This is an automated email from the ASF dual-hosted git repository. gparai pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/drill.git
commit f8bc0db29f08ec9f9ff082bec202a2ab2495bac1 Author: Arina Ielchiieva <[email protected]> AuthorDate: Thu Sep 5 17:04:23 2019 +0300 DRILL-7367: Remove Server details from response headers closes #1851 --- .../drill/yarn/appMaster/http/WebServer.java | 40 ++++++++-------------- .../apache/drill/exec/server/rest/WebServer.java | 31 ++++++++++------- 2 files changed, 33 insertions(+), 38 deletions(-) diff --git a/drill-yarn/src/main/java/org/apache/drill/yarn/appMaster/http/WebServer.java b/drill-yarn/src/main/java/org/apache/drill/yarn/appMaster/http/WebServer.java index 5ba31bc..75d99d9 100644 --- a/drill-yarn/src/main/java/org/apache/drill/yarn/appMaster/http/WebServer.java +++ b/drill-yarn/src/main/java/org/apache/drill/yarn/appMaster/http/WebServer.java @@ -48,7 +48,6 @@ import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder; import org.bouncycastle.operator.ContentSigner; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.eclipse.jetty.http.HttpVersion; -import org.eclipse.jetty.security.ConstraintMapping; import org.eclipse.jetty.security.ConstraintSecurityHandler; import org.eclipse.jetty.security.DefaultIdentityService; import org.eclipse.jetty.security.DefaultUserIdentity; @@ -109,7 +108,7 @@ public class WebServer implements AutoCloseable { /** * Start the web server including setup. * - * @throws Exception + * @throws Exception in case of error during start */ public void start() throws Exception { if (jettyServer == null) { @@ -223,7 +222,7 @@ public class WebServer implements AutoCloseable { } public static class AMUserPrincipal implements Principal { - public final String userName; + private final String userName; public AMUserPrincipal(String userName) { this.userName = userName; @@ -236,7 +235,7 @@ public class WebServer implements AutoCloseable { } public static class AmLoginService implements LoginService { - private AMSecurityManager securityMgr; + private final AMSecurityManager securityMgr; protected IdentityService identityService = new DefaultIdentityService(); public AmLoginService(AMSecurityManager securityMgr) { @@ -274,18 +273,6 @@ public class WebServer implements AutoCloseable { @Override public void logout(UserIdentity user) { } - - // @Override - // protected UserIdentity loadUser(String username) { - // // TODO Auto-generated method stub - // return null; - // } - // - // @Override - // protected void loadUsers() throws IOException { - // putUser( "fred", new Password( "wilma" ), new String[] { ADMIN_ROLE } ); - // } - } /** @@ -298,8 +285,7 @@ public class WebServer implements AutoCloseable { ConstraintSecurityHandler security = new ConstraintSecurityHandler(); Set<String> knownRoles = ImmutableSet.of(ADMIN_ROLE); - security.setConstraintMappings(Collections.<ConstraintMapping> emptyList(), - knownRoles); + security.setConstraintMappings(Collections.emptyList(), knownRoles); security.setAuthenticator(new FormAuthenticator("/login", "/login", true)); security @@ -350,13 +336,11 @@ public class WebServer implements AutoCloseable { * Create HTTP connector. * * @return Initialized {@link ServerConnector} instance for HTTP connections. - * @throws Exception */ - private ServerConnector createHttpConnector(Config config) throws Exception { + private ServerConnector createHttpConnector(Config config) { LOG.info("Setting up HTTP connector for web server"); - final HttpConfiguration httpConfig = new HttpConfiguration(); final ServerConnector httpConnector = new ServerConnector(jettyServer, - new HttpConnectionFactory(httpConfig)); + new HttpConnectionFactory(baseHttpConfig())); httpConnector.setPort(config.getInt(DrillOnYarnConfig.HTTP_PORT)); return httpConnector; @@ -368,12 +352,12 @@ public class WebServer implements AutoCloseable { * certificate is generated and used. * <p> * This is a shameless copy of - * {@link org.apache.drill.exec.server.rest.WebServer#createHttpsConnector(int, int, int)}. + * org.apache.drill.exec.server.rest.WebServer#createHttpsConnector(int, int, int). * The two should be merged at some point. The primary issue is that the Drill * version is tightly coupled to Drillbit configuration. * * @return Initialized {@link ServerConnector} for HTTPS connections. - * @throws Exception + * @throws Exception when unable to create HTTPS connector */ private ServerConnector createHttpsConnector(Config config) throws Exception { LOG.info("Setting up HTTPS connector for web server"); @@ -446,7 +430,7 @@ public class WebServer implements AutoCloseable { sslContextFactory.setKeyStorePassword(keyStorePasswd); // } - final HttpConfiguration httpsConfig = new HttpConfiguration(); + final HttpConfiguration httpsConfig = baseHttpConfig(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // SSL Connector @@ -459,6 +443,12 @@ public class WebServer implements AutoCloseable { return sslConnector; } + private HttpConfiguration baseHttpConfig() { + HttpConfiguration httpConfig = new HttpConfiguration(); + httpConfig.setSendServerVersion(false); + return httpConfig; + } + @Override public void close() throws Exception { if (jettyServer != null) { diff --git a/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java b/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java index b912a4c..bc093ad 100644 --- a/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java +++ b/exec/java-exec/src/main/java/org/apache/drill/exec/server/rest/WebServer.java @@ -101,7 +101,7 @@ import java.util.stream.Collectors; import java.util.stream.Stream; /** - * Wrapper class around jetty based webserver. + * Wrapper class around jetty based web server. */ public class WebServer implements AutoCloseable { private static final String ACE_MODE_SQL_TEMPLATE_JS = "ace.mode-sql.template.js"; @@ -270,7 +270,7 @@ public class WebServer implements AutoCloseable { /** * It creates A {@link SessionHandler} which contains a {@link HashSessionManager} * - * @param securityHandler Set of initparameters that are used by the Authentication + * @param securityHandler Set of init parameters that are used by the Authentication * @return session handler */ private SessionHandler createSessionHandler(final SecurityHandler securityHandler) { @@ -354,7 +354,7 @@ public class WebServer implements AutoCloseable { .initializeSSLContext(false) .validateKeyStore(true) .build(); - if(ssl.isSslValid()){ + if (ssl.isSslValid()) { logger.info("Using configured SSL settings for web server"); sslContextFactory.setKeyStorePath(ssl.getKeyStorePath()); @@ -419,7 +419,7 @@ public class WebServer implements AutoCloseable { sslContextFactory.setKeyStorePassword(keyStorePasswd); } - final HttpConfiguration httpsConfig = new HttpConfiguration(); + final HttpConfiguration httpsConfig = baseHttpConfig(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // SSL Connector @@ -439,14 +439,19 @@ public class WebServer implements AutoCloseable { */ private ServerConnector createHttpConnector(int port, int acceptors, int selectors) { logger.info("Setting up HTTP connector for web server"); - final HttpConfiguration httpConfig = new HttpConfiguration(); final ServerConnector httpConnector = - new ServerConnector(embeddedJetty, null, null, null, acceptors, selectors, new HttpConnectionFactory(httpConfig)); + new ServerConnector(embeddedJetty, null, null, null, acceptors, selectors, new HttpConnectionFactory(baseHttpConfig())); httpConnector.setPort(port); return httpConnector; } + private HttpConfiguration baseHttpConfig() { + HttpConfiguration httpConfig = new HttpConfiguration(); + httpConfig.setSendServerVersion(false); + return httpConfig; + } + @Override public void close() throws Exception { if (embeddedJetty != null) { @@ -458,7 +463,7 @@ public class WebServer implements AutoCloseable { /** * Creates if not exists, and returns File for temporary Javascript directory - * @return File handle + * @return file handle */ public File getOrCreateTmpJavaScriptDir() { if (tmpJavaScriptDir == null && this.drillbit.getContext() != null) { @@ -468,7 +473,7 @@ public class WebServer implements AutoCloseable { generateOptionsDescriptionJSFile(); generateFunctionJS(); } catch (IOException e) { - logger.error("Unable to create temp dir for JavaScripts. {}", e); + logger.error("Unable to create temp dir for JavaScripts: {}", tmpJavaScriptDir.getPath(), e); } } return tmpJavaScriptDir; @@ -477,7 +482,7 @@ public class WebServer implements AutoCloseable { /** * Generate Options Description JavaScript to serve http://drillhost/options ACE library search features - * @throws IOException + * @throws IOException when unable to generate functions JS file */ private void generateOptionsDescriptionJSFile() throws IOException { // Obtain list of Options & their descriptions @@ -491,12 +496,12 @@ public class WebServer implements AutoCloseable { int numLeftToWrite = options.size(); // Template source Javascript file - InputStream optionsDescripTemplateStream = Resource.newClassPathResource(OPTIONS_DESCRIBE_TEMPLATE_JS).getInputStream(); + InputStream optionsDescribeTemplateStream = Resource.newClassPathResource(OPTIONS_DESCRIBE_TEMPLATE_JS).getInputStream(); // Generated file File optionsDescriptionFile = new File(getOrCreateTmpJavaScriptDir(), OPTIONS_DESCRIBE_JS); final String file_content_footer = "};"; // Create a copy of a template and write with that! - java.nio.file.Files.copy(optionsDescripTemplateStream, optionsDescriptionFile.toPath()); + java.nio.file.Files.copy(optionsDescribeTemplateStream, optionsDescriptionFile.toPath()); logger.info("Will write {} descriptions to {}", numLeftToWrite, optionsDescriptionFile.getAbsolutePath()); try (BufferedWriter writer = new BufferedWriter(new FileWriter(optionsDescriptionFile, true))) { @@ -521,7 +526,7 @@ public class WebServer implements AutoCloseable { /** * Generates ACE library javascript populated with list of available SQL functions - * @throws IOException + * @throws IOException when unable to generate JS file with functions */ private void generateFunctionJS() throws IOException { // Naturally ordered set of function names @@ -530,7 +535,7 @@ public class WebServer implements AutoCloseable { List<FunctionHolder> builtInFuncHolderList = this.drillbit.getContext().getFunctionImplementationRegistry().getLocalFunctionRegistry() .getAllJarsWithFunctionsHolders().get(LocalFunctionRegistry.BUILT_IN); - // Build List of 'usable' functions (i.e. functions that start with an alphabet and can be autocompleted by the ACE library) + // Build List of 'usable' functions (i.e. functions that start with an alphabet and can be auto-completed by the ACE library) // Example of 'unusable' functions would be operators like '<', '!' int skipCount = 0; for (FunctionHolder builtInFunctionHolder : builtInFuncHolderList) {
