[
https://issues.apache.org/jira/browse/RANGER-962?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15351831#comment-15351831
]
Madhan Neethiraj commented on RANGER-962:
-----------------------------------------
Ranger Hive plugin updates to use X-Forwarded-For address - committed master:
http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/af564f38
> Ranger plugin should have an option to use X-Forwarded-For address
> ------------------------------------------------------------------
>
> Key: RANGER-962
> URL: https://issues.apache.org/jira/browse/RANGER-962
> Project: Ranger
> Issue Type: Bug
> Components: plugins
> Affects Versions: 0.6.0
> Reporter: Madhan Neethiraj
> Assignee: Abhay Kulkarni
> Fix For: 0.6.0
>
>
> Ranger plugins use the client IP address provided by the component for
> authorization and audit log. In cases where a client accesses data through a
> gateway, like Knox, the components provide Ranger with the IP address of the
> gateway, instead of the original client IP address. Hence, authorization and
> audit logs are performed using the IP address of the gateway - instead of the
> client's IP address.
> Ranger plugins should be updated to be able to use client IP address, when
> available in X-Forwarded-For field of the request. Further X-Forwarded-For
> field should only be used when the request is through a trusted proxy address.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
