Re: Review Request 73922: RANGER-3687: Password Policy Best Practices for Strong Security

Thu, 31 Mar 2022 23:04:59 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73922/#review224233
-----------------------------------------------------------



Some mistakes.
And if reuse x_trx_log table, we can avoid upgrade database scehma, 
Compatibility will be better.


security-admin/db/mysql/patches/059-update-x-portal-user-table.sql
Lines 25 (patched)
<https://reviews.apache.org/r/73922/#comment313118>

    replace tab with space?



security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
Lines 421 (patched)
<https://reviews.apache.org/r/73922/#comment313119>

    should be a configuration



security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
Line 1412 (original), 1424 (patched)
<https://reviews.apache.org/r/73922/#comment313120>

    It not works for FIPS.
    FIPS require random salt, so we can not compare oldPassword and 
newPassword, encoded-oldPassword and encoded-newPassword directy,


- Kirby Zhou


On 三月 31, 2022, 1:17 p.m., bhavik patel wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73922/
> -----------------------------------------------------------
> 
> (Updated 三月 31, 2022, 1:17 p.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Kirby Zhou, Abhay 
> Kulkarni, Madhan Neethiraj, Mateen Mansoori, Mehul Parikh, Pradeep Agrawal, 
> Ramesh Mani, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3687
>     https://issues.apache.org/jira/browse/RANGER-3687
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Password history should be configured to restrict users from reusing their 
> last 4 or 5 passwords.
> 
> 
> Diffs
> -----
> 
>   security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 
> 26282f770 
>   security-admin/db/mysql/patches/059-update-x-portal-user-table.sql 
> PRE-CREATION 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5 
>   security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java 
> d0451b4d2 
> 
> 
> Diff: https://reviews.apache.org/r/73922/diff/1/
> 
> 
> Testing
> -------
> 
> 1. Verified the basic functionality of "/passwordchange" api
> 2. Verified "/secure/users" & "/secure/users/{id}" API’s
> 
> 3. Once the basic review/discussion is done will fix the Test-cases
> 
> 
> Thanks,
> 
> bhavik patel
> 
>

Reply via email to