You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by bhavik patel <bh...@gmail.com> on 2022/04/20 10:37:31 UTC
Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/
-----------------------------------------------------------
Review request for ranger.
Bugs: RANGER-3687
https://issues.apache.org/jira/browse/RANGER-3687
Repository: ranger
Description
-------
Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
Diffs
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
Diff: https://reviews.apache.org/r/73949/diff/1/
Testing
-------
Verified the basic functionality of "/passwordchange" api
Thanks,
bhavik patel
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224329
-----------------------------------------------------------
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
Lines 313 (patched)
<https://reviews.apache.org/r/73949/#comment313179>
change to clob for oracle, similar changes need to be done for other db flavors as well in core schema file and patch file also.
- Pradeep Agrawal
On April 20, 2022, 10:37 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 20, 2022, 10:37 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/1/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224328
-----------------------------------------------------------
Ship it!
Ship It!
- Madhan Neethiraj
On April 20, 2022, 10:37 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 20, 2022, 10:37 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/1/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
> On April 22, 2022, 11:57 a.m., Pradeep Agrawal wrote:
> > Ship It!
You can push this change, i shall create separate patch for additonal improvements.
- Pradeep
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224349
-----------------------------------------------------------
On April 21, 2022, 5:13 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 5:13 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/3/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224349
-----------------------------------------------------------
Ship it!
Ship It!
- Pradeep Agrawal
On April 21, 2022, 5:13 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 5:13 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/3/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/
-----------------------------------------------------------
(Updated April 21, 2022, 5:13 a.m.)
Review request for ranger.
Bugs: RANGER-3687
https://issues.apache.org/jira/browse/RANGER-3687
Repository: ranger
Description
-------
Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
Diffs (updated)
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
Diff: https://reviews.apache.org/r/73949/diff/3/
Changes: https://reviews.apache.org/r/73949/diff/2-3/
Testing
-------
Verified the basic functionality of "/passwordchange" api
Thanks,
bhavik patel
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
> On April 21, 2022, 5 a.m., Pradeep Agrawal wrote:
> > security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
> > Lines 121 (patched)
> > <https://reviews.apache.org/r/73949/diff/2/?file=2267590#file2267590line121>
> >
> > change DEFAULT NULL to => NULL DEFAULT NULL,
> > follow the same for next line
>
> bhavik patel wrote:
> it's not required.
ok, i will make that change later.
Also i have tested the patch only for mysql so far.
- Pradeep
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224337
-----------------------------------------------------------
On April 21, 2022, 5:13 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 5:13 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/3/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by bhavik patel <bh...@gmail.com>.
> On April 21, 2022, 5 a.m., Pradeep Agrawal wrote:
> > security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
> > Lines 121 (patched)
> > <https://reviews.apache.org/r/73949/diff/2/?file=2267590#file2267590line121>
> >
> > change DEFAULT NULL to => NULL DEFAULT NULL,
> > follow the same for next line
it's not required.
- bhavik
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224337
-----------------------------------------------------------
On April 21, 2022, 4:01 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 4:01 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/2/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224337
-----------------------------------------------------------
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql
Lines 121 (patched)
<https://reviews.apache.org/r/73949/#comment313187>
change DEFAULT NULL to => NULL DEFAULT NULL,
follow the same for next line
- Pradeep Agrawal
On April 21, 2022, 4:01 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 4:01 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/2/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224338
-----------------------------------------------------------
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql
Lines 313 (patched)
<https://reviews.apache.org/r/73949/#comment313189>
change DEFAULT NULL to => DEFAULT NULL NULL
follow the same in the next line also, in sql patch file and other db flavors also
- Pradeep Agrawal
On April 21, 2022, 4:01 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 4:01 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/2/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by Pradeep Agrawal <pr...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/#review224335
-----------------------------------------------------------
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql
Lines 970 (patched)
<https://reviews.apache.org/r/73949/#comment313185>
change 4000 to max
example: [old_passwords] [nvarchar](max) DEFAULT NULL NULL,
[password_updated_time] [datetime2] DEFAULT NULL NULL,
- Pradeep Agrawal
On April 21, 2022, 4:01 a.m., bhavik patel wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73949/
> -----------------------------------------------------------
>
> (Updated April 21, 2022, 4:01 a.m.)
>
>
> Review request for ranger.
>
>
> Bugs: RANGER-3687
> https://issues.apache.org/jira/browse/RANGER-3687
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
>
>
> Diffs
> -----
>
> security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
> security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
> security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
> security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
> security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
> security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
> security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
> security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
> security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
> security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
>
>
> Diff: https://reviews.apache.org/r/73949/diff/2/
>
>
> Testing
> -------
>
> Verified the basic functionality of "/passwordchange" api
>
>
> Thanks,
>
> bhavik patel
>
>
Re: Review Request 73949: RANGER-3687 : Password Policy Best Practices for Strong Security
Posted by bhavik patel <bh...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73949/
-----------------------------------------------------------
(Updated April 21, 2022, 4:01 a.m.)
Review request for ranger.
Bugs: RANGER-3687
https://issues.apache.org/jira/browse/RANGER-3687
Repository: ranger
Description
-------
Password history should be configured to restrict users from reusing their last 4 or 5 passwords.
Diffs (updated)
-----
security-admin/db/mysql/optimized/current/ranger_core_db_mysql.sql 26282f770
security-admin/db/mysql/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/oracle/optimized/current/ranger_core_db_oracle.sql e2475cfbd
security-admin/db/oracle/patches/059-update-x-portal-user-table..sql PRE-CREATION
security-admin/db/postgres/optimized/current/ranger_core_db_postgres.sql f5c6ed8f5
security-admin/db/postgres/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/sqlanywhere/optimized/current/ranger_core_db_sqlanywhere.sql 1887d6da9
security-admin/db/sqlanywhere/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/db/sqlserver/optimized/current/ranger_core_db_sqlserver.sql 642e54cd5
security-admin/db/sqlserver/patches/059-update-x-portal-user-table.sql PRE-CREATION
security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 0e61038d5
security-admin/src/main/java/org/apache/ranger/entity/XXPortalUser.java d0451b4d2
security-admin/src/main/resources/conf.dist/ranger-admin-default-site.xml bf72ff3b0
security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java f43b30196
Diff: https://reviews.apache.org/r/73949/diff/2/
Changes: https://reviews.apache.org/r/73949/diff/1-2/
Testing
-------
Verified the basic functionality of "/passwordchange" api
Thanks,
bhavik patel