[jira] [Commented] (KNOX-928) Topology Port Mapping
[ https://issues.apache.org/jira/browse/KNOX-928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018648#comment-16018648 ] Larry McCay commented on KNOX-928: -- Feature is working well! A couple remaining nits: * the following warning/error needs to have a bit more information 2017-05-20 19:44:05,053 ERROR hadoop.gateway (GatewayServer.java:checkMappedTopologiesExist(655)) - Could not find topology "token" configured in gateway-config.xml. It should indicate the port that is mapped to the "token" topology and also that the invalid mapping will b ignored and will require a server restart even if the missing topology is added. * javadoc style comments within the body of methods should be replaced with slashes except where the level of docs hint at requiring methods to be extracted from the existing method. * @since tags should be removed as mentioned before they aren't consistently used and 0.13.0 may end up being 1.0.0 and they would also need to be managed when backported to previous release lines if needed. If you would like to commit this now and clean up those nitpicks in a follow up JIRA I would good with that. +1 > Topology Port Mapping > - > > Key: KNOX-928 > URL: https://issues.apache.org/jira/browse/KNOX-928 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > Labels: KIP-6 > Fix For: 0.13.0 > > Attachments: KNOX-928.001.patch, KNOX-928.002.patch, > KNOX-928.003.patch, KNOX-928.004.patch > > > Instead of having a single "default topology" we can map topologies to > specific ports and have a dedicated URL without the gateway specific app > context. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-928) Topology Port Mapping
[ https://issues.apache.org/jira/browse/KNOX-928?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018649#comment-16018649 ] Larry McCay commented on KNOX-928: -- We will need docs for this as well - so you can file a JIRA for that too. > Topology Port Mapping > - > > Key: KNOX-928 > URL: https://issues.apache.org/jira/browse/KNOX-928 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > Labels: KIP-6 > Fix For: 0.13.0 > > Attachments: KNOX-928.001.patch, KNOX-928.002.patch, > KNOX-928.003.patch, KNOX-928.004.patch > > > Instead of having a single "default topology" we can map topologies to > specific ports and have a dedicated URL without the gateway specific app > context. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-942) Remove extraneous spaces around '='
[ https://issues.apache.org/jira/browse/KNOX-942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018594#comment-16018594 ] Larry McCay commented on KNOX-942: -- [~coheigea] - aka: mr. sed :) - This patch isn't applying cleanly for me. Maybe it needs to be rebased? Thanks! > Remove extraneous spaces around '=' > --- > > Key: KNOX-942 > URL: https://issues.apache.org/jira/browse/KNOX-942 > Project: Apache Knox > Issue Type: Improvement >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh >Priority: Trivial > Fix For: 0.13.0 > > Attachments: 0001-KNOX-942-Remove-extraneous-spaces-around.patch > > > This task is to remove extraneous spaces around equals to ensure consistency > in the code. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018572#comment-16018572 ] Larry McCay commented on KNOX-931: -- [~Wancy] - I'm not sure why I didn't ask this before but can you please articulate the actual problem? How can I reproduce what you are trying to fix here? This change seems pretty brittle and if a new request wrapper is added at some point this would break. There is also no tests included which would maybe help describe the problem it is fixing as well as prevent breakage. > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie
[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay updated KNOX-933: - Resolution: Fixed Status: Resolved (was: Patch Available) > PicketLink Provider must set Secure and HTTPOnly flags on Cookie > > > Key: KNOX-933 > URL: https://issues.apache.org/jira/browse/KNOX-933 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Larry McCay >Assignee: Krishna Pandey > Labels: KIP-7 > Fix For: 0.13.0 > > Attachments: KNOX-933_master_v1.patch, KNOX-933_master_v2.patch > > > The provider creates a cookie in CaptureOriginalURLFilter.java at line 68, > but fails to set the HttpOnly and Secure flags to true. > This provider is not really supported anymore and isn't even documented but > we should make sure that all cookies have HttpOnly and Secure flags set. We > should separately consider deprecating and removing this provider. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie
[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018566#comment-16018566 ] Larry McCay commented on KNOX-933: -- I've just committed this to master, [~kpandey]. I did make one change to the patch beforehand. The message that you added for logging started with an uppercase letter - I changed that to lowercase to be consistent with the standard. Thank you for your contribution! > PicketLink Provider must set Secure and HTTPOnly flags on Cookie > > > Key: KNOX-933 > URL: https://issues.apache.org/jira/browse/KNOX-933 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Larry McCay >Assignee: Krishna Pandey > Labels: KIP-7 > Fix For: 0.13.0 > > Attachments: KNOX-933_master_v1.patch, KNOX-933_master_v2.patch > > > The provider creates a cookie in CaptureOriginalURLFilter.java at line 68, > but fails to set the HttpOnly and Secure flags to true. > This provider is not really supported anymore and isn't even documented but > we should make sure that all cookies have HttpOnly and Secure flags set. We > should separately consider deprecating and removing this provider. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-933) PicketLink Provider must set Secure and HTTPOnly flags on Cookie
[ https://issues.apache.org/jira/browse/KNOX-933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018563#comment-16018563 ] ASF subversion and git services commented on KNOX-933: -- Commit 8c1c94b9e81d5a624075448be75702ffa08e40c5 in knox's branch refs/heads/master from [~lmccay] [ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=8c1c94b ] KNOX-933 - PicketLink Provider must set Secure and HTTPOnly flags on Cookie (Krishna Pandey via lmccay) > PicketLink Provider must set Secure and HTTPOnly flags on Cookie > > > Key: KNOX-933 > URL: https://issues.apache.org/jira/browse/KNOX-933 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Larry McCay >Assignee: Krishna Pandey > Labels: KIP-7 > Fix For: 0.13.0 > > Attachments: KNOX-933_master_v1.patch, KNOX-933_master_v2.patch > > > The provider creates a cookie in CaptureOriginalURLFilter.java at line 68, > but fails to set the HttpOnly and Secure flags to true. > This provider is not really supported anymore and isn't even documented but > we should make sure that all cookies have HttpOnly and Secure flags set. We > should separately consider deprecating and removing this provider. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-944) Make PBE Hashing, Iteration Count and Salt Configurable and Manageable
[ https://issues.apache.org/jira/browse/KNOX-944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay updated KNOX-944: - Fix Version/s: 0.13.0 > Make PBE Hashing, Iteration Count and Salt Configurable and Manageable > -- > > Key: KNOX-944 > URL: https://issues.apache.org/jira/browse/KNOX-944 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Larry McCay >Assignee: Larry McCay > Labels: KIP-7 > Fix For: 0.13.0 > > > The AESEncryptor is too limiting in terms of crypto ciphers, algorithms, > hashing, etc. We need to make these values/choices configurable to allow for > stronger encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (KNOX-944) Make PBE Hashing, Iteration Count and Salt Configurable and Manageable
[ https://issues.apache.org/jira/browse/KNOX-944?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay resolved KNOX-944. -- Resolution: Fixed > Make PBE Hashing, Iteration Count and Salt Configurable and Manageable > -- > > Key: KNOX-944 > URL: https://issues.apache.org/jira/browse/KNOX-944 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Larry McCay >Assignee: Larry McCay > Labels: KIP-7 > Fix For: 0.13.0 > > > The AESEncryptor is too limiting in terms of crypto ciphers, algorithms, > hashing, etc. We need to make these values/choices configurable to allow for > stronger encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-944) Make PBE Hashing, Iteration Count and Salt Configurable and Manageable
[ https://issues.apache.org/jira/browse/KNOX-944?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16018536#comment-16018536 ] ASF subversion and git services commented on KNOX-944: -- Commit d0726a227d4f10e57489554b8adf8406e6d96920 in knox's branch refs/heads/master from [~lmccay] [ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=d0726a2 ] KNOX-944 - Make PBE Hashing, Iteration Count and Salt Configurable and Manageable > Make PBE Hashing, Iteration Count and Salt Configurable and Manageable > -- > > Key: KNOX-944 > URL: https://issues.apache.org/jira/browse/KNOX-944 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Larry McCay >Assignee: Larry McCay > Labels: KIP-7 > > The AESEncryptor is too limiting in terms of crypto ciphers, algorithms, > hashing, etc. We need to make these values/choices configurable to allow for > stronger encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-944) Make PBE Hashing, Iteration Count and Salt Configurable and Manageable
Larry McCay created KNOX-944: Summary: Make PBE Hashing, Iteration Count and Salt Configurable and Manageable Key: KNOX-944 URL: https://issues.apache.org/jira/browse/KNOX-944 Project: Apache Knox Issue Type: Bug Components: Server Reporter: Larry McCay Assignee: Larry McCay The AESEncryptor is too limiting in terms of crypto ciphers, algorithms, hashing, etc. We need to make these values/choices configurable to allow for stronger encryption. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-943) Incompatibility with Hadoop/HBase cglib/asm dependencies
Shane Kumpf created KNOX-943:
Summary: Incompatibility with Hadoop/HBase cglib/asm dependencies
Key: KNOX-943
URL: https://issues.apache.org/jira/browse/KNOX-943
Project: Apache Knox
Issue Type: Bug
Affects Versions: 0.12.0
Reporter: Shane Kumpf
Priority: Minor
I maintain the
[hadoop-mini-clusters|https://github.com/sakserv/hadoop-mini-clusters] project
and have been working to update to the latest knox version in HDP 2.6.
Unfortunately, I'm running into an issue with different cglib/asm dependency
versions for the WebHDFS/Knox and Stargate/Knox tests that results in the
following exception.
{code}
2017-05-20 08:15:54 WARN QueuedThreadPool:610 -
java.lang.IncompatibleClassChangeError: class
org.eclipse.jetty.annotations.AnnotationParser$MyClassVisitor has interface
org.objectweb.asm.ClassVisitor as super class
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:763)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:467)
at java.net.URLClassLoader.access$100(URLClassLoader.java:73)
at java.net.URLClassLoader$1.run(URLClassLoader.java:368)
at java.net.URLClassLoader$1.run(URLClassLoader.java:362)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:361)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:331)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at
org.eclipse.jetty.annotations.AnnotationParser.scanClass(AnnotationParser.java:974)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJarEntry(AnnotationParser.java:956)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJar(AnnotationParser.java:909)
at
org.eclipse.jetty.annotations.AnnotationParser.parse(AnnotationParser.java:831)
at
org.eclipse.jetty.annotations.AnnotationConfiguration$ParserTask.call(AnnotationConfiguration.java:164)
at
org.eclipse.jetty.annotations.AnnotationConfiguration$1.run(AnnotationConfiguration.java:549)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)
2017-05-20 08:15:54 WARN QueuedThreadPool:610 -
java.lang.IncompatibleClassChangeError:
org/eclipse/jetty/annotations/AnnotationParser$MyClassVisitor
at
org.eclipse.jetty.annotations.AnnotationParser.scanClass(AnnotationParser.java:974)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJarEntry(AnnotationParser.java:956)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJar(AnnotationParser.java:909)
at
org.eclipse.jetty.annotations.AnnotationParser.parse(AnnotationParser.java:831)
at
org.eclipse.jetty.annotations.AnnotationConfiguration$ParserTask.call(AnnotationConfiguration.java:164)
at
org.eclipse.jetty.annotations.AnnotationConfiguration$1.run(AnnotationConfiguration.java:549)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)
2017-05-20 08:15:54 WARN QueuedThreadPool:610 -
java.lang.IncompatibleClassChangeError:
org/eclipse/jetty/annotations/AnnotationParser$MyClassVisitor
at
org.eclipse.jetty.annotations.AnnotationParser.scanClass(AnnotationParser.java:974)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJarEntry(AnnotationParser.java:956)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJar(AnnotationParser.java:909)
at
org.eclipse.jetty.annotations.AnnotationParser.parse(AnnotationParser.java:831)
at
org.eclipse.jetty.annotations.AnnotationConfiguration$ParserTask.call(AnnotationConfiguration.java:164)
at
org.eclipse.jetty.annotations.AnnotationConfiguration$1.run(AnnotationConfiguration.java:549)
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
at
org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
at java.lang.Thread.run(Thread.java:745)
2017-05-20 08:15:54 WARN QueuedThreadPool:610 -
java.lang.IncompatibleClassChangeError:
org/eclipse/jetty/annotations/AnnotationParser$MyClassVisitor
at
org.eclipse.jetty.annotations.AnnotationParser.scanClass(AnnotationParser.java:974)
at
org.eclipse.jetty.annotations.AnnotationParser.parseJarEntry(AnnotationParser.java:956)
at
org.eclipse.jetty.a
