ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From spolavar...@apache.org
Subject [2/2] ranger git commit: RANGER-2049: Fixed an issue where doAs User role is not set properly
Date Wed, 05 Dec 2018 00:39:01 GMT
RANGER-2049: Fixed an issue where doAs User role is not set properly


Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/ad9ae765
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/ad9ae765
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/ad9ae765

Branch: refs/heads/ranger-0.7
Commit: ad9ae7656b79f54a5cb1d9918d859508a175e170
Parents: 39df85e
Author: Sailaja Polavarapu <spolavarapu@hortonworks.com>
Authored: Fri Nov 16 13:39:30 2018 -0800
Committer: Sailaja Polavarapu <spolavarapu@hortonworks.com>
Committed: Tue Dec 4 16:36:46 2018 -0800

----------------------------------------------------------------------
 .../web/filter/RangerKRBAuthenticationFilter.java         | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ranger/blob/ad9ae765/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
index 519071e..02020f2 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
@@ -270,16 +270,16 @@ public class RangerKRBAuthenticationFilter extends RangerKrbFilter {
 							final List<GrantedAuthority> grantedAuths = new ArrayList<>();
 							grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
 							final UserDetails principal = new User(doAsUser, "", grantedAuths);
-							final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal,
"", grantedAuths);
+							Authentication authentication = new UsernamePasswordAuthenticationToken(principal,
"", grantedAuths);
 							WebAuthenticationDetails webDetails = new WebAuthenticationDetails(request);
-							((AbstractAuthenticationToken) finalAuthentication).setDetails(webDetails);
-							SecurityContextHolder.getContext().setAuthentication(finalAuthentication);
+							((AbstractAuthenticationToken) authentication).setDetails(webDetails);
+							authentication = getGrantedAuthority(authentication);
+							SecurityContextHolder.getContext().setAuthentication(authentication);
 							request.setAttribute("spnegoEnabled", true);
+							LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser="
+ authToken.getUserName());
 						}
 
 					}
-					LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser="
+ authToken.getUserName());
-
 
 				}else {
 					//if we get the userName from the token then log into ranger using the same user


Mime
View raw message