You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2020/01/08 04:48:30 UTC
[ranger] branch master updated: RANGER-2680 : Ranger Usersync and
Tagsync is not updating session cookie until restart
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/master by this push:
new 079967c RANGER-2680 : Ranger Usersync and Tagsync is not updating session cookie until restart
079967c is described below
commit 079967c59f281cf0e7178613a38a4db952e16816
Author: Nikhil P <ni...@apache.org>
AuthorDate: Fri Dec 27 12:59:26 2019 +0530
RANGER-2680 : Ranger Usersync and Tagsync is not updating session cookie until restart
---
.../ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java | 11 ++++++++++-
.../process/LdapPolicyMgrUserGroupBuilder.java | 16 ++++++++++------
.../unixusersync/process/PolicyMgrUserGroupBuilder.java | 16 ++++++++++------
3 files changed, 30 insertions(+), 13 deletions(-)
diff --git a/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java b/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
index dff7241..5d32cc0 100644
--- a/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
+++ b/tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java
@@ -320,7 +320,16 @@ public class TagAdminRESTSink implements TagSink, Runnable {
isValidRangerCookie = false;
} else if (response.getStatus() == HttpServletResponse.SC_NO_CONTENT
|| response.getStatus() == HttpServletResponse.SC_OK) {
- isValidRangerCookie = true;
+ List<NewCookie> respCookieList = response.getCookies();
+ for (NewCookie respCookie : respCookieList) {
+ if (respCookie.getName().equalsIgnoreCase("RANGERADMINSESSIONID")) {
+ if (!(sessionId.getValue().equalsIgnoreCase(respCookie.toCookie().getValue()))) {
+ sessionId = respCookie.toCookie();
+ }
+ isValidRangerCookie = true;
+ break;
+ }
+ }
}
}
diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
index b6a2987..b469e92 100644
--- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java
@@ -937,10 +937,12 @@ private static final Logger LOG = Logger.getLogger(LdapPolicyMgrUserGroupBuilder
sessionId = null;
isValidRangerCookie = false;
} else if (clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT || clientResp.getStatus() == HttpServletResponse.SC_OK) {
- cookieList = clientResp.getCookies();
- for (NewCookie cookie : cookieList) {
+ List<NewCookie> respCookieList = clientResp.getCookies();
+ for (NewCookie cookie : respCookieList) {
if (cookie.getName().equalsIgnoreCase(RANGER_ADMIN_COOKIE_NAME)) {
- sessionId = cookie.toCookie();
+ if (!(sessionId.getValue().equalsIgnoreCase(cookie.toCookie().getValue()))) {
+ sessionId = cookie.toCookie();
+ }
isValidRangerCookie = true;
break;
}
@@ -1084,10 +1086,12 @@ private static final Logger LOG = Logger.getLogger(LdapPolicyMgrUserGroupBuilder
sessionId = null;
isValidRangerCookie = false;
} else if (clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT || clientResp.getStatus() == HttpServletResponse.SC_OK) {
- cookieList = clientResp.getCookies();
- for (NewCookie cookie : cookieList) {
+ List<NewCookie> respCookieList = clientResp.getCookies();
+ for (NewCookie cookie : respCookieList) {
if (cookie.getName().equalsIgnoreCase(RANGER_ADMIN_COOKIE_NAME)) {
- sessionId = cookie.toCookie();
+ if (!(sessionId.getValue().equalsIgnoreCase(cookie.toCookie().getValue()))) {
+ sessionId = cookie.toCookie();
+ }
isValidRangerCookie = true;
break;
}
diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
index 6a24213..f08c511 100644
--- a/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
@@ -854,10 +854,12 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink {
sessionId = null;
isValidRangerCookie = false;
} else if (clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT || clientResp.getStatus() == HttpServletResponse.SC_OK) {
- cookieList = clientResp.getCookies();
- for (NewCookie cookie : cookieList) {
+ List<NewCookie> respCookieList = clientResp.getCookies();
+ for (NewCookie cookie : respCookieList) {
if (cookie.getName().equalsIgnoreCase(RANGER_ADMIN_COOKIE_NAME)) {
- sessionId = cookie.toCookie();
+ if (!(sessionId.getValue().equalsIgnoreCase(cookie.toCookie().getValue()))) {
+ sessionId = cookie.toCookie();
+ }
isValidRangerCookie = true;
break;
}
@@ -1345,10 +1347,12 @@ public class PolicyMgrUserGroupBuilder implements UserGroupSink {
sessionId = null;
isValidRangerCookie = false;
} else if (clientResp.getStatus() == HttpServletResponse.SC_NO_CONTENT || clientResp.getStatus() == HttpServletResponse.SC_OK) {
- cookieList = clientResp.getCookies();
- for (NewCookie cookie : cookieList) {
+ List<NewCookie> respCookieList = clientResp.getCookies();
+ for (NewCookie cookie : respCookieList) {
if (cookie.getName().equalsIgnoreCase(RANGER_ADMIN_COOKIE_NAME)) {
- sessionId = cookie.toCookie();
+ if (!(sessionId.getValue().equalsIgnoreCase(cookie.toCookie().getValue()))) {
+ sessionId = cookie.toCookie();
+ }
isValidRangerCookie = true;
break;
}