Review Request 72656: RANGER-2873: When Trusted Proxy is enabled, Ranger Login Session audits show Knox IP instead of actual Client IP

Sailaja Polavarapu Tue, 07 Jul 2020 16:20:10 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72656/
-----------------------------------------------------------


Review request for ranger, Abhay Kulkarni, Mehul Parikh, Ramesh Mani, and 
Velmurugan Periasamy.


Bugs: RANGER-2873
    https://issues.apache.org/jira/browse/RANGER-2873


Repository: ranger


Description
-------

Added code to set client IP from x-forwarder-for header, if available, when the 
request is trusted proxy enabled.


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java b542a435c 
  
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
 9877e14c3 


Diff: https://reviews.apache.org/r/72656/diff/1/


Testing
-------

1. Patched cluster and verified requests coming from knox with trusted proxy.
2. Also verified non trusted proxy enabled requests for regression


Thanks,

Sailaja Polavarapu

Review Request 72656: RANGER-2873: When Trusted Proxy is enabled, Ranger Login Session audits show Knox IP instead of actual Client IP

Reply via email to