You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by me...@apache.org on 2018/12/19 12:00:44 UTC
[ranger] 21/36: RANGER-2049: Fixed an issue where doAs User role is
not set properly
This is an automated email from the ASF dual-hosted git repository.
mehul pushed a commit to branch ranger-1.2
in repository https://gitbox.apache.org/repos/asf/ranger.git
commit 0e5072fa4a65632fb86d66e3151f574b8d2b0302
Author: Sailaja Polavarapu <sp...@hortonworks.com>
AuthorDate: Fri Nov 16 13:39:30 2018 -0800
RANGER-2049: Fixed an issue where doAs User role is not set properly
---
.../security/web/filter/RangerKRBAuthenticationFilter.java | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
index 178f31e..5c825d8 100644
--- a/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
+++ b/security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java
@@ -270,16 +270,16 @@ public class RangerKRBAuthenticationFilter extends RangerKrbFilter {
final List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority(rangerLdapDefaultRole));
final UserDetails principal = new User(doAsUser, "", grantedAuths);
- final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, "", grantedAuths);
+ Authentication authentication = new UsernamePasswordAuthenticationToken(principal, "", grantedAuths);
WebAuthenticationDetails webDetails = new WebAuthenticationDetails(request);
- ((AbstractAuthenticationToken) finalAuthentication).setDetails(webDetails);
- SecurityContextHolder.getContext().setAuthentication(finalAuthentication);
+ ((AbstractAuthenticationToken) authentication).setDetails(webDetails);
+ authentication = getGrantedAuthority(authentication);
+ SecurityContextHolder.getContext().setAuthentication(authentication);
request.setAttribute("spnegoEnabled", true);
+ LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser=" + authToken.getUserName());
}
}
- LOG.info("Logged into Ranger as doAsUser = " + doAsUser + ", by authenticatedUser=" + authToken.getUserName());
-
}else {
//if we get the userName from the token then log into ranger using the same user