-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/70257/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj and Ramesh Mani.
Bugs: RANGER-2375
https://issues.apache.org/jira/browse/RANGER-2375
Repository: ranger
Description
-------
RangerAuthContext object may be used to provide consistent view of
authorization policies database across multiple authorization API calls. It
maintains a list of context enrichers, if defined, to provide context
enrichment for access requests. When this list is not maintained correctly,
context for authorization will not be initialized correctly, and authorization
calls made with RangerAuthContext will fail.
This seems to a regression introduced by RANGER-2341.
The fix consists of creating a RangerAuthContext object before a
RangerPolicyEngine is created from policies.
Diffs
-----
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java
b2cccef5c
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java
e52d4de28
Diff: https://reviews.apache.org/r/70257/diff/1/
Testing
-------
Tested with policies containing policy conditions that depended on context of
access-request to be populated correctly. Verified that context is populated
correctly and policies with conditions work as expected.
Thanks,
Abhay Kulkarni
