----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73015/ -----------------------------------------------------------
(Updated Dec. 8, 2020, 6:27 a.m.) Review request for ranger, Ankita Sinha, Jayendra Parab, Madhan Neethiraj, Mehul Parikh, Sailaja Polavarapu, and Velmurugan Periasamy. Bugs: RANGER-3055 https://issues.apache.org/jira/browse/RANGER-3055 Repository: ranger Description ------- We need to make algorithmic changes in order to make Ranger Source code FIPS compliant. As per FIPS standard some alogrithms and storetypes are blacklisted. As required we have made the approriate changes and also introduce the FIPS flag in Ranger to use the appropriate algorithms under FIPS enviornment. Diffs (updated) ----- agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerAdminConfig.java 5cd539aeb agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfigConstants.java 1ad34efa7 agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicyResourceSignature.java 2bb65891a agents-common/src/main/java/org/apache/ranger/plugin/store/RangerServiceResourceSignature.java d7fedf053 credentialbuilder/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java 42497e357 credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java cb391cc00 credentialbuilder/src/test/java/org/apache/ranger/credentialapi/TestCredentialReader.java 006986c6a credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java 87634d777 embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/ElasticSearchIndexBootStrapper.java e6eb7af99 embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java 30d830572 kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 75aa939e0 kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java 538fde95e kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 6e4f75ae1 kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 7473871fb kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 2b4eb809c ranger-util/src/scripts/saveVersion.py 0ad39ac90 security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 2b3cdcbb5 security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java c58258ba0 security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java 1a3ade730 security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java e7a08532d security-admin/src/main/java/org/apache/ranger/rest/UserREST.java cf764a0b4 security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java a8b8c588a security-admin/src/main/java/org/apache/ranger/util/Pbkdf2PasswordEncoderCust.java PRE-CREATION tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java 95c348265 ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java 5ef78cf78 ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java f911f22d4 unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java 3f7886bc3 Diff: https://reviews.apache.org/r/73015/diff/4/ Changes: https://reviews.apache.org/r/73015/diff/3-4/ Testing ------- 1.CRUD for ADMIN_ROLE, USER_ROLE, KEADMIN_ROLE 2.Tested UNIX user are getting synced 3.Tested file based tag sync 4.Tested the user is able to change password and is able to login with new password. 5.Import/export 6.Tested admin audit. 7.Tested kms setup. Thanks, Dhaval Shah