Re: Review Request 68770: RANGER-2220 minify JavaScript files during packaging

2018-09-21 Thread Csaba Koncz 


> On Sept. 21, 2018, 12:01 a.m., Velmurugan Periasamy wrote:
> >

Reworked the patch so that it uses nodejs instead of jjs/Nashorn. RequireJS 
optimizer (r.js) does not need to be versioned, instead it is downloaded using 
npm during the build.


> On Sept. 21, 2018, 12:01 a.m., Velmurugan Periasamy wrote:
> > security-admin/scripts-js/minify.build.js
> > Lines 1 (patched)
> > 
> >
> > Can this be used? This will fail rat plugin with unapproved license.

Correct, will add the license.


> On Sept. 21, 2018, 12:01 a.m., Velmurugan Periasamy wrote:
> > security-admin/scripts-js/r.js
> > Lines 1 (patched)
> > 
> >
> > Can this be used? This will fail rat plugin with unapproved license.

This file is similar to the ones in src/main/webapp/lib which are excluded in 
the rat plugin config.
Shall I do the same? (i.e. exclude it just like bootstrap.min.js is excluded 
here: https://github.com/apache/ranger/blob/master/pom.xml#L574)

Another option would be to remove this file from version control and download 
it during runtime using npm.
That implies introducing the frontend maven plugin to donwload node and npm. 
It seems a bit of hassle, but probably it is the right thing to do. 
The benefits would be faster JavaScript minification and not depending on JDK8 
and presence of jjs
(which will be deprecated in Java 11 http://openjdk.java.net/jeps/335)


- Csaba


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68770/#review208826
---


On Sept. 21, 2018, 5:21 p.m., Csaba Koncz wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68770/
> ---
> 
> (Updated Sept. 21, 2018, 5:21 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2220
> https://issues.apache.org/jira/browse/RANGER-2220
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Maven build modified so that the admin UI JavaScript resources are 
> concatenated/compressed using the RequireJS Optimizer.
> During the packaging phase index.html is rewritten so that it loads the 
> compressed JS file instead of the JS source tree.
> 
> 
> Diffs
> -
> 
>   security-admin/.gitignore 5a3a67338 
>   security-admin/package-lock.json PRE-CREATION 
>   security-admin/package.json PRE-CREATION 
>   security-admin/pom.xml 84bbd6650 
>   security-admin/src/main/webapp/index.html 60ef5a75b 
>   security-admin/src/main/webapp/libs/bower/backbone-forms/js/bootstrap.js 
> 276175505 
>   
> security-admin/src/main/webapp/libs/bower/backbone.bootstrap-modal/js/backbone.bootstrap-modal.js
>  6cd05b03d 
>   security-admin/src/main/webapp/minify.build.js PRE-CREATION 
>   security-admin/src/main/webapp/scripts/Init.js 4493f62e0 
>   security-admin/src/main/webapp/scripts/Main.js d518afbf2 
> 
> 
> Diff: https://reviews.apache.org/r/68770/diff/2/
> 
> 
> Testing
> ---
> 
> Performed:
> 
> mvn package -pl security-admin -am
> cd security-admin/
> cd security-admin/target/security-admin-web-2.0.0-SNAPSHOT
> http-server
> # opened http://localhost:8080 and inspected browser network tab and console:
> # network tab lists only 26 requests
> # console contains no packaging related errors (it contains 4 errors due to 
> missing backend service)
> 
> 
> Thanks,
> 
> Csaba Koncz
> 
>

Re: Review Request 68770: RANGER-2220 minify JavaScript files during packaging

2018-09-21 Thread Csaba Koncz 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68770/
---

(Updated Sept. 21, 2018, 5:21 p.m.)


Review request for ranger.


Bugs: RANGER-2220
https://issues.apache.org/jira/browse/RANGER-2220


Repository: ranger


Description
---

Maven build modified so that the admin UI JavaScript resources are 
concatenated/compressed using the RequireJS Optimizer.
During the packaging phase index.html is rewritten so that it loads the 
compressed JS file instead of the JS source tree.


Diffs (updated)
-

  security-admin/.gitignore 5a3a67338 
  security-admin/package-lock.json PRE-CREATION 
  security-admin/package.json PRE-CREATION 
  security-admin/pom.xml 84bbd6650 
  security-admin/src/main/webapp/index.html 60ef5a75b 
  security-admin/src/main/webapp/libs/bower/backbone-forms/js/bootstrap.js 
276175505 
  
security-admin/src/main/webapp/libs/bower/backbone.bootstrap-modal/js/backbone.bootstrap-modal.js
 6cd05b03d 
  security-admin/src/main/webapp/minify.build.js PRE-CREATION 
  security-admin/src/main/webapp/scripts/Init.js 4493f62e0 
  security-admin/src/main/webapp/scripts/Main.js d518afbf2 


Diff: https://reviews.apache.org/r/68770/diff/2/

Changes: https://reviews.apache.org/r/68770/diff/1-2/


Testing
---

Performed:

mvn package -pl security-admin -am
cd security-admin/
cd security-admin/target/security-admin-web-2.0.0-SNAPSHOT
http-server
# opened http://localhost:8080 and inspected browser network tab and console:
# network tab lists only 26 requests
# console contains no packaging related errors (it contains 4 errors due to 
missing backend service)


Thanks,

Csaba Koncz

[jira] [Resolved] (RANGER-2214) Do some code improvement for the error message for KylinClient.java

2018-09-21 Thread Qiang Zhang (JIRA) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2214?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Qiang Zhang resolved RANGER-2214.
-
   Resolution: Fixed
Fix Version/s: master

> Do some code improvement for the error message for KylinClient.java
> ---
>
> Key: RANGER-2214
> URL: https://issues.apache.org/jira/browse/RANGER-2214
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Affects Versions: master
>Reporter: Qiang Zhang
>Assignee: Qiang Zhang
>Priority: Minor
>  Labels: patch
> Fix For: master
>
> Attachments: 
> 0001-RANGER-2214-Do-some-code-improvement-for-the-error-m.patch
>
>
> Now the test connection get an error return, such as 401, the error message 
> always show 'got null response'



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Review Request 68796: KNOX-2231 - Upgrade to Knox 1.1.0

2018-09-21 Thread Colm O hEigeartaigh 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68796/
---

Review request for ranger.


Bugs: KNOX-2231
https://issues.apache.org/jira/browse/KNOX-2231


Repository: ranger


Description
---

Upgrade to Knox 1.1.0


Diffs
-

  pom.xml ebf5d4806 


Diff: https://reviews.apache.org/r/68796/diff/1/


Testing
---

Tested authorization with Knox + also Knox SSO.


Thanks,

Colm O hEigeartaigh

[jira] [Updated] (RANGER-2231) Upgrade to Knox 1.1.0

2018-09-21 Thread Colm O hEigeartaigh (JIRA) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated RANGER-2231:

Attachment: 0001-RANGER-2231-Upgrade-to-Knox-1.1.0.patch

> Upgrade to Knox 1.1.0
> -
>
> Key: RANGER-2231
> URL: https://issues.apache.org/jira/browse/RANGER-2231
> Project: Ranger
>  Issue Type: Task
>  Components: plugins
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 2.0.0
>
> Attachments: 0001-RANGER-2231-Upgrade-to-Knox-1.1.0.patch
>
>
> Upgrade to Knox 1.1.0.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (RANGER-2231) Upgrade to Knox 1.1.0

2018-09-21 Thread Colm O hEigeartaigh (JIRA) 
Colm O hEigeartaigh created RANGER-2231:
---

 Summary: Upgrade to Knox 1.1.0
 Key: RANGER-2231
 URL: https://issues.apache.org/jira/browse/RANGER-2231
 Project: Ranger
  Issue Type: Task
  Components: plugins
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 2.0.0


Upgrade to Knox 1.1.0.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Re: Review Request 68681: RANGER-2213 Tomcat Security Vulnerability Alert. The version of the tomcat for ranger should upgrade to 7.0.90.

2018-09-21 Thread pengjianhua 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/68681/#review208836
---


Ship it!




Ship It!

- pengjianhua


On 九月 11, 2018, 3:07 a.m., Qiang Zhang wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/68681/
> ---
> 
> (Updated 九月 11, 2018, 3:07 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Colm O 
> hEigeartaigh, Gautam Borad, Madhan Neethiraj, Nitin Galave, pengjianhua, 
> Ramesh Mani, Selvamohan Neethiraj, sam  rome, Venkat Ranganathan, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2213
> https://issues.apache.org/jira/browse/RANGER-2213
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> [SECURITY] CVE-2018-1336
> Severity: High 
> Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 
> 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.
> Description: An improper handing of overflow in the UTF-8 decoder with 
> supplementary characters can lead to an infinite loop in the decoder causing 
> a Denial of Service.
> 
> CVE-2018-8014
> Description: The defaults settings for the CORS filter provided in Apache 
> Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 
> 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is 
> expected that users of the CORS filter will have configured it appropriately 
> for their environment rather than using it in the default configuration. 
> Therefore, it is expected that most users will not be impacted by this issue.
> 
> CVE-2018-8034
> Description: The host name verification when using TLS with the WebSocket 
> client was missing. It is now enabled by default. 
> Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 
> 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.
> 
> 
> Diffs
> -
> 
>   pom.xml ae3f4be4c 
> 
> 
> Diff: https://reviews.apache.org/r/68681/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Modify the ssl configuration item in install.properties for the Ranger 
> Admin.
> 
> **SSL config**
> 
> db_ssl_enabled=true
> db_ssl_required=true
> db_ssl_verifyServerCertificate=true
> javax_net_ssl_keyStore=/opt/ranger-1.1.0-admin/ssl/keystore
> javax_net_ssl_keyStorePassword=hdp1234$
> javax_net_ssl_trustStore=/opt/ranger-1.1.0-admin/ssl/truststore
> javax_net_ssl_trustStorePassword=hdp1234$
> ...
> 
> 
> **--- PolicyManager CONFIG **
> 
> 
> policymgr_external_url=https://localhost:6182
> policymgr_http_enabled=false
> policymgr_https_keystore_file=/opt/ranger-1.1.0-admin/ssl/rangertomcatverify.jks
> policymgr_https_keystore_keyalias=rangertomcatverify
> policymgr_https_keystore_password=hdp1234$
> 
> 
> 2. Install the Ranger Admin
> 
> 
> 3. Modify the ssl configuration item in install.properties for the usersync.
> 
> 
> **POLICY_MGR_URL = http://policymanager.xasecure.net:6080**
> 
> 
> POLICY_MGR_URL = https://sslrangerserver:6182
> 
> 
> **SSL Authentication**
> 
> AUTH_SSL_ENABLED=false
> AUTH_SSL_KEYSTORE_FILE=/opt/ranger-1.1.0-admin/ssl/keystore
> AUTH_SSL_KEYSTORE_PASSWORD=hdp1234$
> AUTH_SSL_TRUSTSTORE_FILE=/opt/ranger-1.1.0-admin/ssl/truststore
> AUTH_SSL_TRUSTSTORE_PASSWORD=hdp1234$
> 
> 
> 4. Install the Ranger usersync
> 
> 
> 5. Modified the ssl configuration item in install.properties for the kms.
> 
> 
> **POLICY_MGR_URL = http://policymanager.xasecure.net:6080**
> 
> 
> POLICY_MGR_URL = https://sslrangerserver:6182
> db_ssl_enabled=true
> db_ssl_required=true
> db_ssl_verifyServerCertificate=true
> db_ssl_auth_type=2-way
> javax_net_ssl_keyStore=/opt/ranger-1.1.0-admin/ssl/keystore
> javax_net_ssl_keyStorePassword=hdp1234$
> javax_net_ssl_trustStore=/opt/ranger-1.1.0-admin/ssl/truststore
> javax_net_ssl_trustStorePassword=hdp1234$
> 
> 
> **SSL Client Certificate Information**
> 
> 
> SSL_KEYSTORE_FILE_PATH=/opt/ranger-1.1.0-admin/ssl/rangertomcatverify-keystore.jks
> SSL_KEYSTORE_PASSWORD=myKeyFilePassword
> SSL_TRUSTSTORE_FILE_PATH=/opt/ranger-1.1.0-admin/ssl/rangertomcatverify-truststore.jks
> SSL_TRUSTSTORE_PASSWORD=changeit
> 
> 
> 6. Install the KMS
> 
> 
> 7. Modified the ssl configuration item in install.properties for plugins
> 
> 
> **POLICY_MGR_URL = http://policymanager.xasecure.net:6080**
> 
> 
> POLICY_MGR_URL = https://sslrangerserver:6182
> 
> 
> **SSL Client Certificate Information**
> 
> 
> SSL_KEYSTORE_FILE_PATH=/opt/ranger-1.1.0-admin/ssl/rangertomcatverify-keystore.jks
> SSL_KEYSTORE_PASSWORD=myKeyFilePassword
> SSL_TRUSTSTORE_FILE_PATH=/opt/ranger-1.1.0-admin/ssl/rangertomcatverify-truststore.jks
> SSL_TRUSTSTORE_PASSWORD=changeit
> 
> 
> 8. Install plugins
> 
> 
> Thanks,
> 
> Qiang Zhang
> 
>