-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73559/
-----------------------------------------------------------
(Updated Sept. 17, 2021, 11:38 a.m.)
Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan,
Jayendra Parab, Kishor Gollapalliwar, Madhan Neethiraj, Mahesh Bandal, Mehul
Parikh, Pradeep Agrawal, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-3388
https://issues.apache.org/jira/browse/RANGER-3388
Repository: ranger
Description
-------
*Background*
Ranger users who log in via one of the supported authentication flavors stay
logged in until they choose to log out.
This is a security hole in the scenario where the user has logged in and has
left their desk. The inactivity does not result in early log out.
This implementation addresses that problem.
*Scenarios*
* Login to single session.
* Login to multiple tabs.
* Login to multiple services each having its own inactivity detection and
logout implementation.
Diffs
-----
security-admin/src/main/webapp/scripts/controllers/Controller.js 6b7bad980
security-admin/src/main/webapp/scripts/controllers/NController.js 749295667
security-admin/src/main/webapp/scripts/modules/globalize/message/en.js
d30ed4df3
security-admin/src/main/webapp/scripts/utils/XAUtils.js 42668768d
security-admin/src/main/webapp/scripts/views/common/ProfileBar.js 9dbfa9caf
Diff: https://reviews.apache.org/r/73559/diff/1/
Testing (updated)
-------
Tested following scenario
=========================
* Check for fresh install default session timeout is set to 900sec(15min).
* Check when session timeout is set to 60sec we get session timeout popup.
* Check we remain login when we click on stay logged it button from session
timeout popup.
* Check we get logout when we click on logout button from session timeout popup.
* Check when session timeout is set to 60sec when export popup is open.
* Check when session timeout is set to 60sec when audit popup is open.
* Check we wont get session timeout when playing with tabs.
* Check when session timeout is set to 30sec.
* Check from Ranger the value of session is getting converted to sec no matter
what CM keeps.
Check session timeout works for Knox SSO
========================================
* Check we remain login when we click on stay logged it button from session
timeout popup through Knox SSO.
* Check we get logout when we click on logout button from session timeout popup
through Knox SSO.
Check session timeout works for Knox proxy
==========================================
* Check we remain login when we click on stay logged it button from session
timeout popup through knox proxy.
* Check we get logout when we click on logout button from session timeout popup
through knox proxy.
Check session timeout through knox trusted proxy
================================================
* Check we remain login when we click on stay logged it button from session
timeout popup through knox trusted proxy.
* Check we get logout when we click on logout button from session timeout popup
through knox trusted proxy.
Upgrade
=======
* When cluster is upgraded the ranger.service.inactivity.timeout should be -1.
* When the ranger.service.inactivity.timeout is set to 1min it should work.
Thanks,
Nitin Galave
