You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Andrew Luo <an...@outlook.com> on 2023/02/21 12:34:07 UTC

Review Request 74313: RANGER-4104: XXAuthSessionDao.getRecentAuthFailureCountByLoginId produces incorrect SQL code

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74313/
-----------------------------------------------------------

Review request for ranger and Madhan Neethiraj.


Bugs: RANGER-4104
    https://issues.apache.org/jira/browse/RANGER-4104


Repository: ranger


Description
-------

XXAuthSessionDao.getRecentAuthFailureCountByLoginId produces incorrect SQL code due to an error in how the authWindowStartTime Date parameter is bound.

It is currently bound with setParameter("authWindowStartTime", authWindowStartTime) however, JPA 2.2 Specification Section 11.1.53 says that it should be bound by specifying an additional parameter TemporalType.DATE.

This causes issues on some database dialects (at least MySQL) as it serializes the date string incorrectly which scans the wrong set of data (causing performance issues since the index cannot be used), and also the functionality introduced in RANGER-2362 does not work properly


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java 934d25865 


Diff: https://reviews.apache.org/r/74313/diff/1/


Testing
-------


Thanks,

Andrew Luo