ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "chuanjie.duan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RANGER-1945) Save Service would add dirty user when current user is admin
Date Fri, 05 Jan 2018 06:20:00 GMT

    [ https://issues.apache.org/jira/browse/RANGER-1945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16312539#comment-16312539

chuanjie.duan commented on RANGER-1945:

In my case, I enable kerberos and spengo. Do authentication with keytab, so it would always
save user when I save or update service. As you said, shall we check authentication first(I
mean ugi do login) before "addUser". My version is 0.6.3

> Save Service would add dirty user when current user is admin
> ------------------------------------------------------------
>                 Key: RANGER-1945
>                 URL: https://issues.apache.org/jira/browse/RANGER-1945
>             Project: Ranger
>          Issue Type: Bug
>          Components: admin
>    Affects Versions: 0.6.3
>            Reporter: chuanjie.duan
>         Attachments: RANGER-1945.001.patch
> When user actually is not exist and current user is admin, "save" operation would still
add user in the backend. It would be a dirty data and obscure operation(operator maybe doesn't
know). And I sync user  from ldap, both of them mark external user, it's hard to distinguish.
I suggest don't create user whenever current is admin or not.

This message was sent by Atlassian JIRA

View raw message