Re: Review Request 73898: RANGER-2362: Limit Login Attempt Failure
> On 三月 16, 2022, 12:06 p.m., bhavik patel wrote: > > @Kirby Zhou, did you got chance to try whatever Madhan has suggested? I have no time this week, i will tried it soon. - Kirby --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73898/#review224162 --- On 三月 11, 2022, 11:44 a.m., Kirby Zhou wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73898/ > --- > > (Updated 三月 11, 2022, 11:44 a.m.) > > > Review request for ranger, Bhavik Bavishi, Abhay Kulkarni, Madhan Neethiraj, > and Pradeep Agrawal. > > > Bugs: RANGER-2362 > https://issues.apache.org/jira/browse/RANGER-2362 > > > Repository: ranger > > > Description > --- > > RANGER-2362 > > > Here is a simple demo code for discussion. > > Hard-codeed: > we limit 3 failures per 30 minutes. A successful login will reset the counter. > > > BTW: I think the code of RangerAuthenticationProvider is a bit anti-pattern. > > 1. We new RangerAuthenticationProvider at each time user login. It is > unreasonable, it should be a bean. > > see RangerKRBAuthenticationFilter.java and RangerSSOAuthenticationFilter.java > > 2. We new Jdbc/AD/Ldap/Pam authentication provider in > RangerAuthenticationProvider at each time user login. > > 3. The member 'private LdapAuthenticator authenticator' seems useless > > 4. The RangerAuthenticationProvider seem should be replaced with > ProviderManager or something like spring configuration. > > > Diffs > - > > pom.xml 49a06411d0c5421a5abb33c9d32ea13e38655deb > security-admin/pom.xml a2060e1c204f0399f39a79cb56280f6d09325e3a > > security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java > 8f7abbe7df3d0344c7b5b1af89f7322d82a0d238 > > security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java > 52cf17ae191f8ac35710083dfcd257b8962d2d7f > > security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerLoginAttemptRateLimiter.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/73898/diff/1/ > > > Testing > --- > > Self tested > > > Thanks, > > Kirby Zhou > >
Re: Review Request 73853: RANGER-3628 : Support fine grain authorization for different solr objects
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73853/#review224166 --- Ship it! Ship It! - Sailaja Polavarapu On March 10, 2022, 11:15 a.m., Mateen Mansoori wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73853/ > --- > > (Updated March 10, 2022, 11:15 a.m.) > > > Review request for ranger, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, > Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3628 > https://issues.apache.org/jira/browse/RANGER-3628 > > > Repository: ranger > > > Description > --- > > Modifying ranger solr plugin to allow granting the following privileges: > >- QUERY - read only privilege on an object >- UPDATE - write only privilege on an object >- All - read and write access > > Privileges can be defined on the following objects: > > - admin > - collections > - cores > - metrics > - autoscaling > - security > - collection > - config > - schema > > > Diffs > - > > agents-common/src/main/resources/service-defs/ranger-servicedef-solr.json > dfaa2f701 > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuditHandler.java > 359211cb2 > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java > d4dd7b0ec > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/SolrAuthzUtil.java > PRE-CREATION > > plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java > 97909ae54 > > plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerSolrConstants.java > PRE-CREATION > > plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java > 5f7b9b924 > > > Diff: https://reviews.apache.org/r/73853/diff/4/ > > > Testing > --- > > Tested on cluster with by covering test cases as per new implementation. > > > Thanks, > > Mateen Mansoori > >
[jira] [Updated] (RANGER-3662) There should be pause button for error popup
[ https://issues.apache.org/jira/browse/RANGER-3662?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-3662: --- Fix Version/s: 3.0.0 2.3.0 > There should be pause button for error popup > > > Key: RANGER-3662 > URL: https://issues.apache.org/jira/browse/RANGER-3662 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Fix For: 3.0.0, 2.3.0 > > Attachments: 0001-RANGER-3662.patch > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (RANGER-3662) There should be pause button for error popup
[ https://issues.apache.org/jira/browse/RANGER-3662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17507651#comment-17507651 ] Dhaval Rajpara commented on RANGER-3662: Committed to [Apache master|https://github.com/apache/ranger/commit/84691f9d46d0357b09b4a7afdfcc572aa4d18b46] branch. Committed to [ranger-2.3|https://github.com/apache/ranger/commit/48b8883f82d34cf952384a6e9df86c0cbb6873c8] branch. > There should be pause button for error popup > > > Key: RANGER-3662 > URL: https://issues.apache.org/jira/browse/RANGER-3662 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Attachments: 0001-RANGER-3662.patch > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (RANGER-3647) Connection to DB fails for MySQL version above 8.0
[ https://issues.apache.org/jira/browse/RANGER-3647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Vishal Suvagia updated RANGER-3647: --- Attachment: RANGER-3647-01.patch > Connection to DB fails for MySQL version above 8.0 > -- > > Key: RANGER-3647 > URL: https://issues.apache.org/jira/browse/RANGER-3647 > Project: Ranger > Issue Type: Improvement > Components: admin >Affects Versions: 3.0.0 >Reporter: Vishal Suvagia >Assignee: Vishal Suvagia >Priority: Major > Attachments: RANGER-3647-01.patch, RANGER-3647.patch > > > Observed that Ranger DB setup fails when using with MySQL version above 8.0. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (RANGER-3665) "No Data Found !!" messages in Ranger admin UI alarm users
[ https://issues.apache.org/jira/browse/RANGER-3665?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-3665: --- Fix Version/s: 3.0.0 2.3.0 > "No Data Found !!" messages in Ranger admin UI alarm users > -- > > Key: RANGER-3665 > URL: https://issues.apache.org/jira/browse/RANGER-3665 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Fix For: 3.0.0, 2.3.0 > > Attachments: 0001-RANGER-3665.patch, NoData.png > > > In the Ranger web console, when no conditions or exclusions of a certain type > are present, a message appears saying "No Data Found !!" > The wording, capitalization, and punctuation of this message all suggest > something is wrong. However, this condition is normal. For example, default > policies generally don't include any Deny conditions. Having no Deny > conditions isn't a problem, but the message in the UI gives a different > impression. > I suggest replacing the current message that suggests an error with something > more low-key. Perhaps it could just say "(None)". > Or maybe no message at all is needed. Unless an actual error is present, a > blank table is probably sufficient to convey that no items of that type are > present. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (RANGER-3665) "No Data Found !!" messages in Ranger admin UI alarm users
[ https://issues.apache.org/jira/browse/RANGER-3665?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17507650#comment-17507650 ] Dhaval Rajpara commented on RANGER-3665: Committed to [Apache master|https://github.com/apache/ranger/commit/e989bfa1c334a5204da084d501e4bec4c6b88491] branch. Committed to [ranger-2.3|https://github.com/apache/ranger/commit/8069bd2b8dbe1f08909d73f6ae35d8fc7d86a5e7] branch. > "No Data Found !!" messages in Ranger admin UI alarm users > -- > > Key: RANGER-3665 > URL: https://issues.apache.org/jira/browse/RANGER-3665 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Attachments: 0001-RANGER-3665.patch, NoData.png > > > In the Ranger web console, when no conditions or exclusions of a certain type > are present, a message appears saying "No Data Found !!" > The wording, capitalization, and punctuation of this message all suggest > something is wrong. However, this condition is normal. For example, default > policies generally don't include any Deny conditions. Having no Deny > conditions isn't a problem, but the message in the UI gives a different > impression. > I suggest replacing the current message that suggests an error with something > more low-key. Perhaps it could just say "(None)". > Or maybe no message at all is needed. Unless an actual error is present, a > blank table is probably sufficient to convey that no items of that type are > present. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Updated] (RANGER-3660) [Ranger Admin UI] Improvements in tooltip hints for better user experience
[ https://issues.apache.org/jira/browse/RANGER-3660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-3660: --- Fix Version/s: 3.0.0 2.3.0 > [Ranger Admin UI] Improvements in tooltip hints for better user experience > -- > > Key: RANGER-3660 > URL: https://issues.apache.org/jira/browse/RANGER-3660 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Fix For: 3.0.0, 2.3.0 > > Attachments: 0001-RANGER-3660.patch > > > * Update policy search bar tooltips: > ** Update search hints that show "Undefined". > * Update Access Audits search bar tooltips: > ** Remove ambari from Cluster name hint. > ** Update other search filter hints and provide well-defined, sanitized, > user-friendly messages which can help end-users to use the filters easily and > effectively. -- This message was sent by Atlassian Jira (v8.20.1#820001)
[jira] [Commented] (RANGER-3660) [Ranger Admin UI] Improvements in tooltip hints for better user experience
[ https://issues.apache.org/jira/browse/RANGER-3660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17507642#comment-17507642 ] Dhaval Rajpara commented on RANGER-3660: Committed to [Apache master|https://github.com/apache/ranger/commit/9c9151e9e6b00ff5c7fe0fadf13d62b932ad2eac] branch. Committed to [ranger-2.3|https://github.com/apache/ranger/commit/1793c76b8f4085bad17be416cd6dae7cad27a0e1] branch. > [Ranger Admin UI] Improvements in tooltip hints for better user experience > -- > > Key: RANGER-3660 > URL: https://issues.apache.org/jira/browse/RANGER-3660 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Attachments: 0001-RANGER-3660.patch > > > * Update policy search bar tooltips: > ** Update search hints that show "Undefined". > * Update Access Audits search bar tooltips: > ** Remove ambari from Cluster name hint. > ** Update other search filter hints and provide well-defined, sanitized, > user-friendly messages which can help end-users to use the filters easily and > effectively. -- This message was sent by Atlassian Jira (v8.20.1#820001)
Re: Review Request 73902: RANGER-3660 : [Ranger Admin UI] Improvements in tooltip hints for better user experience.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73902/#review224165 --- Ship it! Ship It! - Mehul Parikh On March 16, 2022, 12:03 p.m., Dhaval Rajpara wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73902/ > --- > > (Updated March 16, 2022, 12:03 p.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, > Kishor Gollapalliwar, Mateen Mansoori, Mehul Parikh, Nitin Galave, Pradeep > Agrawal, and Velmurugan Periasamy. > > > Bugs: RANGER-3660 > https://issues.apache.org/jira/browse/RANGER-3660 > > > Repository: ranger > > > Description > --- > > * Update policy search bar tooltips: > ** Update search hints that show "Undefined". > * Update Access Audits search bar tooltips: > ** Remove ambari from Cluster name hint. > ** Update other search filter hints and provide well-defined, sanitized, > user-friendly messages which can help end-users to use the filters easily and > effectively. > > > Diffs > - > > security-admin/src/main/webapp/scripts/modules/globalize/message/en.js > 1d87d1620 > > security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js > 2e32ef7c8 > > security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js > 35952d49f > > > Diff: https://reviews.apache.org/r/73902/diff/1/ > > > Testing > --- > > 1.Verified on policy page > 2.Verified on Access audit page tooltip hints display properly. > > > Thanks, > > Dhaval Rajpara > >
[jira] [Updated] (RANGER-3667) Improve feedback in policy creation UI when resource does not exist
[ https://issues.apache.org/jira/browse/RANGER-3667?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-3667: --- Attachment: 0001-RANGER-3667.patch > Improve feedback in policy creation UI when resource does not exist > --- > > Key: RANGER-3667 > URL: https://issues.apache.org/jira/browse/RANGER-3667 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Attachments: 0001-RANGER-3667.patch > > > 1. In Ranger's policy creation UI, when a resource (e.g. Hive database or > table name) is entered in the Policy Details, the autocomplete feature will > proactively present a dropdown of possible matches to known resource names > pulled from the service, which the user can then select to populate the > fields in the policy. > 2. If there is only one match to an existing resource name, then only that > single name will be presented in the dropdown. > 3. If there are no matches, then the text already entered into the field will > be presented in the autocomplete dropdown. This behavior is exactly the same > as (2) whether the resource exists or not. > 4. While there are some use cases where a policy may need to be created prior > to creating the actual resource itself, there is no validation or feedback in > the UI to indicate if a resource name already exists. In the case of a simple > typo error, this lack of feedback can result in the creation of invalid > policies that are then difficult to isolate and fix. > This request is to include some additional feedback ("not found" message or > similar) in the UI, to indicate when a resource does not exist. This would > also assist in identifying communication issues between Ranger and the > backend services. -- This message was sent by Atlassian Jira (v8.20.1#820001)
Re: Review Request 73900: RANGER-3665 : "No Data Found !!" messages in Ranger admin UI alarm users
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73900/#review224164 --- Ship it! Ship It! - Mehul Parikh On March 15, 2022, 12:55 p.m., Dhaval Rajpara wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73900/ > --- > > (Updated March 15, 2022, 12:55 p.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, > Kishor Gollapalliwar, Mateen Mansoori, Mehul Parikh, Nitin Galave, Pradeep > Agrawal, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3665 > https://issues.apache.org/jira/browse/RANGER-3665 > > > Repository: ranger > > > Description > --- > > In the Ranger web console, when no conditions or exclusions of a certain type > are present, a message appears saying "No Data Found !!" > > > The wording, capitalization, and punctuation of this message all suggest > something is wrong. However, this condition is normal. For example, default > policies generally don't include any Deny conditions. Having no Deny > conditions isn't a problem, but the message in the UI gives a different > impression. > > I suggest replacing the current message that suggests an error with something > more low-key. Perhaps it could just say "(None)". > > Or maybe no message at all is needed. Unless an actual error is present, a > blank table is probably sufficient to convey that no items of that type are > present. > > > Diffs > - > > security-admin/src/main/webapp/templates/policies/RangerPolicyRO_tmpl.html > f41557748 > > > Diff: https://reviews.apache.org/r/73900/diff/1/ > > > Testing > --- > > Changed the massage to 'No policy Item of "Allow Condition" are present' > Same for other policy item > > > Thanks, > > Dhaval Rajpara > >
Re: Review Request 73852: RANGER-3595, refactor the file layout of ranger-xxx-kms.tar.gz
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73852/#review224163 --- close this Review request as it’s already merged. - bhavik patel On March 3, 2022, 7:27 a.m., Kirby Zhou wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73852/ > --- > > (Updated March 3, 2022, 7:27 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, > Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul > Parikh, pengjianhua, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal > Suvagia, Velmurugan Periasamy, and Qiang Zhang. > > > Bugs: RANGER-3595 > https://issues.apache.org/jira/browse/RANGER-3595 > > > Repository: ranger > > > Description > --- > > There are lots of .class files under ews/webapp/, and never used. > > > 1. place web.xml at correct location > 2. setup.sh want to patch hadoop-common.jar at runtime, it requires some file > inside ranger-kms.jar. But the patching of hadoop-common.jar is unnecessary. > > Regular webapp should have its own class files under > ews/webapp/WEB-INF/classes, and dependencies under ews/webapp/WEB-INF/lib, > and the Container should put its libraries under ews/lib. But at current, we > use directories sucn as ews/webapp/lib, ews/webapp/WEB-INF/classes/lib. It > looks dirty and ugly. > > > My patch here makes KMS no longer bring ranger-kms.jar, and place classes and > web.xml at correct location. as a alternative of > https://reviews.apache.org/r/73816/ > > > Now: > ews/lib contains ews bootstrap jars, > ews/webapp/WEB-INF/classes contains KMS app itself, > ews/webapp/WEB-INF/lib contains KMS dependencies, > ews/webapp/WEB-INF/lib/ranger-kms-plugin-impl contains ranger-kms-plugin. > > Additionaly, kms/pom.xml even depends on original hadoop-kms, which can > confuse developers, so I removed it. > > BTW: the bootstrap embedded server looks like too heavy and too much > dependeices. > > > Diffs > - > > distro/src/main/assembly/kms.xml f7605076e6294d9e76ca2f9205e0716932f4daf9 > kms/pom.xml ade563f9479cf1519f222c6eddc6d9991f8422e5 > kms/scripts/DBMK2HSM.sh 001199d97b21158795dbf7ae31e12d1500333541 > kms/scripts/DBMKTOAZUREKEYVAULT.sh cfe5a6b5e65438ba7d50349a36c2dd3219c7092a > kms/scripts/DBMKTOKEYSECURE.sh c0aa6e58c27c7a827bcb557d7a7714eb55ecee63 > kms/scripts/HSMMK2DB.sh 6c77f7340d9c761f980560f3cbf06f65f7c505ed > kms/scripts/KEYSECUREMKTOKMSDB.sh 340e05e2c215e5c046be5cd4c6832b7f0733822a > kms/scripts/VerifyIsDBMasterkeyCorrect.sh > 1c9a2e148959d8fe72e8d7e7b0fa4a810e942337 > kms/scripts/exportKeysToJCEKS.sh f3205789b1da6df95c5e8cf174f4e96ef02b2164 > kms/scripts/importJCEKSKeys.sh 5d4fe978fd00f3d86ef48299755689cee34b8331 > kms/scripts/ranger-kms 429a31e5aac38e3bbcfc6bdd258818d9ecbf0161 > kms/scripts/setup.sh 448042e9d1e9e0caaabf713282a4d509fb09c2e3 > kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java > c899bdf98327de5a86cf51470e96c6ad8e7e4079 > kms/src/main/resources/META-INF/context.xml > kms/src/main/resources/WEB-INF/web.xml > 5e2d489fe632a16a5ed440bbbff41f558d2a2338 > kms/src/main/resources/log4j-kmsaudit.properties > 0747f1e33ee2d6ada6c6a16938cadd2d55d6450d > > > Diff: https://reviews.apache.org/r/73852/diff/5/ > > > Testing > --- > > mvn clean pacakge > fresh install and upgrade from 2.2.0 > > > Thanks, > > Kirby Zhou > >
[jira] [Created] (RANGER-3667) Improve feedback in policy creation UI when resource does not exist
Dhaval Rajpara created RANGER-3667: -- Summary: Improve feedback in policy creation UI when resource does not exist Key: RANGER-3667 URL: https://issues.apache.org/jira/browse/RANGER-3667 Project: Ranger Issue Type: Improvement Components: Ranger Reporter: Dhaval Rajpara Assignee: Dhaval Rajpara 1. In Ranger's policy creation UI, when a resource (e.g. Hive database or table name) is entered in the Policy Details, the autocomplete feature will proactively present a dropdown of possible matches to known resource names pulled from the service, which the user can then select to populate the fields in the policy. 2. If there is only one match to an existing resource name, then only that single name will be presented in the dropdown. 3. If there are no matches, then the text already entered into the field will be presented in the autocomplete dropdown. This behavior is exactly the same as (2) whether the resource exists or not. 4. While there are some use cases where a policy may need to be created prior to creating the actual resource itself, there is no validation or feedback in the UI to indicate if a resource name already exists. In the case of a simple typo error, this lack of feedback can result in the creation of invalid policies that are then difficult to isolate and fix. This request is to include some additional feedback ("not found" message or similar) in the UI, to indicate when a resource does not exist. This would also assist in identifying communication issues between Ranger and the backend services. -- This message was sent by Atlassian Jira (v8.20.1#820001)
Re: Review Request 73898: RANGER-2362: Limit Login Attempt Failure
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73898/#review224162 --- @Kirby Zhou, did you got chance to try whatever Madhan has suggested? - bhavik patel On March 11, 2022, 11:44 a.m., Kirby Zhou wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73898/ > --- > > (Updated March 11, 2022, 11:44 a.m.) > > > Review request for ranger, Bhavik Bavishi, Abhay Kulkarni, Madhan Neethiraj, > and Pradeep Agrawal. > > > Bugs: RANGER-2362 > https://issues.apache.org/jira/browse/RANGER-2362 > > > Repository: ranger > > > Description > --- > > RANGER-2362 > > > Here is a simple demo code for discussion. > > Hard-codeed: > we limit 3 failures per 30 minutes. A successful login will reset the counter. > > > BTW: I think the code of RangerAuthenticationProvider is a bit anti-pattern. > > 1. We new RangerAuthenticationProvider at each time user login. It is > unreasonable, it should be a bean. > > see RangerKRBAuthenticationFilter.java and RangerSSOAuthenticationFilter.java > > 2. We new Jdbc/AD/Ldap/Pam authentication provider in > RangerAuthenticationProvider at each time user login. > > 3. The member 'private LdapAuthenticator authenticator' seems useless > > 4. The RangerAuthenticationProvider seem should be replaced with > ProviderManager or something like spring configuration. > > > Diffs > - > > pom.xml 49a06411d0c5421a5abb33c9d32ea13e38655deb > security-admin/pom.xml a2060e1c204f0399f39a79cb56280f6d09325e3a > > security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java > 8f7abbe7df3d0344c7b5b1af89f7322d82a0d238 > > security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java > 52cf17ae191f8ac35710083dfcd257b8962d2d7f > > security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerLoginAttemptRateLimiter.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/73898/diff/1/ > > > Testing > --- > > Self tested > > > Thanks, > > Kirby Zhou > >
Review Request 73902: RANGER-3660 : [Ranger Admin UI] Improvements in tooltip hints for better user experience.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73902/ --- Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, Kishor Gollapalliwar, Mateen Mansoori, Mehul Parikh, Nitin Galave, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-3660 https://issues.apache.org/jira/browse/RANGER-3660 Repository: ranger Description --- * Update policy search bar tooltips: ** Update search hints that show "Undefined". * Update Access Audits search bar tooltips: ** Remove ambari from Cluster name hint. ** Update other search filter hints and provide well-defined, sanitized, user-friendly messages which can help end-users to use the filters easily and effectively. Diffs - security-admin/src/main/webapp/scripts/modules/globalize/message/en.js 1d87d1620 security-admin/src/main/webapp/scripts/views/policies/NRangerPolicyTableLayout.js 2e32ef7c8 security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js 35952d49f Diff: https://reviews.apache.org/r/73902/diff/1/ Testing --- 1.Verified on policy page 2.Verified on Access audit page tooltip hints display properly. Thanks, Dhaval Rajpara
Re: Review Request 73901: RANGER-3662 : There should be pause button for error popup.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73901/#review224161 --- Ship it! Ship It! - Mehul Parikh On March 16, 2022, 11:49 a.m., Dhaval Rajpara wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73901/ > --- > > (Updated March 16, 2022, 11:49 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, > Kishor Gollapalliwar, Mateen Mansoori, Mehul Parikh, Nitin Galave, Pradeep > Agrawal, and Velmurugan Periasamy. > > > Bugs: RANGER-3662 > https://issues.apache.org/jira/browse/RANGER-3662 > > > Repository: ranger > > > Description > --- > > There should be pause button for error popup > > > Diffs > - > > > security-admin/src/main/webapp/libs/bower/bootstrap-notify/js/bootstrap-notify.js > e1910f9c1 > security-admin/src/main/webapp/styles/xa.css 96dacd6b2 > > > Diff: https://reviews.apache.org/r/73901/diff/1/ > > > Testing > --- > > 1.Checked error popup is getting paused when pause button clicked > 2.Checked popup gets closed when cancelled > 3.Checked popup goes when pause button removed > 4.Checked popup goes when no pause button clicked > > > Thanks, > > Dhaval Rajpara > >
[jira] [Updated] (RANGER-3660) [Ranger Admin UI] Improvements in tooltip hints for better user experience
[ https://issues.apache.org/jira/browse/RANGER-3660?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-3660: --- Attachment: 0001-RANGER-3660.patch > [Ranger Admin UI] Improvements in tooltip hints for better user experience > -- > > Key: RANGER-3660 > URL: https://issues.apache.org/jira/browse/RANGER-3660 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Attachments: 0001-RANGER-3660.patch > > > * Update policy search bar tooltips: > ** Update search hints that show "Undefined". > * Update Access Audits search bar tooltips: > ** Remove ambari from Cluster name hint. > ** Update other search filter hints and provide well-defined, sanitized, > user-friendly messages which can help end-users to use the filters easily and > effectively. -- This message was sent by Atlassian Jira (v8.20.1#820001)
Review Request 73901: RANGER-3662 : There should be pause button for error popup.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73901/ --- Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, Kishor Gollapalliwar, Mateen Mansoori, Mehul Parikh, Nitin Galave, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-3662 https://issues.apache.org/jira/browse/RANGER-3662 Repository: ranger Description --- There should be pause button for error popup Diffs - security-admin/src/main/webapp/libs/bower/bootstrap-notify/js/bootstrap-notify.js e1910f9c1 security-admin/src/main/webapp/styles/xa.css 96dacd6b2 Diff: https://reviews.apache.org/r/73901/diff/1/ Testing --- 1.Checked error popup is getting paused when pause button clicked 2.Checked popup gets closed when cancelled 3.Checked popup goes when pause button removed 4.Checked popup goes when no pause button clicked Thanks, Dhaval Rajpara
[jira] [Updated] (RANGER-3662) There should be pause button for error popup
[ https://issues.apache.org/jira/browse/RANGER-3662?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dhaval Rajpara updated RANGER-3662: --- Attachment: 0001-RANGER-3662.patch > There should be pause button for error popup > > > Key: RANGER-3662 > URL: https://issues.apache.org/jira/browse/RANGER-3662 > Project: Ranger > Issue Type: Improvement > Components: Ranger >Reporter: Dhaval Rajpara >Assignee: Dhaval Rajpara >Priority: Major > Attachments: 0001-RANGER-3662.patch > > -- This message was sent by Atlassian Jira (v8.20.1#820001)
Re: Review Request 73853: RANGER-3628 : Support fine grain authorization for different solr objects
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73853/#review224159 --- Ship it! Ship It! - Mehul Parikh On March 10, 2022, 11:15 a.m., Mateen Mansoori wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73853/ > --- > > (Updated March 10, 2022, 11:15 a.m.) > > > Review request for ranger, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, > Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3628 > https://issues.apache.org/jira/browse/RANGER-3628 > > > Repository: ranger > > > Description > --- > > Modifying ranger solr plugin to allow granting the following privileges: > >- QUERY - read only privilege on an object >- UPDATE - write only privilege on an object >- All - read and write access > > Privileges can be defined on the following objects: > > - admin > - collections > - cores > - metrics > - autoscaling > - security > - collection > - config > - schema > > > Diffs > - > > agents-common/src/main/resources/service-defs/ranger-servicedef-solr.json > dfaa2f701 > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuditHandler.java > 359211cb2 > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java > d4dd7b0ec > > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/SolrAuthzUtil.java > PRE-CREATION > > plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerServiceSolr.java > 97909ae54 > > plugin-solr/src/main/java/org/apache/ranger/services/solr/RangerSolrConstants.java > PRE-CREATION > > plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrClient.java > 5f7b9b924 > > > Diff: https://reviews.apache.org/r/73853/diff/4/ > > > Testing > --- > > Tested on cluster with by covering test cases as per new implementation. > > > Thanks, > > Mateen Mansoori > >