paths 'logback.xml' and 'logback-test.xml' should be extracted as constants to improve maintainability and make them configurable if needed.

Suggested change

	java.net.URL configUrl = this.getClass().getClassLoader().getResource("logback.xml");
	if (configUrl == null) {
	configUrl = this.getClass().getClassLoader().getResource("logback-test.xml");
	java.net.URL configUrl = this.getClass().getClassLoader().getResource(LOGBACK_XML);
	if (configUrl == null) {
	configUrl = this.getClass().getClassLoader().getResource(LOGBACK_TEST_XML);

[Copilot]

The hardcoded SLF4J binding class name prefixes should be extracted as constants to improve maintainability and reduce the risk of typos.

Suggested change

	if (loggerFactoryClassName.startsWith("org.apache.logging.slf4j")) {
	reloadLog4j2Configuration();
	} else if (loggerFactoryClassName.startsWith("ch.qos.logback.classic")) {
	if (loggerFactoryClassName.startsWith(SLF4J_LOG4J2_PREFIX)) {
	reloadLog4j2Configuration();
	} else if (loggerFactoryClassName.startsWith(SLF4J_LOGBACK_PREFIX)) {

[Copilot]

Consider validating the configuration file path and ensuring it points to an expected location to prevent potential security issues from loading arbitrary configuration files.