ranger-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Velmurugan Periasamy <vperias...@hortonworks.com>
Subject Re: Review Request 69319: RANGER-2049: Added support for doAs for Ranger REST APIs with Kerberized mode
Date Fri, 16 Nov 2018 06:08:35 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/69319/#review210593
-----------------------------------------------------------


Ship it!




Ship It!

- Velmurugan Periasamy


On Nov. 15, 2018, 11:59 p.m., Sailaja Polavarapu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/69319/
> -----------------------------------------------------------
> 
> (Updated Nov. 15, 2018, 11:59 p.m.)
> 
> 
> Review request for ranger.
> 
> 
> Bugs: RANGER-2049
>     https://issues.apache.org/jira/browse/RANGER-2049
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Introduced new configuration to enable trusted proxy for ranger. Added support for ranger
admin to handle doAs in the request parameter and trusted proxy configuration is enabled for
kerberized mode. Used hadoop library to validate proxy user configuraiton and autorize accordingly.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
178f31e2e 
> 
> 
> Diff: https://reviews.apache.org/r/69319/diff/3/
> 
> 
> Testing
> -------
> 
> 1. Patched 2.0 cluster with the ranger admin changes and tested functionality with trusted
proxy configuration enabled.
> 2. Also ran some basic regression tests with trusted proxy disabled.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message