You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by pr...@apache.org on 2021/12/16 11:49:28 UTC
[ranger] branch master updated (64cbfcd -> a06bc63)
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git.
from 64cbfcd RANGER-3543: Remove spotbugs-annotations-3.1.9 from classpath
new dc01126 RANGER-3545: Remove Logger Checks for Info Enabled
new a06bc63 RANGER-3443 : "X-Permitted-Cross-Domain-Policies" header not set by Ranger UI
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../hadoop/config/RangerConfiguration.java | 5 +--
.../policyengine/RangerPolicyRepository.java | 4 +-
.../RangerSecurityContextFormationFilter.java | 1 +
.../ldapusersync/process/LdapUserGroupBuilder.java | 50 ++++++----------------
4 files changed, 17 insertions(+), 43 deletions(-)
[ranger] 02/02: RANGER-3443 : "X-Permitted-Cross-Domain-Policies" header not set by Ranger UI
Posted by pr...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit a06bc6327ddfa26c97b20c372c9be65f961e58ab
Author: Nitin Galave <ni...@apache.org>
AuthorDate: Mon Oct 11 17:35:21 2021 +0530
RANGER-3443 : "X-Permitted-Cross-Domain-Policies" header not set by Ranger UI
Signed-off-by: pradeep <pr...@apache.org>
---
.../ranger/security/web/filter/RangerSecurityContextFormationFilter.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
index c508579..9f83daf 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerSecurityContextFormationFilter.java
@@ -138,6 +138,7 @@ public class RangerSecurityContextFormationFilter extends GenericFilterBean {
res.setHeader("X-XSS-Protection", "1; mode=block");
res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
res.setHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'");
+ res.setHeader("X-Permitted-Cross-Domain-Policies", "none");
chain.doFilter(request, res);
} finally {
[ranger] 01/02: RANGER-3545: Remove Logger Checks for Info Enabled
Posted by pr...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pradeep pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit dc011268318feb46c970e5f3610dc84d9602ea32
Author: David Mollitor <da...@gmail.com>
AuthorDate: Thu Dec 16 16:40:57 2021 +0530
RANGER-3545: Remove Logger Checks for Info Enabled
Signed-off-by: pradeep <pr...@apache.org>
---
.../hadoop/config/RangerConfiguration.java | 5 +--
.../policyengine/RangerPolicyRepository.java | 4 +-
.../ldapusersync/process/LdapUserGroupBuilder.java | 50 ++++++----------------
3 files changed, 16 insertions(+), 43 deletions(-)
diff --git a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfiguration.java b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfiguration.java
index d837a69..b49c5f6 100644
--- a/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfiguration.java
+++ b/agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfiguration.java
@@ -46,10 +46,7 @@ public class RangerConfiguration extends Configuration {
URL fUrl = getFileLocation(aResourceName);
if (fUrl != null) {
- if(LOG.isInfoEnabled()) {
- LOG.info("addResourceIfReadable(" + aResourceName + "): resource file is " + fUrl);
- }
-
+ LOG.info("addResourceIfReadable(" + aResourceName + "): resource file is " + fUrl);
try {
addResource(fUrl);
ret = true;
diff --git a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
index e998944..2603f80 100644
--- a/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
+++ b/agents-common/src/main/java/org/apache/ranger/plugin/policyengine/RangerPolicyRepository.java
@@ -947,9 +947,7 @@ public class RangerPolicyRepository {
}
}
}
- if (LOG.isInfoEnabled()) {
- LOG.info("This policy engine contains " + (policyEvaluators.size()+dataMaskPolicyEvaluators.size()+rowFilterPolicyEvaluators.size()) + " policy evaluators");
- }
+ LOG.info("This policy engine contains " + (policyEvaluators.size()+dataMaskPolicyEvaluators.size()+rowFilterPolicyEvaluators.size()) + " policy evaluators");
RangerPolicyEvaluator.PolicyEvalOrderComparator comparator = new RangerPolicyEvaluator.PolicyEvalOrderComparator();
Collections.sort(policyEvaluators, comparator);
this.policyEvaluators = policyEvaluators;
diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
index 401b3f0..f094e5c 100644
--- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
@@ -280,7 +280,6 @@ public class LdapUserGroupBuilder implements UserGroupSource {
groupSearchControls.setReturningAttributes(groupSearchAttributes.toArray(
new String[groupSearchAttributes.size()]));
- if (LOG.isInfoEnabled()) {
LOG.info("LdapUserGroupBuilder initialization completed with -- "
+ "ldapUrl: " + ldapUrl
+ ", ldapBindDn: " + ldapBindDn
@@ -312,8 +311,6 @@ public class LdapUserGroupBuilder implements UserGroupSource {
+ ", userSearchEnabled: " + userSearchEnabled
+ ", ldapReferral: " + ldapReferral
);
- }
-
}
private void closeLdapContext() throws Throwable {
@@ -473,27 +470,21 @@ public class LdapUserGroupBuilder implements UserGroupSource {
final SearchResult userEntry = userSearchResultEnum.next();
if (userEntry == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info("userEntry null, skipping sync for the entry");
- }
+ LOG.info("userEntry null, skipping sync for the entry");
continue;
}
Attributes attributes = userEntry.getAttributes();
if (attributes == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info("attributes missing for entry " + userEntry.getNameInNamespace() +
- ", skipping sync");
- }
+ LOG.info("attributes missing for entry " + userEntry.getNameInNamespace() +
+ ", skipping sync");
continue;
}
Attribute userNameAttr = attributes.get(userNameAttribute);
if (userNameAttr == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info(userNameAttribute + " missing for entry " + userEntry.getNameInNamespace() +
- ", skipping sync");
- }
+ LOG.info(userNameAttribute + " missing for entry " + userEntry.getNameInNamespace() +
+ ", skipping sync");
continue;
}
@@ -501,10 +492,8 @@ public class LdapUserGroupBuilder implements UserGroupSource {
String userName = (String) userNameAttr.get();
if (userName == null || userName.trim().isEmpty()) {
- if (LOG.isInfoEnabled()) {
- LOG.info(userNameAttribute + " empty for entry " + userEntry.getNameInNamespace() +
- ", skipping sync");
- }
+ LOG.info(userNameAttribute + " empty for entry " + userEntry.getNameInNamespace() +
+ ", skipping sync");
continue;
}
@@ -590,10 +579,7 @@ public class LdapUserGroupBuilder implements UserGroupSource {
counter++;
if (counter <= 2000) {
- if (LOG.isInfoEnabled()) {
- LOG.info("Updating user count: " + counter
- + ", userName: " + userName);
- }
+ LOG.info("Updating user count: " + counter + ", userName: " + userName);
if ( counter == 2000 ) {
LOG.info("===> 2000 user records have been synchronized so far. From now on, only a summary progress log will be written for every 100 users. To continue to see detailed log for every user, please enable Trace level logging. <===");
}
@@ -709,19 +695,15 @@ public class LdapUserGroupBuilder implements UserGroupSource {
while (groupSearchResultEnum.hasMore()) {
final SearchResult groupEntry = groupSearchResultEnum.next();
if (groupEntry == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info("groupEntry null, skipping sync for the entry");
- }
+ LOG.info("groupEntry null, skipping sync for the entry");
continue;
}
counter++;
Attributes attributes = groupEntry.getAttributes();
Attribute groupNameAttr = attributes.get(groupNameAttribute);
if (groupNameAttr == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info(groupNameAttribute + " empty for entry " + groupEntry.getNameInNamespace() +
- ", skipping sync");
- }
+ LOG.info(groupNameAttribute + " empty for entry " + groupEntry.getNameInNamespace() +
+ ", skipping sync");
continue;
}
String groupFullName = (groupEntry.getNameInNamespace());
@@ -935,18 +917,14 @@ public class LdapUserGroupBuilder implements UserGroupSource {
while (groupSearchResultEnum.hasMore()) {
final SearchResult groupEntry = groupSearchResultEnum.next();
if (groupEntry == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info("groupEntry null, skipping sync for the entry");
- }
+ LOG.info("groupEntry null, skipping sync for the entry");
continue;
}
counter++;
Attribute groupNameAttr = groupEntry.getAttributes().get(groupNameAttribute);
if (groupNameAttr == null) {
- if (LOG.isInfoEnabled()) {
- LOG.info(groupNameAttribute + " empty for entry " + groupEntry.getNameInNamespace() +
- ", skipping sync");
- }
+ LOG.info(groupNameAttribute + " empty for entry " + groupEntry.getNameInNamespace() +
+ ", skipping sync");
continue;
}
String groupFullName = (groupEntry.getNameInNamespace());