Dear Ranger Community members, There are various features and critical bug fixes done in the Apache Ranger project since the release of Apache Ranger 2.2.0. Around 55 improvements, 45 bug fixes and a total of 527 commits were made from the last release. Now with that Ranger community is expecting a release to adapt those changes and hence planning this release.
Please review and provide your opinion. Thanks, Ramesh *Improvements:* RANGER-3687 Password Policy Best Practices for Strong Security RANGER-3667 Improve feedback in policy creation UI when resource does not exist RANGER-3659 Ranger Admin goes to OOM when usersync is trying to delete existing group mappings from ranger DB RANGER-3459 Upgrade Ranger's Kafka dependency to 2.8 RANGER-3551 Analyze & optimize module permissions related API RANGER-3539 Add jacoco-maven-plugin for code coverage RANGER-3562 Redesign post commit tasks for updating ref-tables when policy/role is updated RANGER-3540 Add support to read audit logs from Amazon CloudWatch RANGER-3030 Replace Findbugs with Spotbugs maven plugin RANGER-3538 Reduce the granularity of locking when building/retrieving a policy-engine within Ranger admin service RANGER-3518 Limit the query size stored in Audit logs RANGER-3276 Remove duplicate code from buildks.java RANGER-3515 Enhance Ranger Java client SSL config to be configured using serviceType and AppId RANGER-3504 Create framework to execute DB patch dependent on Java patch. RANGER-3023 Permission tab takes longer time to load with large number of users and group_users data RANGER-3487 Update underscore js with latest version. RANGER-3548 Update performance engine test scripts RANGER-3556 Ranger tagsync logs unnecessary messages RANGER-3573 Add vim in docker base image RANGER-3578 Simplify code for policy label creation RANGER-3675 Upgrade tomcat due to intermittent READ TIMEOUT RANGER-3686 Docker setup to run Ranger with MySQL database RANGER-3628 Support fine grain authorization for different solr objects RANGER-3629 RANGER - Handle solr permissions during upgrade RANGER-3665 "No Data Found !!" messages in Ranger admin UI alarm users RANGER-3662 There should be pause button for error popup RANGER-3660 [Ranger Admin UI] Improvements in tooltip hints for better user experience RANGER-3649 Represent the Solr admin object types on the Ranger UI RANGER-3658 Docker: Ranger containers to run as user=ranger RANGER-3603 HDFS audit files rollover improvement to trigger rollover in monitoring thread RANGER-3651 Remove jersey 1.x version dependency for knox plugin RANGER-3621 Optimise Tag/Policy iterator RANGER-3521 Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC 6797 RANGER-3455 [Logout-Ranger] Should either be disabled/ should redirect to knox logout page RANGER-3630 Support wildcards, group short names, and list of memberof attribute DNs for computing user search filter RANGER-3597 User role should not be able to modify the Policy RANGER-3512 Create Java patch to update policy guid to unique value. RANGER-3511 Create Java patch to update policy resource-signature to unique value. RANGER-3493 Add unique index on service and resource_signature column of x_policy table RANGER-3435 Add unique index on guid, service and zone_id column of x_policy table RANGER-3439 Add rest api to get or delete ranger policy based on guid RANGER-3498 RANGER : Remove log4j1 dependencies. RANGER-3475 Promote TagRest endpoints to /public/v2 RANGER-3698 Ranger - Upgrade kylin to 3.1.3 RANGER-3699 Ranger - Upgrade poi to 5.2.1+ RANGER-3533 Provide sorting on columns throughout the audits result set and policy listing page. RANGER-3693 Ranger - Upgrade tomcat to 8.5.78 RANGER-3689 Ranger : ranger-2.3 Port missing commits. RANGER-3620 Ranger - Upgrade tomcat to 8.5.75 RANGER-3577 RANGER : Upgrade POI version to 5.1.0 RANGER-3566 Update version in ranger-2.3 to 2.3.0-SNAPSHOT RANGER-3553 Unit test coverage for XUserMgr and UserMgr class RANGER-3653 Replace aws java sdk bom dependencies with bundled dependencies RANGER-3561 Upgrade Storm version to 1.2.4 RANGER-3704 remove semicolon from c3P0 preferredTestQuery *Bug Fixes:* RANGER-3544 Security zones listing will be in alphabetical order. RANGER-3638 Solr Ranger document level security breaks solr if collection is reloaded RANGER-3591 Upgrade protobuf-java to 3.19.3 RANGER-3403 Ranger usersync role based rules not working as expected RANGER-3285 expose user source details in ranger UI RANGER-3592 Upgrade Spring framework to 5.3.15 RANGER-3568 Services of one zone are seen in other zone from UI RANGER-3589 Ranger java patches failing due to admin privilege checks. RANGER-3543 Remove spotbugs-annotations-3.1.9 from classpath RANGER-3554 [Intermittent] API call to fetch the list of policies for a particular service repo returns a deleted policy in the response RANGER-3546 Update Spotbugs plugin Executions cycle RANGER-3427 Null Dereference in PublicApis.java RANGER-3502 Make GET zone APIs accessible to authorized users only RANGER-3535 A delegate admin user should be able to add another user with all or subset of permissions they have RANGER-3468 When multiple Ranger tabs are opened, Some tabs are not redirecting to Knox Logout page RANGER-3528 Ranger Group creation audit is not shown during service creation RANGER-3490 Make policy resource signature is unique in a service RANGER-3507 Handle trailing slash in the ranger Hive URL policy authorization RANGER-3519 Provide an option to optimize space needed by Trie objects RANGER-3516 Java patch 'J10045' taking more time during upgrade. RANGER-3505 Ranger usersync fails to sync users when a duplicate user exists in ranger RANGER-3509 update role fails for role admins RANGER-3433 Null Dereference in ServiceREST getPolicyByName method RANGER-2704 Support browser login using kerberized authentication RANGER-3584 ServiceTags are not computed correctly by applying incremental changes to existing ServiceTags RANGER-3663 RangerBizUtil.checkAdminAccess() should return false if user-session is not available RANGER-3709 Fix NullPointerException in getSecureServicePoliciesIfUpdated call of ServiceRest RANGER-3702 RANGER - Export policy in excel is failing. RANGER-3677 Update Password Policy validation at WEB-UI RANGER-3690 Fix NullPointerException in java patch 054 RANGER-2362 [security] Admin webui - Lack of account lockout RANGER-3678 Update password validation criteria RANGER-3674 Fix PMD issue RANGER-3642 Ranger - Upgrade jquery-ui to 1.13.1 RANGER-3559 RANGER KMS - Metric details for kms are not getting collected RANGER-3625 Update isDebugEnable condition in RangerHiveAuthorizer RANGER-3610 Docker: Skip service creation for ranger components during ranger container restart RANGER-3594 mysql setup scripts failed with binlog-enabled mysql RANGER-3593 the hive table owner who create the table can not have the full privilege RANGER-3579 Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832 RANGER-3557 Upgrade to use log4j 2.17.0+ version to ensure that we are using supported version of log4j RANGER-3576 service creation is failing intermittently due to DB unique key constraint violation RANGER-3547 Upgrade to use log4j 2.16.0+ version to ensure that we are using supported version of log4j