You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Gautam Borad <gb...@gmail.com> on 2016/01/29 13:17:17 UTC
Review Request 42903: RANGER-771 : 4+ Log entries upon login in in
X_AUTH_SESS
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42903/
-----------------------------------------------------------
Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
Bugs: RANGER-771
https://issues.apache.org/jira/browse/RANGER-771
Repository: ranger
Description
-------
**Problem Statement**
Multiple login inserts in the X_AUTH_SESS table on a single login, on first glance they all look exactly the same. In an audit it would seem someone logged in 4+ times, which of course is not the case.
**Suggested Solution**
Add session level synchronization to avoid double logging of UI authentication.
Diffs
-----
security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java adae1d6
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 3c00e63
security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java df529b6
security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java d7af3c2
Diff: https://reviews.apache.org/r/42903/diff/
Testing
-------
**Verified**
1) Logged-in to Ranger UI and after successful login, checked the log of "Login Sessions" tab. (Firefox)
2) Before the patch, it was showing multiple audit entries, after applying the patch is shows just single audit log entry in Audit -> Login Sessions tab.
Thanks,
Gautam Borad
Re: Review Request 42903: RANGER-771 : 4+ Log entries upon login in in
X_AUTH_SESS
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42903/#review117237
-----------------------------------------------------------
Ship it!
Ship It!
- Madhan Neethiraj
On Jan. 29, 2016, 12:17 p.m., Gautam Borad wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/42903/
> -----------------------------------------------------------
>
> (Updated Jan. 29, 2016, 12:17 p.m.)
>
>
> Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-771
> https://issues.apache.org/jira/browse/RANGER-771
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement**
> Multiple login inserts in the X_AUTH_SESS table on a single login, on first glance they all look exactly the same. In an audit it would seem someone logged in 4+ times, which of course is not the case.
>
> **Suggested Solution**
> Add session level synchronization to avoid double logging of UI authentication.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java adae1d6
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 3c00e63
> security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java df529b6
> security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java d7af3c2
>
> Diff: https://reviews.apache.org/r/42903/diff/
>
>
> Testing
> -------
>
> **Verified**
> 1) Logged-in to Ranger UI and after successful login, checked the log of "Login Sessions" tab. (Firefox)
> 2) Before the patch, it was showing multiple audit entries, after applying the patch is shows just single audit log entry in Audit -> Login Sessions tab.
>
>
> Thanks,
>
> Gautam Borad
>
>
Re: Review Request 42903: RANGER-771 : 4+ Log entries upon login in in
X_AUTH_SESS
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/42903/#review117188
-----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java (line 1773)
<https://reviews.apache.org/r/42903/#comment178287>
It looks like this call to ensureAdminAccess() will deny non-admin users from accessing the policy history. Why is this necessay? Is this needed to fix the duplicate logs issue?
- Madhan Neethiraj
On Jan. 29, 2016, 12:17 p.m., Gautam Borad wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/42903/
> -----------------------------------------------------------
>
> (Updated Jan. 29, 2016, 12:17 p.m.)
>
>
> Review request for ranger, Alok Lal, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, Ramesh Mani, Selvamohan Neethiraj, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-771
> https://issues.apache.org/jira/browse/RANGER-771
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement**
> Multiple login inserts in the X_AUTH_SESS table on a single login, on first glance they all look exactly the same. In an audit it would seem someone logged in 4+ times, which of course is not the case.
>
> **Suggested Solution**
> Add session level synchronization to avoid double logging of UI authentication.
>
>
> Diffs
> -----
>
> security-admin/src/main/java/org/apache/ranger/biz/SessionMgr.java adae1d6
> security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 3c00e63
> security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java df529b6
> security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java d7af3c2
>
> Diff: https://reviews.apache.org/r/42903/diff/
>
>
> Testing
> -------
>
> **Verified**
> 1) Logged-in to Ranger UI and after successful login, checked the log of "Login Sessions" tab. (Firefox)
> 2) Before the patch, it was showing multiple audit entries, after applying the patch is shows just single audit log entry in Audit -> Login Sessions tab.
>
>
> Thanks,
>
> Gautam Borad
>
>