----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73559/#review223494 -----------------------------------------------------------
Ship it! Ship It! - Mehul Parikh On Sept. 17, 2021, 11:38 a.m., Nitin Galave wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73559/ > ----------------------------------------------------------- > > (Updated Sept. 17, 2021, 11:38 a.m.) > > > Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Harshal Chavan, > Jayendra Parab, Kishor Gollapalliwar, Madhan Neethiraj, Mahesh Bandal, Mehul > Parikh, Pradeep Agrawal, Sailaja Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3388 > https://issues.apache.org/jira/browse/RANGER-3388 > > > Repository: ranger > > > Description > ------- > > *Background* > > Ranger users who log in via one of the supported authentication flavors stay > logged in until they choose to log out. > > This is a security hole in the scenario where the user has logged in and has > left their desk. The inactivity does not result in early log out. > > This implementation addresses that problem. > > *Scenarios* > * Login to single session. > * Login to multiple tabs. > * Login to multiple services each having its own inactivity detection and > logout implementation. > > > Diffs > ----- > > security-admin/src/main/webapp/scripts/controllers/Controller.js 6b7bad980 > security-admin/src/main/webapp/scripts/controllers/NController.js 749295667 > security-admin/src/main/webapp/scripts/modules/globalize/message/en.js > d30ed4df3 > security-admin/src/main/webapp/scripts/utils/XAUtils.js 42668768d > security-admin/src/main/webapp/scripts/views/common/ProfileBar.js 9dbfa9caf > > > Diff: https://reviews.apache.org/r/73559/diff/1/ > > > Testing > ------- > > Tested following scenario > ========================= > > * Check for fresh install default session timeout is set to 900sec(15min). > * Check when session timeout is set to 60sec we get session timeout popup. > * Check we remain login when we click on stay logged it button from session > timeout popup. > * Check we get logout when we click on logout button from session timeout > popup. > * Check when session timeout is set to 60sec when export popup is open. > * Check when session timeout is set to 60sec when audit popup is open. > * Check we wont get session timeout when playing with tabs. > * Check when session timeout is set to 30sec. > * Check from Ranger the value of session is getting converted to sec no > matter what CM keeps. > > > Check session timeout works for Knox SSO > ======================================== > * Check we remain login when we click on stay logged it button from session > timeout popup through Knox SSO. > * Check we get logout when we click on logout button from session timeout > popup through Knox SSO. > > Check session timeout works for Knox proxy > ========================================== > * Check we remain login when we click on stay logged it button from session > timeout popup through knox proxy. > * Check we get logout when we click on logout button from session timeout > popup through knox proxy. > > Check session timeout through knox trusted proxy > ================================================ > * Check we remain login when we click on stay logged it button from session > timeout popup through knox trusted proxy. > * Check we get logout when we click on logout button from session timeout > popup through knox trusted proxy. > > Upgrade > ======= > * When cluster is upgraded the ranger.service.inactivity.timeout should be -1. > * When the ranger.service.inactivity.timeout is set to 1min it should work. > > > Thanks, > > Nitin Galave > >
