----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/74313/#review225218 -----------------------------------------------------------
security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java Line 75 (original), 76 (patched) <https://reviews.apache.org/r/74313/#comment313962> Why not Timestamp? I think there is a need for more accurate time accuracy than Date. - Kirby Zhou On 二月 21, 2023, 12:35 p.m., Andrew Luo wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/74313/ > ----------------------------------------------------------- > > (Updated 二月 21, 2023, 12:35 p.m.) > > > Review request for ranger, Kirby Zhou and Madhan Neethiraj. > > > Bugs: RANGER-4104 > https://issues.apache.org/jira/browse/RANGER-4104 > > > Repository: ranger > > > Description > ------- > > XXAuthSessionDao.getRecentAuthFailureCountByLoginId produces incorrect SQL > code due to an error in how the authWindowStartTime Date parameter is bound. > > It is currently bound with setParameter("authWindowStartTime", > authWindowStartTime) however, JPA 2.2 Specification Section 11.1.53 says that > it should be bound by specifying an additional parameter TemporalType.DATE. > > This causes issues on some database dialects (at least MySQL) as it > serializes the date string incorrectly which scans the wrong set of data > (causing performance issues since the index cannot be used), and also the > functionality introduced in RANGER-2362 does not work properly > > > Diffs > ----- > > security-admin/src/main/java/org/apache/ranger/db/XXAuthSessionDao.java > 934d25865 > > > Diff: https://reviews.apache.org/r/74313/diff/1/ > > > Testing > ------- > > > Thanks, > > Andrew Luo > >
