-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73898/
-----------------------------------------------------------
Review request for ranger, Bhavik Bavishi, Abhay Kulkarni, Madhan Neethiraj,
and Pradeep Agrawal.
Bugs: RANGER-2362
https://issues.apache.org/jira/browse/RANGER-2362
Repository: ranger
Description
-------
RANGER-2362
Here is a simple demo code for discussion.
Hard-codeed:
we limit 3 failures per 30 minutes. A successful login will reset the counter.
BTW: I think the code of RangerAuthenticationProvider is a bit anti-pattern.
1. We new RangerAuthenticationProvider at each time user login. It is
unreasonable, it should be a bean.
see RangerKRBAuthenticationFilter.java and RangerSSOAuthenticationFilter.java
2. We new Jdbc/AD/Ldap/Pam authentication provider in
RangerAuthenticationProvider at each time user login.
3. The member 'private LdapAuthenticator authenticator' seems useless
4. The RangerAuthenticationProvider seem should be replaced with
ProviderManager or something like spring configuration.
Diffs
-----
pom.xml 49a06411d0c5421a5abb33c9d32ea13e38655deb
security-admin/pom.xml a2060e1c204f0399f39a79cb56280f6d09325e3a
security-admin/src/main/java/org/apache/ranger/security/handler/RangerAuthenticationProvider.java
8f7abbe7df3d0344c7b5b1af89f7322d82a0d238
security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.java
52cf17ae191f8ac35710083dfcd257b8962d2d7f
security-admin/src/main/java/org/apache/ranger/security/web/authentication/RangerLoginAttemptRateLimiter.java
PRE-CREATION
Diff: https://reviews.apache.org/r/73898/diff/1/
Testing
-------
Self tested
Thanks,
Kirby Zhou
