----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/48199/#review136076 -----------------------------------------------------------
Ship it! Ship It! - Velmurugan Periasamy On June 3, 2016, 9:31 a.m., Ankita Sinha wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/48199/ > ----------------------------------------------------------- > > (Updated June 3, 2016, 9:31 a.m.) > > > Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, > Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, and > Velmurugan Periasamy. > > > Bugs: RANGER-1013 > https://issues.apache.org/jira/browse/RANGER-1013 > > > Repository: ranger > > > Description > ------- > > Move ranger.rest-csrf.enabled, ranger.rest-csrf.custom-header, > ranger.rest-csrf.methods-to-ignore and > ranger.rest-csrf.browser-useragents-regex properties from > ranger-admin-site.xml to ranger-admin-default-site.xml as they are not expose > to Ambari UI or while installation > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java > 461feb0 > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerCSRFPreventionFilter.java > 42b4ad4 > security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml > 90ef9f3 > security-admin/src/main/resources/conf.dist/ranger-admin-site.xml ce543ac > > Diff: https://reviews.apache.org/r/48199/diff/ > > > Testing > ------- > > 1. Tested Ranger Admin for CSRF by deleting all the CSRF properties from > properties file > 2. Tested with CSRF enable and disable > > > Thanks, > > Ankita Sinha > >
