Re: Review Request 69740: RANGER-2322 - Use "TLS" in SSLContext.getInstance
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69740/#review212436 --- Can you please add what all testing has been done with this patch. Thanks. - Pradeep Agrawal On Jan. 14, 2019, 11:20 a.m., Colm O hEigeartaigh wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69740/ > --- > > (Updated Jan. 14, 2019, 11:20 a.m.) > > > Review request for ranger. > > > Bugs: RANGER-2322 > https://issues.apache.org/jira/browse/RANGER-2322 > > > Repository: ranger > > > Description > --- > > There are a few instances in the code of SSLContext.getInstance("SSL"). > Instead we should use "TLS". > > > Diffs > - > > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerRESTClient.java > f592ed4e7 > > agents-common/src/main/java/org/apache/ranger/plugin/util/RangerSslHelper.java > 2036661e8 > > ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java > f653b81f3 > > ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java > cb9b51c95 > > > Diff: https://reviews.apache.org/r/69740/diff/1/ > > > Testing > --- > > > Thanks, > > Colm O hEigeartaigh > >
[jira] [Updated] (RANGER-2328) Time-based policies do not work correctly if access time is not set in the authorization request
[ https://issues.apache.org/jira/browse/RANGER-2328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Abhay Kulkarni updated RANGER-2328: --- Affects Version/s: master > Time-based policies do not work correctly if access time is not set in the > authorization request > > > Key: RANGER-2328 > URL: https://issues.apache.org/jira/browse/RANGER-2328 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: master, 1.1.0, 1.2.0 >Reporter: Abhay Kulkarni >Assignee: Abhay Kulkarni >Priority: Major > Fix For: master > > > Access authorization decision depends on the time of the access (which is > retrieved from the authorization request) when evaluating Time-based > policies. If access time is not set in the authorization request, current > time should be used for evaluating access request. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
Re: Review Request 69856: RANGER-2328: Time-based policies do not work correctly if access time is not set in the authorization request
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69856/#review212422 --- Ship it! Ship It! - Ramesh Mani On Jan. 29, 2019, 8:12 p.m., Abhay Kulkarni wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69856/ > --- > > (Updated Jan. 29, 2019, 8:12 p.m.) > > > Review request for ranger, Madhan Neethiraj, Ramesh Mani, and Velmurugan > Periasamy. > > > Bugs: RANGER-2328 > https://issues.apache.org/jira/browse/RANGER-2328 > > > Repository: ranger > > > Description > --- > > Access authorization decision depends on the time of the access (which is > retrieved from the authorization request) when evaluating Time-based > policies. If access time is not set in the authorization request, current > time should be used for evaluating access request. > > > Diffs > - > > > agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptExecutionContext.java > c3ed240ac > > agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java > f8ca67e00 > > > Diff: https://reviews.apache.org/r/69856/diff/1/ > > > Testing > --- > > Tested with local VM > > > Thanks, > > Abhay Kulkarni > >
[jira] [Created] (RANGER-2328) Time-based policies do not work correctly if access time is not set in the authorization request
Abhay Kulkarni created RANGER-2328: -- Summary: Time-based policies do not work correctly if access time is not set in the authorization request Key: RANGER-2328 URL: https://issues.apache.org/jira/browse/RANGER-2328 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 1.2.0, 1.1.0 Reporter: Abhay Kulkarni Assignee: Abhay Kulkarni Fix For: master Access authorization decision depends on the time of the access (which is retrieved from the authorization request) when evaluating Time-based policies. If access time is not set in the authorization request, current time should be used for evaluating access request. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
Review Request 69856: RANGER-2328: Time-based policies do not work correctly if access time is not set in the authorization request
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69856/ --- Review request for ranger, Madhan Neethiraj, Ramesh Mani, and Velmurugan Periasamy. Bugs: RANGER-2328 https://issues.apache.org/jira/browse/RANGER-2328 Repository: ranger Description --- Access authorization decision depends on the time of the access (which is retrieved from the authorization request) when evaluating Time-based policies. If access time is not set in the authorization request, current time should be used for evaluating access request. Diffs - agents-common/src/main/java/org/apache/ranger/plugin/conditionevaluator/RangerScriptExecutionContext.java c3ed240ac agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java f8ca67e00 Diff: https://reviews.apache.org/r/69856/diff/1/ Testing --- Tested with local VM Thanks, Abhay Kulkarni
Re: Review Request 69853: RANGER-2327: Update Ranger db schema to use common sequence name
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69853/#review212414 --- Ship it! Ship It! - Velmurugan Periasamy On Jan. 29, 2019, 1:04 p.m., Pradeep Agrawal wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/69853/ > --- > > (Updated Jan. 29, 2019, 1:04 p.m.) > > > Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, > Nikhil P, Nitin Galave, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and > Velmurugan Periasamy. > > > Bugs: RANGER-2327 > https://issues.apache.org/jira/browse/RANGER-2327 > > > Repository: ranger > > > Description > --- > > Update Security zone table schema should use common sequence name for Oracle > and Postgres. It seems during the code refactoring in the oracle schema > sequnce name was modified(possibly due to identifier length is restricted to > 30 characters in oracle) but not at the postgres schema. we need to mention > the sequence names in the entity classes to avoid sequence name mismatch > issue. > > > Diffs > - > > security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql > f90248a28 > security-admin/db/oracle/patches/037-create-security-zone-schema.sql > 357e73fb2 > security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql > 79357ed5d > security-admin/db/postgres/patches/037-create-security-zone-schema.sql > 6baa7b975 > security-admin/scripts/db_setup.py cab9e59a1 > > security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefGroup.java > 91d90703b > > security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefResource.java > 3d68ba317 > > security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefService.java > 56ec01862 > > security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefUser.java > 3e5736621 > > > Diff: https://reviews.apache.org/r/69853/diff/1/ > > > Testing > --- > > tested the patch with oracle and postgres db flavor. > > > Thanks, > > Pradeep Agrawal > >
Review Request 69853: RANGER-2327: Update Ranger db schema to use common sequence name
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/69853/ --- Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy. Bugs: RANGER-2327 https://issues.apache.org/jira/browse/RANGER-2327 Repository: ranger Description --- Update Security zone table schema should use common sequence name for Oracle and Postgres. It seems during the code refactoring in the oracle schema sequnce name was modified(possibly due to identifier length is restricted to 30 characters in oracle) but not at the postgres schema. we need to mention the sequence names in the entity classes to avoid sequence name mismatch issue. Diffs - security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql f90248a28 security-admin/db/oracle/patches/037-create-security-zone-schema.sql 357e73fb2 security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql 79357ed5d security-admin/db/postgres/patches/037-create-security-zone-schema.sql 6baa7b975 security-admin/scripts/db_setup.py cab9e59a1 security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefGroup.java 91d90703b security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefResource.java 3d68ba317 security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefService.java 56ec01862 security-admin/src/main/java/org/apache/ranger/entity/XXSecurityZoneRefUser.java 3e5736621 Diff: https://reviews.apache.org/r/69853/diff/1/ Testing --- tested the patch with oracle and postgres db flavor. Thanks, Pradeep Agrawal
[jira] [Created] (RANGER-2327) Update Ranger db schema to use common sequence name
Pradeep Agrawal created RANGER-2327: --- Summary: Update Ranger db schema to use common sequence name Key: RANGER-2327 URL: https://issues.apache.org/jira/browse/RANGER-2327 Project: Ranger Issue Type: Bug Components: Ranger Affects Versions: 1.0.1, 2.0.0, 1.1.1, 1.2.1 Reporter: Pradeep Agrawal Assignee: Pradeep Agrawal Fix For: 1.0.1, 2.0.0, 1.1.1, 1.2.1 Update Security zone table schema to use common sequence name for Oracle and Postgres. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (RANGER-2310) Record admin audits in Ranger during Create, Update and Delete operations on Zone
[ https://issues.apache.org/jira/browse/RANGER-2310?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pradeep Agrawal resolved RANGER-2310. - Resolution: Fixed Patch committed with parent Jira patch > Record admin audits in Ranger during Create, Update and Delete operations on > Zone > - > > Key: RANGER-2310 > URL: https://issues.apache.org/jira/browse/RANGER-2310 > Project: Ranger > Issue Type: Sub-task > Components: Ranger >Reporter: Nikhil Purbhe >Assignee: Nikhil Purbhe >Priority: Major > > As we save Admin audits for any operation on Services and Policies. Need to > record Create, Update and Delete Security Zone admin audits. -- This message was sent by Atlassian JIRA (v7.6.3#76005)