ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From spolavar...@apache.org
Subject ranger git commit: RANGER-2049: Fixed an issue where doAs User role is not set properly
Date Fri, 16 Nov 2018 21:39:53 GMT
Repository: ranger
Updated Branches:
  refs/heads/master a7d29df1f -> ffedb5fc7


RANGER-2049: Fixed an issue where doAs User role is not set properly


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/ffedb5fc
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/ffedb5fc
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/ffedb5fc

Branch: refs/heads/master
Commit: ffedb5fc719754a818a8c77d39e862689482b8eb
Parents: a7d29df
Author: Sailaja Polavarapu <spolavarapu@hortonworks.com>
Authored: Fri Nov 16 13:39:30 2018 -0800
Committer: Sailaja Polavarapu <spolavarapu@hortonworks.com>
Committed: Fri Nov 16 13:39:30 2018 -0800

----------------------------------------------------------------------
 .../web/filter/RangerKRBAuthenticationFilter.java         | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/ffedb5fc/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
index 178f31e..5c825d8 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
@@ -270,16 +270,16 @@ public class RangerKRBAuthenticationFilter extends RangerKrbFilter {
 							final List<GrantedAuthority> grantedAuths = new ArrayList<>();
 							grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
 							final UserDetails principal = new User(doAsUser, "", grantedAuths);
-							final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal,
"", grantedAuths);
+							Authentication authentication = new UsernamePasswordAuthenticationToken(principal,
"", grantedAuths);
 							WebAuthenticationDetails webDetails = new WebAuthenticationDetails(request);
-							((AbstractAuthenticationToken) finalAuthentication).setDetails(webDetails);
-							SecurityContextHolder.getContext().setAuthentication(finalAuthentication);
+							((AbstractAuthenticationToken) authentication).setDetails(webDetails);
+							authentication = getGrantedAuthority(authentication);
+							SecurityContextHolder.getContext().setAuthentication(authentication);
 							request.setAttribute("spnegoEnabled", true);
+							LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser="
+ authToken.getUserName());
 						}
 
 					}
-					LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser="
+ authToken.getUserName());
-
 
 				}else {
 					//if we get the userName from the token then log into ranger using the same user


Mime
View raw message