[ 
https://issues.apache.org/jira/browse/RANGER-5689?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ramachandran Krishnan updated RANGER-5689:
------------------------------------------
    Affects Version/s: 2.9.0

> Standardize TLS hostname verification across Ranger HTTP clients using a 
> uniform verifier
> -----------------------------------------------------------------------------------------
>
>                 Key: RANGER-5689
>                 URL: https://issues.apache.org/jira/browse/RANGER-5689
>             Project: Ranger
>          Issue Type: Bug
>          Components: Ranger
>    Affects Versions: 2.8.0, 2.9.0
>            Reporter: Vyom Mani Tiwari
>            Assignee: Vyom Mani Tiwari
>            Priority: Major
>             Fix For: 3.0.0, 2.9.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> Across various Ranger REST and HTTP client paths ({{{}RangerSslHelper{}}}, 
> {{{}RangerRESTClient{}}}, {{{}RangerUgSyncRESTClient{}}}, and 
> {{{}RangerAdminJersey2RESTClient{}}}), hostname validation is currently 
> managed via localized custom verifiers.
> To improve maintainability and ensure consistent connection behavior across 
> diverse cluster environments, we should replace these decentralized checks 
> with a uniform approach.
> *Proposed Solution:* Introduce a single, centralized hostname verifier class 
> ({{{}RangerDefaultHostnameVerifier{}}}) that delegates the verification check 
> directly to the standard {{DefaultHostnameVerifier}} provided by the Apache 
> HttpComponents library. This eliminates redundant logic across the modules 
> and ensures Ranger utilizes a standard, production-tested implementation for 
> all HTTP engine paths.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to