Apache Ranger 2.3.0 - Release Notes - Ranger - Apache Software Foundation
DUE TO SPAM, SIGN-UP IS DISABLED. Goto
Selfserve wiki signup
and request an account.
Ranger
Blog
Pages
Space shortcuts
File lists
Page tree
Browse pages
tachments (0)
Page History
Resolved comments
Page Information
View in Hierarchy
View Source
Export to PDF
Export to Word
Copy Page Tree
Jira links
Apache Ranger 2.3.0 - Release Notes
Created by
Ramesh Mani
, last modified on
Jul 10, 2022
Release Notes - Ranger - Version 2.3.0
New Feature
RANGER-3569
Support Ranger KMS integration with Google cloud HSM
RANGER-3580
Support Ranger KMS integration with TencentKMS
RANGER-3603
HDFS audit files rollover improvement to trigger rollover in monitoring thread
RANGER-3605
Support macros in row-filter/condition expressions
RANGER-3630
Support wildcards, group short names, and list of memberof attribute DNs for computing user search filter
RANGER-3764
conditions to support macros IS_IN_GROUP, IS_IN_ROLE, HAS_TAG
RANGER-3779
conditions enhancement to support macros IS_IN_ANY_GROUP, IS_IN_ANY_ROLE, HAS_TAGS
Improvement
RANGER-2846
Add support for resource[volume, bucket, key] look up in ozone plugin
RANGER-2967
Add support for Amazon CloudWatch Logs as an Audit Store
RANGER-3023
Permission tab takes longer time to load with large number of users and group_users data
RANGER-3030
Replace Findbugs with Spotbugs maven plugin
RANGER-3221
Improve logging in Presto plugin
RANGER-3276
Remove duplicate code from buildks.java
RANGER-3290
ArrayIndexOutOfBoundsException if solr is down
RANGER-3298
Add coarse URI check for Hive Agent
RANGER-3299
Upgrading the bouncycastle version for bcprov-jdk15on
RANGER-3389
Swagger UI Support for Ranger REST API
RANGER-3435
RANGER-3401 Add unique index on guid, service and zone_id column of x_policy table
RANGER-3439
RANGER-3401 Add rest api to get or delete ranger policy based on guid
RANGER-3455
[Logout-Ranger] Should either be disabled/ should redirect to knox logout page
RANGER-3459
Upgrade Ranger's Kafka dependency to 2.8
RANGER-3475
Promote TagRest endpoints to /public/v2
RANGER-3487
Update underscorejs with latest version.
RANGER-3493
RANGER-3490 Add unique index on service and resource_signature column of x_policy table
RANGER-3498
RANGER : Remove log4j1 dependencies.
RANGER-3504
Create framework to execute DB patch dependent on Java patch.
RANGER-3510
Ranger upgrade spring framework version to 5.3.12
RANGER-3515
Enhance Ranger Java client SSL config to be configured using serviceType and AppId
RANGER-3518
Limit the query size stored in Audit logs
RANGER-3519
Provide an option to optimize space needed by Trie objects
RANGER-3521
Ranger KMS IS NOT ENFORCING HSTS ON SSL PORT DEFINED BY RFC 6797
RANGER-3526
policy evaluation ordering to use name as secondary sorting key
RANGER-3533
Provide sorting on columns throughout the audits result set and policy listing page.
RANGER-3538
Reduce the granularity of locking when building/retrieving a policy-engine within Ranger admin service
RANGER-3539
Add jacoco-maven-plugin for code coverage
RANGER-3540
Add support to read audit logs from Amazon CloudWatch
RANGER-3545
Remove Logger Checks for Info Enabled
RANGER-3548
Update performance engine test scripts
RANGER-3550
support for using user/tag attributes in row-filter expressions and conditions
RANGER-3551
Analyze & optimize module permissions related API
RANGER-3553
Unit test coverage for XUserMgr and UserMgr class
RANGER-3556
Ranger tagsync logs unnecessary messages
RANGER-3561
Upgrade Storm version to 1.2.4
RANGER-3562
Redesign post commit tasks for updating ref-tables when policy/role is updated
RANGER-3565
RangerRESTClient to support retry
RANGER-3566
Update version in ranger-2.3 to 2.3.0-SNAPSHOT
RANGER-3567
support for use of user attributes in policy resources
RANGER-3573
Add vim in docker base image
RANGER-3577
RANGER : Upgrade POI version to 5.1.0
RANGER-3578
Simplify code for policy label creation
RANGER-3585
Docker setup to run Ranger usersync and tagsync
RANGER-3586
Script condition expression to support csv of group/tag attributes
RANGER-3595
Tar of KMS contains rubbish files
RANGER-3600
Ranger service tags import request failure
RANGER-3606
remove unnecessary static members from plugin class loaders
RANGER-3609
option to add usergroup enricher automatically based on references in policies
RANGER-3620
Ranger - Upgrade tomcat to 8.5.75
RANGER-3621
Optimise Tag/Policy iterator
RANGER-3624
Update Ranger services Password Policy
RANGER-3628
Support fine grain authorization for different solr objects
RANGER-3629
RANGER - Handle solr permissions during upgrade
RANGER-3632
Improve ranger logs, RENAME_ON_ROTATE and others
RANGER-3634
Remove duplicate entries from usersync distribution file
RANGER-3646
LOG.debug print content error
RANGER-3647
Connection to DB fails for MySQL version above 8.0
RANGER-3649
Represent the Solr admin object types on the Ranger UI
RANGER-3651
Remove jersey1.x version dependency for knox plugin
RANGER-3653
Replace aws java sdk bom dependencies with bundled dependencies
RANGER-3658
Docker: Ranger containers to run as user=ranger
RANGER-3660
[Ranger Admin UI] Improvements in tooltip hints for better user experience
RANGER-3662
There should be pause button for error popup
RANGER-3665
"No Data Found !!" messages in Ranger admin UI alarm users
RANGER-3666
Ranger UI improvement - Add warning popup if auto-complete for resource lookup is failing in Edit policy page
RANGER-3667
Improve feedback in policy creation UI when resource does not exist
RANGER-3669
Connection to DB fails for MySQL version above 8.0
RANGER-3672
Show better error messages during failed logins
RANGER-3673
Need to enable cipher configuration for Usersync
RANGER-3675
Upgrade tomcat due to intermittent READ TIMEOUT
RANGER-3686
Docker setup to run Ranger with MySQL database
RANGER-3687
Password Policy Best Practices for Strong Security
RANGER-3689
Ranger : ranger-2.3 Port missing commits.
RANGER-3693
Ranger - Upgrade tomcat to 8.5.78
RANGER-3698
Ranger - Upgrade kylin to 3.1.3
RANGER-3699
Ranger - Upgrade poi to 5.2.1+
RANGER-3704
remove semicolon from c3P0 preferredTestQuery
RANGER-3725
Update atlas default audit filter to filter Atlas entity-read events by Nifi user.
RANGER-3736
Update RangerChainedPlugin to support masking and row-filtering
RANGER-3738
Restructure ranger Dockerfile to use multi-stage builds
RANGER-3743
Add isDenyAllElse mapping to addCustomRangerDefaultPolicies method
RANGER-3744
Produces annotation ordering should be consistent: json, xml
RANGER-3759
Add default logback configuration file for trino plugin
RANGER-3760
Make trino plugin configurable for trino environment running in docker
RANGER-3768
RangerBasePlugin configuration to optionally disable userstore refresher
Bug
RANGER-2426
ranger-plugins-audits should depend on kafka-clients not kafka server
RANGER-2704
Support browser login using kerberized authentication
RANGER-2847
Add support/Fix Test connection with Ozone service
RANGER-3091
Upgrade solr version in Ranger to Solr 8.6.3
RANGER-3285
expose user source details in ranger UI
RANGER-3403
Ranger usersync role based rules not working as expected
RANGER-3427
Null Dereference in PublicApis.java
RANGER-3433
Null Dereference in ServiceREST getPolicyByName method
RANGER-3442
Ranger KMS DAO memory issues when many new keys are created
RANGER-3468
When multiple Ranger tabs are opened, Some tabs are not redirecting to Knox Logout page
RANGER-3484
Ranger usersync directory is being created as root owner
RANGER-3490
Make policy resource signature is unique in a service
RANGER-3502
Make GET zone APIs accessible to authorized users only
RANGER-3505
Ranger usersync fails to sync users when a duplicate user exists in ranger
RANGER-3507
Handle trailing slash in the ranger Hive URL policy authorization
RANGER-3509
update role fails for role admins
RANGER-3511
RANGER-3490 Create Java patch to update policy resource-signature to unique value.
RANGER-3512
RANGER-3401 Create Java patch to update policy guid to unique value.
RANGER-3514
Fix updates to sync source post upgrades
RANGER-3516
Java patch 'J10045' taking more time during upgrade.
RANGER-3522
Improve Tagsync authentication error reporting
RANGER-3527
Create Apache Ranger next maintenance release branch 2.3
RANGER-3528
Ranger Group creation audit is not shown during service creation
RANGER-3535
A delegate admin user should be able to add another user with all or subset of permissions they have
RANGER-3542
Invalid HTTPS Check
RANGER-3543
Remove spotbugs-annotations-3.1.9 from classpath
RANGER-3544
Security zones listing will be in alphabetical order.
RANGER-3546
Update Spotbugs plugin Executions cycle
RANGER-3547
Upgrade to use log4j 2.16.0+ version to ensure that we are using supported version of log4j
RANGER-3554
[Intermittent] API call to fetch the list of policies for a particular service repo returns a deleted policy in the response
RANGER-3557
Upgrade to use log4j 2.17.0+ version to ensure that we are using supported version of log4j
RANGER-3559
RANGER KMS - Metric details for kms are not getting collected
RANGER-3563
[Docker] plugin installation fails with error: XAAUDIT.AMAZON_CLOUDWATCH.ENABLE not defined
RANGER-3564
Installation of Ranger plugin for HDFS fails due to missing libraries
RANGER-3568
Services of one zone are seen in other zone from UI
RANGER-3571
Typo in GrantRevokeRoleRequest.java
RANGER-3576
service creation is failing intermittently due to DB unique key constraint violation
RANGER-3579
Upgrade Log4j2 to 2.17.1 due to CVE-2021-44832
RANGER-3584
ServiceTags are not computed correctly by applying incremental changes to existing ServiceTags
RANGER-3589
Ranger java patches failing due to admin privilege checks.
RANGER-3591
Upgrade protobuf-java to 3.19.3
RANGER-3592
Upgrade Spring framework to 5.3.15
RANGER-3593
the hive table owner who create the table can not have the full priviledge
RANGER-3594
mysql setup scripts failed with binlog-enabled mysql
RANGER-3597
RANGER-3590 User role should not be able to modify the Policy
RANGER-3610
Docker: Skip service creation for ranger components during ranger container restart
RANGER-3611
Uncatched NullPointerException when missing lastKnownVersion in ServiceREST::getServicePoliciesIfUpdated
RANGER-3613
RANGER KMS : Check if master key with the given alias exists or not if LUNA HSM is enabled.
RANGER-3617
incorrect deny for _any access due to tag policy
RANGER-3619
REST API should return 403 when authenticated client is not allowed to access API.
RANGER-3625
Update isDebugEnable condition in RangerHiveAuthorizer
RANGER-3638
Solr Ranger document level security breaks solr if collection is reloaded
RANGER-3642
Ranger - Upgrade jquery-ui to 1.13.1
RANGER-3644
tagsync: FileTagSource to retry if Ranger is not reachable
RANGER-3652
update resource-matcher unit tests to include wildcard=false
RANGER-3659
Ranger Admin goes to OOM when usersync is trying to delete existing group mappings from ranger DB
RANGER-3663
RangerBizUtil.checkAdminAccess() should return false if user-session is not available
RANGER-3674
Fix PMD issue
RANGER-3676
tag-based policies don't recognize {OWNER} in users as resource owners
RANGER-3677
Update Password Policy validation at WEB-UI
RANGER-3678
Update password validation criteria
RANGER-3681
Ranger Database deadlock when createPolicy is running parallel
RANGER-3690
Fix NullPointerException in java patch 054
RANGER-3691
Upgrade spring to 5.3.18 CVE-2022-22965
RANGER-3692
Ranger cannot connect to the DB when the DB is outaged for a long time
RANGER-3702
RANGER - Export policy in excel is failing.
RANGER-3709
Fix NullPointerException in getSecureServicePoliciesIfUpdated call of ServiceRest
RANGER-3730
log4j dependency is not completely removed
RANGER-3735
RANGER : Behaviour change in external user status.
RANGER-3737
Usersync is broken due to NullPointerException
RANGER-3747
Fix failing sql patches
RANGER-3750
RANGER : PatchForSolrSvcDefAndPoliciesUpdate_J10055 failing with 'duplicate key value violates unique constraint'
RANGER-3753
Hive masking policies don't recognize {OWNER} user
RANGER-3755
Build Plugin-Trino artifacts only with JDK 11
RANGER-3765
tag-based policy masking to override resource-based policy
RANGER-3769
Removing a tag-service association from a service does not update policy engine
RANGER-3773
maven can not build ranger-2.3.0 because commons-cli is duplicated in pom
RANGER-3777
Fix execute permissions for all docker init scripts
RANGER-3778
Kerberos Login cause NullPointerException
No labels
Overview
Content Tools
Atlassian Confluence Open Source Project License
granted to Apache Software Foundation.
Evaluate Confluence today
Atlassian Confluence
8.5.31
Printed by Atlassian Confluence 8.5.31
Report a bug
Atlassian News
Atlassian
{"serverDuration": 86, "requestCorrelationId": "fb9aa63a08a9844b"}
US