Skip to content

RANGER-5499: Set ranger-admin header authn cfg values to null#968

Open
kumaab wants to merge 2 commits into
masterfrom
ranger_5499
Open

RANGER-5499: Set ranger-admin header authn cfg values to null#968
kumaab wants to merge 2 commits into
masterfrom
ranger_5499

Conversation

@kumaab
Copy link
Copy Markdown
Contributor

@kumaab kumaab commented May 23, 2026

What changes were proposed in this pull request?

The header based authentication configs must be set explicitly when Ranger is deployed in an environment with trusted proxy.

How was this patch tested?

CI

@kumaab kumaab self-assigned this May 23, 2026
@kumaab kumaab requested a review from mneethiraj May 23, 2026 00:19
@kumaab kumaab changed the title RANGER-5499: Set ranger-admin header authn values to null RANGER-5499: Set ranger-admin header authn cfg values to null May 23, 2026
mneethiraj
mneethiraj reviewed May 23, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mneethiraj mneethiraj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kumaab - in addition to these updates, consider updating RangerHeaderPreAuthFilter.initialize() as shown below:

protected void initialize() {
    headerAuthEnabled = PropertiesUtil.getBooleanProperty(PROP_HEADER_AUTH_ENABLED, false);

    if (headerAuthEnabled) {
        userNameHeaderName = PropertiesUtil.getProperty(PROP_USERNAME_HEADER_NAME);

        if (StringUtils.isBlank(userNameHeaderName)) {
            LOG.warn("Disabling header-based authentication, as configuration {} is not set", PROP_USERNAME_HEADER_NAME);

            headerAuthEnabled = false;
        }
    }
}

@kumaab
Copy link
Copy Markdown
Contributor Author

kumaab commented May 24, 2026

@kumaab - in addition to these updates, consider updating RangerHeaderPreAuthFilter.initialize() as shown below:

protected void initialize() {
    headerAuthEnabled = PropertiesUtil.getBooleanProperty(PROP_HEADER_AUTH_ENABLED, false);

    if (headerAuthEnabled) {
        userNameHeaderName = PropertiesUtil.getProperty(PROP_USERNAME_HEADER_NAME);

        if (StringUtils.isBlank(userNameHeaderName)) {
            LOG.warn("Disabling header-based authentication, as configuration {} is not set", PROP_USERNAME_HEADER_NAME);

            headerAuthEnabled = false;
        }
    }
}

Sure, makes sense, updated!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mneethiraj mneethiraj mneethiraj approved these changes

Assignees

@kumaab kumaab

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kumaab @mneethiraj