You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by Pradeep Agrawal <pr...@gmail.com> on 2022/07/13 05:41:40 UTC

Review Request 74054: RANGER-3825: Ranger internal user is unable to change his password after the upgrade

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74054/
-----------------------------------------------------------

Review request for ranger, bhavik patel, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.


Bugs: RANGER-3825
    https://issues.apache.org/jira/browse/RANGER-3825


Repository: ranger


Description
-------

**Problem Statement:** Ranger internal User is unable to change his password after upgrading from ranger 2.1 to 2.2 or higher. 
The issue is caused by RANGER-2950 commit https://github.com/apache/ranger/commit/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c
The issue is coming due to change in default algorithm used before the upgrade and after the upgrade. This could be due to typo mistake while writing the code for RANGER-2950 and lack of developer test case coverage.

**Proposed Solution:** Replacing the default algorithm seems resolving the issue as password storage algorithm is same before and after the upgrade.

**Workaround for existing environment:** if anyone facing this issue after the upgrade and can not apply this patch then they can change/reset that user password through ranger admin user and after that user would be able to change his password.


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 53fa007aa 


Diff: https://reviews.apache.org/r/74054/diff/1/


Testing
-------

Following tests were performed with this proposed patch:

1) installed ranger-admin of older version(2.1) and created used testuser1 and testuser2. stopped the ranger-admin.
2) Upgraded ranger-admin with this patch on top of master branch and used the same db configurations used in step 1.
3) logged in from testuser1 and tried to change password and it was succeeded. logout and tried login for testuser1 with updated password which was succeeded.
4) logged in from admin user and tried to change password of testuser1 and testuser2 and it was succeeded. logout and tried login for testuser1 with updated password which was succeeded.
5) logged in from admin user and created testuser3 and testuser4
6) logged in from testuser3 and tried to change password and it was succeeded. logout and tried login for testuser3 with updated password which was succeeded.
7) logged in from admin user and tried to change password of testuser3 and testuser4 and it was succeeded. logout and tried login for testuser3 with updated password which was succeeded.


Thanks,

Pradeep Agrawal

Re: Review Request 74054: RANGER-3825: Ranger internal user is unable to change his password after the upgrade

Posted by Mehul Parikh <xs...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74054/#review224565
-----------------------------------------------------------


Ship it!




Ship It!

- Mehul Parikh


On July 13, 2022, 5:41 a.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74054/
> -----------------------------------------------------------
> 
> (Updated July 13, 2022, 5:41 a.m.)
> 
> 
> Review request for ranger, bhavik patel, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3825
>     https://issues.apache.org/jira/browse/RANGER-3825
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> **Problem Statement:** Ranger internal User is unable to change his password after upgrading from ranger 2.1 to 2.2 or higher. 
> The issue is caused by RANGER-2950 commit https://github.com/apache/ranger/commit/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c
> The issue is coming due to change in default algorithm used before the upgrade and after the upgrade. This could be due to typo mistake while writing the code for RANGER-2950 and lack of developer test case coverage.
> 
> **Proposed Solution:** Replacing the default algorithm seems resolving the issue as password storage algorithm is same before and after the upgrade.
> 
> **Workaround for existing environment:** if anyone facing this issue after the upgrade and can not apply this patch then they can change/reset that user password through ranger admin user and after that user would be able to change his password.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 53fa007aa 
> 
> 
> Diff: https://reviews.apache.org/r/74054/diff/1/
> 
> 
> Testing
> -------
> 
> Following tests were performed with this proposed patch:
> 
> 1) installed ranger-admin of older version(2.1) and created used testuser1 and testuser2. stopped the ranger-admin.
> 2) Upgraded ranger-admin with this patch on top of master branch and used the same db configurations used in step 1.
> 3) logged in from testuser1 and tried to change password and it was succeeded. logout and tried login for testuser1 with updated password which was succeeded.
> 4) logged in from admin user and tried to change password of testuser1 and testuser2 and it was succeeded. logout and tried login for testuser1 with updated password which was succeeded.
> 5) logged in from admin user and created testuser3 and testuser4
> 6) logged in from testuser3 and tried to change password and it was succeeded. logout and tried login for testuser3 with updated password which was succeeded.
> 7) logged in from admin user and tried to change password of testuser3 and testuser4 and it was succeeded. logout and tried login for testuser3 with updated password which was succeeded.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>

Re: Review Request 74054: RANGER-3825: Ranger internal user is unable to change his password after the upgrade

Posted by Mateen Mansoori <ma...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74054/#review224564
-----------------------------------------------------------


Ship it!




Ship It!

- Mateen Mansoori


On July 13, 2022, 5:41 a.m., Pradeep Agrawal wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/74054/
> -----------------------------------------------------------
> 
> (Updated July 13, 2022, 5:41 a.m.)
> 
> 
> Review request for ranger, bhavik patel, Dhaval Shah, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Ramesh Mani, Sailaja Polavarapu, and Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3825
>     https://issues.apache.org/jira/browse/RANGER-3825
> 
> 
> Repository: ranger
> 
> 
> Description
> -------
> 
> **Problem Statement:** Ranger internal User is unable to change his password after upgrading from ranger 2.1 to 2.2 or higher. 
> The issue is caused by RANGER-2950 commit https://github.com/apache/ranger/commit/e9b1e1d5f2009e90c6bbf912d5039bdafe319a5c
> The issue is coming due to change in default algorithm used before the upgrade and after the upgrade. This could be due to typo mistake while writing the code for RANGER-2950 and lack of developer test case coverage.
> 
> **Proposed Solution:** Replacing the default algorithm seems resolving the issue as password storage algorithm is same before and after the upgrade.
> 
> **Workaround for existing environment:** if anyone facing this issue after the upgrade and can not apply this patch then they can change/reset that user password through ranger admin user and after that user would be able to change his password.
> 
> 
> Diffs
> -----
> 
>   security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 53fa007aa 
> 
> 
> Diff: https://reviews.apache.org/r/74054/diff/1/
> 
> 
> Testing
> -------
> 
> Following tests were performed with this proposed patch:
> 
> 1) installed ranger-admin of older version(2.1) and created used testuser1 and testuser2. stopped the ranger-admin.
> 2) Upgraded ranger-admin with this patch on top of master branch and used the same db configurations used in step 1.
> 3) logged in from testuser1 and tried to change password and it was succeeded. logout and tried login for testuser1 with updated password which was succeeded.
> 4) logged in from admin user and tried to change password of testuser1 and testuser2 and it was succeeded. logout and tried login for testuser1 with updated password which was succeeded.
> 5) logged in from admin user and created testuser3 and testuser4
> 6) logged in from testuser3 and tried to change password and it was succeeded. logout and tried login for testuser3 with updated password which was succeeded.
> 7) logged in from admin user and tried to change password of testuser3 and testuser4 and it was succeeded. logout and tried login for testuser3 with updated password which was succeeded.
> 
> 
> Thanks,
> 
> Pradeep Agrawal
> 
>