[jira] [Updated] (RANGER-2888) Upgrade Spring framework to version 4.3.27.RELEASE

2020-07-01 Thread Pradeep Agrawal (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2888?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-2888:

Attachment: 0001-RANGER-2888-Upgrade-Spring-framework-libraries.patch

> Upgrade Spring framework to version 4.3.27.RELEASE
> --
>
> Key: RANGER-2888
> URL: https://issues.apache.org/jira/browse/RANGER-2888
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 2.1.0
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Minor
> Fix For: 2.1.0
>
> Attachments: 0001-RANGER-2888-Upgrade-Spring-framework-libraries.patch
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2888) Upgrade Spring framework to version 4.3.27.RELEASE

2020-07-01 Thread Pradeep Agrawal (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2888?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-2888:

Attachment: (was: 
0001-RANGER-2888-Upgrade-Spring-framework-to-version-4.3..patch)

> Upgrade Spring framework to version 4.3.27.RELEASE
> --
>
> Key: RANGER-2888
> URL: https://issues.apache.org/jira/browse/RANGER-2888
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 2.1.0
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Minor
> Fix For: 2.1.0
>
> Attachments: 0001-RANGER-2888-Upgrade-Spring-framework-libraries.patch
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 72637: RANGER-2888: Upgrade Spring framework to version 4.3.27.RELEASE

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72637/
---

(Updated July 2, 2020, 5:18 a.m.)


Review request for ranger.


Changes
---

rebased


Bugs: RANGER-2888
https://issues.apache.org/jira/browse/RANGER-2888


Repository: ranger


Description
---

Here I am proposing to Upgrade Spring Security version to 4.3.27


Diffs (updated)
-

  pom.xml 5bfd08df2 


Diff: https://reviews.apache.org/r/72637/diff/2/

Changes: https://reviews.apache.org/r/72637/diff/1-2/


Testing
---

Tested Ranger build, installation, start and login.


Thanks,

Pradeep Agrawal

[jira] [Created] (RANGER-2889) hbase access failed where hbase.security.authorization is true

2020-07-01 Thread Chao Wang (Jira) 
Chao Wang created RANGER-2889:
-

 Summary: hbase access failed where hbase.security.authorization is 
true
 Key: RANGER-2889
 URL: https://issues.apache.org/jira/browse/RANGER-2889
 Project: Ranger
  Issue Type: Bug
  Components: plugins
Affects Versions: 2.0.0
Reporter: Chao Wang


hbase.security.authorization is true in hbase-site-changes.cfg.after 
HBASE-22375, HBase authorization both AccessChecker and AccessController. if 
hbase.security.authorization is true, hbase acl will open, so AccessChecker 
will check authorization. but only we want to ranger, hbase acl table is null. 
finally I hope alter hbase.security.authorization to false , because 
RangerAuthorizationCoprocessor do not use this configuration.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 72626: RANGER-2881 : Delegate Admin user having role "user" able to create policy which has non-existing users/groups

2020-07-01 Thread Dineshkumar Yadav 


> On July 1, 2020, 1:27 p.m., Pradeep Agrawal wrote:
> > security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
> > Lines 1537 (patched)
> > 
> >
> > There are already several methods to check admin access in this class, 
> > not sure its good idea to have one more like this. 
> > 
> > If you are going to keep this method then please review existing call 
> > to other check admin methods and see if any of them can be replaced with 
> > this.

This method is for scenario where user is Delegate Admin having role as “user” 
trying create Policy with existing user/group/role.
In case if specified policy has non-existing user/group/role. It will give 
specific response as existing response is common.


- Dineshkumar


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72626/#review221113
---


On July 1, 2020, 7:05 a.m., Dineshkumar Yadav wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72626/
> ---
> 
> (Updated July 1, 2020, 7:05 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Kishor Gollapalliwar, 
> Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger user having role as "user" with delegate admin permission able to 
> create policy which has non-existing users/groups/roles in the specified 
> policy. 
> only admin users should be able to create policy with new users/groups/roles 
> on the fly creation of users/groups/roles.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
> 9ce481c63 
>   security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 
> 4fb21a094 
>   security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java 
> ff8e2ba43 
> 
> 
> Diff: https://reviews.apache.org/r/72626/diff/1/
> 
> 
> Testing
> ---
> 
> Without patch  steps
>   1. Create user with role “user”
>   2. Give him delegate admin role.
>   3. Create policy using curl request where specified policy should 
> include non existing user/group.
>   4. It will be able to create the policy.
> 
> With patch same steps will give error “operation denied user/group specified 
> in policy does not exist in ranger admin.”
> 
> 
> Thanks,
> 
> Dineshkumar Yadav
> 
>

Review Request 72637: Upgrade Spring framework to version 4.3.27.RELEASE

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72637/
---

Review request for ranger.


Bugs: RANGER-2888
https://issues.apache.org/jira/browse/RANGER-2888


Repository: ranger


Description
---

Here I am proposing to Upgrade Spring Security version to 4.3.27


Diffs
-

  pom.xml 5bfd08df2 


Diff: https://reviews.apache.org/r/72637/diff/1/


Testing
---

Tested Ranger build, installation, start and login.


Thanks,

Pradeep Agrawal

[jira] [Updated] (RANGER-2888) Upgrade Spring framework to version 4.3.27.RELEASE

2020-07-01 Thread Pradeep Agrawal (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2888?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-2888:

Attachment: 0001-RANGER-2888-Upgrade-Spring-framework-to-version-4.3..patch

> Upgrade Spring framework to version 4.3.27.RELEASE
> --
>
> Key: RANGER-2888
> URL: https://issues.apache.org/jira/browse/RANGER-2888
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 2.1.0
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Minor
> Fix For: 2.1.0
>
> Attachments: 
> 0001-RANGER-2888-Upgrade-Spring-framework-to-version-4.3..patch
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 72634: RANGER-2868 : RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs

2020-07-01 Thread Dhaval Shah 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72634/
---

(Updated July 1, 2020, 1:43 p.m.)


Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Jayendra 
Parab, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan 
Periasamy.


Bugs: RANGER-2868
https://issues.apache.org/jira/browse/RANGER-2868


Repository: ranger


Description
---

Facing issue for DB operation with Oracle 19 DB. Updated the eclipse link lib 
from version 2.5.2 to 2.7.7


Diffs
-

  pom.xml 5bfd08df2 


Diff: https://reviews.apache.org/r/72634/diff/1/


Testing (updated)
---

Successfully validated the DB operartion for Ranger and Ranger KMS with 
following DB.
1.) Oracle
2.) Mysql
3.) Sql anywhere
4.) PosgresSQL


Thanks,

Dhaval Shah

[jira] [Commented] (RANGER-2856) A policy should be deleted if it has no policyItems

2020-07-01 Thread Pradeep Agrawal (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-2856?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17149442#comment-17149442
 ] 

Pradeep Agrawal commented on RANGER-2856:
-

[~RickyMa] : Upload this patch [https://github.com/apache/ranger/pull/66/files] 
at RR [https://reviews.apache.org/r/72588/]

> A policy should be deleted if it has no policyItems
> ---
>
> Key: RANGER-2856
> URL: https://issues.apache.org/jira/browse/RANGER-2856
> Project: Ranger
>  Issue Type: Bug
>  Components: admin, Ranger
>Affects Versions: master
>Reporter: RickyMa
>Priority: Minor
> Fix For: master
>
> Attachments: RANGER-2856.patch
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> Condition: A policy contains only one policyItem and the policyItem only sets 
> one user and no groups.
> Action: Delete the user in the policyItem using API: 
> '[http://ip:6080/service/xusers/users/\{id}?forceDelete=true'|http://ip:6080/service/xusers/users/id?forceDelete=true%27,]
> Result: The policy still exists, but it has no policyItems. A policy with no 
> policyItems is completely meaningless and it should be deleted.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 72634: RANGER-2868 : RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72634/#review221114
---




pom.xml
Line 115 (original), 115 (patched)


Please ensure testing in MSSQL server


- Pradeep Agrawal


On July 1, 2020, 11:18 a.m., Dhaval Shah wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72634/
> ---
> 
> (Updated July 1, 2020, 11:18 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Jayendra 
> Parab, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2868
> https://issues.apache.org/jira/browse/RANGER-2868
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Facing issue for DB operation with Oracle 19 DB. Updated the eclipse link lib 
> from version 2.5.2 to 2.7.7
> 
> 
> Diffs
> -
> 
>   pom.xml 5bfd08df2 
> 
> 
> Diff: https://reviews.apache.org/r/72634/diff/1/
> 
> 
> Testing
> ---
> 
> Successfully validated the DB operartion for Ranger and Ranger KMS with 
> following DB.
> 1.) Oracle
> 2.) Mysql
> 3.) Sql anywhere
> 4.) Ms Sql
> 5.) PosgresSQL
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

Re: Review Request 72626: RANGER-2881 : Delegate Admin user having role "user" able to create policy which has non-existing users/groups

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72626/#review221113
---




security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
Lines 1537 (patched)


There are already several methods to check admin access in this class, not 
sure its good idea to have one more like this. 

If you are going to keep this method then please review existing call to 
other check admin methods and see if any of them can be replaced with this.



security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
Lines 1543 (patched)


1) Are you missing something here => "Operation" + " denied. LoggedInUser="

2) Also do you want to print user id or user login id ?
3)


- Pradeep Agrawal


On July 1, 2020, 7:05 a.m., Dineshkumar Yadav wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72626/
> ---
> 
> (Updated July 1, 2020, 7:05 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Gautam Borad, Kishor Gollapalliwar, 
> Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger user having role as "user" with delegate admin permission able to 
> create policy which has non-existing users/groups/roles in the specified 
> policy. 
> only admin users should be able to create policy with new users/groups/roles 
> on the fly creation of users/groups/roles.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
> 9ce481c63 
>   security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 
> 4fb21a094 
>   security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java 
> ff8e2ba43 
> 
> 
> Diff: https://reviews.apache.org/r/72626/diff/1/
> 
> 
> Testing
> ---
> 
> Without patch  steps
>   1. Create user with role “user”
>   2. Give him delegate admin role.
>   3. Create policy using curl request where specified policy should 
> include non existing user/group.
>   4. It will be able to create the policy.
> 
> With patch same steps will give error “operation denied user/group specified 
> in policy does not exist in ranger admin.”
> 
> 
> Thanks,
> 
> Dineshkumar Yadav
> 
>

Re: Review Request 72628: RANGER-2885: Add missing PermType Java codes for new versions of Kafka

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72628/#review221112
---


Ship it!




Ship It!

- Pradeep Agrawal


On June 29, 2020, 5:02 p.m., Bill Ricky wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72628/
> ---
> 
> (Updated June 29, 2020, 5:02 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2885
> https://issues.apache.org/jira/browse/RANGER-2885
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> There are codes missing for:
> 
> https://issues.apache.org/jira/browse/RANGER-2117
> 
> https://issues.apache.org/jira/browse/RANGER-2692
> 
> When calling 
> 'http://10.1.0.44:6080/service/public/api/policy?repositoryName=tdw_kafka\=kafka\=false',
>  it will return 'Unknown' value in permMapList.permList field, which is not 
> appropriate.
> 
> 
> Diffs
> -
> 
>   security-admin/src/main/java/org/apache/ranger/common/AppConstants.java 
> e190bbc8b 
>   security-admin/src/main/java/org/apache/ranger/common/ServiceUtil.java 
> 2b1a3fa30 
> 
> 
> Diff: https://reviews.apache.org/r/72628/diff/1/
> 
> 
> Testing
> ---
> 
> 1.Compilation OK
> 2.Already used in production environment
> 
> 
> Thanks,
> 
> Bill Ricky
> 
>

Re: Review Request 72634: RANGER-2868 : RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72634/#review22
---



I raised an issue long back in higher version of eclipselink : 
Please make sure its working with MSSQL:
http://eclipse.1072660.n5.nabble.com/Getting-Exception-EclipseLink-4002-on-EclipseLink-2-6-0-or-higher-while-same-code-working-fine-with-2-td181386.html

- Pradeep Agrawal


On July 1, 2020, 11:18 a.m., Dhaval Shah wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72634/
> ---
> 
> (Updated July 1, 2020, 11:18 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Jayendra 
> Parab, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2868
> https://issues.apache.org/jira/browse/RANGER-2868
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Facing issue for DB operation with Oracle 19 DB. Updated the eclipse link lib 
> from version 2.5.2 to 2.7.7
> 
> 
> Diffs
> -
> 
>   pom.xml 5bfd08df2 
> 
> 
> Diff: https://reviews.apache.org/r/72634/diff/1/
> 
> 
> Testing
> ---
> 
> Successfully validated the DB operartion for Ranger and Ranger KMS with 
> following DB.
> 1.) Oracle
> 2.) Mysql
> 3.) Sql anywhere
> 4.) Ms Sql
> 5.) PosgresSQL
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

Re: Review Request 72633: RANGER-2867 : Update Spring Security framework for Ranger

2020-07-01 Thread Pradeep Agrawal 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72633/#review221109
---


Ship it!




Ship It!

- Pradeep Agrawal


On July 1, 2020, 8:55 a.m., Dhaval Shah wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72633/
> ---
> 
> (Updated July 1, 2020, 8:55 a.m.)
> 
> 
> Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Jayendra 
> Parab, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2867
> https://issues.apache.org/jira/browse/RANGER-2867
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> We need to upgrade springframework security from 4.2.13 to 4.2.16  as part of 
> security improvment.
> 
> 
> Diffs
> -
> 
>   pom.xml 5bfd08df2 
> 
> 
> Diff: https://reviews.apache.org/r/72633/diff/1/
> 
> 
> Testing
> ---
> 
> Successfully performed the sanity test on Ranger.
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

[jira] [Created] (RANGER-2888) Upgrade Spring framework to version 4.3.27.RELEASE

2020-07-01 Thread Pradeep Agrawal (Jira) 
Pradeep Agrawal created RANGER-2888:
---

 Summary: Upgrade Spring framework to version 4.3.27.RELEASE
 Key: RANGER-2888
 URL: https://issues.apache.org/jira/browse/RANGER-2888
 Project: Ranger
  Issue Type: Improvement
  Components: Ranger
Affects Versions: 2.1.0
Reporter: Pradeep Agrawal
Assignee: Pradeep Agrawal
 Fix For: 2.1.0






--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (RANGER-2887) Upgrade Tomcat to 7.0.104

2020-07-01 Thread Mahesh Hanumant Bandal (Jira) 


[ 
https://issues.apache.org/jira/browse/RANGER-2887?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17149411#comment-17149411
 ] 

Mahesh Hanumant Bandal commented on RANGER-2887:


Patch is available at the review board: [https://reviews.apache.org/r/72635/]
 [Apache RR|https://reviews.apache.org/r/72635/]

> Upgrade Tomcat to 7.0.104
> -
>
> Key: RANGER-2887
> URL: https://issues.apache.org/jira/browse/RANGER-2887
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 2.0.0
>Reporter: Mahesh Hanumant Bandal
>Assignee: Mahesh Hanumant Bandal
>Priority: Minor
> Fix For: 2.1.0
>
>
> Upgrade Tomcat version to follow best practices



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2868) RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs

2020-07-01 Thread Dhaval B. SHAH (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dhaval B. SHAH updated RANGER-2868:
---
Attachment: RANGER-2868.patch

> RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs
> ---
>
> Key: RANGER-2868
> URL: https://issues.apache.org/jira/browse/RANGER-2868
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2868.patch
>
>
> Facing below type casting error in catalina.out when Ranger KMs is configure 
> to use Oracle 19.
> {code:java}
> [EL Warning]: 2020-06-17 
> 10:15:57.5--UnitOfWork(629597660)--java.lang.ClassCastException: class 
> java.lang.String cannot be cast to class oracle.sql.CLOB (java.lang.String is 
> in module java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed 
> module of loader 'app')[EL Warning]: 2020-06-17 
> 10:15:57.5--UnitOfWork(629597660)--java.lang.ClassCastException: class 
> java.lang.String cannot be cast to class oracle.sql.CLOB (java.lang.String is 
> in module java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed 
> module of loader 'app')[EL Warning]: 2020-06-17 
> 10:15:57.508--UnitOfWork(629597660)--java.lang.ClassCastException: class 
> java.lang.String cannot be cast to class oracle.sql.CLOB (java.lang.String is 
> in module java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed 
> module of loader 'app')java.lang.ClassCastException: class java.lang.String 
> cannot be cast to class oracle.sql.CLOB (java.lang.String is in module 
> java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed module of 
> loader 'app') at 
> org.eclipse.persistence.platform.database.oracle.Oracle8Platform.writeLOB(Oracle8Platform.java:184)
>  at 
> org.eclipse.persistence.internal.helper.LOBValueWriter.fetchLocatorAndWriteValue(LOBValueWriter.java:92)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.processResultSet(DatabaseAccessor.java:740)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:655)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:558)
>  at 
> org.eclipse.persistence.internal.helper.LOBValueWriter.buildAndExecuteCall(LOBValueWriter.java:77)
>  at 
> org.eclipse.persistence.internal.helper.LOBValueWriter.buildAndExecuteSelectCalls(LOBValueWriter.java:188)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.flushSelectCalls(DatabaseAccessor.java:168)
>  at 
> org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.insertObject(DatasourceCallQueryMechanism.java:402)
>  at 
> org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:165)
>  at 
> org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:180)
>  at 
> org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.insertObjectForWrite(DatabaseQueryMechanism.java:489)
>  at 
> org.eclipse.persistence.queries.InsertObjectQuery.executeCommit(InsertObjectQuery.java:80)
>  at 
> org.eclipse.persistence.queries.InsertObjectQuery.executeCommitWithChangeSet(InsertObjectQuery.java:90)
>  at 
> org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.executeWriteWithChangeSet(DatabaseQueryMechanism.java:301)
>  at 
> org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery(WriteObjectQuery.java:58)
>  at 
> org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.java:899) 
> at 
> org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(DatabaseQuery.java:798)
>  at 
> org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:108)
>  at 
> org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWork(ObjectLevelModifyQuery.java:85)
>  at 
> org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExecuteQuery(UnitOfWorkImpl.java:2896)
>  at 
> org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1804)
>  at 
> org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1786)
>  at 
> org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1737)
>  at 
> org.eclipse.persistence.internal.sessions.CommitManager.commitNewObjectsForClassWithChangeSet(CommitManager.java:226)
>  at 
> org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsWithChangeSet(CommitManager.java:125)
>  at 
>

Review Request 72634: RANGER-2868 : RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs

2020-07-01 Thread Dhaval Shah 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72634/
---

Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Jayendra 
Parab, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan 
Periasamy.


Bugs: RANGER-2868
https://issues.apache.org/jira/browse/RANGER-2868


Repository: ranger


Description
---

Facing issue for DB operation with Oracle 19 DB. Updated the eclipse link lib 
from version 2.5.2 to 2.7.7


Diffs
-

  pom.xml 5bfd08df2 


Diff: https://reviews.apache.org/r/72634/diff/1/


Testing
---

Successfully validated the DB operartion for Ranger and Ranger KMS with 
following DB.
1.) Oracle
2.) Mysql
3.) Sql anywhere
4.) Ms Sql
5.) PosgresSQL


Thanks,

Dhaval Shah

[jira] [Updated] (RANGER-2868) RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs

2020-07-01 Thread Velmurugan Periasamy (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2868:
-
Fix Version/s: (was: 2.1)
   2.1.0

> RangerKMS ERROR: Hadoop KMS could not be started with Oracle19 runs
> ---
>
> Key: RANGER-2868
> URL: https://issues.apache.org/jira/browse/RANGER-2868
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
> Fix For: 2.1.0
>
>
> Facing below type casting error in catalina.out when Ranger KMs is configure 
> to use Oracle 19.
> {code:java}
> [EL Warning]: 2020-06-17 
> 10:15:57.5--UnitOfWork(629597660)--java.lang.ClassCastException: class 
> java.lang.String cannot be cast to class oracle.sql.CLOB (java.lang.String is 
> in module java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed 
> module of loader 'app')[EL Warning]: 2020-06-17 
> 10:15:57.5--UnitOfWork(629597660)--java.lang.ClassCastException: class 
> java.lang.String cannot be cast to class oracle.sql.CLOB (java.lang.String is 
> in module java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed 
> module of loader 'app')[EL Warning]: 2020-06-17 
> 10:15:57.508--UnitOfWork(629597660)--java.lang.ClassCastException: class 
> java.lang.String cannot be cast to class oracle.sql.CLOB (java.lang.String is 
> in module java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed 
> module of loader 'app')java.lang.ClassCastException: class java.lang.String 
> cannot be cast to class oracle.sql.CLOB (java.lang.String is in module 
> java.base of loader 'bootstrap'; oracle.sql.CLOB is in unnamed module of 
> loader 'app') at 
> org.eclipse.persistence.platform.database.oracle.Oracle8Platform.writeLOB(Oracle8Platform.java:184)
>  at 
> org.eclipse.persistence.internal.helper.LOBValueWriter.fetchLocatorAndWriteValue(LOBValueWriter.java:92)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.processResultSet(DatabaseAccessor.java:740)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:655)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:558)
>  at 
> org.eclipse.persistence.internal.helper.LOBValueWriter.buildAndExecuteCall(LOBValueWriter.java:77)
>  at 
> org.eclipse.persistence.internal.helper.LOBValueWriter.buildAndExecuteSelectCalls(LOBValueWriter.java:188)
>  at 
> org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.flushSelectCalls(DatabaseAccessor.java:168)
>  at 
> org.eclipse.persistence.internal.queries.DatasourceCallQueryMechanism.insertObject(DatasourceCallQueryMechanism.java:402)
>  at 
> org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:165)
>  at 
> org.eclipse.persistence.internal.queries.StatementQueryMechanism.insertObject(StatementQueryMechanism.java:180)
>  at 
> org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.insertObjectForWrite(DatabaseQueryMechanism.java:489)
>  at 
> org.eclipse.persistence.queries.InsertObjectQuery.executeCommit(InsertObjectQuery.java:80)
>  at 
> org.eclipse.persistence.queries.InsertObjectQuery.executeCommitWithChangeSet(InsertObjectQuery.java:90)
>  at 
> org.eclipse.persistence.internal.queries.DatabaseQueryMechanism.executeWriteWithChangeSet(DatabaseQueryMechanism.java:301)
>  at 
> org.eclipse.persistence.queries.WriteObjectQuery.executeDatabaseQuery(WriteObjectQuery.java:58)
>  at 
> org.eclipse.persistence.queries.DatabaseQuery.execute(DatabaseQuery.java:899) 
> at 
> org.eclipse.persistence.queries.DatabaseQuery.executeInUnitOfWork(DatabaseQuery.java:798)
>  at 
> org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWorkObjectLevelModifyQuery(ObjectLevelModifyQuery.java:108)
>  at 
> org.eclipse.persistence.queries.ObjectLevelModifyQuery.executeInUnitOfWork(ObjectLevelModifyQuery.java:85)
>  at 
> org.eclipse.persistence.internal.sessions.UnitOfWorkImpl.internalExecuteQuery(UnitOfWorkImpl.java:2896)
>  at 
> org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1804)
>  at 
> org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1786)
>  at 
> org.eclipse.persistence.internal.sessions.AbstractSession.executeQuery(AbstractSession.java:1737)
>  at 
> org.eclipse.persistence.internal.sessions.CommitManager.commitNewObjectsForClassWithChangeSet(CommitManager.java:226)
>  at 
> org.eclipse.persistence.internal.sessions.CommitManager.commitAllObjectsWithChangeSet(CommitManager.java:125)
>  at 
>

[jira] [Updated] (RANGER-2886) Exporting tag policies fails when 'polResource' query parameter is used

2020-07-01 Thread Velmurugan Periasamy (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2886:
-
Fix Version/s: 2.1.0

> Exporting tag policies fails when 'polResource' query parameter is used
> ---
>
> Key: RANGER-2886
> URL: https://issues.apache.org/jira/browse/RANGER-2886
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.1.0
>Reporter: Ramesh Mani
>Assignee: Dineshkumar Yadav
>Priority: Major
> Fix For: 2.1.0
>
>
> Exporting tag policies fails when 'polResource' query parameter is used



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (RANGER-2887) Upgrade Tomcat to 7.0.104

2020-07-01 Thread Mahesh Hanumant Bandal (Jira) 
Mahesh Hanumant Bandal created RANGER-2887:
--

 Summary: Upgrade Tomcat to 7.0.104
 Key: RANGER-2887
 URL: https://issues.apache.org/jira/browse/RANGER-2887
 Project: Ranger
  Issue Type: Improvement
  Components: Ranger
Affects Versions: 2.0.0
Reporter: Mahesh Hanumant Bandal
Assignee: Mahesh Hanumant Bandal
 Fix For: 2.1.0


Upgrade Tomcat version to follow best practices



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2867) Update Spring Security framework for Ranger

2020-07-01 Thread Dhaval B. SHAH (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dhaval B. SHAH updated RANGER-2867:
---
Attachment: RANGER-2867.patch

> Update Spring Security framework for Ranger
> ---
>
> Key: RANGER-2867
> URL: https://issues.apache.org/jira/browse/RANGER-2867
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
> Attachments: RANGER-2867.patch
>
>
> We need to upgrade springframework security from _*4.2.13*_ to *_4.2.16_*  as 
> part of security improvment.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2867) Update Spring Security framework for Ranger

2020-07-01 Thread Dhaval B. SHAH (Jira) 


 [ 
https://issues.apache.org/jira/browse/RANGER-2867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dhaval B. SHAH updated RANGER-2867:
---
Summary: Update Spring Security framework for Ranger  (was: Update Spring 
Security for Ranger)

> Update Spring Security framework for Ranger
> ---
>
> Key: RANGER-2867
> URL: https://issues.apache.org/jira/browse/RANGER-2867
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
>
> We need to upgrade springframework security from _*4.2.13*_ to *_4.2.16_*  as 
> part of security improvment.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Review Request 72633: RANGER-2867 : Update Spring Security framework for Ranger

2020-07-01 Thread Dhaval Shah 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72633/
---

Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Jayendra 
Parab, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and Velmurugan 
Periasamy.


Bugs: RANGER-2867
https://issues.apache.org/jira/browse/RANGER-2867


Repository: ranger


Description
---

We need to upgrade springframework security from 4.2.13 to 4.2.16  as part of 
security improvment.


Diffs
-

  pom.xml 5bfd08df2 


Diff: https://reviews.apache.org/r/72633/diff/1/


Testing
---

Successfully performed the sanity test on Ranger.


Thanks,

Dhaval Shah

Re: Review Request 72626: RANGER-2881 : Delegate Admin user having role "user" able to create policy which has non-existing users/groups

2020-07-01 Thread Dineshkumar Yadav 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72626/
---

(Updated July 1, 2020, 7:05 a.m.)


Review request for ranger, Ankita Sinha, Gautam Borad, Kishor Gollapalliwar, 
Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy.


Repository: ranger


Description
---

Ranger user having role as "user" with delegate admin permission able to create 
policy which has non-existing users/groups/roles in the specified policy. 
only admin users should be able to create policy with new users/groups/roles on 
the fly creation of users/groups/roles.


Diffs
-

  security-admin/src/main/java/org/apache/ranger/biz/PolicyRefUpdater.java 
9ce481c63 
  security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 
4fb21a094 
  security-admin/src/main/java/org/apache/ranger/biz/RoleRefUpdater.java 
ff8e2ba43 


Diff: https://reviews.apache.org/r/72626/diff/1/


Testing
---

Without patch  steps
1. Create user with role “user”
2. Give him delegate admin role.
3. Create policy using curl request where specified policy should 
include non existing user/group.
4. It will be able to create the policy.

With patch same steps will give error “operation denied user/group specified in 
policy does not exist in ranger admin.”


Thanks,

Dineshkumar Yadav