Pradeep Agrawal created RANGER-1212:
---------------------------------------
Summary: Support two-way SSL authentication in unsecured(without
kerberos) Ranger HA environment
Key: RANGER-1212
URL: https://issues.apache.org/jira/browse/RANGER-1212
Project: Ranger
Issue Type: Bug
Components: Ranger
Affects Versions: 0.6.0, 0.7.0
Reporter: Pradeep Agrawal
Assignee: Pradeep Agrawal
Support two-way SSL authentication in Ranger HA environment where SSL is
enabled at Ranger end but Ranger is unsecured(Kerberos Authentication is
disabled).
Problem Statement : If SSL is enabled in Ranger HA environment then load
balancer doesn't forward client certificate to Ranger and Authentication fails
due to certificate issue. In SSL environment usually client sends SSL
certificate with request attribute to Ranger for authentication but whenever
such request is sent via load balancer; load balancer could not pass the
received certificate to Ranger and authentication fails.
Note : This is happening only in an unsecured environment as client certificate
is mandatory at Ranger end; while in the secured environment, authentication is
done through Kerberos ticket so client certificate is not required.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
