[jira] [Updated] (RANGER-4639) Provide an option to bypass evaluation of chained plugin if the parent plugin has applicable policy

Mon, 08 Jan 2024 12:28:04 -0800 


     [ 
https://issues.apache.org/jira/browse/RANGER-4639?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abhay Kulkarni updated RANGER-4639:
-----------------------------------
    Description: 
When a chained plugin is configured, for every access request processed by the 
parent plugin is also processed by chained plugin. It may be appropriate, in 
some cases, under a configuration option, to bypass the evaluation of chained 
plugin when an applicable policy is found by the parent plugin.

 
This is controlled by a configuration parameter:

ranger.plugin.<base-plugin-type>.bypass.chained.plugin.evaluation.if.access.is.determined

with a default value of false. If it is set to true, then the chanined plugin 
evaluation will be bypassed - if the base-plugin found applicable policy.

  was:When a chained plugin is configured, for every access request processed 
by the parent plugin is also processed by chained plugin. It may be 
appropriate, in some cases, under a configuration option, to bypass the 
evaluation of chained plugin when an applicable policy is found by the parent 
plugin.


> Provide an option to bypass evaluation of chained plugin if the parent plugin 
> has applicable policy
> ---------------------------------------------------------------------------------------------------
>
>                 Key: RANGER-4639
>                 URL: https://issues.apache.org/jira/browse/RANGER-4639
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>            Reporter: Abhay Kulkarni
>            Assignee: Abhay Kulkarni
>            Priority: Major
>
> When a chained plugin is configured, for every access request processed by 
> the parent plugin is also processed by chained plugin. It may be appropriate, 
> in some cases, under a configuration option, to bypass the evaluation of 
> chained plugin when an applicable policy is found by the parent plugin.
>  
> This is controlled by a configuration parameter:
> ranger.plugin.<base-plugin-type>.bypass.chained.plugin.evaluation.if.access.is.determined
> with a default value of false. If it is set to true, then the chanined plugin 
> evaluation will be bypassed - if the base-plugin found applicable policy.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to