You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by Sailaja Polavarapu <sp...@hortonworks.com> on 2022/04/20 06:02:41 UTC

Re: Review Request 73794: RANGER-3387: Ranger Admin Header Validation

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73794/
-----------------------------------------------------------

(Updated April 20, 2022, 6:02 a.m.)


Review request for ranger, Mateen Mansoori, Mehul Parikh, Pradeep Agrawal, and Ramesh Mani.


Changes
-------

Added null checks as per the review comments


Bugs: RANGER-3387
    https://issues.apache.org/jira/browse/RANGER-3387


Repository: ranger


Description
-------

Added extra validation for handling PUT/POST requests coming from KNOX proxy with different CSRF header than the one set by the client.


Diffs (updated)
-----

  security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerCSRFPreventionFilter.java e02813fec 
  security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java 2d3308b99 


Diff: https://reviews.apache.org/r/73794/diff/2/

Changes: https://reviews.apache.org/r/73794/diff/1-2/


Testing
-------

1. Verified functionality with Knox trusted proxy on both HA and non-HA clusters.
2. Also verified couple of regression test cases.


Thanks,

Sailaja Polavarapu

Re: Review Request 73794: RANGER-3387: Ranger Admin Header Validation

Posted by Pradeep Agrawal <pr...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73794/#review224526
-----------------------------------------------------------


Ship it!




Ship It!

- Pradeep Agrawal


On April 20, 2022, 6:02 a.m., Sailaja Polavarapu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73794/
> -----------------------------------------------------------
> 
> (Updated April 20, 2022, 6:02 a.m.)
> 
> 
> Review request for ranger, Mateen Mansoori, Mehul Parikh, Pradeep Agrawal, and Ramesh Mani.
> 
> 
> Bugs: RANGER-3387
>     https://issues.apache.org/jira/browse/RANGER-3387
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> Added extra validation for handling PUT/POST requests coming from KNOX proxy with different CSRF header than the one set by the client.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerCSRFPreventionFilter.java e02813fec 
>   security-admin/src/main/java/org/apache/ranger/security/web/filter/RangerKRBAuthenticationFilter.java 2d3308b99 
> 
> 
> Diff: https://reviews.apache.org/r/73794/diff/2/
> 
> 
> Testing
> -------
> 
> 1. Verified functionality with Knox trusted proxy on both HA and non-HA clusters.
> 2. Also verified couple of regression test cases.
> 
> 
> Thanks,
> 
> Sailaja Polavarapu
> 
>