From dev-return-17580-archive-asf-public=cust-asf.ponee.io@ranger.apache.org Wed Apr 4 07:27:14 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 134A318064F for ; Wed, 4 Apr 2018 07:27:13 +0200 (CEST) Received: (qmail 22510 invoked by uid 500); 4 Apr 2018 05:27:13 -0000 Mailing-List: contact dev-help@ranger.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.apache.org Delivered-To: mailing list dev@ranger.apache.org Received: (qmail 22494 invoked by uid 99); 4 Apr 2018 05:27:12 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2018 05:27:12 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id E085018000B; Wed, 4 Apr 2018 05:27:11 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.139 X-Spam-Level: * X-Spam-Status: No, score=1.139 tagged_above=-999 required=6.31 tests=[HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=2, KAM_LAZY_DOMAIN_SECURITY=1, KAM_MANYTO=0.2, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id ZMDY5K7iZWi1; Wed, 4 Apr 2018 05:27:08 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 3C8FC5F1B9; Wed, 4 Apr 2018 05:27:08 +0000 (UTC) Received: from reviews.apache.org (unknown [10.41.0.12]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id C5E68E00CA; Wed, 4 Apr 2018 05:27:07 +0000 (UTC) Received: from reviews-vm2.apache.org (localhost [IPv6:::1]) by reviews.apache.org (ASF Mail Server at reviews-vm2.apache.org) with ESMTP id 5A08BC40575; Wed, 4 Apr 2018 05:27:07 +0000 (UTC) Content-Type: multipart/alternative; boundary="===============1462847851940347594==" MIME-Version: 1.0 Subject: Re: Review Request 66413: RANGER-2055: STARTTLS support for ranger admin authentication From: Qiang Zhang To: Gautam Borad , Abhay Kulkarni , Ramesh Mani , Velmurugan Periasamy , Pradeep Agrawal , Sailaja Polavarapu , Selvamohan Neethiraj , Ankita Sinha , Madhan Neethiraj Cc: Qiang Zhang , ranger Date: Wed, 04 Apr 2018 05:27:06 -0000 Message-ID: <20180404052706.21438.92557@reviews-vm2.apache.org> X-ReviewBoard-URL: https://reviews.apache.org/ Auto-Submitted: auto-generated Sender: Qiang Zhang X-ReviewGroup: ranger X-Auto-Response-Suppress: DR, RN, OOF, AutoReply X-ReviewRequest-URL: https://reviews.apache.org/r/66413/ X-Sender: Qiang Zhang X-ReviewBoard-ShipIt: 1 References: <20180403224326.21438.2235@reviews-vm2.apache.org> In-Reply-To: <20180403224326.21438.2235@reviews-vm2.apache.org> X-ReviewBoard-ShipIt-Only: 1 Reply-To: Qiang Zhang X-ReviewRequest-Repository: ranger --===============1462847851940347594== MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66413/#review200420 ----------------------------------------------------------- Ship it! Ship It! - Qiang Zhang On April 3, 2018, 10:43 p.m., Sailaja Polavarapu wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66413/ > ----------------------------------------------------------- > > (Updated April 3, 2018, 10:43 p.m.) > > > Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-2055 > https://issues.apache.org/jira/browse/RANGER-2055 > > > Repository: ranger > > > Description > ------- > > Added support for using STARTTLS for ranger admin authenticaiton. Added new configuration "ranger.ldap.starttls" with default value as false. When enabled, ranger admin initiates STARTTLS req to the configured LDAP/AD server for ranger admin authentication. > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java 7f7f02cc > > > Diff: https://reviews.apache.org/r/66413/diff/1/ > > > Testing > ------- > > 1. Tested ranger admin UI authentication with AD as well as freeIPA servers. > 2. Also ran some regression tests without enabling this feature. > 3. Tested this feature by adding this new property as part of the custom ranger-admin-site section in Ambari. > > > Thanks, > > Sailaja Polavarapu > > --===============1462847851940347594==--