----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71636/#review218296 -----------------------------------------------------------
Ship it! Ship It! - Ramesh Mani On Oct. 20, 2019, 2:04 p.m., Abhay Kulkarni wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71636/ > ----------------------------------------------------------- > > (Updated Oct. 20, 2019, 2:04 p.m.) > > > Review request for ranger, Madhan Neethiraj and Ramesh Mani. > > > Bugs: RANGER-2626 > https://issues.apache.org/jira/browse/RANGER-2626 > > > Repository: ranger > > > Description > ------- > > Some of the Ranger REST endpoints (such as those for downloads of > policies/tags/roles) are accessed for all users. However, in secure > environment, unauthenticated access to them should not be allowed. > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java > 58cf790b1 > security-admin/src/main/java/org/apache/ranger/rest/RoleREST.java fa3a31804 > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 852c2c8dc > security-admin/src/main/java/org/apache/ranger/rest/TagREST.java 8b582081a > > > Diff: https://reviews.apache.org/r/71636/diff/4/ > > > Testing > ------- > > Tested with kerberized cluster with curl script to invoke policy download > without acquiring kerberos identity. Ensured that policy download failed. > > > Thanks, > > Abhay Kulkarni > >
