-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/48199/
-----------------------------------------------------------
Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni,
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and
Velmurugan Periasamy.
Bugs: RANGER-1013
https://issues.apache.org/jira/browse/RANGER-1013
Repository: ranger
Description
-------
Move ranger.rest-csrf.enabled, ranger.rest-csrf.custom-header,
ranger.rest-csrf.methods-to-ignore and
ranger.rest-csrf.browser-useragents-regex properties from ranger-admin-site.xml
to ranger-admin-default-site.xml as they are not expose to Ambari UI or while
installation
Diffs
-----
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 461feb0
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerCSRFPreventionFilter.java
42b4ad4
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml
90ef9f3
security-admin/src/main/resources/conf.dist/ranger-admin-site.xml ce543ac
Diff: https://reviews.apache.org/r/48199/diff/
Testing
-------
1. Tested Ranger Admin for CSRF by deleting all the CSRF properties from
properties file
2. Tested with CSRF enable and disable
Thanks,
Ankita Sinha
