----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74580/#review225714 -----------------------------------------------------------
agents-common/src/main/java/org/apache/ranger/plugin/service/RangerDefaultRequestProcessor.java Lines 225 (patched) <https://reviews.apache.org/r/74580/#comment314150> debug log should be Adding instead of replacing - Monika Kachhadiya On Sept. 1, 2023, 8:36 a.m., Madhan Neethiraj wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74580/ > ----------------------------------------------------------- > > (Updated Sept. 1, 2023, 8:36 a.m.) > > > Review request for ranger, Ankita Sinha, Abhay Kulkarni, Mehul Parikh, Monika > Kachhadiya, Pradeep Agrawal, Ramesh Mani, Subhrat Chaudhary, and Velmurugan > Periasamy. > > > Bugs: RANGER-4391 > https://issues.apache.org/jira/browse/RANGER-4391 > > > Repository: ranger > > > Description > ------- > > - when the plugin is configured with use.rangerGroups=true, groups found in > Ranger for the user will be used for authorization > -- when configured with use.only.rangerGroups=true, request.userGroups will > be replaced with groups found in Ranger > -- when configured with use.only.rangerGroups=false, request.userGroups will > be added with groups found in Ranger > - when configured with convert.emailToUser=true, if user name is an email > address, it will be replaced with corresponding username > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java > 78bd4232e > > agents-common/src/main/java/org/apache/ranger/plugin/service/RangerDefaultRequestProcessor.java > fa06ef634 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerUserStoreUtil.java > f66eb1fb0 > > > Diff: https://reviews.apache.org/r/74580/diff/1/ > > > Testing > ------- > > - verified that the plugin uses Ranger groups for authorization when > configurations were set as above > > > Thanks, > > Madhan Neethiraj > >
