-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69259/
-----------------------------------------------------------
(Updated Nov. 12, 2018, 1:36 p.m.)
Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh,
Nikhil P, Ramesh Mani, and Velmurugan Periasamy.
Changes
-------
Updated review request after testing the backword compatibility flow.
Bugs: RANGER-2279
https://issues.apache.org/jira/browse/RANGER-2279
Repository: ranger
Description
-------
**Problem Statement:** ChangePasswordUtil takes 12-14 seconds to change a
password. Its first invocation takes 25-30 seconds (additional time spent
creating embedded service-defs). During the initial start of Ranger Admin there
are 4 passwords being changed (admin, rangerusersync, rangertagsync, keyadmin),
total time for password change is ~74 seconds. We need to Reduce the time spent
changing passwords during Ranger Admin Install.
**Proposed Solution:** Based on ChangePasswordUtil's logs, most of the time is
spent on setup, and the actual password change is very quick. So it will be
better to change multiple passwords in one request (by sending multiple users
passwords config in a single run of ChangePasswordUtil)
Diffs (updated)
-----
security-admin/scripts/db_setup.py f84c8ca3a
security-admin/scripts/setup.sh 0b10e0fdc
security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
9d3ce593c
Diff: https://reviews.apache.org/r/69259/diff/2/
Changes: https://reviews.apache.org/r/69259/diff/1-2/
Testing
-------
**Steps performed for Ranger-admin(with patch):**
1. Created Build with patch and untar the build.
2. Opened install.properties and provided db configuration in install.properties
3. Called setup.sh
**Expected Behavior:**
1. There should be a single call of change password request and password of all
the default admin's should get changed.
2. After starting the ranger-admin, admin users should able to login from the
new passwords and request with old password should fail.
**Actual Behavior:**
1. From the ranger installation logs it was observed that there was a single
call of change password request and password of all the default admins were
succesfully changed.
2. After starting the ranger-admin, all default admin users were able to login
from the new passwords and request with old password failed.
**Note:**
Single user password changed request code still exist and I have not removed it
as people can use that call flow also if they want to change only one user
password anytime after the ranger installation.
Thanks,
Pradeep Agrawal
