Re: Review Request 69319: RANGER-2049: Added support for doAs for Ranger REST APIs with Kerberized mode

Sailaja Polavarapu Thu, 15 Nov 2018 16:00:02 -0800

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69319/
-----------------------------------------------------------


(Updated Nov. 15, 2018, 11:59 p.m.)


Review request for ranger.


Changes
-------

Fixed an issue where doAs User role is not set properly


Bugs: RANGER-2049
    https://issues.apache.org/jira/browse/RANGER-2049


Repository: ranger


Description
-------

Introduced new configuration to enable trusted proxy for ranger. Added support 
for ranger admin to handle doAs in the request parameter and trusted proxy 
configuration is enabled for kerberized mode. Used hadoop library to validate 
proxy user configuraiton and autorize accordingly.


Diffs (updated)
-----

  
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
 178f31e2e 


Diff: https://reviews.apache.org/r/69319/diff/3/

Changes: https://reviews.apache.org/r/69319/diff/2-3/


Testing
-------

1. Patched 2.0 cluster with the ranger admin changes and tested functionality 
with trusted proxy configuration enabled.
2. Also ran some basic regression tests with trusted proxy disabled.


Thanks,

Sailaja Polavarapu

Re: Review Request 69319: RANGER-2049: Added support for doAs for Ranger REST APIs with Kerberized mode

Reply via email to