You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Abhay Kulkarni <ak...@hortonworks.com> on 2020/01/21 18:11:22 UTC
Re: Review Request 72010: RANGER-2688: Make cookie name configurable
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72010/#review219346
-----------------------------------------------------------
Ship it!
Ship It!
- Abhay Kulkarni
On Jan. 18, 2020, 6:08 p.m., Pradeep Agrawal wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72010/
> -----------------------------------------------------------
>
> (Updated Jan. 18, 2020, 6:08 p.m.)
>
>
> Review request for ranger, Ankita Sinha, bhavik patel, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, Nitin Galave, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2688
> https://issues.apache.org/jira/browse/RANGER-2688
>
>
> Repository: ranger
>
>
> Description
> -------
>
> **Problem Statement:** Current cookie name 'RANGERADMINSESSIONID' is hardcoded in the ranger code at many places. It should be configurable so that hard coding can be avoided.
>
> **Proposed Solution:**
>
> added a property "ranger.admin.cookie.name" in the ranger-admin-site.xml
> added a property "ranger.usersync.dest.ranger.session.cookie.name" in the ranger-usersync-site.xml
> added a property "ranger.tagsync.dest.ranger.session.cookie.name" in the ranger-tagsync-site.xml
>
> **Note**
> Before starting these modules user should provide same cookie name value in above mentioned configs file and web.xml file. default value shall be "RANGERADMINSESSIONID" only.
>
>
> Diffs
> -----
>
> agents-common/src/main/java/org/apache/ranger/plugin/util/RangerCommonConstants.java PRE-CREATION
> security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java ee8ce8dfb
> security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKrbFilter.java f2856d3f6
> security-admin/src/main/resources/conf.dist/ranger-admin-site.xml 2e584a7a8
> security-admin/src/main/resources/conf.dist/security-applicationContext.xml 2e7a8910a
> tagsync/conf/templates/ranger-tagsync-template.xml 41aacbfd4
> tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java 6d27b02cd
> tagsync/src/main/java/org/apache/ranger/tagsync/sink/tagadmin/TagAdminRESTSink.java 5d32cc04c
> tagsync/src/main/resources/ranger-tagsync-default.xml 08afc4266
> tagsync/src/main/resources/ranger-tagsync-site.xml 9a14c1cc7
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapPolicyMgrUserGroupBuilder.java b469e9245
> ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 1d4e37fcf
> unixauthservice/conf.dist/ranger-ugsync-default.xml e2e014b00
> unixauthservice/scripts/templates/ranger-ugsync-template.xml 0c2d1fcac
>
>
> Diff: https://reviews.apache.org/r/72010/diff/2/
>
>
> Testing
> -------
>
> **Steps to test the patch:**
>
> build ranger
> untar the ranger admin and install the ranger-admin.
> open web.xml and change the <session-config> ---> <cookie-config> ---> <name> property value with desired cookie name.
> save and close the web.xml file
> open ranger-admin-site.xml and provide the cookie name in the property "ranger.admin.cookie.name"
> save and close the ranger-admin-site.xml file
> start ranger-admin and make a REST call; in response ranger will return new cookie name.
>
>
> untar and install the ranger usersync.
> open ranger-ugsync-site.xml and update the cookie name for the property "ranger.usersync.dest.ranger.session.cookie.name"
> start the usersync and usersync utility should able to sync users.
>
>
> untar and install the ranger tagsync.
> open ranger-tagsync-site.xml and update the cookie name for the property "ranger.tagsync.dest.ranger.session.cookie.name"
> start the usersync and usersync utility should able to sync users.
>
>
> Thanks,
>
> Pradeep Agrawal
>
>