ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gau...@apache.org
Subject incubator-ranger git commit: RANGER-1259 : Improve ChangePassword utility and make it idempotent for default password change request
Date Wed, 21 Dec 2016 13:26:56 GMT
Repository: incubator-ranger
Updated Branches:
  refs/heads/master 0ef1622b9 -> 510697aef


RANGER-1259 : Improve ChangePassword utility and make it idempotent for default password change
request

Signed-off-by: Gautam Borad <gautam@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/510697ae
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/510697ae
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/510697ae

Branch: refs/heads/master
Commit: 510697aef5c782367d918020732b8e307f495909
Parents: 0ef1622
Author: pradeep agrawal <pradeep.agrawal@freestoneinfotech.com>
Authored: Sat Dec 17 15:44:08 2016 +0530
Committer: Gautam Borad <gautam@apache.org>
Committed: Wed Dec 21 18:56:34 2016 +0530

----------------------------------------------------------------------
 security-admin/scripts/db_setup.py              | 60 ++++++++++++--------
 .../java/org/apache/ranger/biz/UserMgr.java     | 22 ++++++-
 .../org/apache/ranger/entity/XXPortalUser.java  |  1 -
 .../patch/cliutil/ChangePasswordUtil.java       | 14 ++++-
 .../handler/RangerAuthenticationProvider.java   |  2 +-
 .../org/apache/ranger/view/VXPortalUser.java    |  1 -
 .../java/org/apache/ranger/view/VXUser.java     |  1 -
 .../java/org/apache/ranger/biz/TestUserMgr.java |  2 +-
 8 files changed, 68 insertions(+), 35 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/scripts/db_setup.py
----------------------------------------------------------------------
diff --git a/security-admin/scripts/db_setup.py b/security-admin/scripts/db_setup.py
index bb51cc7..7cd1ef0 100644
--- a/security-admin/scripts/db_setup.py
+++ b/security-admin/scripts/db_setup.py
@@ -599,12 +599,12 @@ class MysqlConf(BaseDB):
 							path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
 						elif os_name == "WINDOWS":
 							path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
-						get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s
%s %s %s"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
+                                                get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml
-cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
 						if os_name == "LINUX":
-							ret = subprocess.call(shlex.split(get_java_cmd))
+                                                        status = subprocess.call(shlex.split(get_java_cmd))
 						elif os_name == "WINDOWS":
-							ret = subprocess.call(get_java_cmd)
-						if ret == 0:
+                                                        status = subprocess.call(get_java_cmd)
+                                                if status == 0 or status==2:
 							if os_name == "LINUX":
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\"" %(version,client_host)
 								jisql_log(query, db_password)
@@ -613,8 +613,10 @@ class MysqlConf(BaseDB):
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c ;" %(version,client_host)
 								jisql_log(query, db_password)
 								ret = subprocess.call(query)
-							if ret == 0:
+                                                        if ret == 0 and status == 0:
 								log ("[I] Ranger admin default password change request processed successfully..","info")
+                                                        elif ret == 0 and status == 2:
+                                                                log ("[I] Ranger admin default
password change request process skipped!","info")
 							else:
 								if os_name == "LINUX":
 									query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N'
and updated_by='%s';\"" %(version,client_host)
@@ -1276,12 +1278,12 @@ class OracleConf(BaseDB):
 							path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
 						elif os_name == "WINDOWS":
 							path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
-						get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s
%s %s %s"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
+                                                get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml
-cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
 						if os_name == "LINUX":
-							ret = subprocess.call(shlex.split(get_java_cmd))
+                                                        status = subprocess.call(shlex.split(get_java_cmd))
 						elif os_name == "WINDOWS":
-							ret = subprocess.call(get_java_cmd)
-						if ret == 0:
+                                                        status = subprocess.call(get_java_cmd)
+                                                if status == 0 or status==2:
 							if os_name == "LINUX":
 								query = get_cmd + " -c \; -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\"" %(version,client_host)
 								jisql_log(query, db_password)
@@ -1290,8 +1292,10 @@ class OracleConf(BaseDB):
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c ;" %(version,client_host)
 								jisql_log(query, db_password)
 								ret = subprocess.call(query)
-							if ret == 0:
+                                                        if ret == 0 and status == 0:
 								log ("[I] Ranger admin default password change request processed successfully..","info")
+                                                        elif ret == 0 and status == 2:
+                                                                log ("[I] Ranger admin default
password change request process skipped!","info")
 							else:
 								if os_name == "LINUX":
 									query = get_cmd + " -c \; -query \"delete from x_db_version_h where version='%s'
and active='N' and updated_by='%s';\"" %(version,client_host)
@@ -1933,12 +1937,12 @@ class PostgresConf(BaseDB):
 							path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
 						elif os_name == "WINDOWS":
 							path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
-						get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s
%s %s %s"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
+                                                get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml
-cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
 						if os_name == "LINUX":
-							ret = subprocess.call(shlex.split(get_java_cmd))
+                                                        status = subprocess.call(shlex.split(get_java_cmd))
 						elif os_name == "WINDOWS":
-							ret = subprocess.call(get_java_cmd)
-						if ret == 0:
+                                                        status = subprocess.call(get_java_cmd)
+                                                if status == 0 or status==2:
 							if os_name == "LINUX":
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\"" %(version,client_host)
 								jisql_log(query, db_password)
@@ -1947,8 +1951,10 @@ class PostgresConf(BaseDB):
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c ;" %(version,client_host)
 								jisql_log(query, db_password)
 								ret = subprocess.call(query)
-							if ret == 0:
+                                                        if ret == 0 and status == 0:
 								log ("[I] Ranger admin default password change request processed successfully..","info")
+                                                        elif ret == 0 and status == 2:
+                                                                log ("[I] Ranger admin default
password change request process skipped!","info")
 							else:
 								if os_name == "LINUX":
 									query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N'
and updated_by='%s';\"" %(version,client_host)
@@ -2551,12 +2557,12 @@ class SqlServerConf(BaseDB):
 							path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
 						elif os_name == "WINDOWS":
 							path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
-						get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s
%s %s %s"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
+                                                get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml
-cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
 						if os_name == "LINUX":
-							ret = subprocess.call(shlex.split(get_java_cmd))
+                                                        status = subprocess.call(shlex.split(get_java_cmd))
 						elif os_name == "WINDOWS":
-							ret = subprocess.call(get_java_cmd)
-						if ret == 0:
+                                                        status = subprocess.call(get_java_cmd)
+                                                if status == 0 or status==2:
 							if os_name == "LINUX":
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c \;"  %(version,client_host)
 								jisql_log(query, db_password)
@@ -2565,8 +2571,10 @@ class SqlServerConf(BaseDB):
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c ;" %(version,client_host)
 								jisql_log(query, db_password)
 								ret = subprocess.call(query)
-							if ret == 0:
+                                                        if ret == 0 and status == 0:
 								log ("[I] Ranger admin default password change request processed successfully..","info")
+                                                        elif ret == 0 and status == 2:
+                                                                log ("[I] Ranger admin default
password change request process skipped!","info")
 							else:
 								if os_name == "LINUX":
 									query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N'
and updated_by='%s';\" -c \;"  %(version,client_host)
@@ -3182,12 +3190,12 @@ class SqlAnywhereConf(BaseDB):
 							path = os.path.join("%s","WEB-INF","classes","conf:%s","WEB-INF","classes","lib","*:%s","WEB-INF",":%s","META-INF",":%s","WEB-INF","lib","*:%s","WEB-INF","classes",":%s","WEB-INF","classes","META-INF:%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
 						elif os_name == "WINDOWS":
 							path = os.path.join("%s","WEB-INF","classes","conf;%s","WEB-INF","classes","lib","*;%s","WEB-INF",";%s","META-INF",";%s","WEB-INF","lib","*;%s","WEB-INF","classes",";%s","WEB-INF","classes","META-INF;%s"
)%(app_home ,app_home ,app_home, app_home, app_home, app_home ,app_home ,self.SQL_CONNECTOR_JAR)
-						get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml -cp %s org.apache.ranger.patch.cliutil.%s
%s %s %s"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
+                                                get_java_cmd = "%s -Dlogdir=%s -Dlog4j.configuration=db_patch.log4j.xml
-cp %s org.apache.ranger.patch.cliutil.%s %s %s %s -default"%(self.JAVA_BIN,ranger_log,path,className,userName,oldPassword,newPassword)
 						if os_name == "LINUX":
-							ret = subprocess.call(shlex.split(get_java_cmd))
+                                                        status = subprocess.call(shlex.split(get_java_cmd))
 						elif os_name == "WINDOWS":
-							ret = subprocess.call(get_java_cmd)
-						if ret == 0:
+                                                        status = subprocess.call(get_java_cmd)
+                                                if status == 0 or status==2:
 							if os_name == "LINUX":
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c \;"  %(version,client_host)
 								jisql_log(query, db_password)
@@ -3196,8 +3204,10 @@ class SqlAnywhereConf(BaseDB):
 								query = get_cmd + " -query \"update x_db_version_h set active='Y' where version='%s'
and active='N' and updated_by='%s';\" -c ;" %(version,client_host)
 								jisql_log(query, db_password)
 								ret = subprocess.call(query)
-							if ret == 0:
+                                                        if ret == 0 and status == 0:
 								log ("[I] Ranger admin default password change request processed successfully..","info")
+                                                        elif ret == 0 and status == 2:
+                                                                log ("[I] Ranger admin default
password change request process skipped!","info")
 							else:
 								if os_name == "LINUX":
 									query = get_cmd + " -query \"delete from x_db_version_h where version='%s' and active='N'
and updated_by='%s';\" -c \;"  %(version,client_host)

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index 9885090..8f3acd4 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -1205,7 +1205,7 @@ public class UserMgr {
 		return xXPortalUser;
 	}
 	@Transactional(readOnly = false, propagation = Propagation.REQUIRED)
-	public XXPortalUser updatePasswordInSHA256(String userName,String userPassword) {
+        public XXPortalUser updatePasswordInSHA256(String userName,String userPassword,boolean
logAudits) {
 		if (userName == null || userPassword == null
 				|| userName.trim().isEmpty() || userPassword.trim().isEmpty()){
 				return null;
@@ -1216,14 +1216,30 @@ public class UserMgr {
 		if (xXPortalUser == null) {
 			return null;
 		}
-
+                String dbOldPwd =xXPortalUser.getPassword();
 		String encryptedNewPwd = encrypt(xXPortalUser.getLoginId(),userPassword);
 		xXPortalUser.setPassword(encryptedNewPwd);
 		xXPortalUser = daoManager.getXXPortalUser().update(xXPortalUser);
+                if(xXPortalUser!=null && logAudits){
+                        String dbNewPwd=xXPortalUser.getPassword();
+                        if (!dbOldPwd.equals(dbNewPwd)) {
+                                List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
+                                XXTrxLog xTrxLog = new XXTrxLog();
+                                xTrxLog.setAttributeName("Password");
+                                xTrxLog.setPreviousValue(dbOldPwd);
+                                xTrxLog.setNewValue(dbNewPwd);
+                                xTrxLog.setAction("password change");
+                                xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_PASSWORD_CHANGE);
+                                xTrxLog.setObjectId(xXPortalUser.getId());
+                                xTrxLog.setObjectName(xXPortalUser.getLoginId());
+                                trxLogList.add(xTrxLog);
+                                msBizUtil.createTrxLog(trxLogList);
+                        }
+                }
 
 		return xXPortalUser;
 	}
-	
+
 	public void checkAdminAccess() {
 		UserSessionBase sess = ContextUtil.getCurrentUserSession();
 		if (sess != null && sess.isUserAdmin()) {

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java b/security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java
index c9b907f..f7df09e 100644
--- a/security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java
+++ b/security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java
@@ -325,7 +325,6 @@ public class XXPortalUser extends XXDBBase implements java.io.Serializable
{
 		str += "lastName={" + lastName + "} ";
 		str += "publicScreenName={" + publicScreenName + "} ";
 		str += "loginId={" + loginId + "} ";
-		str += "password={***length=" + (password == null? 0 : password.length()) + "***} ";
 		str += "emailAddress={" + emailAddress + "} ";
 		str += "status={" + status + "} ";
 		str += "userSource={" + userSource + "} ";

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
index fd72e97..b0ec57b 100644
--- a/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
@@ -41,16 +41,22 @@ public class ChangePasswordUtil extends BaseLoader {
 	public static String userLoginId;
 	public static String currentPassword;
 	public static String newPassword;
+        public static boolean defaultPwdChangeRequest=false;
 
 	public static void main(String[] args) {
 		logger.info("main()");
 		try {
 			ChangePasswordUtil loader = (ChangePasswordUtil) CLIUtil.getBean(ChangePasswordUtil.class);
 			loader.init();
-			if (args.length == 3) {
+                        if (args.length == 3 || args.length == 4) {
 				userLoginId = args[0];
 				currentPassword = args[1];
 				newPassword = args[2];
+                                if (args.length == 4) {
+                                        if("-default".equalsIgnoreCase(args[3])){
+                                                defaultPwdChangeRequest=true;
+                                        }
+                                }
 				if(StringUtils.isEmpty(userLoginId)){
 					System.out.println("Invalid login ID. Exiting!!!");
 					logger.info("Invalid login ID. Exiting!!!");
@@ -106,8 +112,12 @@ public class ChangePasswordUtil extends BaseLoader {
 			try {
 				currentEncryptedPassword=userMgr.encrypt(userLoginId, currentPassword);
 				if (currentEncryptedPassword.equals(dbPassword)){
-					userMgr.updatePasswordInSHA256(userLoginId,newPassword);
+                                        userMgr.updatePasswordInSHA256(userLoginId,newPassword,true);
 					logger.info("User '"+userLoginId+"' Password updated sucessfully.");
+                                }else if (!currentEncryptedPassword.equals(dbPassword) &&
defaultPwdChangeRequest){
+                                        System.out.println("Skipping default password change
request as provided password doesn't match with existing password.");
+                                        logger.error("Skipping default password change request
as provided password doesn't match with existing password.");
+                                        System.exit(2);
 				}
 				else{
 					System.out.println("Invalid user password");

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
index d5cab44..75c4eb0 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
@@ -165,7 +165,7 @@ public class RangerAuthenticationProvider implements AuthenticationProvider
{
 				}
 				if(authentication!=null && authentication.isAuthenticated()){
 					if("false".equalsIgnoreCase(sha256PasswordUpdateDisable)){
-						userMgr.updatePasswordInSHA256(userName,userPassword);
+                                                userMgr.updatePasswordInSHA256(userName,userPassword,false);
 					}
 					return authentication;
 				}else{

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/main/java/org/apache/ranger/view/VXPortalUser.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXPortalUser.java b/security-admin/src/main/java/org/apache/ranger/view/VXPortalUser.java
index ecdf756..0295649 100644
--- a/security-admin/src/main/java/org/apache/ranger/view/VXPortalUser.java
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXPortalUser.java
@@ -300,7 +300,6 @@ public class VXPortalUser extends VXDataObject implements java.io.Serializable
{
 		String str = "VXPortalUser={";
 		str += super.toString();
 		str += "loginId={" + loginId + "} ";
-		str += "password={***length=" + (password == null? 0 : password.length()) + "***} ";
 		str += "status={" + status + "} ";
 		str += "emailAddress={" + emailAddress + "} ";
 		str += "firstName={" + firstName + "} ";

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/view/VXUser.java b/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
index 85b7b2f..ecfd1ac 100644
--- a/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
+++ b/security-admin/src/main/java/org/apache/ranger/view/VXUser.java
@@ -295,7 +295,6 @@ public class VXUser extends VXDataObject implements java.io.Serializable
{
 		str += "firstName={" + firstName + "} ";
 		str += "lastName={" + lastName + "} ";
 		str += "emailAddress={" + emailAddress + "} ";
-		str += "password={" + password + "} ";
 		str += "description={" + description + "} ";
 		str += "credStoreId={" + credStoreId + "} ";
 		str += "isVisible={" + isVisible + "} ";

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/510697ae/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
index 909ec9e..6083778 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
@@ -1301,7 +1301,7 @@ public class TestUserMgr {
 		Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
 		Mockito.when(userDao.update(user)).thenReturn(user);
 		XXPortalUser dbXXPortalUser = userMgr.updatePasswordInSHA256(userName,
-				userPassword);
+                                userPassword,false);
 		Assert.assertNotNull(dbXXPortalUser);
 	 }
 


Mime
View raw message