Re: Review Request 70882: RANGER-2475 : Replacing bootstrap accordion with jquery SlideToggle.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70882/#review215987 --- Ship it! Ship It! - Mehul Parikh On June 19, 2019, 8:54 a.m., Nitin Galave wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70882/ > --- > > (Updated June 19, 2019, 8:54 a.m.) > > > Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and > Velmurugan Periasamy. > > > Bugs: RANGER-2475 > https://issues.apache.org/jira/browse/RANGER-2475 > > > Repository: ranger > > > Description > --- > > Removed the logic of using bootstrap accordion and added new logic using > jquery slideToggle. Updated the html and css for the same. > > > Diffs > - > > security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js > 9bce74b > > security-admin/src/main/webapp/scripts/views/security_zone/ZoneAdministration.js > 1dfa36c > security-admin/src/main/webapp/styles/xa.css e8238ca > > security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html > b14519c > > security-admin/src/main/webapp/templates/security_zone/ZoneAdministration_tmpl.html > 125bf86 > > > Diff: https://reviews.apache.org/r/70882/diff/1/ > > > Testing > --- > > Verified CRUD operation for Security Zone Module. > > > Thanks, > > Nitin Galave > >
[jira] [Updated] (RANGER-2474) Policy version and details in access audits wrong when deny condition added to policy
[ https://issues.apache.org/jira/browse/RANGER-2474?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Velmurugan Periasamy updated RANGER-2474: - Fix Version/s: 2.0.0 > Policy version and details in access audits wrong when deny condition added > to policy > - > > Key: RANGER-2474 > URL: https://issues.apache.org/jira/browse/RANGER-2474 > Project: Ranger > Issue Type: Bug > Components: Ranger >Affects Versions: 2.0.0 >Reporter: suja s >Assignee: Ramesh Mani >Priority: Major > Fix For: 2.0.0 > > Attachments: > 0001-RANGER-2474-Policy-version-and-details-in-access-aud.patch > > > Scenario: > Create a ranger hive policy for a test table for select access - version1 > Perform select - operation successful (done for impala) > Validate access audits - policy version is 1, clicking on policyid shows > details of policy at version1 > Edit the policy to include and an additional policy item under allow or a new > condition under allow exception or deny exception (not under deny) > Perform operation > Validate access audits - policy version is 2, clicking on policyid shows > details of policy at version2 > Edit the policy to include a deny condition > Perform operation > Validate access audits - policy version is 1, clicking on policyid shows > details of policy at version1 though enforcement happens as per policy > version3 > Note - Versioning is back to normal when deny condition is removed -- This message was sent by Atlassian JIRA (v7.6.3#76005)
Review Request 70893: RANGER-2377: Ranger KnoxSSO authentication when x-forwarded-host header is not forwarded
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70893/ --- Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy. Bugs: RANGER-2377 https://issues.apache.org/jira/browse/RANGER-2377 Repository: ranger Description --- Ranger is unable to forward the request to Ranger if LB is SSL and KnoxSSO is enabled and x-forwarded-host header is not forwarded from LB. Usually Ranger expects that x-forwarded-host shall be provided by LB so current implementation forward the request to the same host but does not change the protocol to https if LB is also SSL(x-forwarded-proto) Proposed solution: proposed patch contains changes which shall replace the x-forwarded-proto value in the request URL if request URL contains protocol http while x-forwarded-proto value is https. Diffs - security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSSOAuthenticationFilter.java c3fbe9c23 Diff: https://reviews.apache.org/r/70893/diff/1/ Testing --- Tested knoxsso, knox proxy and ranger HA based authentications. Thanks, Pradeep Agrawal
[jira] [Commented] (RANGER-2478) Exception in thread "main" java.lang.NoClassDefFoundError: com/google/common/base/Preconditions
[ https://issues.apache.org/jira/browse/RANGER-2478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16867784#comment-16867784 ] David Berger commented on RANGER-2478: -- I found a workaround by copying the guava-26.0-jre.jar to the install dir cp /ranger-presto-plugin/lib/guava-26.0-jre.jar ranger-presto-plugin/install/lib/ > Exception in thread "main" java.lang.NoClassDefFoundError: > com/google/common/base/Preconditions > --- > > Key: RANGER-2478 > URL: https://issues.apache.org/jira/browse/RANGER-2478 > Project: Ranger > Issue Type: Bug > Components: plugins >Affects Versions: 2.0.0 >Reporter: David Berger >Priority: Major > > When running ./enable-presto-plugin.sh I get the exception below > presto@nquery-presto-coordinator-78576c75b7-rdfmq:/ranger-presto-plugin$ sudo > -E ./enable-presto-plugin.sh > Custom user is available, using custom user and default group. > INFO: Creating /presto/plugins/ranger > + Wed Jun 19 15:30:36 UTC 2019 : presto: lib folder=/presto/plugins/ranger > conf folder=/presto/etc > + Wed Jun 19 15:30:36 UTC 2019 : Saving current config file: > /presto/etc/ranger-policymgr-ssl.xml to > /presto/etc/.ranger-policymgr-ssl.xml.20190619-153036 ... > + Wed Jun 19 15:30:37 UTC 2019 : Saving current config file: > /presto/etc/ranger-presto-audit.xml to > /presto/etc/.ranger-presto-audit.xml.20190619-153036 ... > + Wed Jun 19 15:30:37 UTC 2019 : Saving current config file: > /presto/etc/ranger-presto-security.xml to > /presto/etc/.ranger-presto-security.xml.20190619-153036 ... > Unable to store password in non-plain text format. Error: [SLF4J: Failed to > load class "org.slf4j.impl.StaticLoggerBinder". > SLF4J: Defaulting to no-operation (NOP) logger implementation > SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further > details. > Exception in thread "main" java.lang.NoClassDefFoundError: > com/google/common/base/Preconditions > at > org.apache.hadoop.conf.Configuration$DeprecationDelta.(Configuration.java:429) > at > org.apache.hadoop.conf.Configuration$DeprecationDelta.(Configuration.java:442) > at org.apache.hadoop.conf.Configuration.(Configuration.java:524) > at > org.apache.ranger.credentialapi.CredentialReader.getDecryptedString(CredentialReader.java:38) > at org.apache.ranger.credentialapi.buildks.createCredential(buildks.java:80) > at org.apache.ranger.credentialapi.buildks.main(buildks.java:40) > Caused by: java.lang.ClassNotFoundException: > com.google.common.base.Preconditions > at java.net.URLClassLoader.findClass(URLClassLoader.java:382) > at java.lang.ClassLoader.loadClass(ClassLoader.java:424) > at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349) > at java.lang.ClassLoader.loadClass(ClassLoader.java:357) > ... 6 more] > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (RANGER-2478) Exception in thread "main" java.lang.NoClassDefFoundError: com/google/common/base/Preconditions
David Berger created RANGER-2478: Summary: Exception in thread "main" java.lang.NoClassDefFoundError: com/google/common/base/Preconditions Key: RANGER-2478 URL: https://issues.apache.org/jira/browse/RANGER-2478 Project: Ranger Issue Type: Bug Components: plugins Affects Versions: 2.0.0 Reporter: David Berger When running ./enable-presto-plugin.sh I get the exception below presto@nquery-presto-coordinator-78576c75b7-rdfmq:/ranger-presto-plugin$ sudo -E ./enable-presto-plugin.sh Custom user is available, using custom user and default group. INFO: Creating /presto/plugins/ranger + Wed Jun 19 15:30:36 UTC 2019 : presto: lib folder=/presto/plugins/ranger conf folder=/presto/etc + Wed Jun 19 15:30:36 UTC 2019 : Saving current config file: /presto/etc/ranger-policymgr-ssl.xml to /presto/etc/.ranger-policymgr-ssl.xml.20190619-153036 ... + Wed Jun 19 15:30:37 UTC 2019 : Saving current config file: /presto/etc/ranger-presto-audit.xml to /presto/etc/.ranger-presto-audit.xml.20190619-153036 ... + Wed Jun 19 15:30:37 UTC 2019 : Saving current config file: /presto/etc/ranger-presto-security.xml to /presto/etc/.ranger-presto-security.xml.20190619-153036 ... Unable to store password in non-plain text format. Error: [SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. Exception in thread "main" java.lang.NoClassDefFoundError: com/google/common/base/Preconditions at org.apache.hadoop.conf.Configuration$DeprecationDelta.(Configuration.java:429) at org.apache.hadoop.conf.Configuration$DeprecationDelta.(Configuration.java:442) at org.apache.hadoop.conf.Configuration.(Configuration.java:524) at org.apache.ranger.credentialapi.CredentialReader.getDecryptedString(CredentialReader.java:38) at org.apache.ranger.credentialapi.buildks.createCredential(buildks.java:80) at org.apache.ranger.credentialapi.buildks.main(buildks.java:40) Caused by: java.lang.ClassNotFoundException: com.google.common.base.Preconditions at java.net.URLClassLoader.findClass(URLClassLoader.java:382) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:349) at java.lang.ClassLoader.loadClass(ClassLoader.java:357) ... 6 more] -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (RANGER-2477) Ranger KnoxSSO authentication when X-Forwarded-Host header is not forwarded
[ https://issues.apache.org/jira/browse/RANGER-2477?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Pradeep Agrawal updated RANGER-2477: Attachment: 0001-RANGER-2477-Ranger-KnoxSSO-authentication-when-X-For.patch > Ranger KnoxSSO authentication when X-Forwarded-Host header is not forwarded > --- > > Key: RANGER-2477 > URL: https://issues.apache.org/jira/browse/RANGER-2477 > Project: Ranger > Issue Type: Sub-task > Components: Ranger >Affects Versions: 2.0.0 >Reporter: Pradeep Agrawal >Assignee: Pradeep Agrawal >Priority: Major > Fix For: 2.0.0 > > Attachments: > 0001-RANGER-2477-Ranger-KnoxSSO-authentication-when-X-For.patch > > > Ranger is unable to forward the request to Ranger if LB is SSL and KnoxSSO is > enabled and X-Forwarded-Host header is not forwarded from LB. > Usually Ranger expect that X-Forwarded-Host shall be provided by LB and > current implementation forward the request to the same host but does not > change the protocol to https if LB is also SSL. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
Re: Review Request 70882: RANGER-2475 : Replacing bootstrap accordion with jquery SlideToggle.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70882/#review215967 --- Ship it! Ship It! - Velmurugan Periasamy On June 19, 2019, 8:54 a.m., Nitin Galave wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70882/ > --- > > (Updated June 19, 2019, 8:54 a.m.) > > > Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and > Velmurugan Periasamy. > > > Bugs: RANGER-2475 > https://issues.apache.org/jira/browse/RANGER-2475 > > > Repository: ranger > > > Description > --- > > Removed the logic of using bootstrap accordion and added new logic using > jquery slideToggle. Updated the html and css for the same. > > > Diffs > - > > security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js > 9bce74b > > security-admin/src/main/webapp/scripts/views/security_zone/ZoneAdministration.js > 1dfa36c > security-admin/src/main/webapp/styles/xa.css e8238ca > > security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html > b14519c > > security-admin/src/main/webapp/templates/security_zone/ZoneAdministration_tmpl.html > 125bf86 > > > Diff: https://reviews.apache.org/r/70882/diff/1/ > > > Testing > --- > > Verified CRUD operation for Security Zone Module. > > > Thanks, > > Nitin Galave > >
[jira] [Created] (RANGER-2477) Ranger KnoxSSO authentication when X-Forwarded-Host header is not forwarded
Pradeep Agrawal created RANGER-2477: --- Summary: Ranger KnoxSSO authentication when X-Forwarded-Host header is not forwarded Key: RANGER-2477 URL: https://issues.apache.org/jira/browse/RANGER-2477 Project: Ranger Issue Type: Sub-task Components: Ranger Affects Versions: 2.0.0 Reporter: Pradeep Agrawal Assignee: Pradeep Agrawal Fix For: 2.0.0 Ranger is unable to forward the request to Ranger if LB is SSL and KnoxSSO is enabled and X-Forwarded-Host header is not forwarded from LB. Usually Ranger expect that X-Forwarded-Host shall be provided by LB and current implementation forward the request to the same host but does not change the protocol to https if LB is also SSL. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
Re: Review Request 70821: Improvement in setting cluster Name in RangerAccessRequest
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70821/ --- (Updated June 19, 2019, 6:51 p.m.) Review request for ranger, Abhay Kulkarni and Madhan Neethiraj. Changes --- Required changes found during internal testing Bugs: RANGER-2466 https://issues.apache.org/jira/browse/RANGER-2466 Repository: ranger Description --- handling Clustername setting part during Policy engine instantiation. instead of requiring each plugin implementation to do clusterName setting , it is handled by passing RangerPluginContext (a new class) to policyEngine during instantiation. This patch contains change for clusterName setting part, new policy condition i.e clusterType change will be handled in https://issues.apache.org/jira/browse/RANGER-2467 Diffs (updated) - agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerAccessRequestImpl.java fd4122269 agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPluginContext.java PRE-CREATION agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineCache.java 4a41e6292 agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyEngineImpl.java e0043ff8f agents-common/src/main/java/org/apache/ranger/plugin/service/RangerAuthContext.java e854e052f agents-common/src/main/java/org/apache/ranger/plugin/service/RangerBasePlugin.java ddf181c16 agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyACLs.java 1abd209d3 agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyDb.java 85ea679be agents-common/src/test/java/org/apache/ranger/plugin/policyengine/TestPolicyEngine.java c3b31bbd0 hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/AuthorizationSession.java d51f0fb83 hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java 449d77d7f hbase-agent/src/test/java/org/apache/ranger/authorization/hbase/TestPolicyEngine.java 6efe2e3ff hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java f204c15c0 hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAccessRequest.java df379c306 hive-agent/src/main/java/org/apache/ranger/authorization/hive/authorizer/RangerHiveAuthorizer.java 625b7bb0e knox-agent/src/main/java/org/apache/ranger/authorization/knox/KnoxRangerPlugin.java 814aedd20 knox-agent/src/main/java/org/apache/ranger/authorization/knox/RangerPDPKnoxFilter.java e75f314d5 plugin-atlas/src/main/java/org/apache/ranger/authorization/atlas/authorizer/RangerAtlasAuthorizer.java b52a22ed2 plugin-elasticsearch/src/main/java/org/apache/ranger/authorization/elasticsearch/authorizer/RangerElasticsearchAuthorizer.java a6b024ff0 plugin-kafka/src/main/java/org/apache/ranger/authorization/kafka/authorizer/RangerKafkaAuthorizer.java 8a661d8f2 plugin-kms/src/main/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizer.java 07921a99a plugin-kylin/src/main/java/org/apache/ranger/authorization/kylin/authorizer/RangerKylinAuthorizer.java a745b87ff plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java 6c0201d3e plugin-sqoop/src/main/java/org/apache/ranger/authorization/sqoop/authorizer/RangerSqoopAuthorizer.java 17a7a6314 plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java 54f230c3c ranger-tools/src/main/java/org/apache/ranger/policyengine/PerfTestEngine.java 590c1e7db ranger-tools/src/test/java/org/apache/ranger/policyengine/RangerPolicyEnginePerformanceTest.java 7a39396d5 storm-agent/src/main/java/org/apache/ranger/authorization/storm/StormRangerPlugin.java 88ea05e9d storm-agent/src/main/java/org/apache/ranger/authorization/storm/authorizer/RangerStormAuthorizer.java 0fe658e24 Diff: https://reviews.apache.org/r/70821/diff/5/ Changes: https://reviews.apache.org/r/70821/diff/4-5/ Testing --- 1.Tested for hive plugin, whether clusterName is getting set properly in RangerAccessRequest. Thanks, Nikhil P
Re: Review Request 70882: RANGER-2475 : Replacing bootstrap accordion with jquery SlideToggle.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70882/ --- (Updated June 19, 2019, 8:54 a.m.) Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-2475 https://issues.apache.org/jira/browse/RANGER-2475 Repository: ranger Description --- Removed the logic of using bootstrap accordion and added new logic using jquery slideToggle. Updated the html and css for the same. Diffs - security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js 9bce74b security-admin/src/main/webapp/scripts/views/security_zone/ZoneAdministration.js 1dfa36c security-admin/src/main/webapp/styles/xa.css e8238ca security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html b14519c security-admin/src/main/webapp/templates/security_zone/ZoneAdministration_tmpl.html 125bf86 Diff: https://reviews.apache.org/r/70882/diff/1/ Testing (updated) --- Verified CRUD operation for Security Zone Module. Thanks, Nitin Galave
Review Request 70882: RANGER-2475 : Replacing bootstrap accordion with jquery SlideToggle.
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70882/ --- Review request for ranger, Gautam Borad, Mehul Parikh, Pradeep Agrawal, and Velmurugan Periasamy. Bugs: RANGER-2475 https://issues.apache.org/jira/browse/RANGER-2475 Repository: ranger Description --- Removed the logic of using bootstrap accordion and added new logic using jquery slideToggle. Updated the html and css for the same. Diffs - security-admin/src/main/webapp/scripts/views/security_zone/SecurityZone.js 9bce74b security-admin/src/main/webapp/scripts/views/security_zone/ZoneAdministration.js 1dfa36c security-admin/src/main/webapp/styles/xa.css e8238ca security-admin/src/main/webapp/templates/security_zone/SecurityZone_tmpl.html b14519c security-admin/src/main/webapp/templates/security_zone/ZoneAdministration_tmpl.html 125bf86 Diff: https://reviews.apache.org/r/70882/diff/1/ Testing --- Thanks, Nitin Galave