This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata

Sub-task

  • [RANGER-422] - Add additional database columns to support aggregation
  • [RANGER-423] - Support audit log aggregation in Ranger Admin UI
  • [RANGER-513] - Policy validation: resource hierarchies check does not work with single-node hierarchies as in HDFS
  • [RANGER-551] - Policy Validation: If resource levels are not valid for any hierarchy then checks about missing mandatory levels should be skipped.
  • [RANGER-564] - Add incubating to the release name 

Bug

  • [RANGER-219] - Autocomplete behavior of hive tables/columns
  • [RANGER-524] - Hbase plugin: list command should prune the tables returned on user permissions
  • [RANGER-529] - Policy Validation: resources of a policy must match one of the resource hierarchies of the service def.
  • [RANGER-533] - Hbase plugin: if user does not have family-level access to any family in a table then user may be incorrectly denied access done at table/family level during get or scan
  • [RANGER-539] - Rolling downgrade changes
  • [RANGER-545] - Fix js error for lower versions of FF (<30)
  • [RANGER-548] - Key rollover command fails
  • [RANGER-550] - Hive plugin: Add audit logging support for metadata queries that have filtering support from hive
  • [RANGER-553] - Default policy creation during service creation should handle service defs with multiple hierarchies, e.g. hive, properly
  • [RANGER-554] - Ranger KMS keys listing page does not support pagination
  • [RANGER-555] - Policy view page (from access audit page) gives 404 with Oracle DB
  • [RANGER-558] - Hbase plugin: unless user has READ access at some level under the table/family being accessed (via scan/get) authorizer should throw an exception and audit
  • [RANGER-560] - Policy validation: Provide user friendly error messages about validation failures
  • [RANGER-565] - Ranger Admin install fails (sometimes) with IO Error when DB used in Oracle
  • [RANGER-566] - Installation of Ranger on Oracle 12c with shared database needs to use private synonym instead of public synonym
  • [RANGER-569] - Enabling Ranger plugin for Hbase should not modify hbase.rpc.protection value
  • [RANGER-570] - Knox plugin: after upgrading ranger from 0.4 to 0.5 the knox plugin won't work because classes with old names are missing
  • [RANGER-571] - Storm plugin: after upgrading ranger from 0.4 to 0.5 the plugin won't work because classes with old names are missing
  • [RANGER-580] - Hbase plugin: Plugin may not work after upgrade
  • [RANGER-584] - Service validation: Provide user friendly error messages about validation failures
  • [RANGER-587] - ranger-admin-site.xml not getting updated when ranger.authentication.method is changed
  • [RANGER-588] - Take care of Ranger KMS installation even if 'java' is not in PATH
  • [RANGER-593] - Service def validation: Provide user friendly error messages about validation failures
  • [RANGER-594] - Policy Validation: Change the logic to generate friendly error messages to be similar to that for Service and Service def
  • [RANGER-598] - Update Ranger config migration script to work with Ranger 0.5
  • [RANGER-615] - Audit to db: Truncate all string values of audit record so that writing of audit does not fail
  • [RANGER-618] - KMS gets slower in key creation once Database grows
  • [RANGER-621] - Solr service-def JSON has incorrect impliedGrants for solr_admin permission
  • [RANGER-622] - Hive plugin: Add jar via beeline throws NPE
  • [RANGER-623] - Enable plugin scripts should handle file permissions for certain umask value
  • [RANGER-624] - Windows installation broken after SQLAnywhere support
  • [RANGER-625] - Change db flavor input parameter value from SQLAnywhere to SQLA
  • [RANGER-627] - Processing done by Audit Shutdown hooks can confuse someone looking at logs to think that shutdown of a service is held up due to Ranger plugin
  • [RANGER-628] - Make filters for ranger-admin search binds configurable
  • [RANGER-630] - Data consistency across API and UI
  • [RANGER-632] - Policy validation error messages produced by the server are not seen by the user
  • [RANGER-633] - Service validation error messages produced by the server are not seen by the user
  • [RANGER-634] - Service-def validation error messages produced by the server are not seen by the user
  • [RANGER-637] - Make REFERRAL property in Ranger User sync configurable
  • [RANGER-638] - Ranger admin should redirect back to login page when session cookies expires
  • [RANGER-639] - Storm plugin - commons-lang is a required dependency and hence should be packaged as part of storm plugin
  • [RANGER-640] - Handle help text description for Ranger LDAP / AD properties in Ambari
  • [RANGER-641] - Ranger kms start fails if java is not set and started using service keyword
  • [RANGER-642] - Update USERSEARCHFILTER for Ranger Authentication on Windows 
  • [RANGER-653] - Move delegated admin check to mgr layer from service layer for XPermMap and XAuditMap
  • [RANGER-654] - Component process goes in a tight loop if audit destination is down
  • [RANGER-661] - Plugin receives empty policy list though the service has policies
  • [RANGER-662] - Policy create/update failures leave partial policy in the database
  • [RANGER-663] - Race condition during policy update causes policy to get in an bad state
  • [RANGER-665] - ranger.ldap.ad.referral property is not getting updated in ranger-admin-site.xml
  • [RANGER-672] - 0.4 plugins can't download policies from 0.5 server (via old api)
  • [RANGER-680] - Remove public group (by default) in default policy for KMS repo
  • [RANGER-681] - Update default sync intervals for LDAP and UNIX
  • [RANGER-682] - Ranger to support Azure Blob Datastore as an audit destination via HDFS audit handler
  • [RANGER-697] - KeyAdmin role user should see only KMS related audit access logs in Audit tab
  • [RANGER-702] - Optimize policy download performance
  • [RANGER-706] - Optimize audit db upgrade patches to minimize timeout issues
  • [RANGER-720] - Ldap discovery tool doesn't seem to be working as expected
  • [RANGER-725] - Add the right .gitignore file to the newly added projects so that directory listing is clean after a build
  • [RANGER-728] - Update Solr script to resolve issues with ZK and creating collection
  • [RANGER-733] - Implement best coding practices to resolve issues found during code scan
  • [RANGER-741] - Fix installation script to skip Audit DB password check if audit source is SOLR
  • [RANGER-742] - Ranger usersync fails after syncing 500 users from AD or ldap server when paged results is enabled.
  • [RANGER-743] - External users with Admin Role should be allowed to create/update users
  • [RANGER-744] - Kafka Authorizer has updated how IP/Host is passed
  • [RANGER-745] - Upgrade Apache commons-collections
  • [RANGER-747] - RangerAdmin is considering "none" as valid ZK Host Name for Solr
  • [RANGER-748] - Users in policy got changed after upgrade
  • [RANGER-755] - ldap run.sh script fails since auth directory does not exist
  • [RANGER-756] - LdapTool fails with -r option to retrieve only users/group/all
  • [RANGER-757] - [LDAP tool] authentication fails if use -d option to search only users
  • [RANGER-758] - Handle special characters in passwords starting from -r 
  • [RANGER-761] - Transaction logs not getting generated under audit menu admin tab if policy name is changed
  • [RANGER-764] - Kafka plugin: new operation types supported by kafaka plugin should be added to service definition.
  • [RANGER-767] - Refactor UserGroupSink implementation and consolidate performance improvements
  • [RANGER-772] - Hive plugin: Update Ranger authorizer to mimic changes made by Hive standard authorizer for the case when IMPORT can end up creating a table
  • [RANGER-773] - Fix newly found Coverity scan issues for Ranger KMS
  • [RANGER-777] - Kafka plugin should build/work with the kafka v0.9 jar with authorization support that have been pushed to public repos
  • [RANGER-778] - Fix user update issue
  • [RANGER-783] - Default policy created during service creation for a Kafka service should better support non-secure kafka cluster
  • [RANGER-798] - Handle different timezone issue while saving audit logs to Solr
  • [RANGER-799] - Ranger UI fixes - partial search not working on Policy listing page
  • [RANGER-802] - HBase plugin: Implement the new methods added to MasterObservers Interface and mimic their implementation in Hbase AccessController
  • [RANGER-808] - Update license.txt
  • [RANGER-810] - Audit page should show most recent audit log at the top

Improvement

  • [RANGER-586] - Ranger plugins should not add dependent libraries to component's CLASSPATH
  • [RANGER-684] - Ranger Usersync - Add Ability to transform user/group names
  • [RANGER-716] - New Public API to check user credentials
  • [RANGER-746] - Ranger Admin: Add wildcard, multiple CN & SAN support when validating plugins' SSL certs
  • [RANGER-749] - Ranger KMS to support multiple KMS instances with keys across multiple clusters
  • [RANGER-818] - Fix XML indentation in pom files

New Feature

  • [RANGER-526] - Provide REST API to change user role
  • [RANGER-614] - Provide support of SQL Anywhere as a DB in Ranger
  • [RANGER-652] - LDAP configuration tool

Task

  • [RANGER-173] - Utility scripts to create HDFS audit folders and policies
  • [RANGER-573] - Updated Ranger WebSite Doc 



  • No labels