[PR] [WIP][KYUUBI #5460][REST] The kyuubi-ctl scripts should be used to submit app with SSL + SPNEGO [kyuubi]

Thu, 26 Oct 2023 23:18:06 -0700 


YetiCuzMountain opened a new pull request, #5548:
URL: https://github.com/apache/kyuubi/pull/5548

   <!--
   Thanks for sending a pull request!
   
   ### _Why are the changes needed?_
   <!--
   Please clarify why the changes are needed. For instance,
     1. If you add a feature, you can talk about the use case of it.
     2. If you fix a bug, you can clarify why it is a bug.
   -->
   When i used kyuubi-ctl to submit a batch app, i got the error that 
   
   For examples:
   bin/kyuubi-ctl list session -b --hostUrl https://myhostname:10099/api  
--authSchema spnego  --spnegoHost  myhostname
   
   with Error:
   <img width="526" alt="image" 
src="https://github.com/apache/kyuubi/assets/47157319/1d078705-9cc2-46c4-bf1d-9eb586fae74b";>
   
   I tracked the source code and found that KyuubiRestFrontendService was 
intialized without setting SSL config.
   
   After my fixing, i added some configs about pkcs12 keystore for JettyServer 
intializing. It works.
   
   Therefore, i wish to help others who need high security level environments.
   
   ### _How was this patch tested?_
   Could i add some screenshots for manual tests if appropriate?
   
   First, i create the Jetty-9 format keystore in my host and set them to 
kyuubi-defaults.conf
   
![image](https://github.com/apache/kyuubi/assets/47157319/e3b814ae-a570-4260-a969-d141db1f448c)
   
   Then, i submit a batch job using kyuubi-ctl to send rest request to 10099.
   
   - [ ] Add some test cases that check the changes thoroughly including 
negative and positive cases if possible
   
   - [ ] Add screenshots for manual tests if appropriate
   
   - [ ] [Run 
test](https://kyuubi.readthedocs.io/en/master/contributing/code/testing.html#running-tests)
 locally before make a pull request
   
   
   ### _Was this patch authored or co-authored using generative AI tooling?_
   <!--
   If a generative AI tooling has been used in the process of authoring this 
patch, please include
   phrase 'Generated-by: ' followed by the name of the tool and its version.
   If no, write 'No'.
   Please refer to the [ASF Generative Tooling 
Guidance](https://www.apache.org/legal/generative-tooling.html) for details.
   -->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to