Review Request 49954: Invert authorization logic in RangerSolrAuthorizer

Tue, 12 Jul 2016 08:03:51 -0700 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49954/
-----------------------------------------------------------

Review request for ranger.


Bugs: RANGER-1095
    https://issues.apache.org/jira/browse/RANGER-1095


Repository: ranger


Description
-------

The RangerSolrAuthorizer controls access via a boolean "isDenied" which 
defaults to false. However, there is a try statement which just logs an error. 
This is a potential security risk, as a malformed request could cause (e.g.) a 
NPE which will result in 200 being returned.


Diffs
-----

  
plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
 4376908 

Diff: https://reviews.apache.org/r/49954/diff/


Testing
-------

Tested locally, tests to be submitted separately.


Thanks,

Colm O hEigeartaigh

Reply via email to