Re: Review Request 72847: RANGER-2998 : API for Ranger KMS service status

Wed, 16 Sep 2020 11:45:19 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72847/#review221877
-----------------------------------------------------------




kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java
Lines 131 (patched)
<https://reviews.apache.org/r/72847/#comment310947>

    As Ramesh suggested, consider narrowing down unauthenticated URL to only 
specific methods - like /kms/api/status.
    
    Also, instead of handling this in Java code, consider updating 
security-applicationContext.xml to list URLs that can be accessed without 
authentication - like:
      <security:http pattern="/kms/api/status" security="none" />


- Madhan Neethiraj


On Sept. 16, 2020, 6:38 p.m., Dhaval Shah wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72847/
> -----------------------------------------------------------
> 
> (Updated Sept. 16, 2020, 6:38 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Dineshkumar Yadav, Jayendra Parab, 
> Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, Ramesh 
> Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2998
>     https://issues.apache.org/jira/browse/RANGER-2998
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Need to construct the API which can be accessible without user credentials 
> for Ranger KMS service status. So when service Ranger KMS is successfully 
> started there should be status saying "Ranger KMS is up and running" when we 
> hit particular API.
> 
> 
> Diffs
> -----
> 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAuthenticationFilter.java
>  944b3d483 
>   kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSMDCFilter.java 
> da8f71599 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/RangerKMSRestApi.java
>  PRE-CREATION 
> 
> 
> Diff: https://reviews.apache.org/r/72847/diff/2/
> 
> 
> Testing
> -------
> 
> Successfully tested the status API.
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

Reply via email to