Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-4925

Ranger Authorizer - Memory Leak

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Fixed
    • None
    • 1.6.0
    • Extensions
    • None

    Description

      Authorization requests/results are now explicitly audited. This change was due to the fact that the Ranger was auditing a lot of false positives previously. This is partly because the NiFi uses authorization to check which features the user may have permissions to. This check is used to enable/disable various parts of the UI. The remainder of the false positives came from the authorizer not knowing the entire context of the request. For instance, when a Processor has no policy we check its parent and so on.

      The memory leak is due to the authorizer holding onto authorization results that are never destined for auditing. 

      Attachments

        Issue Links

          Activity

            People

              mcgilman Matt Gilman
              mcgilman Matt Gilman
              Votes:
              2 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: