----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73015/#review222309 -----------------------------------------------------------
Ship it! Ship It! - Mehul Parikh On Dec. 8, 2020, 6:27 a.m., Dhaval Shah wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73015/ > ----------------------------------------------------------- > > (Updated Dec. 8, 2020, 6:27 a.m.) > > > Review request for ranger, Ankita Sinha, Jayendra Parab, Madhan Neethiraj, > Mehul Parikh, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3055 > https://issues.apache.org/jira/browse/RANGER-3055 > > > Repository: ranger > > > Description > ------- > > We need to make algorithmic changes in order to make Ranger Source code FIPS > compliant. As per FIPS standard some alogrithms and storetypes are > blacklisted. As required we have made the approriate changes and also > introduce the FIPS flag in Ranger to use the appropriate algorithms under > FIPS enviornment. > > > Diffs > ----- > > > agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerAdminConfig.java > 5cd539aeb > > agents-common/src/main/java/org/apache/ranger/authorization/hadoop/config/RangerConfigConstants.java > 1ad34efa7 > > agents-common/src/main/java/org/apache/ranger/plugin/model/RangerPolicyResourceSignature.java > 2bb65891a > > agents-common/src/main/java/org/apache/ranger/plugin/store/RangerServiceResourceSignature.java > d7fedf053 > > credentialbuilder/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java > 42497e357 > > credentialbuilder/src/main/java/org/apache/ranger/credentialapi/buildks.java > cb391cc00 > > credentialbuilder/src/test/java/org/apache/ranger/credentialapi/TestCredentialReader.java > 006986c6a > > credentialbuilder/src/test/java/org/apache/ranger/credentialapi/Testbuildks.java > 87634d777 > > embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/ElasticSearchIndexBootStrapper.java > e6eb7af99 > > embeddedwebserver/src/main/java/org/apache/ranger/server/tomcat/EmbeddedServer.java > 30d830572 > kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java > 75aa939e0 > > kms/src/main/java/org/apache/hadoop/crypto/key/KeySecureToRangerDBMKUtil.java > 538fde95e > kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java > 6e4f75ae1 > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java > 7473871fb > kms/src/main/java/org/apache/hadoop/crypto/key/RangerMasterKey.java > 2b4eb809c > ranger-util/src/scripts/saveVersion.py 0ad39ac90 > security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 2b3cdcbb5 > security-admin/src/main/java/org/apache/ranger/common/PropertiesUtil.java > c58258ba0 > > security-admin/src/main/java/org/apache/ranger/credentialapi/CredentialReader.java > 1a3ade730 > > security-admin/src/main/java/org/apache/ranger/patch/cliutil/ChangePasswordUtil.java > e7a08532d > security-admin/src/main/java/org/apache/ranger/rest/UserREST.java cf764a0b4 > > security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java > a8b8c588a > > security-admin/src/main/java/org/apache/ranger/util/Pbkdf2PasswordEncoderCust.java > PRE-CREATION > tagsync/src/main/java/org/apache/ranger/tagsync/process/TagSyncConfig.java > 95c348265 > > ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java > 5ef78cf78 > > ugsync/src/main/java/org/apache/ranger/unixusersync/process/PolicyMgrUserGroupBuilder.java > f911f22d4 > > unixauthservice/src/main/java/org/apache/ranger/authentication/UnixAuthenticationService.java > 3f7886bc3 > > > Diff: https://reviews.apache.org/r/73015/diff/4/ > > > Testing > ------- > > 1.CRUD for ADMIN_ROLE, USER_ROLE, KEADMIN_ROLE > 2.Tested UNIX user are getting synced > 3.Tested file based tag sync > 4.Tested the user is able to change password and is able to login with new > password. > 5.Import/export > 6.Tested admin audit. > 7.Tested kms setup. > > > Thanks, > > Dhaval Shah > >