----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70709/#review215655 -----------------------------------------------------------
Ship it! Ship It! - Velmurugan Periasamy On May 23, 2019, 9:35 p.m., Sailaja Polavarapu wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70709/ > ----------------------------------------------------------- > > (Updated May 23, 2019, 9:35 p.m.) > > > Review request for ranger. > > > Bugs: RANGER-2443 > https://issues.apache.org/jira/browse/RANGER-2443 > > > Repository: ranger > > > Description > ------- > > Added code to check if trusted proxy is enabled in ranger when the request is > for ranger UI, then verify knox as the proxy user & host and impersonate doAs > user. > > > Diffs > ----- > > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java > 0be0e68b2 > > > Diff: https://reviews.apache.org/r/70709/diff/1/ > > > Testing > ------- > > 1. Tested ranger UI access through knox with Ldap shiro provider and rangerUI > service configured in knox topology. (Without enable ranger SSO) and enable > "Allow trusted proxy" config in ranger. > 2. Verified all the existing unit tests run successfully. > 4. Verified few negative tests with proxy user names configured in ranger for > knox service. > 3. Also tested regression case with "Allow trusted proxy" disabled in ranger. > > > Thanks, > > Sailaja Polavarapu > >
