Review Request 49021: Handle requests from non-kerberized browser when Ranger is kerberized

Tue, 21 Jun 2016 04:46:55 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49021/
-----------------------------------------------------------

Review request for ranger, Don Bosco Durai, Gautam Borad, Abhay Kulkarni, 
Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-1023
    https://issues.apache.org/jira/browse/RANGER-1023


Repository: ranger


Description
-------

**Problem Statement**
Once Ranger is kerberized, requests to Ranger Admin UI from non-kerberized 
browser hangs on first visit.


Diffs
-----

  
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerCSRFPreventionFilter.java
 69a9d17 
  
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java
 120f098 
  security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml 
a2ed79a 

Diff: https://reviews.apache.org/r/49021/diff/


Testing
-------

1. Admin,keyadmin,user login in non kerberized browser : Gets the Ranger's 
login.jsp if "http://<host>:6080" (Without needing second refresh to get 
login.jsp)
2. Logout in non kerberized browser,takes to the login.jsp page
3. Session timeout in non kerberized brower : lands to login page,works without 
page refresh
4. Checked CURD of services,policies and users through UI in non kerberized 
browser :Works as expected
5. Admin,keyadmin,user login in kerberized browser : works without page refresh
6. Logout in kerberized browser,takes to the login.jsp page (works without need 
for refresh)
7. Session timeout in kerberized brower : land to login page,works without 
refresh
8. Checked CURD of services,policies and users through UI in kerberized browser 
: Works as expected
9. Checked CURD of repos and users through CURLs. Works as expected 
10. Unix usersync checked
11. Checked KNOX-SSO=true >>Works as expected, works without refresh
        i. Checked logout. It remains on same page,just refresh the 
RANGERADMINSESSIONID cookies
        ii.Checked knox sso locallogin [i.e. http://<fqdn>:6080/locallogin] : 
Works as expected, works without refresh
        iii. Checked Admin,user login 
        iv. After logout it takes to the login.jsp page for Locallogin case
        v. Session timeout in knoxsso environment : It remains on same page 
Just refreshes the RENGERSESSIONID cookies
        vi. Checked KNOX-SSO on kerberized and non kerberized browser
 12. Checked ranger HDFS plugin >> Works as expected
        Tested connection,policy download,Plugin connection logs,policy 
enforcement and audit logs


Thanks,

Ankita Sinha

Reply via email to