-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73015/
-----------------------------------------------------------
(Updated Dec. 8, 2020, 6:27 a.m.)
Review request for ranger, Ankita Sinha, Jayendra Parab, Madhan Neethiraj,
Mehul Parikh, Sailaja Polavarapu, and Velmurugan Periasamy.
Bugs: RANGER-3055
https://issues.apache.org/jira/browse/RANGER-3055
Repository: ranger
Description
-------
We need to make algorithmic changes in order to make Ranger Source code FIPS
compliant. As per FIPS standard some alogrithms and storetypes are blacklisted.
As required we have made the approriate changes and also introduce the FIPS
flag in Ranger to use the appropriate algorithms under FIPS enviornment.
Diffs (updated)
-----
agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerAdminConfig.java
5cd539aeb
agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfigConstants.java
1ad34efa7
agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicyResourceSignature.java
2bb65891a
agents-common/src/main/java/org/apache/ranger/plugin/store/RangerServiceResourceSignature.java
d7fedf053
credentialbuilder/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
42497e357
credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java
cb391cc00
credentialbuilder/src/test/java/org/apache/ranger/credentialapi/TestCredentialReader.java
006986c6a
credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java
87634d777
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/ElasticSearchIndexBootStrapper.java
e6eb7af99
embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java
30d830572
kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 75aa939e0
kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java
538fde95e
kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java 6e4f75ae1
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java
7473871fb
kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java 2b4eb809c
ranger-util/src/scripts/saveVersion.py 0ad39ac90
security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 2b3cdcbb5
security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java
c58258ba0
security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java
1a3ade730
security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java
e7a08532d
security-admin/src/main/java/org/apache/ranger/rest/UserREST.java cf764a0b4
security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
a8b8c588a
security-admin/src/main/java/org/apache/ranger/util/Pbkdf2PasswordEncoderCust.java
PRE-CREATION
tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java
95c348265
ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
5ef78cf78
ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java
f911f22d4
unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java
3f7886bc3
Diff: https://reviews.apache.org/r/73015/diff/4/
Changes: https://reviews.apache.org/r/73015/diff/3-4/
Testing
-------
1.CRUD for ADMIN_ROLE, USER_ROLE, KEADMIN_ROLE
2.Tested UNIX user are getting synced
3.Tested file based tag sync
4.Tested the user is able to change password and is able to login with new
password.
5.Import/export
6.Tested admin audit.
7.Tested kms setup.
Thanks,
Dhaval Shah
