[jira] [Comment Edited] (RANGER-2574) Ranger Import of fails if policy type is not passed

[Mateen Mansoori (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-2574?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16934052#comment-16934052
 ] 

Mateen Mansoori edited comment on RANGER-2574 at 9/20/19 5:13 AM:
--

Committed on Apache 
[master|https://github.com/apache/ranger/commit/0baf6a4c9bc0a35c0d635fa6001c1a0842b20423]


was (Author: mateen.mansoori):
Committed on Apache 
master[master|https://github.com/apache/ranger/commit/0baf6a4c9bc0a35c0d635fa6001c1a0842b20423]

> Ranger Import of fails if policy type is not passed
> ---
>
> Key: RANGER-2574
> URL: https://issues.apache.org/jira/browse/RANGER-2574
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mateen Mansoori
>Assignee: Mateen Mansoori
>Priority: Major
> Attachments: 
> 0001-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 3-RANGER-2574-Ranger-Import-of-fails-if-policy-type.patch
>
>
> Getting NPE in policy import when policy type is not passed in any of the 
> policy json.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (RANGER-2574) Ranger Import of fails if policy type is not passed

[Mateen Mansoori (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-2574?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16934052#comment-16934052
 ] 

Mateen Mansoori commented on RANGER-2574:
-

Committed on Apache 
master[master|https://github.com/apache/ranger/commit/0baf6a4c9bc0a35c0d635fa6001c1a0842b20423]

> Ranger Import of fails if policy type is not passed
> ---
>
> Key: RANGER-2574
> URL: https://issues.apache.org/jira/browse/RANGER-2574
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mateen Mansoori
>Assignee: Mateen Mansoori
>Priority: Major
> Attachments: 
> 0001-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 3-RANGER-2574-Ranger-Import-of-fails-if-policy-type.patch
>
>
> Getting NPE in policy import when policy type is not passed in any of the 
> policy json.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (RANGER-2571) Need to add Knox proxy configuration support in Ranger plugins

[Pradeep Agrawal (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-2571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16934051#comment-16934051
 ] 

Pradeep Agrawal commented on RANGER-2571:
-

commit link : 
[https://github.com/apache/ranger/commit/8fe1ce872ab13c4543f6eb70cfe01bcdc36ff8f3]

> Need to add Knox proxy configuration support in Ranger plugins
> --
>
> Key: RANGER-2571
> URL: https://issues.apache.org/jira/browse/RANGER-2571
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2571.patch, RANGER-2571_01.patch
>
>
> Need to add support for below property in the {{ranger--security.xml}}
>  * {{ranger.plugin..use.x-forwarded-for.ipaddress=true}}
>  * {{ranger.plugin..trusted.proxy.ipaddress}} which should be 
> set to IP addresses of Knox hosts .
> The Plugin services which require to support the configurations are HDFS, 
> Hive, HBase, Yarn, and probably Solr. For now Kafka and Knox will not require 
> to support proxy feature.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (RANGER-2574) Ranger Import of fails if policy type is not passed

[Pradeep Agrawal (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2574?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pradeep Agrawal resolved RANGER-2574.
-
Resolution: Fixed

> Ranger Import of fails if policy type is not passed
> ---
>
> Key: RANGER-2574
> URL: https://issues.apache.org/jira/browse/RANGER-2574
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mateen Mansoori
>Assignee: Mateen Mansoori
>Priority: Major
> Attachments: 
> 0001-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 3-RANGER-2574-Ranger-Import-of-fails-if-policy-type.patch
>
>
> Getting NPE in policy import when policy type is not passed in any of the 
> policy json.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (RANGER-2574) Ranger Import of fails if policy type is not passed

[Pradeep Agrawal (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-2574?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16934048#comment-16934048
 ] 

Pradeep Agrawal commented on RANGER-2574:
-

Commit link : 
[https://github.com/apache/ranger/commit/0baf6a4c9bc0a35c0d635fa6001c1a0842b20423]

> Ranger Import of fails if policy type is not passed
> ---
>
> Key: RANGER-2574
> URL: https://issues.apache.org/jira/browse/RANGER-2574
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mateen Mansoori
>Assignee: Mateen Mansoori
>Priority: Major
> Attachments: 
> 0001-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 3-RANGER-2574-Ranger-Import-of-fails-if-policy-type.patch
>
>
> Getting NPE in policy import when policy type is not passed in any of the 
> policy json.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-1644) Change the default Crypt Algo to use stronger cryptographic algo.

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-1644?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-1644:
-
Fix Version/s: 2.0.0

> Change the default Crypt Algo to use stronger cryptographic algo. 
> --
>
> Key: RANGER-1644
> URL: https://issues.apache.org/jira/browse/RANGER-1644
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Selvamohan Neethiraj
>Assignee: Mateen Mansoori
>Priority: Critical
> Fix For: 2.0.0
>
> Attachments: 
> 0001-RANGER-1644-replacing-MD5-DES-with-SHA512-AES128.patch
>
>
> Change the default crypt algorithm to use a stronger cipher algorithm



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2530) Constant increase in memory usage by ranger-usersync process and eventually going out of memory

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2530?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2530:
-
Fix Version/s: 2.1.0

> Constant increase in memory usage by ranger-usersync process and eventually 
> going out of memory
> ---
>
> Key: RANGER-2530
> URL: https://issues.apache.org/jira/browse/RANGER-2530
> Project: Ranger
>  Issue Type: Improvement
>  Components: usersync
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 
> 0001-RANGER-2530-Fixed-memory-leak-issue-as-well-as-modif.patch
>
>
> When Usersync is configured with Unix as sync source, noticed a is constant 
> increase in memory usage and long running tests causing out of memory issue.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2531) Removing a user from a group is not reflected properly in unix based sync.

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2531?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2531:
-
Fix Version/s: 2.1.0

> Removing a user from a group is not reflected properly in unix based sync.
> --
>
> Key: RANGER-2531
> URL: https://issues.apache.org/jira/browse/RANGER-2531
> Project: Ranger
>  Issue Type: Improvement
>  Components: usersync
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 
> 0001-RANGER-2531-Removing-a-user-from-a-group-is-not-refl.patch
>
>
> Ranger Usersync is configured with Unix sync source. When a user is removed 
> from a group using "usermod" command, the changes are not propagated to 
> ranger admin properly. 
> Also, when a user is removed from a group that is defined in the role 
> assignment rules (as sys_admin or key_admin), then the user is still marked 
> with sys_admin or key_admin privilege in range admin.
> For example, I have configured 
> "ranger.usersync.group.based.role.assignment.rules" with value 
> ""_SYS_ADMIN:g:hadoop". Any users that belong to hadoop group will have 
> Ranger Admin privilege. 
> Later when a user is removed from hadoop group, then the privilege for this 
> user should be reset to "User" which is not happening.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2499) Improve bulk create/update policy performance

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2499?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2499:
-
Fix Version/s: 2.1.0

> Improve bulk create/update policy performance
> -
>
> Key: RANGER-2499
> URL: https://issues.apache.org/jira/browse/RANGER-2499
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Pradeep Agrawal
>Assignee: Pradeep Agrawal
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2499-1.patch, RANGER-2499-2.patch, 
> RANGER-2499-3.patch
>
>




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2544) Ranger Owner Policy not getting honored for SELECT * queries.

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2544?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2544:
-
Fix Version/s: 2.1.0

> Ranger Owner Policy not getting honored for SELECT * queries.
> -
>
> Key: RANGER-2544
> URL: https://issues.apache.org/jira/browse/RANGER-2544
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.1.0
>
>
> Ranger Owner Policy not getting honored for SELECT * queries. Owner is not 
> getting set in this scenario and hence its failing.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2539) Create Default Policies for Hive Databases -default, Information_schema

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2539:
-
Fix Version/s: 2.1.0

> Create Default Policies for Hive Databases -default, Information_schema
> ---
>
> Key: RANGER-2539
> URL: https://issues.apache.org/jira/browse/RANGER-2539
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.1.0
>
>
> Create Default Policies for Hive Databases -default, Information_schema  when 
> hive service is created in RANGER.
> This will enable any users to have CREATE / ALL permission on DB default and 
> Tables under it respectively.
> This will enable any users to have SELECT permission on information_schema 
> database of hive.
> This will give right access to the users along with the "OWNER" policies 
> which are created in RANGER-2536



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2536) Ranger Hive authorizer enhancement to enable Hive policies based on resource owners

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2536?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2536:
-
Fix Version/s: 2.1.0

> Ranger Hive authorizer enhancement to enable Hive policies based on resource 
> owners
> ---
>
> Key: RANGER-2536
> URL: https://issues.apache.org/jira/browse/RANGER-2536
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 
> 0001-RANGER-2536-Ranger-Hive-authorizer-enhancement-to-en.patch_03, 
> 0001-Ranger-Hive-authorizer-enhancement-to-enable-Hive-po.patch, 
> 0001-Ranger-Hive-authorizer-enhancement-to-enable-Hive-po.patch_02
>
>
> With changes in HIVE-21833, owner information is now made available to 
> authorizer implementations. Ranger Hive authorizer should be updated to 
> enable Hive policies based on resource owners - like
>  - allow owner of a database to create tables in the database
>  - allow owner of a table to perform all operations on the table
>  - CREATE default policies for the OWNER of hive resources when service is 
> created.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2535) Good coding practices for storing and retrieving data history in ranger

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2535?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2535:
-
Fix Version/s: 2.1.0

> Good coding practices for storing and retrieving data history in ranger
> ---
>
> Key: RANGER-2535
> URL: https://issues.apache.org/jira/browse/RANGER-2535
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.1.0
>
>
> Good coding practices for storing and retrieving data history in ranger



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2534) Official logo for Apache Ranger

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2534:
-
Fix Version/s: 2.1.0

> Official logo for Apache Ranger
> ---
>
> Key: RANGER-2534
> URL: https://issues.apache.org/jira/browse/RANGER-2534
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 0001-RANGER-2534.patch, 0002-RANGER-2534.patch, 
> Apache_Ranger.png, favicon_icon.ico, landing_Page.png, loginPage_1.png, 
> ranger_logo.png, ranger_policy_table.png, user_group_listing_table.png
>
>
> Coming up with few suggestions to finalise Logo for Ranger. And also changed 
> ranger admin UI colour. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2554) Log out message for Ranger needs to be more informative on Knox enabled cluster

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2554?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2554:
-
Fix Version/s: 2.1.0

> Log out message for Ranger needs to be more informative on Knox enabled 
> cluster
> ---
>
> Key: RANGER-2554
> URL: https://issues.apache.org/jira/browse/RANGER-2554
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 0001-RANGER-2554.patch, signOut.png
>
>
> On a Knox enabled cluster, Ranger log out functionality needs to be more 
> informative.
> In the case of Ranger UI, the 'log out' button does nothing and keeps the 
> user on the same page.
> In this case, the RANGER UI message on trying to log out seems to be 
> informative enough for the user, informing the user as what the expected 
> behaviour would be in case of Knox enabled cluster.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2556) RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent audit information

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2556?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2556:
-
Fix Version/s: 2.1.0

> RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent 
> audit information
> ---
>
> Key: RANGER-2556
> URL: https://issues.apache.org/jira/browse/RANGER-2556
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Affects Versions: master
>Reporter: Ramesh Mani
>Assignee: Ramesh Mani
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 
> 0001-RANGER-2556-RangerHivePlugin-Row-filtering-and-Colum.patch_master
>
>
> RangerHivePlugin Row filtering and Column Masking auditing gives inconsistent 
> audit information. 
> When there is a policy for Row filtering and Column Masking audit generated 
> for request given by users who has all access without filtering has wrong 
> value of request denial followed by allowed audit. 
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2568) Ranger Hive policy creation page in Ranger Admin UI shows resources as Database,None instead of Database,Table,Column

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2568?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2568:
-
Fix Version/s: 2.1.0

> Ranger Hive policy creation page in Ranger Admin UI shows resources as 
> Database,None instead of Database,Table,Column
> -
>
> Key: RANGER-2568
> URL: https://issues.apache.org/jira/browse/RANGER-2568
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 0001-RANGER-2568.patch
>
>
> When user clicks on create policy btn from Hive policy landing page,
> the create policy page shows resources as :
> database,none instead of the earlier default: database,table,column.
> Screenshot attached.
> Are most of the customers more likely to create Hive policies with 
> Database/None setting or with Database/ Table/ Column setting..
> This new behavior can be confusing to existing users.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2571) Need to add Knox proxy configuration support in Ranger plugins

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2571:
-
Fix Version/s: 2.1.0

> Need to add Knox proxy configuration support in Ranger plugins
> --
>
> Key: RANGER-2571
> URL: https://issues.apache.org/jira/browse/RANGER-2571
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: RANGER-2571.patch, RANGER-2571_01.patch
>
>
> Need to add support for below property in the {{ranger--security.xml}}
>  * {{ranger.plugin..use.x-forwarded-for.ipaddress=true}}
>  * {{ranger.plugin..trusted.proxy.ipaddress}} which should be 
> set to IP addresses of Knox hosts .
> The Plugin services which require to support the configurations are HDFS, 
> Hive, HBase, Yarn, and probably Solr. For now Kafka and Knox will not require 
> to support proxy feature.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2569) Policy with isDenyAllElse=true denies request to check if any access is allowed

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2569?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2569:
-
Fix Version/s: 2.1.0

> Policy with isDenyAllElse=true denies request to check if any access is 
> allowed
> ---
>
> Key: RANGER-2569
> URL: https://issues.apache.org/jira/browse/RANGER-2569
> Project: Ranger
>  Issue Type: Bug
>  Components: plugins
>Affects Versions: 2.0.0
>Reporter: Madhan Neethiraj
>Assignee: Abhay Kulkarni
>Priority: Major
> Fix For: 2.1.0
>
>
> RANGER-2507 introduced flag {{isDenyAllElse}} in RangerPolicy to implicitly 
> deny accesses other than the ones granted in this policy. Such policies 
> incorrectly deny requests to check if the user has {{any}} access for a given 
> resource - if the policy explicitly doesn't allow the user any access. This 
> is incorrect, as this prevents other policies from being evaluated to check 
> if they grant the user any access.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2393) Document level authorization for solr

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2393?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2393:
-
Fix Version/s: 2.1.0

> Document level authorization for solr
> -
>
> Key: RANGER-2393
> URL: https://issues.apache.org/jira/browse/RANGER-2393
> Project: Ranger
>  Issue Type: New Feature
>  Components: Ranger
>Reporter: Sailaja Polavarapu
>Assignee: Sailaja Polavarapu
>Priority: Major
> Fix For: 2.1.0
>
> Attachments: 
> 0001-RANGER-2393-Document-level-authorization-support-for.patch
>
>
> Implement Ranger's solr plugin to support document level authorization. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2576) Ranger is failing to start in kerberize mode with java-11

[Velmurugan Periasamy (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Velmurugan Periasamy updated RANGER-2576:
-
Fix Version/s: 2.1.0

> Ranger is failing to start in kerberize mode with java-11
> -
>
> Key: RANGER-2576
> URL: https://issues.apache.org/jira/browse/RANGER-2576
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
> Fix For: 2.1.0
>
>
> Ranger is failing to start in kerberize mode with java-11 with error. 
>  
> {code:java}
> SEVERE: Tomcat Server failed to start:java.io.IOException: Login failure for 
> rangeradmin/h...@domain.site from keytab /path/to/ranger.keytab
>  java.io.IOException: Login failure for rangeradmin/h...@domain.site from 
> keytab /path/to/ranger.keytab
>  at 
> org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:71)
>  at 
> org.apache.ranger.server.tomcat.EmbeddedServer.start(EmbeddedServer.java:249)
>  at 
> org.apache.ranger.server.tomcat.EmbeddedServer.main(EmbeddedServer.java:69)
>  Caused by: javax.security.auth.login.LoginException: 
> java.lang.NullPointerException: invalid null input(s)
>  at java.base/java.util.Objects.requireNonNull(Objects.java:246)
>  at java.base/javax.security.auth.Subject$SecureSet.remove(Subject.java:1172)
>  at 
> java.base/java.util.Collections$SynchronizedCollection.remove(Collections.java:2041)
>  at 
> jdk.security.auth/com.sun.security.auth.module.Krb5LoginModule.logout(Krb5LoginModule.java:1197)
>  at 
> java.base/javax.security.auth.login.LoginContext.invoke(LoginContext.java:732)
>  at 
> java.base/javax.security.auth.login.LoginContext$4.run(LoginContext.java:665){code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 71502: RANGER : 2574 Ranger Import of policy fails if policy type is not passed.

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71502/#review217871
---


Ship it!




Ship It!

- Abhay Kulkarni


On Sept. 19, 2019, 9:30 a.m., Mateen Mansoori wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71502/
> ---
> 
> (Updated Sept. 19, 2019, 9:30 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2574
> https://issues.apache.org/jira/browse/RANGER-2574
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger Import of fails(NPE) if policy type is'NULL' or it is not passed.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
>  78954af 
> 
> 
> Diff: https://reviews.apache.org/r/71502/diff/3/
> 
> 
> Testing
> ---
> 
> Import policy was failing(NPE) when policy type is 'NULL' or it is not 
> passed, Issue(NPE) rsolved with this changes. This issue was related to 
> RANGER-2526.
> 
> 
> Thanks,
> 
> Mateen Mansoori
> 
>

Re: Review Request 71495: RANGER-2570 : Handling the pop up of policy details on Ranger Access audit log row

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71495/#review217869
---




security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
Line 95 (original), 97 (patched)


policy.setServiceType() is corrected with RANGER-2580. With that fix, kines 
95-103 may not be required. Please review.


- Abhay Kulkarni


On Sept. 19, 2019, 1:30 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71495/
> ---
> 
> (Updated Sept. 19, 2019, 1:30 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, 
> and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2570
> https://issues.apache.org/jira/browse/RANGER-2570
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Issue on pop up of policy details of ranger access audit log row.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
>  ced9ea8 
>   security-admin/src/main/webapp/scripts/models/RangerPolicy.js cd873b3 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
> af024e2 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
>  31fc7c1 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 6a1c7c2 
> 
> 
> Diff: https://reviews.apache.org/r/71495/diff/2/
> 
> 
> Testing
> ---
> 
> The policy details get popped up.
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 71521: RANGER-2580: RangerPolicy.getServiceType API should return name of the service-type

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71521/#review217867
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 19, 2019, 9:10 p.m., Abhay Kulkarni wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71521/
> ---
> 
> (Updated Sept. 19, 2019, 9:10 p.m.)
> 
> 
> Review request for ranger, Mehul Parikh and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2580
> https://issues.apache.org/jira/browse/RANGER-2580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> RangerPolicy.getServiceType() should return service name instead of ID.
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 
> 31156f705 
>   
> security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
> c3c25ceb9 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
>  e1653da97 
>   
> security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyServiceBase.java
>  f2d614934 
> 
> 
> Diff: https://reviews.apache.org/r/71521/diff/1/
> 
> 
> Testing
> ---
> 
> Compiled clean and ran all unit tests successfully.
> 
> 
> Thanks,
> 
> Abhay Kulkarni
> 
>

Review Request 71521: RANGER-2580: RangerPolicy.getServiceType API should return name of the service-type

[Abhay Kulkarni]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71521/
---

Review request for ranger, Mehul Parikh and Velmurugan Periasamy.


Bugs: RANGER-2580
https://issues.apache.org/jira/browse/RANGER-2580


Repository: ranger


Description
---

RangerPolicy.getServiceType() should return service name instead of ID.


Diffs
-

  agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicy.java 
31156f705 
  security-admin/src/main/java/org/apache/ranger/biz/RangerPolicyRetriever.java 
c3c25ceb9 
  
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyServiceBase.java
 e1653da97 
  
security-admin/src/test/java/org/apache/ranger/service/TestRangerPolicyServiceBase.java
 f2d614934 


Diff: https://reviews.apache.org/r/71521/diff/1/


Testing
---

Compiled clean and ran all unit tests successfully.


Thanks,

Abhay Kulkarni

[jira] [Created] (RANGER-2580) RangerPolicy.getServiceType API should return name of the service-type

[Abhay Kulkarni (Jira)]

Abhay Kulkarni created RANGER-2580:
--

 Summary: RangerPolicy.getServiceType API should return name of the 
service-type
 Key: RANGER-2580
 URL: https://issues.apache.org/jira/browse/RANGER-2580
 Project: Ranger
  Issue Type: Bug
  Components: Ranger
Affects Versions: master
Reporter: Abhay Kulkarni
Assignee: Abhay Kulkarni
 Fix For: master


getServiceType should return service name instead of ID.

See RANGER-2351 for more details.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 71484: RANGER-2393: Document level authorization support for solr

[Ramesh Mani]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71484/#review217864
---


Ship it!




Ship It!

- Ramesh Mani


On Sept. 17, 2019, 9:02 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71484/
> ---
> 
> (Updated Sept. 17, 2019, 9:02 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Ramesh Mani, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2393
> https://issues.apache.org/jira/browse/RANGER-2393
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Implemented Document level authorization support for Solr based on user roles.
> 
> 
> Diffs
> -
> 
>   
> plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
>  48d4fb74c 
>   
> ranger-solr-plugin-shim/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java
>  4cfa7e188 
>   security-admin/src/main/java/org/apache/ranger/biz/RoleDBStore.java 
> 28b2c1108 
>   security-admin/src/main/java/org/apache/ranger/db/XXServiceDefDao.java 
> 835e5fea1 
>   security-admin/src/main/resources/META-INF/jpa_named_queries.xml 3c3d1dec1 
> 
> 
> Diff: https://reviews.apache.org/r/71484/diff/3/
> 
> 
> Testing
> ---
> 
> 1. Patched cluster with the changes and verified basic functionality is 
> working fine.
> 2. Also verified few negative cases on authorization to solr.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

[jira] [Updated] (RANGER-2571) Need to add Knox proxy configuration support in Ranger plugins

[Dhaval B. SHAH (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2571?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Dhaval B. SHAH updated RANGER-2571:
---
Attachment: RANGER-2571_01.patch

> Need to add Knox proxy configuration support in Ranger plugins
> --
>
> Key: RANGER-2571
> URL: https://issues.apache.org/jira/browse/RANGER-2571
> Project: Ranger
>  Issue Type: Improvement
>  Components: Ranger
>Reporter: Dhaval B. SHAH
>Assignee: Dhaval B. SHAH
>Priority: Major
> Attachments: RANGER-2571.patch, RANGER-2571_01.patch
>
>
> Need to add support for below property in the {{ranger--security.xml}}
>  * {{ranger.plugin..use.x-forwarded-for.ipaddress=true}}
>  * {{ranger.plugin..trusted.proxy.ipaddress}} which should be 
> set to IP addresses of Knox hosts .
> The Plugin services which require to support the configurations are HDFS, 
> Hive, HBase, Yarn, and probably Solr. For now Kafka and Knox will not require 
> to support proxy feature.
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 71504: RANGER-2571 Need to add Knox proxy configuration support in Ranger plugins

[Madhan Neethiraj]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71504/#review217863
---


Ship it!




Ship It!

- Madhan Neethiraj


On Sept. 19, 2019, 6:14 p.m., Dhaval Shah wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71504/
> ---
> 
> (Updated Sept. 19, 2019, 6:14 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2571
> https://issues.apache.org/jira/browse/RANGER-2571
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Need to add support for below property in the ranger--security.xml
> 
> ranger.plugin..use.x-forwarded-for.ipaddress=true
> ranger.plugin..trusted.proxy.ipaddress which should be set to IP 
> addresses of Knox hosts .
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/GrantRevokeRequest.java
>  870ec96 
>   
> hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
>  5729eb2 
>   
> hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
>  7b2882c 
>   
> plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
>  b49fb8a 
> 
> 
> Diff: https://reviews.apache.org/r/71504/diff/2/
> 
> 
> Testing
> ---
> 
> Tested for Hive, atlas
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

Re: Review Request 71504: RANGER-2571 Need to add Knox proxy configuration support in Ranger plugins

[Dhaval Shah]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71504/
---

(Updated Sept. 19, 2019, 6:14 p.m.)


Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
Pradeep Agrawal, and Velmurugan Periasamy.


Bugs: RANGER-2571
https://issues.apache.org/jira/browse/RANGER-2571


Repository: ranger


Description
---

Need to add support for below property in the ranger--security.xml

ranger.plugin..use.x-forwarded-for.ipaddress=true
ranger.plugin..trusted.proxy.ipaddress which should be set to IP 
addresses of Knox hosts .


Diffs (updated)
-

  
agents-common/src/main/java/org/apache/ranger/plugin/util/GrantRevokeRequest.java
 870ec96 
  
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
 5729eb2 
  
hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
 7b2882c 
  
plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
 b49fb8a 


Diff: https://reviews.apache.org/r/71504/diff/2/

Changes: https://reviews.apache.org/r/71504/diff/1-2/


Testing
---

Tested for Hive, atlas


Thanks,

Dhaval Shah

Re: Review Request 71502: RANGER : 2574 Ranger Import of policy fails if policy type is not passed.

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71502/#review217859
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 19, 2019, 9:30 a.m., Mateen Mansoori wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71502/
> ---
> 
> (Updated Sept. 19, 2019, 9:30 a.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2574
> https://issues.apache.org/jira/browse/RANGER-2574
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger Import of fails(NPE) if policy type is'NULL' or it is not passed.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java
>  78954af 
> 
> 
> Diff: https://reviews.apache.org/r/71502/diff/3/
> 
> 
> Testing
> ---
> 
> Import policy was failing(NPE) when policy type is 'NULL' or it is not 
> passed, Issue(NPE) rsolved with this changes. This issue was related to 
> RANGER-2526.
> 
> 
> Thanks,
> 
> Mateen Mansoori
> 
>

Re: Review Request 71513: RANGER-2577: Missing one dependency jar file during packaging for Ranger Ozone plugin

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71513/#review217856
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 18, 2019, 11:59 p.m., Sailaja Polavarapu wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71513/
> ---
> 
> (Updated Sept. 18, 2019, 11:59 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Ramesh Mani, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-2577
> https://issues.apache.org/jira/browse/RANGER-2577
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Added jersey-bundle dependency jar as part of ozone plugin packaging. Also 
> fixed one minor issue where authourization request for resource type as 
> "Volume" is not handled properly.
> 
> 
> Diffs
> -
> 
>   
> plugin-ozone/src/main/java/org/apache/ranger/authorization/ozone/authorizer/RangerOzoneAuthorizer.java
>  40d853dd2 
>   src/main/assembly/plugin-ozone.xml 504d20517 
> 
> 
> Diff: https://reviews.apache.org/r/71513/diff/1/
> 
> 
> Testing
> ---
> 
> 1. Verified ozone plugin tar includes jersey-bundle
> 2. Patched cluster and ran few ozone commands for volume/bucket/key and 
> verified the request are authorized properly.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>

Re: Review Request 71495: RANGER-2570 : Handling the pop up of policy details on Ranger Access audit log row

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71495/#review217855
---


Ship it!




Ship It!

- Velmurugan Periasamy


On Sept. 19, 2019, 1:30 p.m., Fatima Khan wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71495/
> ---
> 
> (Updated Sept. 19, 2019, 1:30 p.m.)
> 
> 
> Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
> Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, 
> and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2570
> https://issues.apache.org/jira/browse/RANGER-2570
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Issue on pop up of policy details of ranger access audit log row.
> 
> 
> Diffs
> -
> 
>   
> security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
>  ced9ea8 
>   security-admin/src/main/webapp/scripts/models/RangerPolicy.js cd873b3 
>   security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
> af024e2 
>   
> security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
>  31fc7c1 
>   security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 6a1c7c2 
> 
> 
> Diff: https://reviews.apache.org/r/71495/diff/2/
> 
> 
> Testing
> ---
> 
> The policy details get popped up.
> 
> 
> Thanks,
> 
> Fatima Khan
> 
>

Re: Review Request 71504: RANGER-2571 Need to add Knox proxy configuration support in Ranger plugins

[Velmurugan Periasamy]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71504/#review217853
---




plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
Lines 312 (patched)


Please review. This does not compile.


- Velmurugan Periasamy


On Sept. 18, 2019, 1:54 p.m., Dhaval Shah wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/71504/
> ---
> 
> (Updated Sept. 18, 2019, 1:54 p.m.)
> 
> 
> Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
> Pradeep Agrawal, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-2571
> https://issues.apache.org/jira/browse/RANGER-2571
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Need to add support for below property in the ranger--security.xml
> 
> ranger.plugin..use.x-forwarded-for.ipaddress=true
> ranger.plugin..trusted.proxy.ipaddress which should be set to IP 
> addresses of Knox hosts .
> 
> 
> Diffs
> -
> 
>   
> agents-common/src/main/java/org/apache/ranger/plugin/util/GrantRevokeRequest.java
>  870ec96 
>   
> hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
>  5729eb2 
>   
> hdfs-agent/src/main/java/org/apache/ranger/authorization/hadoop/RangerHdfsAuthorizer.java
>  7b2882c 
>   
> plugin-yarn/src/main/java/org/apache/ranger/authorization/yarn/authorizer/RangerYarnAuthorizer.java
>  b49fb8a 
> 
> 
> Diff: https://reviews.apache.org/r/71504/diff/1/
> 
> 
> Testing
> ---
> 
> Tested for Hive, atlas
> 
> 
> Thanks,
> 
> Dhaval Shah
> 
>

Re: Review Request 71495: RANGER-2570 : Handling the pop up of policy details on Ranger Access audit log row

[Fatima Khan]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71495/
---

(Updated Sept. 19, 2019, 1:30 p.m.)


Review request for ranger, Ankita Sinha, Don Bosco Durai, Gautam Borad, Abhay 
Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Selvamohan Neethiraj, 
and Velmurugan Periasamy.


Bugs: RANGER-2570
https://issues.apache.org/jira/browse/RANGER-2570


Repository: ranger


Description
---

Issue on pop up of policy details of ranger access audit log row.


Diffs (updated)
-

  
security-admin/src/main/java/org/apache/ranger/service/RangerDataHistService.java
 ced9ea8 
  security-admin/src/main/webapp/scripts/models/RangerPolicy.js cd873b3 
  security-admin/src/main/webapp/scripts/views/policies/RangerPolicyRO.js 
af024e2 
  
security-admin/src/main/webapp/scripts/views/policies/RangerPolicyTableLayout.js
 31fc7c1 
  security-admin/src/main/webapp/scripts/views/reports/AuditLayout.js 6a1c7c2 


Diff: https://reviews.apache.org/r/71495/diff/2/

Changes: https://reviews.apache.org/r/71495/diff/1-2/


Testing
---

The policy details get popped up.


Thanks,

Fatima Khan

[jira] [Commented] (RANGER-2568) Ranger Hive policy creation page in Ranger Admin UI shows resources as Database,None instead of Database,Table,Column

[Nitin Galave (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-2568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16933351#comment-16933351
 ] 

Nitin Galave commented on RANGER-2568:
--

Committed to Apache 
[master|https://github.com/apache/ranger/commit/988f31ce174ca1df3b5949cc8e952af5ff10a00f]
 branch.

> Ranger Hive policy creation page in Ranger Admin UI shows resources as 
> Database,None instead of Database,Table,Column
> -
>
> Key: RANGER-2568
> URL: https://issues.apache.org/jira/browse/RANGER-2568
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Nitin Galave
>Assignee: Nitin Galave
>Priority: Major
> Attachments: 0001-RANGER-2568.patch
>
>
> When user clicks on create policy btn from Hive policy landing page,
> the create policy page shows resources as :
> database,none instead of the earlier default: database,table,column.
> Screenshot attached.
> Are most of the customers more likely to create Hive policies with 
> Database/None setting or with Database/ Table/ Column setting..
> This new behavior can be confusing to existing users.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (RANGER-2576) Ranger is failing to start in kerberize mode with java-11

[Nikhil Purbhe (Jira)]

[ 
https://issues.apache.org/jira/browse/RANGER-2576?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16933281#comment-16933281
 ] 

Nikhil Purbhe commented on RANGER-2576:
---

patch committed on 
[master|https://github.com/apache/ranger/commit/06f329d5fc1e911bde012725f91a4bc46ff802d3]

> Ranger is failing to start in kerberize mode with java-11
> -
>
> Key: RANGER-2576
> URL: https://issues.apache.org/jira/browse/RANGER-2576
> Project: Ranger
>  Issue Type: Sub-task
>  Components: Ranger
>Reporter: Nikhil Purbhe
>Assignee: Nikhil Purbhe
>Priority: Major
>
> Ranger is failing to start in kerberize mode with java-11 with error. 
>  
> {code:java}
> SEVERE: Tomcat Server failed to start:java.io.IOException: Login failure for 
> rangeradmin/h...@domain.site from keytab /path/to/ranger.keytab
>  java.io.IOException: Login failure for rangeradmin/h...@domain.site from 
> keytab /path/to/ranger.keytab
>  at 
> org.apache.hadoop.security.SecureClientLogin.loginUserFromKeytab(SecureClientLogin.java:71)
>  at 
> org.apache.ranger.server.tomcat.EmbeddedServer.start(EmbeddedServer.java:249)
>  at 
> org.apache.ranger.server.tomcat.EmbeddedServer.main(EmbeddedServer.java:69)
>  Caused by: javax.security.auth.login.LoginException: 
> java.lang.NullPointerException: invalid null input(s)
>  at java.base/java.util.Objects.requireNonNull(Objects.java:246)
>  at java.base/javax.security.auth.Subject$SecureSet.remove(Subject.java:1172)
>  at 
> java.base/java.util.Collections$SynchronizedCollection.remove(Collections.java:2041)
>  at 
> jdk.security.auth/com.sun.security.auth.module.Krb5LoginModule.logout(Krb5LoginModule.java:1197)
>  at 
> java.base/javax.security.auth.login.LoginContext.invoke(LoginContext.java:732)
>  at 
> java.base/javax.security.auth.login.LoginContext$4.run(LoginContext.java:665){code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Review Request 71517: RANGER-2579 Support for configuration of Solr Zookeeper ensemble in the Solr service

[Kehua Wu]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71517/
---

Review request for ranger, Ankita Sinha, Don Bosco Durai, Colm O hEigeartaigh, 
Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nitin Galave, 
pengjianhua, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja 
Polavarapu, sam  rome, Venkat Ranganathan, Velmurugan Periasamy, Qiang Zhang, 
and Barna Zsombor Klara.


Bugs: RANGER-2579
https://issues.apache.org/jira/browse/RANGER-2579


Repository: ranger


Description
---

When creating a Solr service, only one Solr URL is supported. For SolrCloud 
mode, when a Solr node fails, the SolrCloud should work normally, and the 
current implementation will make the Solr service unavailable.
Therefore, we should use SolrCloud's ZooKeeper address as the optimal 
connection method to deal with some Solr node failure scenarios.


Diffs
-

  agents-common/src/main/resources/service-defs/ranger-servicedef-solr.json 
2f12721 
  
plugin-solr/src/main/java/org/apache/ranger/services/solr/client/ServiceSolrConnectionMgr.java
 f56373b 


Diff: https://reviews.apache.org/r/71517/diff/1/


Testing
---

I have tested connection of legal and illegal zookeeper hosts for solr service, 
that's all right.


Thanks,

Kehua Wu

[jira] [Updated] (RANGER-2579) Support for configuration of Solr Zookeeper ensemble in the Solr service

[wu.kehua (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2579?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

wu.kehua updated RANGER-2579:
-
Attachment: 0001-RANGER-2579-Support-for-configuration-of-Solr-Zookee.patch

> Support for configuration of Solr Zookeeper ensemble in the Solr service
> 
>
> Key: RANGER-2579
> URL: https://issues.apache.org/jira/browse/RANGER-2579
> Project: Ranger
>  Issue Type: New Feature
>  Components: Ranger
>Affects Versions: 2.1.0
>Reporter: wu.kehua
>Assignee: wu.kehua
>Priority: Major
>  Labels: patch
> Attachments: 
> 0001-RANGER-2579-Support-for-configuration-of-Solr-Zookee.patch
>
>
> When creating a Solr service, only one Solr URL is supported. For SolrCloud 
> mode, when a Solr node fails, the SolrCloud should work normally, and the 
> current implementation will make the Solr service unavailable.
> Therefore, we should use SolrCloud's ZooKeeper address as the optimal 
> connection method to deal with some Solr node failure scenarios.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (RANGER-2579) Support for configuration of Solr Zookeeper ensemble in the Solr service

[wu.kehua (Jira)]

wu.kehua created RANGER-2579:


 Summary: Support for configuration of Solr Zookeeper ensemble in 
the Solr service
 Key: RANGER-2579
 URL: https://issues.apache.org/jira/browse/RANGER-2579
 Project: Ranger
  Issue Type: New Feature
  Components: Ranger
Affects Versions: 2.1.0
Reporter: wu.kehua
Assignee: wu.kehua


When creating a Solr service, only one Solr URL is supported. For SolrCloud 
mode, when a Solr node fails, the SolrCloud should work normally, and the 
current implementation will make the Solr service unavailable.
Therefore, we should use SolrCloud's ZooKeeper address as the optimal 
connection method to deal with some Solr node failure scenarios.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt

[Haihui Xu (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-2578:
--
Labels: patch  (was: )

> Login rangeradmin password should encrypt
> -
>
> Key: RANGER-2578
> URL: https://issues.apache.org/jira/browse/RANGER-2578
> Project: Ranger
>  Issue Type: New Feature
>  Components: admin, Ranger
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
>  Labels: patch
> Attachments: 0001-RANGER-2578-Login-rangeradmin-password 
> should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password 
> should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png
>
>
> When login ranger admin, the password is visible when press F12. And the 
> password should encrypt.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt

[Haihui Xu (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-2578:
--
Attachment: 0001-RANGER-2578-Login-rangeradmin-password should-encrypt.patch

> Login rangeradmin password should encrypt
> -
>
> Key: RANGER-2578
> URL: https://issues.apache.org/jira/browse/RANGER-2578
> Project: Ranger
>  Issue Type: New Feature
>  Components: admin, Ranger
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Attachments: 0001-RANGER-2578-Login-rangeradmin-password 
> should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password 
> should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png
>
>
> When login ranger admin, the password is visible when press F12. And the 
> password should encrypt.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt

[Haihui Xu (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-2578:
--
Attachment: 0002-RANGER-2578-Login-rangeradmin-password should-encrypt.patch

> Login rangeradmin password should encrypt
> -
>
> Key: RANGER-2578
> URL: https://issues.apache.org/jira/browse/RANGER-2578
> Project: Ranger
>  Issue Type: New Feature
>  Components: admin, Ranger
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Attachments: 0001-RANGER-2578-Login-rangeradmin-password 
> should-encrypt.patch, 0002-RANGER-2578-Login-rangeradmin-password 
> should-encrypt.patch, 49c0e28673b13ffaf2dfe7e4067fcad.png
>
>
> When login ranger admin, the password is visible when press F12. And the 
> password should encrypt.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (RANGER-2578) Login rangeradmin password should encrypt

[Haihui Xu (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2578?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Haihui Xu updated RANGER-2578:
--
Attachment: 49c0e28673b13ffaf2dfe7e4067fcad.png

> Login rangeradmin password should encrypt
> -
>
> Key: RANGER-2578
> URL: https://issues.apache.org/jira/browse/RANGER-2578
> Project: Ranger
>  Issue Type: New Feature
>  Components: admin, Ranger
>Reporter: Haihui Xu
>Assignee: Haihui Xu
>Priority: Major
> Attachments: 49c0e28673b13ffaf2dfe7e4067fcad.png
>
>
> When login ranger admin, the password is visible when press F12. And the 
> password should encrypt.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (RANGER-2578) Login rangeradmin password should encrypt

[Haihui Xu (Jira)]

Haihui Xu created RANGER-2578:
-

 Summary: Login rangeradmin password should encrypt
 Key: RANGER-2578
 URL: https://issues.apache.org/jira/browse/RANGER-2578
 Project: Ranger
  Issue Type: New Feature
  Components: admin, Ranger
Reporter: Haihui Xu
Assignee: Haihui Xu


When login ranger admin, the password is visible when press F12. And the 
password should encrypt.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 71502: RANGER : 2574 Ranger Import of policy fails if policy type is not passed.

[Mateen Mansoori]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71502/
---

(Updated Sept. 19, 2019, 9:30 a.m.)


Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
Pradeep Agrawal, and Velmurugan Periasamy.


Changes
---

There was an unnecessary check for 'fieldname'.


Summary (updated)
-

RANGER : 2574 Ranger Import of policy fails if policy type is not passed.


Bugs: RANGER-2574
https://issues.apache.org/jira/browse/RANGER-2574


Repository: ranger


Description
---

Ranger Import of fails(NPE) if policy type is'NULL' or it is not passed.


Diffs (updated)
-

  
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java 
78954af 


Diff: https://reviews.apache.org/r/71502/diff/3/

Changes: https://reviews.apache.org/r/71502/diff/2-3/


Testing
---

Import policy was failing(NPE) when policy type is 'NULL' or it is not passed, 
Issue(NPE) rsolved with this changes. This issue was related to RANGER-2526.


Thanks,

Mateen Mansoori

[jira] [Updated] (RANGER-2574) Ranger Import of fails if policy type is not passed

[Mateen Mansoori (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2574?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mateen Mansoori updated RANGER-2574:

Attachment: 3-RANGER-2574-Ranger-Import-of-fails-if-policy-type.patch

> Ranger Import of fails if policy type is not passed
> ---
>
> Key: RANGER-2574
> URL: https://issues.apache.org/jira/browse/RANGER-2574
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mateen Mansoori
>Assignee: Mateen Mansoori
>Priority: Major
> Attachments: 
> 0001-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 3-RANGER-2574-Ranger-Import-of-fails-if-policy-type.patch
>
>
> Getting NPE in policy import when policy type is not passed in any of the 
> policy json.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Re: Review Request 71502: RANGER : 2574 Ranger Import of fails if policy type is not passed.

[Mateen Mansoori]

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71502/
---

(Updated Sept. 19, 2019, 9:09 a.m.)


Review request for ranger, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, 
Pradeep Agrawal, and Velmurugan Periasamy.


Summary (updated)
-

RANGER : 2574 Ranger Import of fails if policy type is not passed.


Bugs: RANGER-2574
https://issues.apache.org/jira/browse/RANGER-2574


Repository: ranger


Description
---

Ranger Import of fails(NPE) if policy type is'NULL' or it is not passed.


Diffs
-

  
security-admin/src/main/java/org/apache/ranger/service/RangerPolicyService.java 
78954af 


Diff: https://reviews.apache.org/r/71502/diff/2/


Testing
---

Import policy was failing(NPE) when policy type is 'NULL' or it is not passed, 
Issue(NPE) rsolved with this changes. This issue was related to RANGER-2526.


Thanks,

Mateen Mansoori

[jira] [Updated] (RANGER-2574) Ranger Import of fails if policy type is not passed

[Mateen Mansoori (Jira)]

 [ 
https://issues.apache.org/jira/browse/RANGER-2574?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Mateen Mansoori updated RANGER-2574:

Attachment: 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch

> Ranger Import of fails if policy type is not passed
> ---
>
> Key: RANGER-2574
> URL: https://issues.apache.org/jira/browse/RANGER-2574
> Project: Ranger
>  Issue Type: Bug
>  Components: Ranger
>Reporter: Mateen Mansoori
>Assignee: Mateen Mansoori
>Priority: Major
> Attachments: 
> 0001-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch, 
> 2-RANGER-2574-Ranger-Import-of-fails-if-policy-type-is.patch
>
>
> Getting NPE in policy import when policy type is not passed in any of the 
> policy json.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)