You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Don Bosco Durai <bo...@apache.org> on 2015/10/12 05:55:17 UTC
Review Request 39215: RANGER-657: Solr plugin doesn't support for user
principals with /$HOST in it
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/39215/
-----------------------------------------------------------
Review request for ranger, Madhan Neethiraj and Selvamohan Neethiraj.
Bugs: RANGER-657
https://issues.apache.org/jira/browse/RANGER-657
Repository: ranger
Description
-------
Updated Ranger Solr Authorization code to address keberos principal
Diffs
-----
agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java a3a3a84
agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java bab496c
plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java 8e0ada8
Diff: https://reviews.apache.org/r/39215/diff/
Testing
-------
Manual testing.
Thanks,
Don Bosco Durai
Re: Review Request 39215: RANGER-657: Solr plugin doesn't support for
user principals with /$HOST in it
Posted by Don Bosco Durai <bo...@apache.org>.
> On Oct. 13, 2015, 5:17 a.m., Madhan Neethiraj wrote:
> > agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java, line 110
> > <https://reviews.apache.org/r/39215/diff/1/?file=1094996#file1094996line110>
> >
> > This change does not look relevant to the current fix..and might impact all audit destinations. Please make sure to verify well.
I tested this. By default we should always start with the assumption that the destination is up and if the write fails, then the flag is switched. Regardless the flag, it just adds additional 30seconds of wait period.
> On Oct. 13, 2015, 5:17 a.m., Madhan Neethiraj wrote:
> > plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java, line 166
> > <https://reviews.apache.org/r/39215/diff/1/?file=1094997#file1094997line166>
> >
> > Consider moving this log level check to logAuthorizationContext() method. The level at which the logging is done is determined by the method impl..
> >
> > Other option is for the method to return formatted log msg, which can be logged from here.
Moving the check to the method is a good idea. Returning the formatted log message might be unneccessary overhead if it is not printed.
- Don Bosco
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/39215/#review102387
-----------------------------------------------------------
On Oct. 12, 2015, 3:55 a.m., Don Bosco Durai wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/39215/
> -----------------------------------------------------------
>
> (Updated Oct. 12, 2015, 3:55 a.m.)
>
>
> Review request for ranger, Madhan Neethiraj and Selvamohan Neethiraj.
>
>
> Bugs: RANGER-657
> https://issues.apache.org/jira/browse/RANGER-657
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Updated Ranger Solr Authorization code to address keberos principal
>
>
> Diffs
> -----
>
> agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java a3a3a84
> agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java bab496c
> plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java 8e0ada8
>
> Diff: https://reviews.apache.org/r/39215/diff/
>
>
> Testing
> -------
>
> Manual testing.
>
>
> Thanks,
>
> Don Bosco Durai
>
>
Re: Review Request 39215: RANGER-657: Solr plugin doesn't support for
user principals with /$HOST in it
Posted by Madhan Neethiraj <ma...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/39215/#review102387
-----------------------------------------------------------
Ship it!
agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java (line 110)
<https://reviews.apache.org/r/39215/#comment160022>
This change does not look relevant to the current fix..and might impact all audit destinations. Please make sure to verify well.
plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java (line 161)
<https://reviews.apache.org/r/39215/#comment160021>
Consider moving this log level check to logAuthorizationContext() method. The level at which the logging is done is determined by the method impl..
Other option is for the method to return formatted log msg, which can be logged from here.
- Madhan Neethiraj
On Oct. 12, 2015, 3:55 a.m., Don Bosco Durai wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/39215/
> -----------------------------------------------------------
>
> (Updated Oct. 12, 2015, 3:55 a.m.)
>
>
> Review request for ranger, Madhan Neethiraj and Selvamohan Neethiraj.
>
>
> Bugs: RANGER-657
> https://issues.apache.org/jira/browse/RANGER-657
>
>
> Repository: ranger
>
>
> Description
> -------
>
> Updated Ranger Solr Authorization code to address keberos principal
>
>
> Diffs
> -----
>
> agents-audit/src/main/java/org/apache/ranger/audit/provider/MiscUtil.java a3a3a84
> agents-audit/src/main/java/org/apache/ranger/audit/queue/AuditFileSpool.java bab496c
> plugin-solr/src/main/java/org/apache/ranger/authorization/solr/authorizer/RangerSolrAuthorizer.java 8e0ada8
>
> Diff: https://reviews.apache.org/r/39215/diff/
>
>
> Testing
> -------
>
> Manual testing.
>
>
> Thanks,
>
> Don Bosco Durai
>
>