----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74054/#review224564 -----------------------------------------------------------
Ship it! Ship It! - Mateen Mansoori On July 13, 2022, 5:41 a.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74054/ > ----------------------------------------------------------- > > (Updated July 13, 2022, 5:41 a.m.) > > > Review request for ranger, bhavik patel, Dhaval Shah, Abhay Kulkarni, Madhan > Neethiraj, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan > Periasamy. > > > Bugs: RANGER-3825 > https://issues.apache.org/jira/browse/RANGER-3825 > > > Repository: ranger > > > Description > ------- > > **Problem Statement:** Ranger internal User is unable to change his password > after upgrading from ranger 2.1 to 2.2 or higher. > The issue is caused by RANGER-2950 commit > https://github.com/apache/ranger/commit/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c > The issue is coming due to change in default algorithm used before the > upgrade and after the upgrade. This could be due to typo mistake while > writing the code for RANGER-2950 and lack of developer test case coverage. > > **Proposed Solution:** Replacing the default algorithm seems resolving the > issue as password storage algorithm is same before and after the upgrade. > > **Workaround for existing environment:** if anyone facing this issue after > the upgrade and can not apply this patch then they can change/reset that user > password through ranger admin user and after that user would be able to > change his password. > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 53fa007aa > > > Diff: https://reviews.apache.org/r/74054/diff/1/ > > > Testing > ------- > > Following tests were performed with this proposed patch: > > 1) installed ranger-admin of older version(2.1) and created used testuser1 > and testuser2. stopped the ranger-admin. > 2) Upgraded ranger-admin with this patch on top of master branch and used the > same db configurations used in step 1. > 3) logged in from testuser1 and tried to change password and it was > succeeded. logout and tried login for testuser1 with updated password which > was succeeded. > 4) logged in from admin user and tried to change password of testuser1 and > testuser2 and it was succeeded. logout and tried login for testuser1 with > updated password which was succeeded. > 5) logged in from admin user and created testuser3 and testuser4 > 6) logged in from testuser3 and tried to change password and it was > succeeded. logout and tried login for testuser3 with updated password which > was succeeded. > 7) logged in from admin user and tried to change password of testuser3 and > testuser4 and it was succeeded. logout and tried login for testuser3 with > updated password which was succeeded. > > > Thanks, > > Pradeep Agrawal > >
