You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by sp...@apache.org on 2018/11/16 21:39:53 UTC
ranger git commit: RANGER-2049: Fixed an issue where doAs User role
is not set properly
Repository: ranger
Updated Branches:
refs/heads/master a7d29df1f -> ffedb5fc7
RANGER-2049: Fixed an issue where doAs User role is not set properly
Project: http://git-wip-us.apache.org/repos/asf/ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/ranger/commit/ffedb5fc
Tree: http://git-wip-us.apache.org/repos/asf/ranger/tree/ffedb5fc
Diff: http://git-wip-us.apache.org/repos/asf/ranger/diff/ffedb5fc
Branch: refs/heads/master
Commit: ffedb5fc719754a818a8c77d39e862689482b8eb
Parents: a7d29df
Author: Sailaja Polavarapu <sp...@hortonworks.com>
Authored: Fri Nov 16 13:39:30 2018 -0800
Committer: Sailaja Polavarapu <sp...@hortonworks.com>
Committed: Fri Nov 16 13:39:30 2018 -0800
----------------------------------------------------------------------
.../web/filter/RangerKRBAuthenticationFilter.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ranger/blob/ffedb5fc/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
index 178f31e..5c825d8 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
@@ -270,16 +270,16 @@ public class RangerKRBAuthenticationFilter extends RangerKrbFilter {
final List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
final UserDetails principal = new User(doAsUser, "", grantedAuths);
- final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, "", grantedAuths);
+ Authentication authentication = new UsernamePasswordAuthenticationToken(principal, "", grantedAuths);
WebAuthenticationDetails webDetails = new WebAuthenticationDetails(request);
- ((AbstractAuthenticationToken) finalAuthentication).setDetails(webDetails);
- SecurityContextHolder.getContext().setAuthentication(finalAuthentication);
+ ((AbstractAuthenticationToken) authentication).setDetails(webDetails);
+ authentication = getGrantedAuthority(authentication);
+ SecurityContextHolder.getContext().setAuthentication(authentication);
request.setAttribute("spnegoEnabled", true);
+ LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser=" + authToken.getUserName());
}
}
- LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser=" + authToken.getUserName());
-
}else {
//if we get the userName from the token then log into ranger using the same user