You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Pradeep Agrawal (JIRA)" <ji...@apache.org> on 2016/11/08 13:58:58 UTC

[jira] [Updated] (RANGER-1212) Support two-way SSL authentication in unsecured(without kerberos) Ranger HA environment

     [ https://issues.apache.org/jira/browse/RANGER-1212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pradeep Agrawal updated RANGER-1212:
------------------------------------
    Attachment: RANGER-1212-1.patch

> Support two-way SSL authentication in unsecured(without kerberos) Ranger HA environment
> ---------------------------------------------------------------------------------------
>
>                 Key: RANGER-1212
>                 URL: https://issues.apache.org/jira/browse/RANGER-1212
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 0.6.0, 0.7.0
>            Reporter: Pradeep Agrawal
>            Assignee: Pradeep Agrawal
>         Attachments: RANGER-1212-1.patch
>
>
> Support two-way SSL authentication in Ranger HA environment where SSL is enabled at Ranger end but Ranger is unsecured(Kerberos Authentication is disabled).
> Problem Statement : If SSL is enabled in Ranger HA environment then load balancer doesn't forward client certificate to Ranger and Authentication fails due to certificate issue. In SSL environment usually client sends SSL certificate with request attribute to Ranger for authentication but whenever such request is sent via load balancer; load balancer could not pass the received certificate to Ranger and authentication fails.
> Note : This is happening only in an unsecured environment as client certificate is mandatory at Ranger end; while in the secured environment, authentication is done through Kerberos ticket so client certificate is not required.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)