date:20211207

[jira] [Updated] (RANGER-3082) User with delegated-admin is unable to create policy

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3082:

Fix Version/s: 3.0.0
   2.2.0

> User with delegated-admin is unable to create policy
> 
>
> Key: RANGER-3082
> URL: https://issues.apache.org/jira/browse/RANGER-3082
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Reporter: Madhan Neethiraj
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
>
> Ranger policy model supports delegated-admin model which enables an 
> administrator to allow non-admin users to setup policies for a subset of 
> resources. For example, following policy would allow users in finance_admin 
> group to setup policies for all tables and columns in database=finance.
> {noformat}
> resource:database=finance; table=*; column=*
> group:   finance_admin
> delegated-admin: true
> {noformat}
> However, when macros like {{\{USER\}}} are used in resource names, users with 
> delegated-admin are unable to setup policies. For example, following policy 
> should allow user {{scott}} to setup policies for tables in a database named 
> {{test_scott}}, but it doesn't.
> {noformat}
> resource:database=test_{USER}; table=*; column=*
> user:{USER}
> delegated-admin: true
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3108) NPE in RangerPolicyRepository.init

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3108?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3108:

Fix Version/s: 3.0.0

> NPE in RangerPolicyRepository.init
> --
>
> Key: RANGER-3108
> URL: https://issues.apache.org/jira/browse/RANGER-3108
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.2.0
>Reporter: Andrew Wong
>Assignee: Ramesh Mani
>Priority: Critical
> Fix For: 3.0.0
>
> Attachments: 
> 0001-RANGER-3108-NPE-in-RangerPolicyRepository.init.patch, 
> ranger_client-test.txt
>
>
> Over the past few days, Kudu's {{RangerClientTestBase.TestLogging}} has 
> failed consistently when trying to access the Ranger plugin with unreleased 
> bits that are aligned with Ranger's {{master}} branch, at least from the 
> stack trace line numbers.
> {code:java}
> 2020-12-03 23:59:46.333 [ERROR - main] (RangerBasePlugin.java:309) 
> setPolicies: policy engine initialization failed!  Leaving current policy 
> engine as-is. Exception : 
> java.lang.NullPointerException: null
>   at 
> org.apache.ranger.plugin.policyengine.RangerPolicyRepository.init(RangerPolicyRepository.java:1075)
>  ~[kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.policyengine.RangerPolicyRepository.(RangerPolicyRepository.java:326)
>  ~[kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.policyengine.RangerPolicyRepository.(RangerPolicyRepository.java:277)
>  ~[kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.policyengine.PolicyEngine.(PolicyEngine.java:195)
>  ~[kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.policyengine.RangerPolicyEngineImpl.(RangerPolicyEngineImpl.java:82)
>  ~[kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.service.RangerBasePlugin.setPolicies(RangerBasePlugin.java:246)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.util.PolicyRefresher.loadPolicy(PolicyRefresher.java:260)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.util.PolicyRefresher.startRefresher(PolicyRefresher.java:142)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.ranger.plugin.service.RangerBasePlugin.init(RangerBasePlugin.java:185)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.kudu.subprocess.ranger.authorization.RangerKuduAuthorizer.init(RangerKuduAuthorizer.java:90)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.kudu.subprocess.ranger.RangerProtocolHandler.(RangerProtocolHandler.java:45)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
>   at 
> org.apache.kudu.subprocess.ranger.RangerSubprocessMain.main(RangerSubprocessMain.java:39)
>  [kudu-subprocess.jar:1.13.0.internal-version-SNAPSHOT]
> {code}
> Poking around the codebase a bit, it seems like the line in question was 
> [added 
> recently|https://github.com/apache/ranger/blame/master/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java#L1075]
>  (6 days ago as of writing this), while the Ranger code Kudu-side hasn't been 
> touched recently at all, leading me to suspect this being a Ranger plugin 
> issue rather than improper use of the plugin on our end.
> The failing Kudu test can be found 
> [here|https://github.com/apache/kudu/blob/master/src/kudu/ranger/ranger_client-test.cc#L405].
>  The gist of the test is that it starts a Ranger server, creates a simple 
> policy, and tries to authorize some requests by sending requests over a named 
> pipe to a Java process that runs a long-lived Ranger plugin (the first of 
> which fails, presumably because of this NPE).



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3271) Ranger Knox Plugin Unable to Write Knox Audits to HDFS

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3271:

Fix Version/s: 2.1.0

> Ranger Knox Plugin Unable to Write  Knox Audits to HDFS
> ---
>
> Key: RANGER-3271
> URL: https://issues.apache.org/jira/browse/RANGER-3271
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.1.0
> Environment: HADOOP : 3.3.0
> KNOX : 1.4.0
> RANGER : 2.1.0
>Reporter: Venkat A
>Priority: Blocker
> Fix For: 2.1.0
>
>
> I see following error when Knox audits being written to HDFS after 
> Ranger-Knox plugin enabled.
>  
>  3322021-05-01 15:33:34,435 INFO destination.HDFSAuditDestination: Returning 
> HDFS Filesystem Config: Configuration: core-default.xml, core-site.xml 
> 3322021-05-01 15:33:34,435 INFO destination.HDFSAuditDestination: Returning 
> HDFS Filesystem Config: Configuration: core-default.xml, core-site.xml 
> 3182021-05-01 15:33:34,439 ERROR provider.BaseAuditHandler: Error writing to 
> log file. 
> 349{color:#FF}*org.apache.hadoop.fs.UnsupportedFileSystemException: No 
> FileSystem for scheme "hdfs"*{color} at 
> org.apache.hadoop.fs.FileSystem.getFileSystemClass(FileSystem.java:3332) at 
> org.apache.hadoop.fs.FileSystem.createFileSystem(FileSystem.java:3352) at 
> org.apache.hadoop.fs.FileSystem.access$200(FileSystem.java:124) at 
> org.apache.hadoop.fs.FileSystem$Cache.getInternal(FileSystem.java:3403) at 
> org.apache.hadoop.fs.FileSystem$Cache.get(FileSystem.java:3371) at 
> org.apache.hadoop.fs.FileSystem.get(FileSystem.java:477) at 
> org.apache.ranger.audit.destination.HDFSAuditDestination.getLogFileStream(HDFSAuditDestination.java:277)
>  at 
> org.apache.ranger.audit.destination.HDFSAuditDestination.access$000(HDFSAuditDestination.java:44)
>  at 
> org.apache.ranger.audit.destination.HDFSAuditDestination$1.run(HDFSAuditDestination.java:157)
>  at 
> org.apache.ranger.audit.destination.HDFSAuditDestination$1.run(HDFSAuditDestination.java:154)
>  at java.security.AccessController.doPrivileged(Native Method) at 
> javax.security.auth.Subject.doAs(Subject.java:422) at 
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1729)
>  at 
> org.apache.ranger.audit.provider.MiscUtil.executePrivilegedAction(MiscUtil.java:529)
>  at 
> org.apache.ranger.audit.destination.HDFSAuditDestination.logJSON(HDFSAuditDestination.java:154)
>  at 
> org.apache.ranger.audit.queue.AuditFileSpool.sendEvent(AuditFileSpool.java:879)
>  at 
> org.apache.ranger.audit.queue.AuditFileSpool.runLogAudit(AuditFileSpool.java:827)
>  at org.apache.ranger.audit.queue.AuditFileSpool.run(AuditFileSpool.java:757) 
> at java.lang.Thread.run(Thread.java:748)2021-05-01 15:33:34,439 INFO 
> destination.HDFSAuditDestination: Flushing HDFS audit. Event Size:1 
> 1802021-05-01 15:33:34,439 ERROR queue.AuditFileSpool: Error sending logs to 
> consumer. provider=knox.async.multi_dest.batch, 
> consumer=knox.async.multi_dest.batch.hdfs 7092021-05-01 15:33:34,440 INFO 
> queue.AuditFileSpool: Destination is down. sleeping for 3 milli seconds. 
> indexQueue=0, queueName=knox.async.multi_dest.batch, 
> consumer=knox.async.multi_dest.batch.hdfs
>  
>  
> Tried lot of options to avoid above error. Not sure if it is a bug or some 
> sort of Compatibility issue.
> Environment : 
> HADOOP : 3.3.0
> KNOX : 1.4.0
> RANGER : 2.1.0
> NOTE: 
> Knox able to write audits if i give local path to store audits instead of 
> HDFS File System.
> Appreciate your help on this.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3276) Remove duplicate code from buildks.java

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3276:

Fix Version/s: 3.0.0

> Remove duplicate code from buildks.java
> ---
>
> Key: RANGER-3276
> URL: https://issues.apache.org/jira/browse/RANGER-3276
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Chia-Ping Tsai
>Priority: Trivial
> Fix For: 3.0.0
>
> Attachments: RANGER-3276.v0.patch, RANGER-3276.v1.patch
>
>
> the duplicate code are shown below.
> 1. 
> https://github.com/apache/ranger/blob/release-ranger-2.1.0/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java#L317
> 2.
> https://github.com/apache/ranger/blob/release-ranger-2.1.0/credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java#L324



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3298) Add coarse URI check for Hive Agent

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3298?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3298:

Fix Version/s: 3.0.0

> Add coarse URI check for Hive Agent
> ---
>
> Key: RANGER-3298
> URL: https://issues.apache.org/jira/browse/RANGER-3298
> Project: Ranger
>  Issue Type: Improvement
>  Components: plugins
>Reporter: Janus Chow
>Priority: Major
> Fix For: 3.0.0
>
>  Time Spent: 40m
>  Remaining Estimate: 0h
>
> In `RangerHiveAuthorizer`, the function of `checkPrivileges` will check the 
> permission for the `HivePrivilegeObject` with 
> `FileUtils.isActionPermittedForFileHierarchy`, and this method will check the 
> permission for all the files under the related directory by default.
> For a large table with thousands of files, this operation will take a long 
> time, leading to breaking the SLA. Besides, in the default implementation of 
> `StorageBasedAuthorizationProvider` in Hive, only the directories will be 
> checked too. 
> This ticket is to add a config for users to do a coarse check for URI 
> permission check. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3287) Implement best practices for logging

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3287:

Fix Version/s: 3.0.0
   2.2.0

> Implement best practices for logging
> 
>
> Key: RANGER-3287
> URL: https://issues.apache.org/jira/browse/RANGER-3287
> Project: Ranger
>  Issue Type: Bug
>  Components: admin
>Affects Versions: 3.0.0, 2.2.0
>Reporter: Vishal Suvagia
>Assignee: Vishal Suvagia
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: RANGER-3287.01.patch, RANGER-3287.patch
>
>
> Implement best practice.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3414) Release Apache Ranger 2.2.0

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3414?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3414:

Fix Version/s: 2.2.0

> Release Apache Ranger 2.2.0
> ---
>
> Key: RANGER-3414
> URL: https://issues.apache.org/jira/browse/RANGER-3414
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Affects Versions: 2.2.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.2.0
>
>
> Release Apache Ranger 2.2.0



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3404) user with no permissions can access and edit deligate admin only policies

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3404?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3404:

Fix Version/s: 3.0.0
   2.2.0

> user with no permissions can access and edit deligate admin only policies
> -
>
> Key: RANGER-3404
> URL: https://issues.apache.org/jira/browse/RANGER-3404
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
>
> From a user this was created by:
> -created new regular user in ranger with no groups or anything.
> -that user can see policies that he shouldn't (only ones with just delegate 
> admin rights).
> -If a policy has a delegate admin, this user can see and edit it, but cannot 
> add more permissions to the policy. Also, user can create a new policy, but 
> it is only with no permissions and for delegating admin to other users - 
> again with no permissions.
> -If policy has anything on top of delegate admin, then the user gets denied 
> properly.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3415) Change pom version from 2.2.0-SNAPSHOT to 2.2.0

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3415:

Fix Version/s: 2.2.0

> Change pom version from 2.2.0-SNAPSHOT to 2.2.0
> ---
>
> Key: RANGER-3415
> URL: https://issues.apache.org/jira/browse/RANGER-3415
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Affects Versions: 2.2.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.2.0
>
> Attachments: 
> 0001-RANGER-3415-Change-pom-version-from-2.2.0-SNAPSHOT-t.patch
>
>
> Change pom version from 2.2.0-SNAPSHOT to 2.2.0



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3417) Publish Apache Ranger release 2.2.0 artifacts

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3417?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3417:

Fix Version/s: 2.2.0

> Publish Apache Ranger release 2.2.0 artifacts
> -
>
> Key: RANGER-3417
> URL: https://issues.apache.org/jira/browse/RANGER-3417
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Affects Versions: 2.2.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.2.0
>
>
> Publish Apache Ranger release 2.2.0 artifacts



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3418) Rotated Ranger admin access logs aren't getting removed

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3418:

Fix Version/s: 3.0.0

> Rotated Ranger admin access logs aren't getting removed
> ---
>
> Key: RANGER-3418
> URL: https://issues.apache.org/jira/browse/RANGER-3418
> Project: Ranger
>  Issue Type: Improvement
>  Components: admin, Ranger
>Affects Versions: 3.0.0, 2.1.1
>Reporter: Vishal Suvagia
>Assignee: Vishal Suvagia
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: RANGER-3418.patch
>
>
> {color:#172b4d}Ranger admin access logs in the configured log directory 
> aren't removed and keeps up utilizing unused space. Need to have access logs 
> configurable to have older logs purged.
> {color}



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Review Request 73748: RANGER-3541 : Fix PMD violation

2021-12-07 Thread bhavik patel


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73748/
---

Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Sailaja 
Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-3514
https://issues.apache.org/jira/browse/RANGER-3514


Repository: ranger


Description
---

There are couple of PMD violation due to recent commit of RANGER-3298


Diffs
-

  
hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
 ad857e424 


Diff: https://reviews.apache.org/r/73748/diff/1/


Testing
---

After updating the changes, able to build the Package.


Thanks,

bhavik patel

[jira] [Updated] (RANGER-3419) compressDeltas method returns two ranger policy entries for policy create+update case when provided lastKnownVersion is previous to create call

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3419?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3419:

Fix Version/s: 3.0.0
   2.2.0

> compressDeltas method returns two ranger policy entries for policy 
> create+update case when provided lastKnownVersion is previous to create call
> ---
>
> Key: RANGER-3419
> URL: https://issues.apache.org/jira/browse/RANGER-3419
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
>
> *Problem Statement:* compressDeltas method returns two ranger policy entries 
> for policy create+update case when provided lastKnownVersion is previous to 
> create policy operation. As per the design it should return only one last 
> updated entry for the policy even if multiple update policy request is made 
> after the create policy request. 
> Steps to reproduce:
> 1) call the policy download api and note the policy lastKnownVersion.
> 2) call create policy api
> 3) call update policy api for the policy created in step 2 above.
> 4) call the policy download api and provide the policy lastKnownVersion noted 
> in step 1 above.
> *Proposed Solution:* At line 3013, we have already added the policy so in 
> case of create+update operation first entry alone can be considered and all 
> next update event can be skipped. 
> since x_policy table stores only latest entry of a policy, during delta 
> calculation for both the change type(create/update) same policy text is 
> fetched, hence received policy snapshot is same and there is no point of 
> having two entries.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3541) Fix PMD violation

2021-12-07 Thread Bhavik Patel (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3541?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bhavik Patel updated RANGER-3541:
-
Attachment: RANGER-3541-Fix-pmd-violation.patch

> Fix PMD violation 
> --
>
> Key: RANGER-3541
> URL: https://issues.apache.org/jira/browse/RANGER-3541
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: RANGER-3541-Fix-pmd-violation.patch
>
>
> There are couple of PMD violation due to recent commit of RANGER-3298



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3421) Key getting logged in RangerMasterKey.java

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3421:

Fix Version/s: 3.0.0

> Key getting logged in RangerMasterKey.java
> --
>
> Key: RANGER-3421
> URL: https://issues.apache.org/jira/browse/RANGER-3421
> Project: Ranger
>  Issue Type: Task
>  Components: kms
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Minor
> Fix For: 3.0.0
>
>
> Key in line RangerMasterKey.java:100 gets logged in the case of an exception, 
> is not a good coding practice.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3452) Other attributes and sync source are not shown when user is converted from internal to external

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3452:

Fix Version/s: 3.0.0

> Other attributes and sync source are not shown when user is converted from 
> internal to external
> ---
>
> Key: RANGER-3452
> URL: https://issues.apache.org/jira/browse/RANGER-3452
> Project: Ranger
>  Issue Type: Bug
>  Components: usersync
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Major
> Fix For: 3.0.0
>
>
> Other attributes and sync source are not shown when user is converted from 
> internal to external user



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3440) Fix Sync Source Updates during Ranger upgrades

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3440:

Fix Version/s: 3.0.0

> Fix Sync Source Updates during Ranger upgrades
> --
>
> Key: RANGER-3440
> URL: https://issues.apache.org/jira/browse/RANGER-3440
> Project: Ranger
>  Issue Type: Bug
>  Components: usersync
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Major
> Fix For: 3.0.0
>
>
> During ranger upgrades, sync source details for users/groups are not updated. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3453) Avoid logging sensitive information in UserMgr.java

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3453:

Fix Version/s: 3.0.0

> Avoid logging sensitive information in UserMgr.java
> ---
>
> Key: RANGER-3453
> URL: https://issues.apache.org/jira/browse/RANGER-3453
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Minor
> Fix For: 3.0.0
>
>
> The changeEmailAddress, updateUser methods in UserMgr class are logging 
> sensitive information as well while printing error.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3455) [Logout-Ranger] Should either be disabled/ should redirect to knox logout page

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3455?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3455:

Fix Version/s: 2.3.0
   2.2.0

> [Logout-Ranger] Should either be disabled/ should redirect to knox logout page
> --
>
> Key: RANGER-3455
> URL: https://issues.apache.org/jira/browse/RANGER-3455
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.2.0, 2.3.0
>
> Attachments: 0001-RANGER-3455.patch, image-2021-09-23-21-30-04-791.png
>
>
> *Steps:*
> 1. Click on Ranger UI from CP 
> 2. Click on logout button from ranger home page. 
> *Observation:*
> For now we see that it lands on below page. But it would be better if we 
> disable logout button /land on knox logout page .
>  !image-2021-09-23-21-30-04-791.png|width=322,height=132!



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3515) Enhance Ranger Java client SSL config to be configured using serviceType and AppId

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3515?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3515:

Fix Version/s: 3.0.0

> Enhance Ranger Java client SSL config to be configured using serviceType and 
> AppId  
> 
>
> Key: RANGER-3515
> URL: https://issues.apache.org/jira/browse/RANGER-3515
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 2.2.0
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Minor
> Fix For: 3.0.0
>
>




--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3514) Fix updates to sync source post upgrades

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3514?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3514:

Fix Version/s: 3.0.0

> Fix updates to sync source post upgrades
> 
>
> Key: RANGER-3514
> URL: https://issues.apache.org/jira/browse/RANGER-3514
> Project: Ranger
>  Issue Type: Bug
>  Components: usersync
>Reporter: Abhishek Kumar
>Assignee: Abhishek Kumar
>Priority: Major
> Fix For: 3.0.0
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> Newly added field sync source needs to be updated with correct values from 
> otherAttributes after an upgrade.  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3522) Improve Tagsync authentication error reporting

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3522?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3522:

Fix Version/s: 3.0.0

> Improve Tagsync authentication error reporting
> --
>
> Key: RANGER-3522
> URL: https://issues.apache.org/jira/browse/RANGER-3522
> Project: Ranger
>  Issue Type: Bug
>  Components: tagsync
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0
>
>
> TagSync is expected to cause system exit if any kerberos authentication error 
> is encountered. There might be situations where it starts without reporting 
> any errors and hence no messages are processed. This needs to be investigated 
> and fixed.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3516) Java patch 'J10045' taking more time during upgrade.

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3516?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3516:

Fix Version/s: 3.0.0

> Java patch 'J10045' taking more time during upgrade.
> 
>
> Key: RANGER-3516
> URL: https://issues.apache.org/jira/browse/RANGER-3516
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Harshal Chavan
>Assignee: Mateen Mansoori
>Priority: Major
> Fix For: 3.0.0
>
>
> J10045 patch is taking more time to apply when we upgrade



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3535) A delegate admin user should be able to add another user with all or subset of permissions they have

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3535?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3535:

Fix Version/s: 3.0.0

> A delegate admin user should be able to add another user with all or subset 
> of permissions they have
> 
>
> Key: RANGER-3535
> URL: https://issues.apache.org/jira/browse/RANGER-3535
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0
>
>
> Steps to reproduce:
>  # Login to Ranger Admin as admin user
>  # Create normal users (steve, peter, erwin, bob) in Ranger Admin
>  # Create new policy p1 with resource /p1 & allowed users steve (read, 
> delegate-admin) & peter (read, delegate-admin)
>  # Create new policy p2 with resource /p2 & allowed users steve (read, write, 
> delegate-admin) & peter (read, delegate-admin)
>  # Create new policy p3 with resource /p3 & allowed users steve (write, 
> delegate-admin) & peter (read, delegate-admin)
>  # Create new policy p4 with resource /p4 & allowed users bob (read, write) & 
> peter (read, delegate-admin)
>  # Log out as admin user, and login again as peter
>  # Try to add user erwin (read) in p1, p2, p3 & p4
>  # delegate admin user peter should be able to add user erwin in all 
> policies, but other than p1 rest all fails.
> Requirement:
>  # Delegate admin user should be able to add other users with permissions 
> less or equal to his/ her.
>  # Delegate admin user should not be able to add other users with permission 
> more than what he/ she possesses. Basically he/ she can give permissions, all 
> or sub-set of permissions he/ she possesses.
>  # Delegate admin user should not be able to add more permissions to his own.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3527) Create Apache Ranger next maintenance release branch 2.3

2021-12-07 Thread Ramesh Mani (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3527?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramesh Mani updated RANGER-3527:

Fix Version/s: 2.3.0

> Create Apache Ranger next maintenance release branch 2.3
> 
>
> Key: RANGER-3527
> URL: https://issues.apache.org/jira/browse/RANGER-3527
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.3.0
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.3.0
>
>
> Create Apache Ranger next maintenance release branch 2.3. This will track all 
> the commits that should go in the maintenance branch for the current stable 
> release 2.2



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3541) Fix PMD violation

2021-12-07 Thread Bhavik Patel (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3541?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bhavik Patel updated RANGER-3541:
-
Description: There are couple of PMD violation due to recent commit of 
RANGER-3298  (was: Fix PMD violation )

> Fix PMD violation 
> --
>
> Key: RANGER-3541
> URL: https://issues.apache.org/jira/browse/RANGER-3541
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 3.0.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Major
> Fix For: 3.0.0
>
>
> There are couple of PMD violation due to recent commit of RANGER-3298



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (RANGER-3541) Fix PMD violation

2021-12-07 Thread Bhavik Patel (Jira)

Bhavik Patel created RANGER-3541:


 Summary: Fix PMD violation 
 Key: RANGER-3541
 URL: https://issues.apache.org/jira/browse/RANGER-3541
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: 3.0.0
Reporter: Bhavik Patel
Assignee: Bhavik Patel
 Fix For: 3.0.0


Fix PMD violation 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-3484) Ranger usersync directory is being created as root owner

2021-12-07 Thread Bhavik Patel (Jira)



[ 
https://issues.apache.org/jira/browse/RANGER-3484?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17454998#comment-17454998
 ] 

Bhavik Patel commented on RANGER-3484:
--

Master branch commit link: 
https://github.com/apache/ranger/commit/0258fcf7ab25473b056fffc103840806c18fdcad

> Ranger usersync directory is being created as root owner
> 
>
> Key: RANGER-3484
> URL: https://issues.apache.org/jira/browse/RANGER-3484
> Project: Ranger
>  Issue Type: Bug
>  Components: usersync
>Affects Versions: 3.0.0, 2.2.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Major
>
> ls -ltr /var/run/pid_dir
> total 8
> -rw-r--r--. 1 zookeeper hadoop  5 Oct 17 22:54 zookeeper-server.pid
> -rw-r--r--. 1 hdfs      hadoop  6 Oct 17 23:04 hadoop-hdfs-journalnode.pid
> drwxr-xr-x. 2 ranger    ranger 60 Oct 17 05:33 ranger-admin
> drwxr-x---. 2 root      root   40 Oct 17 05:33 ranger-usersync



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3484) Ranger usersync directory is being created as root owner

2021-12-07 Thread Bhavik Patel (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3484?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bhavik Patel updated RANGER-3484:
-
Fix Version/s: 3.0.0

> Ranger usersync directory is being created as root owner
> 
>
> Key: RANGER-3484
> URL: https://issues.apache.org/jira/browse/RANGER-3484
> Project: Ranger
>  Issue Type: Bug
>  Components: usersync
>Affects Versions: 3.0.0, 2.2.0
>Reporter: Bhavik Patel
>Assignee: Bhavik Patel
>Priority: Major
> Fix For: 3.0.0
>
>
> ls -ltr /var/run/pid_dir
> total 8
> -rw-r--r--. 1 zookeeper hadoop  5 Oct 17 22:54 zookeeper-server.pid
> -rw-r--r--. 1 hdfs      hadoop  6 Oct 17 23:04 hadoop-hdfs-journalnode.pid
> drwxr-xr-x. 2 ranger    ranger 60 Oct 17 05:33 ranger-admin
> drwxr-x---. 2 root      root   40 Oct 17 05:33 ranger-usersync



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73723: RANGER-3520: Upgrade Netty version

2021-12-07 Thread Mallika Gogoi


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73723/
---

(Updated Dec. 8, 2021, 5:28 a.m.)


Review request for ranger, Dineshkumar Yadav, Kishor Gollapalliwar, Mahesh 
Bandal, Mateen Mansoori, Mehul Parikh, and Vishal Suvagia.


Bugs: RANGER-3520
https://issues.apache.org/jira/browse/RANGER-3520


Repository: ranger


Description
---

For best practices, upgrade netty version used in Ranger to 4.1.70.Final


Diffs
-

  agents-audit/pom.xml 5607242af 
  agents-common/pom.xml c9a0b8932 
  agents-cred/pom.xml b2510da41 
  credentialbuilder/pom.xml fb1da9bbc 
  embeddedwebserver/pom.xml 30f441efe 
  hbase-agent/pom.xml 03396eaa9 
  hdfs-agent/pom.xml bb8e49820 
  hive-agent/pom.xml bfe8d4794 
  intg/pom.xml 4bebad62d 
  knox-agent/pom.xml 23b9070df 
  plugin-kafka/pom.xml 010707d99 
  plugin-kylin/pom.xml f2c93c095 
  plugin-ozone/pom.xml 06bd671cf 
  plugin-solr/pom.xml d1ebf38c4 
  pom.xml 5b90051c3 
  ranger-examples/plugin-sampleapp/pom.xml 0480a6dca 
  ranger-hbase-plugin-shim/pom.xml dceb4ff90 
  ranger-hdfs-plugin-shim/pom.xml 6a036c18c 
  ranger-hive-plugin-shim/pom.xml 7e913d53d 
  ranger-kafka-plugin-shim/pom.xml fd1dc3cde 
  ranger-ozone-plugin-shim/pom.xml 208331576 
  ranger-presto-plugin-shim/pom.xml 4117b0388 
  ranger-solr-plugin-shim/pom.xml 1469b98bf 
  ranger-storm-plugin-shim/pom.xml 3cab3bd2a 
  security-admin/pom.xml 3e7a64f2a 
  storm-agent/pom.xml 31f7888fd 


Diff: https://reviews.apache.org/r/73723/diff/2/


Testing
---

1. mvn clean compile package install verify


Thanks,

Mallika Gogoi

[jira] [Updated] (RANGER-3427) Null Dereference in PublicApis.java

2021-12-07 Thread Mallika Gogoi (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mallika Gogoi updated RANGER-3427:
--
Attachment: RANGER-3427-v3.patch

> Null Dereference in PublicApis.java
> ---
>
> Key: RANGER-3427
> URL: https://issues.apache.org/jira/browse/RANGER-3427
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhishek Kumar
>Assignee: Mallika Gogoi
>Priority: Minor
> Attachments: RANGER-3427-v3.patch
>
>
> Dereferecing null pointer in PublicAPIs.java: line numbers 282,317,368.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-2967) Add support for Amazon CloudWatch Logs as an Audit Store

2021-12-07 Thread Yao (Jira)



[ 
https://issues.apache.org/jira/browse/RANGER-2967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17454948#comment-17454948
 ] 

Yao commented on RANGER-2967:
-

[~pradeep] : Closed RR. Thanks for the review!

> Add support for Amazon CloudWatch Logs as an Audit Store
> 
>
> Key: RANGER-2967
> URL: https://issues.apache.org/jira/browse/RANGER-2967
> Project: Ranger
>  Issue Type: Improvement
>  Components: audit
>Affects Versions: 2.0.0
>Reporter: Yao
>Priority: Minor
>  Labels: newbie, patch-available
> Fix For: 3.0.0
>
> Attachments: 
> 0001-Add-support-for-Amazon-CloudWatch-Logs-as-an-Audit-S.patch, 
> 0001-RANGER-2967-Add-support-for-Amazon-CloudWatch-Logs-a.patch
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> This change is to add CloudWatch Logs to the list of Ranger supported audit 
> stores. With this change, Ranger users will be allowed to configure their 
> plugins to send audit events to Amazon CloudWatch Logs. Further, customers 
> can query the events using Amazon CloudWatch Insights.
> This functionality is built with a newly introduced audit destination 
> 'AmazonCloudWatchAuditDestination'. Ranger users can enable it in the way 
> similar to other types of audit destinations like Solr.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3539) Add jacoco-maven-plugin for code coverage

2021-12-07 Thread Pradeep Agrawal (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-3539:

Description: 
References :
 # [https://www.baeldung.com/jacoco]
 # [https://www.baeldung.com/sonarqube-jacoco-code-coverage]
 # [https://mkyong.com/maven/maven-jacoco-code-coverage-example/]
 # 
[https://medium.com/backend-habit/generate-codecoverage-report-with-jacoco-and-sonarqube-ed15c4045885]

 

> Add jacoco-maven-plugin for code coverage
> -
>
> Key: RANGER-3539
> URL: https://issues.apache.org/jira/browse/RANGER-3539
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Major
> Fix For: 3.0.0
>
>
> References :
>  # [https://www.baeldung.com/jacoco]
>  # [https://www.baeldung.com/sonarqube-jacoco-code-coverage]
>  # [https://mkyong.com/maven/maven-jacoco-code-coverage-example/]
>  # 
> [https://medium.com/backend-habit/generate-codecoverage-report-with-jacoco-and-sonarqube-ed15c4045885]
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (RANGER-3540) Add support to read audit logs from Amazon CloudWatch

2021-12-07 Thread Pradeep Agrawal (Jira)

Pradeep Agrawal created RANGER-3540:
---

 Summary: Add support to read audit logs from Amazon CloudWatch
 Key: RANGER-3540
 URL: https://issues.apache.org/jira/browse/RANGER-3540
 Project: Ranger
  Issue Type: Improvement
  Components: Ranger
Affects Versions: 3.0.0
Reporter: Pradeep Agrawal
Assignee: Pradeep Agrawal
 Fix For: 3.0.0


Add support to read audit logs from Amazon CloudWatch and display the content 
in Ranger UI.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-2358) Upgrade Jackson Databind to 2.9.8

2021-12-07 Thread Pradeep Agrawal (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-2358?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-2358:

Fix Version/s: 3.0.0

> Upgrade Jackson Databind to 2.9.8
> -
>
> Key: RANGER-2358
> URL: https://issues.apache.org/jira/browse/RANGER-2358
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: 2.0.0
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Major
> Fix For: 3.0.0
>
> Attachments: 0001-RANGER-2358-Upgrade-Jackson-Databind-to-2.9.8.patch
>
>
> Upgrade Jackson Databind from 2.7.8 to 2.9.8



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (RANGER-3539) Add jacoco-maven-plugin for code coverage

2021-12-07 Thread Pradeep Agrawal (Jira)

Pradeep Agrawal created RANGER-3539:
---

 Summary: Add jacoco-maven-plugin for code coverage
 Key: RANGER-3539
 URL: https://issues.apache.org/jira/browse/RANGER-3539
 Project: Ranger
  Issue Type: Improvement
  Components: Ranger
Reporter: Pradeep Agrawal
Assignee: Pradeep Agrawal
 Fix For: 3.0.0






--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (RANGER-3401) Ranger Policy search based on policy guid match

2021-12-07 Thread Pradeep Agrawal (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal resolved RANGER-3401.
-
Resolution: Duplicate

> Ranger Policy search based on policy guid match
> ---
>
> Key: RANGER-3401
> URL: https://issues.apache.org/jira/browse/RANGER-3401
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Affects Versions: 2.2.0
>Reporter: Dineshkumar Yadav
>Assignee: Pradeep Agrawal
>Priority: Major
>
> Ranger should provide a way to search a policy based on its guid, service and 
> zone .



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (RANGER-2967) Add support for Amazon CloudWatch Logs as an Audit Store

2021-12-07 Thread Pradeep Agrawal (Jira)



[ 
https://issues.apache.org/jira/browse/RANGER-2967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17454941#comment-17454941
 ] 

Pradeep Agrawal commented on RANGER-2967:
-

[~yInnovation]  : please close the RR https://reviews.apache.org/r/72800/

> Add support for Amazon CloudWatch Logs as an Audit Store
> 
>
> Key: RANGER-2967
> URL: https://issues.apache.org/jira/browse/RANGER-2967
> Project: Ranger
>  Issue Type: Improvement
>  Components: audit
>Affects Versions: 2.0.0
>Reporter: Yao
>Priority: Minor
>  Labels: newbie, patch-available
> Fix For: 3.0.0
>
> Attachments: 
> 0001-Add-support-for-Amazon-CloudWatch-Logs-as-an-Audit-S.patch, 
> 0001-RANGER-2967-Add-support-for-Amazon-CloudWatch-Logs-a.patch
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> This change is to add CloudWatch Logs to the list of Ranger supported audit 
> stores. With this change, Ranger users will be allowed to configure their 
> plugins to send audit events to Amazon CloudWatch Logs. Further, customers 
> can query the events using Amazon CloudWatch Insights.
> This functionality is built with a newly introduced audit destination 
> 'AmazonCloudWatchAuditDestination'. Ranger users can enable it in the way 
> similar to other types of audit destinations like Solr.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 72800: [RANGER-2967] Add support for Amazon CloudWatch Logs as an Audit Store

2021-12-07 Thread Pradeep Agrawal


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72800/#review223815
---


Ship it!




Ship It!

- Pradeep Agrawal


On Dec. 8, 2021, 12:58 a.m., Yao Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72800/
> ---
> 
> (Updated Dec. 8, 2021, 12:58 a.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2967
> https://issues.apache.org/jira/browse/RANGER-2967
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> This change is to add CloudWatch Logs to the list of Ranger supported audit 
> stores. With this change, Ranger users will be allowed to configure their 
> plugins to send audit events to Amazon CloudWatch Logs. Further, customers 
> can query the events using Amazon CloudWatch Insights.
> 
> This functionality is built with a newly introduced audit destination 
> 'AmazonCloudWatchAuditDestination'. Ranger users can enable it in the way 
> similar to other types of audit destinations like Solr.
> 
> 
> Diffs
> -
> 
>   agents-audit/pom.xml 5607242af 
>   
> agents-audit/src/main/java/org/apache/ranger/audit/destination/AmazonCloudWatchAuditDestination.java
>  PRE-CREATION 
>   
> agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
>  7a3c7f61d 
>   hbase-agent/conf/ranger-hbase-audit-changes.cfg 26bd2fab9 
>   hbase-agent/scripts/install.properties 2ce88224a 
>   hdfs-agent/conf/ranger-hdfs-audit-changes.cfg 9e099e6d0 
>   hdfs-agent/scripts/install.properties 4c5e0fb50 
>   hive-agent/conf/ranger-hive-audit-changes.cfg c396d5d55 
>   hive-agent/scripts/install.properties b88d64245 
>   kms/scripts/install.properties 493553653 
>   knox-agent/conf/ranger-knox-audit-changes.cfg c396d5d55 
>   knox-agent/scripts/install.properties 939fd881b 
>   plugin-atlas/conf/ranger-atlas-audit-changes.cfg 39d1d109a 
>   plugin-atlas/scripts/install.properties 94a802343 
>   plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg c396d5d55 
>   plugin-elasticsearch/scripts/install.properties 7e752c336 
>   plugin-kafka/conf/ranger-kafka-audit-changes.cfg dfd27f37c 
>   plugin-kafka/scripts/install.properties facbc790f 
>   plugin-kms/conf/ranger-kms-audit-changes.cfg 8d5ca3433 
>   plugin-kylin/conf/ranger-kylin-audit-changes.cfg c396d5d55 
>   plugin-kylin/scripts/install.properties b08f0edec 
>   plugin-ozone/conf/ranger-ozone-audit-changes.cfg 8cd5e39c8 
>   plugin-ozone/scripts/install.properties a160ec155 
>   plugin-presto/conf/ranger-presto-audit-changes.cfg dfd27f37c 
>   plugin-presto/scripts/install.properties 956533571 
>   plugin-solr/conf/ranger-solr-audit-changes.cfg d4588ffc1 
>   plugin-solr/scripts/install.properties 88e805653 
>   plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg c396d5d55 
>   plugin-sqoop/scripts/install.properties b7b1187ff 
>   plugin-yarn/conf/ranger-yarn-audit-changes.cfg c396d5d55 
>   plugin-yarn/scripts/install.properties 71bab4996 
>   
> security-admin/src/test/java/org/apache/ranger/audit/destination/AmazonCloudWatchAuditDestinationTest.java
>  PRE-CREATION 
>   storm-agent/conf/ranger-storm-audit-changes.cfg c396d5d55 
>   storm-agent/scripts/install.properties 109300f33 
> 
> 
> Diff: https://reviews.apache.org/r/72800/diff/2/
> 
> 
> Testing
> ---
> 
> mvn -pl agents-audit clean install compile package
> 
> Testing with Hive
> 
> Audit events were sent to Amazon CloudWatch Logs successfully
> 
> 
> Thanks,
> 
> Yao Zhou
> 
>

[jira] [Commented] (RANGER-2967) Add support for Amazon CloudWatch Logs as an Audit Store

2021-12-07 Thread Yao (Jira)



[ 
https://issues.apache.org/jira/browse/RANGER-2967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17454904#comment-17454904
 ] 

Yao commented on RANGER-2967:
-

[~pradeep] : Updated the review request with the new patch. 
[https://reviews.apache.org/r/72800/] 

> Add support for Amazon CloudWatch Logs as an Audit Store
> 
>
> Key: RANGER-2967
> URL: https://issues.apache.org/jira/browse/RANGER-2967
> Project: Ranger
>  Issue Type: Improvement
>  Components: audit
>Affects Versions: 2.0.0
>Reporter: Yao
>Priority: Minor
>  Labels: newbie, patch-available
> Fix For: 3.0.0
>
> Attachments: 
> 0001-Add-support-for-Amazon-CloudWatch-Logs-as-an-Audit-S.patch, 
> 0001-RANGER-2967-Add-support-for-Amazon-CloudWatch-Logs-a.patch
>
>   Original Estimate: 168h
>  Remaining Estimate: 168h
>
> This change is to add CloudWatch Logs to the list of Ranger supported audit 
> stores. With this change, Ranger users will be allowed to configure their 
> plugins to send audit events to Amazon CloudWatch Logs. Further, customers 
> can query the events using Amazon CloudWatch Insights.
> This functionality is built with a newly introduced audit destination 
> 'AmazonCloudWatchAuditDestination'. Ranger users can enable it in the way 
> similar to other types of audit destinations like Solr.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 72800: [RANGER-2967] Add support for Amazon CloudWatch Logs as an Audit Store

2021-12-07 Thread Yao Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72800/
---

(Updated Dec. 8, 2021, 12:58 a.m.)


Review request for ranger.


Changes
---

resolved merge conflict


Bugs: RANGER-2967
https://issues.apache.org/jira/browse/RANGER-2967


Repository: ranger


Description
---

This change is to add CloudWatch Logs to the list of Ranger supported audit 
stores. With this change, Ranger users will be allowed to configure their 
plugins to send audit events to Amazon CloudWatch Logs. Further, customers can 
query the events using Amazon CloudWatch Insights.

This functionality is built with a newly introduced audit destination 
'AmazonCloudWatchAuditDestination'. Ranger users can enable it in the way 
similar to other types of audit destinations like Solr.


Diffs (updated)
-

  agents-audit/pom.xml 5607242af 
  
agents-audit/src/main/java/org/apache/ranger/audit/destination/AmazonCloudWatchAuditDestination.java
 PRE-CREATION 
  
agents-audit/src/main/java/org/apache/ranger/audit/provider/AuditProviderFactory.java
 7a3c7f61d 
  hbase-agent/conf/ranger-hbase-audit-changes.cfg 26bd2fab9 
  hbase-agent/scripts/install.properties 2ce88224a 
  hdfs-agent/conf/ranger-hdfs-audit-changes.cfg 9e099e6d0 
  hdfs-agent/scripts/install.properties 4c5e0fb50 
  hive-agent/conf/ranger-hive-audit-changes.cfg c396d5d55 
  hive-agent/scripts/install.properties b88d64245 
  kms/scripts/install.properties 493553653 
  knox-agent/conf/ranger-knox-audit-changes.cfg c396d5d55 
  knox-agent/scripts/install.properties 939fd881b 
  plugin-atlas/conf/ranger-atlas-audit-changes.cfg 39d1d109a 
  plugin-atlas/scripts/install.properties 94a802343 
  plugin-elasticsearch/conf/ranger-elasticsearch-audit-changes.cfg c396d5d55 
  plugin-elasticsearch/scripts/install.properties 7e752c336 
  plugin-kafka/conf/ranger-kafka-audit-changes.cfg dfd27f37c 
  plugin-kafka/scripts/install.properties facbc790f 
  plugin-kms/conf/ranger-kms-audit-changes.cfg 8d5ca3433 
  plugin-kylin/conf/ranger-kylin-audit-changes.cfg c396d5d55 
  plugin-kylin/scripts/install.properties b08f0edec 
  plugin-ozone/conf/ranger-ozone-audit-changes.cfg 8cd5e39c8 
  plugin-ozone/scripts/install.properties a160ec155 
  plugin-presto/conf/ranger-presto-audit-changes.cfg dfd27f37c 
  plugin-presto/scripts/install.properties 956533571 
  plugin-solr/conf/ranger-solr-audit-changes.cfg d4588ffc1 
  plugin-solr/scripts/install.properties 88e805653 
  plugin-sqoop/conf/ranger-sqoop-audit-changes.cfg c396d5d55 
  plugin-sqoop/scripts/install.properties b7b1187ff 
  plugin-yarn/conf/ranger-yarn-audit-changes.cfg c396d5d55 
  plugin-yarn/scripts/install.properties 71bab4996 
  
security-admin/src/test/java/org/apache/ranger/audit/destination/AmazonCloudWatchAuditDestinationTest.java
 PRE-CREATION 
  storm-agent/conf/ranger-storm-audit-changes.cfg c396d5d55 
  storm-agent/scripts/install.properties 109300f33 


Diff: https://reviews.apache.org/r/72800/diff/2/

Changes: https://reviews.apache.org/r/72800/diff/1-2/


Testing
---

mvn -pl agents-audit clean install compile package

Testing with Hive

Audit events were sent to Amazon CloudWatch Logs successfully


Thanks,

Yao Zhou

[jira] [Updated] (RANGER-3502) Make GET zone APIs accessible to authorized users only

2021-12-07 Thread Pradeep Agrawal (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal updated RANGER-3502:

Fix Version/s: 3.0.0

> Make GET zone APIs accessible to authorized users only
> --
>
> Key: RANGER-3502
> URL: https://issues.apache.org/jira/browse/RANGER-3502
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Kishor Gollapalliwar
>Assignee: Kishor Gollapalliwar
>Priority: Major
> Fix For: 3.0.0
>
>
> Currently get 
> [zones|https://ranger.apache.org/apidocs/resource_SecurityZoneREST.html#resource_SecurityZoneREST_getAllZones_GET]
>  API returns all zones even for users who are not authorized to zone modules. 
> Restrict this API to only users who are authorized to zone module.
> Steps to reproduce:
>  # Create a internal user name, test_user1
>  # Remove the permission on Security Zone module for a user
>  # Login as test_user1 user to Ranger Admin, user should not be able to see 
> Security Zone tab
>  # Access the API using curl
> {code:java}
> curl -ikv -u test_user1:pass@123 -X GET -H "Accept:application/json" -H 
> "Content-Type:application/json" 
> "https://:6182/service/zones/zones"
> {code}
> {code:java}
> curl -ikv -u test_user1:pass@123 -X GET -H "Accept:application/json" -H 
> "Content-Type:application/json" 
> "https://:6182/service/zones/zones/{ID}"
> {code}
> {code:java}
> curl -ikv -u test_user1:pass@123 -X GET -H "Accept:application/json" -H 
> "Content-Type:application/json" 
> "https://:6182/service/zones/zones/name/{ZONE_NAME}"
> {code}
>  
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Re: Review Request 73743: Minimize extent of locking when retrieving admin policy-engine

2021-12-07 Thread Madhan Neethiraj


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73743/#review223814
---


Ship it!




Ship It!

- Madhan Neethiraj


On Dec. 7, 2021, 11:07 p.m., Abhay Kulkarni wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73743/
> ---
> 
> (Updated Dec. 7, 2021, 11:07 p.m.)
> 
> 
> Review request for ranger, Kishor Gollapalliwar, Madhan Neethiraj, Pradeep 
> Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3538
> https://issues.apache.org/jira/browse/RANGER-3538
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> It is desirable to reduce the granularity of locking of critical sections in 
> order to improve the throughput of Ranger admin while maintaining correctness 
> in the face of multiple threads trying to build/retrieve required policy 
> engine.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCache.java
>  5a69231ef 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCacheForEngineOptions.java
>  224bdc258 
> 
> 
> Diff: https://reviews.apache.org/r/73743/diff/3/
> 
> 
> Testing
> ---
> 
> Passed all unit tests.
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>

Re: Review Request 73737: RANGER-3298:Add coarse URI check for Hive Agent

2021-12-07 Thread Abhay Kulkarni


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73737/#review223813
---


Ship it!




Ship It!

- Abhay Kulkarni


On Dec. 3, 2021, 8:05 a.m., Ramesh Mani wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73737/
> ---
> 
> (Updated Dec. 3, 2021, 8:05 a.m.)
> 
> 
> Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, 
> Mehul Parikh, Pradeep Agrawal, Selvamohan Neethiraj, Sailaja Polavarapu, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3298
> https://issues.apache.org/jira/browse/RANGER-3298
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RANGER-3298:Add coarse URI check for Hive Agent
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/authorization/hadoop/constants/RangerHadoopConstants.java
>  31e4c0f4e8 
>   hive-agent/conf/ranger-hive-security.xml 3a5fc54cda 
>   
> hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java
>  e145ea2996 
> 
> 
> Diff: https://reviews.apache.org/r/73737/diff/1/
> 
> 
> Testing
> ---
> 
> - Verified in a cluster CREATE EXTERNAL TABLE with location point to HDFS 
> location with large number of folders and file
> - Without this patch and when HIVE URL policy is not enabled / present CREATE 
> EXTERNAL TABLE create takes a lot of time as RangerHiveAuthorize authorizes 
> all the folder, subfolder and files in it.
> - With this patch with no URL policy and having 
> xasecure.hive.uri.permission.coarse.check=true, CREATE EXTERNAL TABLE is 
> quicker as the recursive checks are avoided.
> 
> 
> Thanks,
> 
> Ramesh Mani
> 
>

Re: Review Request 73743: Minimize extent of locking when retrieving admin policy-engine

2021-12-07 Thread Abhay Kulkarni


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73743/
---

(Updated Dec. 7, 2021, 11:07 p.m.)


Review request for ranger, Kishor Gollapalliwar, Madhan Neethiraj, Pradeep 
Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.


Changes
---

Addressed review comments


Bugs: RANGER-3538
https://issues.apache.org/jira/browse/RANGER-3538


Repository: ranger


Description
---

It is desirable to reduce the granularity of locking of critical sections in 
order to improve the throughput of Ranger admin while maintaining correctness 
in the face of multiple threads trying to build/retrieve required policy engine.


Diffs (updated)
-

  
security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCache.java 
5a69231ef 
  
security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCacheForEngineOptions.java
 224bdc258 


Diff: https://reviews.apache.org/r/73743/diff/3/

Changes: https://reviews.apache.org/r/73743/diff/2-3/


Testing
---

Passed all unit tests.


Thanks,

Abhay Kulkarni

Re: Review Request 73743: Minimize extent of locking when retrieving admin policy-engine

2021-12-07 Thread Madhan Neethiraj


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73743/#review223812
---




security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCache.java
Lines 149 (patched)


finally is executed after exception block. This would cause 
policyAdminWrapper to be set to null in #146, resulting in unlock() not getting 
called in #150. Please review and update.



security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCacheForEngineOptions.java
Line 64 (original), 63 (patched)


to avoid multiple threads adding RangerPolicyAdminCache objects for same 
option:

if (policyAdminCache == null) {
  synchronized (this) {
policyAdminCache = policyAdminCacheForEngineOptions.get(options);

if (policyAdminCache == null) {
  policyAdminCache = new RangerPolicyAdminCache();

  policyAdminCacheForEngineOptions.put(options, policyAdminCache);
}
  }
}


- Madhan Neethiraj


On Dec. 7, 2021, 1:23 a.m., Abhay Kulkarni wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73743/
> ---
> 
> (Updated Dec. 7, 2021, 1:23 a.m.)
> 
> 
> Review request for ranger, Kishor Gollapalliwar, Madhan Neethiraj, Pradeep 
> Agrawal, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3538
> https://issues.apache.org/jira/browse/RANGER-3538
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> It is desirable to reduce the granularity of locking of critical sections in 
> order to improve the throughput of Ranger admin while maintaining correctness 
> in the face of multiple threads trying to build/retrieve required policy 
> engine.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCache.java
>  5a69231ef 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyAdminCacheForEngineOptions.java
>  224bdc258 
> 
> 
> Diff: https://reviews.apache.org/r/73743/diff/2/
> 
> 
> Testing
> ---
> 
> Passed all unit tests.
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>

[jira] [Updated] (RANGER-3490) Make policy resource signature is unique in a service

2021-12-07 Thread Velmurugan Periasamy (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-3490:
-
Fix Version/s: 3.0.0

> Make policy resource signature is unique in a service
> -
>
> Key: RANGER-3490
> URL: https://issues.apache.org/jira/browse/RANGER-3490
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Abhay Kulkarni
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 3.0.0
>
>
> There may be multiple policies with the same resource signature within a 
> service (at most one enabled policy and potentially any number of disabled 
> policies).  Therefore, the resource-signature uniqueness within a service 
> cannot be enforced at the database level.
> The proposal is to encode GUID of a disabled policy within the resource 
> signature, thus making the resource signature unique within a service.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Review Request 73745: RANGER-3487 : Update underscorejs with latest version.

2021-12-07 Thread Nitin Galave


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73745/
---

Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, 
Kishor Gollapalliwar, Madhan Neethiraj, Mehul Parikh, Pradeep Agrawal, and 
Velmurugan Periasamy.


Bugs: RANGER-3487
https://issues.apache.org/jira/browse/RANGER-3487


Repository: ranger


Description
---

For more functionality update underscorejs with the latest version is 1.13.1.


Diffs
-

  security-admin/src/main/webapp/libs/bower/underscore/js/underscore-min.js 
898bd44a1 
  security-admin/src/main/webapp/libs/bower/underscore/js/underscore.js 
5cdf62ea6 


Diff: https://reviews.apache.org/r/73745/diff/1/


Testing
---

Tested 
1.CRUD of service
2.Policy CRUD
3.User, group and role crud
4.Audit tab to check popup and also is all the data is coming in audit
5.Permission tab CRUD
6.Import and export of csv, xml and json
7.Enforcement
8.sync details in user page


Thanks,

Nitin Galave

Re: Review Request 73644: RANGER-3443 : "X-Permitted-Cross-Domain-Policies" header not set by Ranger UI.

2021-12-07 Thread Nitin Galave


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73644/
---

(Updated Dec. 7, 2021, 1:31 p.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Jayendra Parab, 
Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, and 
Velmurugan Periasamy.


Bugs: RANGER-3443
https://issues.apache.org/jira/browse/RANGER-3443


Repository: ranger


Description (updated)
---

Ranger does not return "X-Permitted-Cross-Domain-Policies" response header. 
OWASP best practices suggest explicitly setting this header to "none".


Diffs
-

  
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
 c50857940 


Diff: https://reviews.apache.org/r/73644/diff/1/


Testing
---

Tested that Added "X-Permitted-Cross-Domain-Policies" responce header.


Thanks,

Nitin Galave

[jira] [Updated] (RANGER-3487) Update underscorejs with latest version.

2021-12-07 Thread Nitin Galave (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3487?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nitin Galave updated RANGER-3487:
-
Attachment: 0001-RANGER-3487.patch

> Update underscorejs with latest version.
> 
>
> Key: RANGER-3487
> URL: https://issues.apache.org/jira/browse/RANGER-3487
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Attachments: 0001-RANGER-3487.patch
>
>
> For more functionality update underscorejs with the latest version is 1.13.1.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3520) Upgrade Netty version

2021-12-07 Thread Mallika Gogoi (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3520?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mallika Gogoi updated RANGER-3520:
--
Attachment: maven_dependency_tree.txt

> Upgrade Netty version 
> --
>
> Key: RANGER-3520
> URL: https://issues.apache.org/jira/browse/RANGER-3520
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Mallika Gogoi
>Assignee: Mallika Gogoi
>Priority: Minor
> Attachments: RANGER-3520-v2.patch, maven_dependency_tree.txt
>
>
> For best practices, upgrade netty version used in Ranger



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (RANGER-3520) Upgrade Netty version

2021-12-07 Thread Mallika Gogoi (Jira)



 [ 
https://issues.apache.org/jira/browse/RANGER-3520?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mallika Gogoi updated RANGER-3520:
--
Attachment: (was: mvn_dependency.txt)

> Upgrade Netty version 
> --
>
> Key: RANGER-3520
> URL: https://issues.apache.org/jira/browse/RANGER-3520
> Project: Ranger
>  Issue Type: Task
>  Components: Ranger
>Reporter: Mallika Gogoi
>Assignee: Mallika Gogoi
>Priority: Minor
> Attachments: RANGER-3520-v2.patch, maven_dependency_tree.txt
>
>
> For best practices, upgrade netty version used in Ranger



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

52 matches

Mail list logo