ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sailaja Polavarapu <spolavar...@hortonworks.com>
Subject Re: Review Request 69319: RANGER-2049: Added support for doAs for Ranger REST APIs with Kerberized mode
Date Thu, 15 Nov 2018 23:59:54 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69319/
-----------------------------------------------------------

(Updated Nov. 15, 2018, 11:59 p.m.)


Review request for ranger.


Changes
-------

Fixed an issue where doAs User role is not set properly


Bugs: RANGER-2049
    https://issues.apache.org/jira/browse/RANGER-2049


Repository: ranger


Description
-------

Introduced new configuration to enable trusted proxy for ranger. Added support for ranger
admin to handle doAs in the request parameter and trusted proxy configuration is enabled for
kerberized mode. Used hadoop library to validate proxy user configuraiton and autorize accordingly.


Diffs (updated)
-----

  security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
178f31e2e 


Diff: https://reviews.apache.org/r/69319/diff/3/

Changes: https://reviews.apache.org/r/69319/diff/2-3/


Testing
-------

1. Patched 2.0 cluster with the ranger admin changes and tested functionality with trusted
proxy configuration enabled.
2. Also ran some basic regression tests with trusted proxy disabled.


Thanks,

Sailaja Polavarapu


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message