You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Sailaja Polavarapu <sp...@hortonworks.com> on 2018/03/06 01:18:38 UTC
Review Request 65910: RANGER-2006: Fix problems detected by static
code analysis in ranger usersync for ldap sync source
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65910/
-----------------------------------------------------------
Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-2006
https://issues.apache.org/jira/browse/RANGER-2006
Repository: ranger
Description
-------
In order to prevent LDAP injection, added code to escape special characters in the ldap search filter that is dynamically generated for retriving nested groups.
Diffs
-----
ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java 2852b320
ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java 6b2648d9
ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 45eeb1bc
Diff: https://reviews.apache.org/r/65910/diff/1/
Testing
-------
1. Successfully ran all the existing unit tests
2. Ran some functional tests with Incremental sync and nested groups with Active directory.
Thanks,
Sailaja Polavarapu
Re: Review Request 65910: RANGER-2006: Fix problems detected by
static code analysis in ranger usersync for ldap sync source
Posted by Zsombor Gegesy <zs...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65910/#review198699
-----------------------------------------------------------
Ship it!
Ship It!
- Zsombor Gegesy
On March 6, 2018, 1:18 a.m., Sailaja Polavarapu wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65910/
> -----------------------------------------------------------
>
> (Updated March 6, 2018, 1:18 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2006
> https://issues.apache.org/jira/browse/RANGER-2006
>
>
> Repository: ranger
>
>
> Description
> -------
>
> In order to prevent LDAP injection, added code to escape special characters in the ldap search filter that is dynamically generated for retriving nested groups.
>
>
> Diffs
> -----
>
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java 2852b320
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java 6b2648d9
> ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 45eeb1bc
>
>
> Diff: https://reviews.apache.org/r/65910/diff/1/
>
>
> Testing
> -------
>
> 1. Successfully ran all the existing unit tests
> 2. Ran some functional tests with Incremental sync and nested groups with Active directory.
>
>
> Thanks,
>
> Sailaja Polavarapu
>
>
Re: Review Request 65910: RANGER-2006: Fix problems detected by
static code analysis in ranger usersync for ldap sync source
Posted by Velmurugan Periasamy <vp...@hortonworks.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/65910/#review198696
-----------------------------------------------------------
Ship it!
Ship It!
- Velmurugan Periasamy
On March 6, 2018, 1:18 a.m., Sailaja Polavarapu wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/65910/
> -----------------------------------------------------------
>
> (Updated March 6, 2018, 1:18 a.m.)
>
>
> Review request for ranger, Ankita Sinha, Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja Polavarapu, and Velmurugan Periasamy.
>
>
> Bugs: RANGER-2006
> https://issues.apache.org/jira/browse/RANGER-2006
>
>
> Repository: ranger
>
>
> Description
> -------
>
> In order to prevent LDAP injection, added code to escape special characters in the ldap search filter that is dynamically generated for retriving nested groups.
>
>
> Diffs
> -----
>
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapDeltaUserGroupBuilder.java 2852b320
> ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java 6b2648d9
> ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 45eeb1bc
>
>
> Diff: https://reviews.apache.org/r/65910/diff/1/
>
>
> Testing
> -------
>
> 1. Successfully ran all the existing unit tests
> 2. Ran some functional tests with Incremental sync and nested groups with Active directory.
>
>
> Thanks,
>
> Sailaja Polavarapu
>
>