Re: Review Request 73965: RANGER-3739: Add JWT filter in Ranger Admin
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73965/#review224411 --- Ship it! Ship It! - Vishal Suvagia On May 2, 2022, 11:53 a.m., Kishor Gollapalliwar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73965/ > --- > > (Updated May 2, 2022, 11:53 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Abhay Kulkarni, > Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, Vishal > Suvagia, and Velmurugan Periasamy. > > > Bugs: RANGER-3739 > https://issues.apache.org/jira/browse/RANGER-3739 > > > Repository: ranger > > > Description > --- > > Add JWT auth filter in Ranger Admin, which authenticates browser & > non-browser JWT requests without altering existing authentication filters. > > The existing authorization process must be alter to incorporate following > cases > > Token SSO Enabled First Authorizer / Filter > Present Yes RangerSSOAuthenticationFilter > AbsentYes RangerSSOAuthenticationFilter > Present No RangerJwtAuthFilter (NEW) > AbsentNo RangerJwtAuthFilter (NEW) > > > Diffs > - > > security-admin/pom.xml eaa8db1c1 > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerJwtAuthFilter.java > PRE-CREATION > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerJwtAuthWrapper.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/73965/diff/1/ > > > Testing > --- > > 1. mvn clean compile package install -U > 2. Login ModHeader (chrome plugin): invalid JWT > 3. Login ModHeader (chrome plugin): expired JWT > 4. Login ModHeader (chrome plugin): tampered JWT > 5. Login ModHeader (chrome plugin): valid JWT > 6. Curl Access API: invalid JWT > 7. Curl Access API: expired JWT > 8. Curl Access API: tampered JWT > 9. Curl Access API: valid JWT > > > Thanks, > > Kishor Gollapalliwar > >
Re: Review Request 73965: RANGER-3739: Add JWT filter in Ranger Admin
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73965/#review224410 --- Ship it! Ship It! - Mehul Parikh On May 2, 2022, 11:53 a.m., Kishor Gollapalliwar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73965/ > --- > > (Updated May 2, 2022, 11:53 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Abhay Kulkarni, > Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, Vishal > Suvagia, and Velmurugan Periasamy. > > > Bugs: RANGER-3739 > https://issues.apache.org/jira/browse/RANGER-3739 > > > Repository: ranger > > > Description > --- > > Add JWT auth filter in Ranger Admin, which authenticates browser & > non-browser JWT requests without altering existing authentication filters. > > The existing authorization process must be alter to incorporate following > cases > > Token SSO Enabled First Authorizer / Filter > Present Yes RangerSSOAuthenticationFilter > AbsentYes RangerSSOAuthenticationFilter > Present No RangerJwtAuthFilter (NEW) > AbsentNo RangerJwtAuthFilter (NEW) > > > Diffs > - > > security-admin/pom.xml eaa8db1c1 > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerJwtAuthFilter.java > PRE-CREATION > > security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerJwtAuthWrapper.java > PRE-CREATION > > > Diff: https://reviews.apache.org/r/73965/diff/1/ > > > Testing > --- > > 1. mvn clean compile package install -U > 2. Login ModHeader (chrome plugin): invalid JWT > 3. Login ModHeader (chrome plugin): expired JWT > 4. Login ModHeader (chrome plugin): tampered JWT > 5. Login ModHeader (chrome plugin): valid JWT > 6. Curl Access API: invalid JWT > 7. Curl Access API: expired JWT > 8. Curl Access API: tampered JWT > 9. Curl Access API: valid JWT > > > Thanks, > > Kishor Gollapalliwar > >