[jira] [Commented] (KNOX-2221) Upgrade shiro to 1.5.1

[Colm O hEigeartaigh (Jira)]

[ 
https://issues.apache.org/jira/browse/KNOX-2221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17068351#comment-17068351
 ] 

Colm O hEigeartaigh commented on KNOX-2221:
---

Shiro 1.5.2 is out now, not sure if that fixes the problem?

> Upgrade shiro to 1.5.1
> --
>
> Key: KNOX-2221
> URL: https://issues.apache.org/jira/browse/KNOX-2221
> Project: Apache Knox
>  Issue Type: Sub-task
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.4.0
>
> Attachments: log.txt.gz
>
>  Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> *Note:* Can't upgrade to shiro 1.5.0 due to a bug in handling `/` only from 
> SHIRO-682. Will need to wait for a new version of Shiro to upgrade.
> Upgrade shiro 1.4.2 to 1.5.1
> Shiro 1.5.0 release notes: 
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950=12344991



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KNOX-2221) Upgrade shiro to 1.5.1

[Colm O hEigeartaigh (Jira)]

[ 
https://issues.apache.org/jira/browse/KNOX-2221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17044589#comment-17044589
 ] 

Colm O hEigeartaigh commented on KNOX-2221:
---

[~krisden] Can you provide this feedback on 
https://issues.apache.org/jira/browse/SHIRO-684 ?

> Upgrade shiro to 1.5.1
> --
>
> Key: KNOX-2221
> URL: https://issues.apache.org/jira/browse/KNOX-2221
> Project: Apache Knox
>  Issue Type: Sub-task
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.4.0
>
> Attachments: log.txt.gz
>
>  Time Spent: 10m
>  Remaining Estimate: 0h
>
> *Note:* Can't upgrade to shiro 1.5.0 due to a bug in handling `/` only from 
> SHIRO-682. Will need to wait for a new version of Shiro to upgrade.
> Upgrade shiro 1.4.2 to 1.5.1
> Shiro 1.5.0 release notes: 
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950=12344991



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KNOX-2221) Upgrade shiro to 1.5.x

[Colm O hEigeartaigh (Jira)]

[ 
https://issues.apache.org/jira/browse/KNOX-2221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17043182#comment-17043182
 ] 

Colm O hEigeartaigh commented on KNOX-2221:
---

Shiro 1.5.1 now released.

> Upgrade shiro to 1.5.x
> --
>
> Key: KNOX-2221
> URL: https://issues.apache.org/jira/browse/KNOX-2221
> Project: Apache Knox
>  Issue Type: Sub-task
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.4.0
>
> Attachments: log.txt.gz
>
>
> *Note:* Can't upgrade to shiro 1.5.0 due to a bug in handling `/` only from 
> SHIRO-682. Will need to wait for a new version of Shiro to upgrade.
> Upgrade shiro 1.4.2 to 1.5.x
> Shiro 1.5.0 release notes: 
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950=12344991



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KNOX-2221) Upgrade shiro to 1.5.x

[Colm O hEigeartaigh (Jira)]

[ 
https://issues.apache.org/jira/browse/KNOX-2221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17036065#comment-17036065
 ] 

Colm O hEigeartaigh commented on KNOX-2221:
---

The vote for 1.5.1 was cancelled, and the PR above was merged. So it should 
work fine once we pick up 1.5.1.

> Upgrade shiro to 1.5.x
> --
>
> Key: KNOX-2221
> URL: https://issues.apache.org/jira/browse/KNOX-2221
> Project: Apache Knox
>  Issue Type: Sub-task
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.4.0
>
> Attachments: log.txt.gz
>
>
> *Note:* Can't upgrade to shiro 1.5.0 due to a bug in handling `/` only from 
> SHIRO-682. Will need to wait for a new version of Shiro to upgrade.
> Upgrade shiro 1.4.2 to 1.5.x
> Shiro 1.5.0 release notes: 
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950=12344991



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KNOX-2221) Upgrade shiro to 1.5.x

[Colm O hEigeartaigh (Jira)]

[ 
https://issues.apache.org/jira/browse/KNOX-2221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17034534#comment-17034534
 ] 

Colm O hEigeartaigh commented on KNOX-2221:
---

For the record, the problem is fixed by this PR - 
[https://github.com/apache/shiro/pull/201]

It probably won't make it into 1.5.1 though, which is currently under vote.

> Upgrade shiro to 1.5.x
> --
>
> Key: KNOX-2221
> URL: https://issues.apache.org/jira/browse/KNOX-2221
> Project: Apache Knox
>  Issue Type: Sub-task
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.4.0
>
> Attachments: log.txt.gz
>
>
> *Note:* Can't upgrade to shiro 1.5.0 due to a bug in handling `/` only from 
> SHIRO-682. Will need to wait for a new version of Shiro to upgrade.
> Upgrade shiro 1.4.2 to 1.5.x
> Shiro 1.5.0 release notes: 
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310950=12344991



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KNOX-2163) Bump version dependencies January 2020

[Colm O hEigeartaigh (Jira)]

[ 
https://issues.apache.org/jira/browse/KNOX-2163?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024295#comment-17024295
 ] 

Colm O hEigeartaigh commented on KNOX-2163:
---

You could also update Shiro to 1.5.0, which is just released.

> Bump version dependencies January 2020
> --
>
> Key: KNOX-2163
> URL: https://issues.apache.org/jira/browse/KNOX-2163
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.4.0
>
>
> There are a dependencies that can be updated. Subtasks will be created for 
> each dependency so the change can be rolled back individually if necessary.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KNOX-1721) Upgrade dependency-check-maven to 4.0.2

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1721?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16735971#comment-16735971
 ] 

Colm O hEigeartaigh commented on KNOX-1721:
---

LGTM

> Upgrade dependency-check-maven to 4.0.2
> ---
>
> Key: KNOX-1721
> URL: https://issues.apache.org/jira/browse/KNOX-1721
> Project: Apache Knox
>  Issue Type: Sub-task
>  Components: Build
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Trivial
> Fix For: 1.3.0
>
> Attachments: KNOX-1721.patch, KNOX-1721.patch, KNOX-1721.patch
>
>
> Upgrade dependency-check-maven 4.0.1 to 4.0.2



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1721) Upgrade dependency-check-maven to 4.0.2

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1721?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16732967#comment-16732967
 ] 

Colm O hEigeartaigh commented on KNOX-1721:
---

Yes that works for me. However I'm a bit uncomfortable with the added repos as 
part of the main build. Could we add them to the owasp profile instead?

Also - the pac4j suppression could be removed as it's fixed in 4.0.2 
(https://github.com/jeremylong/DependencyCheck/issues/1641)

> Upgrade dependency-check-maven to 4.0.2
> ---
>
> Key: KNOX-1721
> URL: https://issues.apache.org/jira/browse/KNOX-1721
> Project: Apache Knox
>  Issue Type: Sub-task
>  Components: Build
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Trivial
> Fix For: 1.3.0
>
> Attachments: KNOX-1721.patch, KNOX-1721.patch
>
>
> Upgrade dependency-check-maven 4.0.1 to 4.0.2



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Comment Edited] (KNOX-1721) Upgrade dependency-check-maven to 4.0.2

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1721?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16732439#comment-16732439
 ] 

Colm O hEigeartaigh edited comment on KNOX-1721 at 1/2/19 9:21 PM:
---

I get these kinds of errors:

 

[ERROR] Failed to execute goal org.owasp:dependency-check-maven:4.0.1:aggregate 
(default) on project gateway: One or more exceptions occurred during 
dependency-check analysis: One or more exceptions occurred during analysis:
 [ERROR]     Failure to find commonj.sdo:commonj.sdo:jar:2.1.1.v201112051852 in 
[https://repo.maven.apache.org/maven2] was cached in the local repository, 
resolution will not be reattempted until the update interval of central has 
elapsed or updates are forced

 

Skipping tests has no effect either. The project is building fine for me via 
mvn clean install, so I'm not sure what's going on. I'll try it again tomorrow.


was (Author: coheigea):
I get these kinds of errors:

 

[ERROR] Failed to execute goal org.owasp:dependency-check-maven:4.0.1:aggregate 
(default) on project gateway: One or more exceptions occurred during 
dependency-check analysis: One or more exceptions occurred during analysis:
[ERROR]     Failure to find commonj.sdo:commonj.sdo:jar:2.1.1.v201112051852 in 
https://repo.maven.apache.org/maven2 was cached in the local repository, 
resolution will not be reattempted until the update interval of central has 
elapsed or updates are forced

 

Skipping tests has no effect either.

> Upgrade dependency-check-maven to 4.0.2
> ---
>
> Key: KNOX-1721
> URL: https://issues.apache.org/jira/browse/KNOX-1721
> Project: Apache Knox
>  Issue Type: Sub-task
>  Components: Build
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Trivial
> Fix For: 1.3.0
>
> Attachments: KNOX-1721.patch
>
>
> Upgrade dependency-check-maven 4.0.1 to 4.0.2



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1721) Upgrade dependency-check-maven to 4.0.2

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1721?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16732439#comment-16732439
 ] 

Colm O hEigeartaigh commented on KNOX-1721:
---

I get these kinds of errors:

 

[ERROR] Failed to execute goal org.owasp:dependency-check-maven:4.0.1:aggregate 
(default) on project gateway: One or more exceptions occurred during 
dependency-check analysis: One or more exceptions occurred during analysis:
[ERROR]     Failure to find commonj.sdo:commonj.sdo:jar:2.1.1.v201112051852 in 
https://repo.maven.apache.org/maven2 was cached in the local repository, 
resolution will not be reattempted until the update interval of central has 
elapsed or updates are forced

 

Skipping tests has no effect either.

> Upgrade dependency-check-maven to 4.0.2
> ---
>
> Key: KNOX-1721
> URL: https://issues.apache.org/jira/browse/KNOX-1721
> Project: Apache Knox
>  Issue Type: Sub-task
>  Components: Build
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Trivial
> Fix For: 1.3.0
>
> Attachments: KNOX-1721.patch
>
>
> Upgrade dependency-check-maven 4.0.1 to 4.0.2



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1721) Upgrade dependency-check-maven to 4.0.2

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1721?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16732423#comment-16732423
 ] 

Colm O hEigeartaigh commented on KNOX-1721:
---

How do you run the plugin? If I run " mvn clean install -Powasp" I get some 
errors in the gateway module.

> Upgrade dependency-check-maven to 4.0.2
> ---
>
> Key: KNOX-1721
> URL: https://issues.apache.org/jira/browse/KNOX-1721
> Project: Apache Knox
>  Issue Type: Sub-task
>  Components: Build
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Trivial
> Fix For: 1.3.0
>
> Attachments: KNOX-1721.patch
>
>
> Upgrade dependency-check-maven 4.0.1 to 4.0.2



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1678) Upgrade Jackson to 2.9.8

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1678:
-

 Summary: Upgrade Jackson to 2.9.8
 Key: KNOX-1678
 URL: https://issues.apache.org/jira/browse/KNOX-1678
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.3.0


Upgrade Jackson to 2.9.8



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1678) Upgrade Jackson to 2.9.8

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1678?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1678.
---
Resolution: Fixed

> Upgrade Jackson to 2.9.8
> 
>
> Key: KNOX-1678
> URL: https://issues.apache.org/jira/browse/KNOX-1678
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.3.0
>
>
> Upgrade Jackson to 2.9.8



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1622) Enable the secure processing feature on all XPathFactory instances

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1622.
---
Resolution: Fixed

> Enable the secure processing feature on all XPathFactory instances
> --
>
> Key: KNOX-1622
> URL: https://issues.apache.org/jira/browse/KNOX-1622
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.2.0
>
>
> Good security practice is to enable the secure processing feature on 
> XPathFactory instances.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1622) Enable the secure processing feature on all XPathFactory instances

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1622:
-

 Summary: Enable the secure processing feature on all XPathFactory 
instances
 Key: KNOX-1622
 URL: https://issues.apache.org/jira/browse/KNOX-1622
 Project: Apache Knox
  Issue Type: Task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.2.0


Good security practice is to enable the secure processing feature on 
XPathFactory instances.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1542) Upgrade to EasyMock 4.0.1

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16668778#comment-16668778
 ] 

Colm O hEigeartaigh commented on KNOX-1542:
---

Want me to revert it for now?

> Upgrade to EasyMock 4.0.1
> -
>
> Key: KNOX-1542
> URL: https://issues.apache.org/jira/browse/KNOX-1542
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.2.0
>
>
> Upgrade to EasyMock 4.0



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1542) Upgrade to EasyMock 4.0.1

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16668767#comment-16668767
 ] 

Colm O hEigeartaigh commented on KNOX-1542:
---

It fails in gateway-i18n, but this module doesn't use EasyMock from what I can 
tell?

gateway-i18n ... FAILURE [ 0.847 
s]

> Upgrade to EasyMock 4.0.1
> -
>
> Key: KNOX-1542
> URL: https://issues.apache.org/jira/browse/KNOX-1542
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.2.0
>
>
> Upgrade to EasyMock 4.0



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1542) Upgrade to EasyMock 4.0.1

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1542:
--
Summary: Upgrade to EasyMock 4.0.1  (was: Upgrade to EasyMock 4.0)

> Upgrade to EasyMock 4.0.1
> -
>
> Key: KNOX-1542
> URL: https://issues.apache.org/jira/browse/KNOX-1542
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.2.0
>
>
> Upgrade to EasyMock 4.0



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1542) Upgrade to EasyMock 4.0

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1542?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1542.
---
Resolution: Fixed

> Upgrade to EasyMock 4.0
> ---
>
> Key: KNOX-1542
> URL: https://issues.apache.org/jira/browse/KNOX-1542
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.2.0
>
>
> Upgrade to EasyMock 4.0



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1542) Upgrade to EasyMock 4.0

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1542:
-

 Summary: Upgrade to EasyMock 4.0
 Key: KNOX-1542
 URL: https://issues.apache.org/jira/browse/KNOX-1542
 Project: Apache Knox
  Issue Type: Task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.2.0


Upgrade to EasyMock 4.0



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1539) Put the array declaration after the type

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1539?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1539.
---
Resolution: Fixed

> Put the array declaration after the type
> 
>
> Key: KNOX-1539
> URL: https://issues.apache.org/jira/browse/KNOX-1539
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.2.0
>
>
> This task is to follow the Java guidelines to put the array declaration after 
> the type instead of the variable name.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1539) Put the array declaration after the type

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1539:
-

 Summary: Put the array declaration after the type
 Key: KNOX-1539
 URL: https://issues.apache.org/jira/browse/KNOX-1539
 Project: Apache Knox
  Issue Type: Task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.2.0


This task is to follow the Java guidelines to put the array declaration after 
the type instead of the variable name.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1536) Replace redundant types with the diamond operator

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1536?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16660685#comment-16660685
 ] 

Colm O hEigeartaigh commented on KNOX-1536:
---

I don't think there is a rule in checkstyle (at least in core checkstyle) to 
enforce it. There is an extension to checkstyle that does it enforce here 
apparently: https://github.com/sevntu-checkstyle/sevntu.checkstyle/issues/188

> Replace redundant types with the diamond operator
> -
>
> Key: KNOX-1536
> URL: https://issues.apache.org/jira/browse/KNOX-1536
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.2.0
>
>
> Replace redundant types with the diamond operator



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1536) Replace redundant types with the diamond operator

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1536?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1536.
---
Resolution: Fixed

> Replace redundant types with the diamond operator
> -
>
> Key: KNOX-1536
> URL: https://issues.apache.org/jira/browse/KNOX-1536
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.2.0
>
>
> Replace redundant types with the diamond operator



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1536) Replace redundant types with the diamond operator

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1536:
-

 Summary: Replace redundant types with the diamond operator
 Key: KNOX-1536
 URL: https://issues.apache.org/jira/browse/KNOX-1536
 Project: Apache Knox
  Issue Type: Task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.2.0


Replace redundant types with the diamond operator



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (KNOX-1474) Bump apacheds dependency version to 2.0.0-AM24

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16651381#comment-16651381
 ] 

Colm O hEigeartaigh commented on KNOX-1474:
---

[~risdenk] FYI I submitted a patch for 
https://issues.apache.org/jira/browse/DIRSERVER-2247

> Bump apacheds dependency version to 2.0.0-AM24
> --
>
> Key: KNOX-1474
> URL: https://issues.apache.org/jira/browse/KNOX-1474
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Kevin Risden
>Assignee: Kevin Risden
>Priority: Major
> Fix For: 1.2.0
>
> Attachments: KNOX-1474.patch, KNOX-1474.patch
>
>
> Currently we are on 2.0.0.M16. Doesn't seem to be any breaking changes from 
> https://directory.apache.org/apacheds/news.html



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Work started] (KNOX-1402) Upgrade to Apache parent pom version 20

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Work on KNOX-1402 started by Colm O hEigeartaigh.
-
> Upgrade to Apache parent pom version 20
> ---
>
> Key: KNOX-1402
> URL: https://issues.apache.org/jira/browse/KNOX-1402
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.2.0
>
>
> This task is to upgrade to version 20 of the Apache parent pom.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1402) Upgrade to Apache parent pom version 20

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1402.
---
Resolution: Fixed

> Upgrade to Apache parent pom version 20
> ---
>
> Key: KNOX-1402
> URL: https://issues.apache.org/jira/browse/KNOX-1402
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.2.0
>
>
> This task is to upgrade to version 20 of the Apache parent pom.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1402) Upgrade to Apache parent pom version 20

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1402:
-

 Summary: Upgrade to Apache parent pom version 20
 Key: KNOX-1402
 URL: https://issues.apache.org/jira/browse/KNOX-1402
 Project: Apache Knox
  Issue Type: Task
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.2.0


This task is to upgrade to version 20 of the Apache parent pom.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1345) Fix javadoc errors

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1345:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Fix javadoc errors
> --
>
> Key: KNOX-1345
> URL: https://issues.apache.org/jira/browse/KNOX-1345
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.1.0
>
> Attachments: KNOX-1345.patch
>
>
> This task is to fix the Javadoc errors, and enforce that errors are not 
> allowed in the build system (via upgrading the plugin).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1345) Fix javadoc errors

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1345:
--
Attachment: KNOX-1345.patch

> Fix javadoc errors
> --
>
> Key: KNOX-1345
> URL: https://issues.apache.org/jira/browse/KNOX-1345
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.1.0
>
> Attachments: KNOX-1345.patch
>
>
> This task is to fix the Javadoc errors, and enforce that errors are not 
> allowed in the build system (via upgrading the plugin).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1345) Fix javadoc errors

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1345:
--
Attachment: (was: beam-temp.patch)

> Fix javadoc errors
> --
>
> Key: KNOX-1345
> URL: https://issues.apache.org/jira/browse/KNOX-1345
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.1.0
>
> Attachments: KNOX-1345.patch
>
>
> This task is to fix the Javadoc errors, and enforce that errors are not 
> allowed in the build system (via upgrading the plugin).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1345) Fix javadoc errors

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1345:
--
Status: Patch Available  (was: Open)

> Fix javadoc errors
> --
>
> Key: KNOX-1345
> URL: https://issues.apache.org/jira/browse/KNOX-1345
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.1.0
>
> Attachments: KNOX-1345.patch
>
>
> This task is to fix the Javadoc errors, and enforce that errors are not 
> allowed in the build system (via upgrading the plugin).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1345) Fix javadoc errors

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1345:
--
Attachment: beam-temp.patch

> Fix javadoc errors
> --
>
> Key: KNOX-1345
> URL: https://issues.apache.org/jira/browse/KNOX-1345
> Project: Apache Knox
>  Issue Type: Task
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Major
> Fix For: 1.1.0
>
> Attachments: KNOX-1345.patch
>
>
> This task is to fix the Javadoc errors, and enforce that errors are not 
> allowed in the build system (via upgrading the plugin).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1201) Disable DocTypes

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1201?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1201.
---
Resolution: Fixed

> Disable DocTypes
> 
>
> Key: KNOX-1201
> URL: https://issues.apache.org/jira/browse/KNOX-1201
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.1.0
>
>
> We should disable DocTypes to prevent a number of possible attacks when 
> reading XML.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1201) Disable DocTypes

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1201:
-

 Summary: Disable DocTypes
 Key: KNOX-1201
 URL: https://issues.apache.org/jira/browse/KNOX-1201
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.1.0


We should disable DocTypes to prevent a number of possible attacks when reading 
XML.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1195) Some misc code cleanups

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1195:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Some misc code cleanups
> ---
>
> Key: KNOX-1195
> URL: https://issues.apache.org/jira/browse/KNOX-1195
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.1.0
>
> Attachments: KNOX-1195.patch
>
>
> See attached for a patch for some misc. code cleanups:
> a) Remove unused log declarations.
> b) Use EntrySet instead of KeySet
> c) Make constant static variables final.
> d) Remove a few unused local declarations, private methods.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1200) Update Apache parent pom version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1200?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1200.
---
Resolution: Fixed

> Update Apache parent pom version
> 
>
> Key: KNOX-1200
> URL: https://issues.apache.org/jira/browse/KNOX-1200
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.1.0
>
>
> We should update the Apache parent pom to a more recent version (in 
> particular - see https://issues.apache.org/jira/browse/MPOM-118)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1200) Update Apache parent pom version

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1200:
-

 Summary: Update Apache parent pom version
 Key: KNOX-1200
 URL: https://issues.apache.org/jira/browse/KNOX-1200
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.1.0


We should update the Apache parent pom to a more recent version (in particular 
- see https://issues.apache.org/jira/browse/MPOM-118)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1195) Some misc code cleanups

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1195:
--
Attachment: KNOX-1195.patch

> Some misc code cleanups
> ---
>
> Key: KNOX-1195
> URL: https://issues.apache.org/jira/browse/KNOX-1195
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.1.0
>
> Attachments: KNOX-1195.patch
>
>
> See attached for a patch for some misc. code cleanups:
> a) Remove unused log declarations.
> b) Use EntrySet instead of KeySet
> c) Make constant static variables final.
> d) Remove a few unused local declarations, private methods.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1195) Some misc code cleanups

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1195:
--
Status: Patch Available  (was: Open)

> Some misc code cleanups
> ---
>
> Key: KNOX-1195
> URL: https://issues.apache.org/jira/browse/KNOX-1195
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 1.1.0
>
> Attachments: KNOX-1195.patch
>
>
> See attached for a patch for some misc. code cleanups:
> a) Remove unused log declarations.
> b) Use EntrySet instead of KeySet
> c) Make constant static variables final.
> d) Remove a few unused local declarations, private methods.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (KNOX-1195) Some misc code cleanups

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1195:
-

 Summary: Some misc code cleanups
 Key: KNOX-1195
 URL: https://issues.apache.org/jira/browse/KNOX-1195
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.1.0
 Attachments: KNOX-1195.patch

See attached for a patch for some misc. code cleanups:

a) Remove unused log declarations.

b) Use EntrySet instead of KeySet

c) Make constant static variables final.

d) Remove a few unused local declarations, private methods.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1159) Create ".sha1" files when releasing instead of ".sha"

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1159:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Create ".sha1" files when releasing instead of ".sha"
> -
>
> Key: KNOX-1159
> URL: https://issues.apache.org/jira/browse/KNOX-1159
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.1.0
>
> Attachments: KNOX-1159.patch
>
>
> Currently we create ".sha" files when creating the release artifacts. However 
> this contradicts the Apache guidelines (and the INFRA team contacted me about 
> this same issue for another Apache project):
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> "An SHA checksum SHOULD also be created and MUST be suffixed as:
> .sha1 for a SHA-1 checksum"



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (KNOX-1066) Update Operations via SOLR to Knox Fail

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1066?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1066:
--
Fix Version/s: (was: 0.14.0)

> Update Operations via SOLR to Knox Fail 
> 
>
> Key: KNOX-1066
> URL: https://issues.apache.org/jira/browse/KNOX-1066
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Site
>Affects Versions: 0.12.0, 0.13.0
>Reporter: Rick Kellogg
>Assignee: Rick Kellogg
>Priority: Major
> Attachments: PreemptiveHttpSolrClient.java
>
>
> When using the Java SOLRJ HttpSolrClient, any operation that relies upon a 
> POST HTTP operation fails authentication when proxied via Knox.  This is 
> because the SOLRJ API only supports traditional challenge/response basic 
> authentication.  For any update style operation the SOLRJ client refuses to 
> retry the operation as it might lead to duplicate data, etc.  If this were a 
> GET operation, it would retry the operation and include the appropriate 
> authentication header.
> Therefore preemptive authentication must be used for updates to succeed.  
> Unfortunately, the Apache HttpClient construction is hidden from the client 
> in the form of the HttpSolrClient.Builder class.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-905) Add httpclient properties to knoxshell log4j properties file

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-905?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-905.
--
Resolution: Fixed

Marking this as resolved as it appears a fix was merged.

> Add httpclient properties to knoxshell log4j properties file
> 
>
> Key: KNOX-905
> URL: https://issues.apache.org/jira/browse/KNOX-905
> Project: Apache Knox
>  Issue Type: Bug
>  Components: KnoxShell
>Affects Versions: 0.12.0
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
>Priority: Major
> Fix For: 0.12.0
>
>
> The file knoxshell-log4j.properties file does not contain any helpful 
> properties for httpclient debugging.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1161) Update hadoop dependencies to Hadoop 3

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1161.
---
Resolution: Fixed

> Update hadoop dependencies to Hadoop 3
> --
>
> Key: KNOX-1161
> URL: https://issues.apache.org/jira/browse/KNOX-1161
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Reporter: Sandeep More
>Assignee: Sandeep More
> Fix For: 1.0.0
>
> Attachments: KNOX-1161-revised.patch, KNOX-1161-revised.patch.2, 
> KNOX-1161.001.patch
>
>
> With the release of Hadoop 3 the upcoming release of Knox 1.0.0 should use 
> Hadoop 3 dependencies. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1161) Update hadoop dependencies to Hadoop 3

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16318627#comment-16318627
 ] 

Colm O hEigeartaigh commented on KNOX-1161:
---

Thanks [~moresandeep], I updated the patch to fix the license issue + exclude 
the Kerby deps from the distribution, please take a look when you get a chance 
+ I will commit it then.

> Update hadoop dependencies to Hadoop 3
> --
>
> Key: KNOX-1161
> URL: https://issues.apache.org/jira/browse/KNOX-1161
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Reporter: Sandeep More
>Assignee: Sandeep More
> Fix For: 1.0.0
>
> Attachments: KNOX-1161-revised.patch, KNOX-1161-revised.patch.2, 
> KNOX-1161.001.patch
>
>
> With the release of Hadoop 3 the upcoming release of Knox 1.0.0 should use 
> Hadoop 3 dependencies. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1161) Update hadoop dependencies to Hadoop 3

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1161:
--
Attachment: KNOX-1161-revised.patch.2

An update to the previous patch to add the RE2J license + exclude the Kerby 
jars from the distribution deps.

> Update hadoop dependencies to Hadoop 3
> --
>
> Key: KNOX-1161
> URL: https://issues.apache.org/jira/browse/KNOX-1161
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Reporter: Sandeep More
>Assignee: Sandeep More
> Fix For: 1.0.0
>
> Attachments: KNOX-1161-revised.patch, KNOX-1161-revised.patch.2, 
> KNOX-1161.001.patch
>
>
> With the release of Hadoop 3 the upcoming release of Knox 1.0.0 should use 
> Hadoop 3 dependencies. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1159) Create ".sha1" files when releasing instead of ".sha"

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16317208#comment-16317208
 ] 

Colm O hEigeartaigh commented on KNOX-1159:
---

[~lmccay], yep 1.1.0 is fine for me.

> Create ".sha1" files when releasing instead of ".sha"
> -
>
> Key: KNOX-1159
> URL: https://issues.apache.org/jira/browse/KNOX-1159
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.1.0
>
> Attachments: KNOX-1159.patch
>
>
> Currently we create ".sha" files when creating the release artifacts. However 
> this contradicts the Apache guidelines (and the INFRA team contacted me about 
> this same issue for another Apache project):
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> "An SHA checksum SHOULD also be created and MUST be suffixed as:
> .sha1 for a SHA-1 checksum"



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1159) Create ".sha1" files when releasing instead of ".sha"

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1159:
--
Summary: Create ".sha1" files when releasing instead of ".sha"  (was: 
Create ".sha" files when releasing instead of ".sha")

> Create ".sha1" files when releasing instead of ".sha"
> -
>
> Key: KNOX-1159
> URL: https://issues.apache.org/jira/browse/KNOX-1159
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.1.0
>
> Attachments: KNOX-1159.patch
>
>
> Currently we create ".sha" files when creating the release artifacts. However 
> this contradicts the Apache guidelines (and the INFRA team contacted me about 
> this same issue for another Apache project):
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> "An SHA checksum SHOULD also be created and MUST be suffixed as:
> .sha1 for a SHA-1 checksum"



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1161) Update hadoop dependencies to Hadoop 3

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1161?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1161:
--
Attachment: KNOX-1161-revised.patch

Hi [~moresandeep],

Please see attached for some proposed changes (feel free to ignore any of 
them). The changes are:

 - Re-used the core Mockito/Jackson versions in gateway-test-release for 
consistency
 - Use the Hadoop 3.0.0 minikdc in gateway-test-release instead of the alpha 
version, and remove the dependency on Kerby.
 - Remove unused "jackson2.version" declaration in root pom
 - Remove Kerby exclusions and subsequent dependency in the root pom.

All tests pass with this patch. Let me know what you think!

BTW there are two outstanding issues I noticed with the distribution:

a) We are now shipping all of the kerby jars...probably these should be 
excluded as I don't think they're needed by Knox.
b) We're also shipping re2j with is BSD 3-clause...we need to acknowledge this 
as such in our LICENSE/NOTICE.
 - 

> Update hadoop dependencies to Hadoop 3
> --
>
> Key: KNOX-1161
> URL: https://issues.apache.org/jira/browse/KNOX-1161
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Reporter: Sandeep More
>Assignee: Sandeep More
> Fix For: 1.0.0
>
> Attachments: KNOX-1161-revised.patch, KNOX-1161.001.patch
>
>
> With the release of Hadoop 3 the upcoming release of Knox 1.0.0 should use 
> Hadoop 3 dependencies. 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1159) Create ".sha" files when releasing instead of ".sha"

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1159:
--
Attachment: KNOX-1159.patch

> Create ".sha" files when releasing instead of ".sha"
> 
>
> Key: KNOX-1159
> URL: https://issues.apache.org/jira/browse/KNOX-1159
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: KNOX-1159.patch
>
>
> Currently we create ".sha" files when creating the release artifacts. However 
> this contradicts the Apache guidelines (and the INFRA team contacted me about 
> this same issue for another Apache project):
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> "An SHA checksum SHOULD also be created and MUST be suffixed as:
> .sha1 for a SHA-1 checksum"



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1159) Create ".sha" files when releasing instead of ".sha"

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1159:
--
Status: Patch Available  (was: Open)

> Create ".sha" files when releasing instead of ".sha"
> 
>
> Key: KNOX-1159
> URL: https://issues.apache.org/jira/browse/KNOX-1159
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 1.0.0
>
> Attachments: KNOX-1159.patch
>
>
> Currently we create ".sha" files when creating the release artifacts. However 
> this contradicts the Apache guidelines (and the INFRA team contacted me about 
> this same issue for another Apache project):
> http://www.apache.org/dev/release-distribution#sigs-and-sums
> "An SHA checksum SHOULD also be created and MUST be suffixed as:
> .sha1 for a SHA-1 checksum"



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1159) Create ".sha" files when releasing instead of ".sha"

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1159:
-

 Summary: Create ".sha" files when releasing instead of ".sha"
 Key: KNOX-1159
 URL: https://issues.apache.org/jira/browse/KNOX-1159
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Priority: Minor
 Fix For: 1.0.0


Currently we create ".sha" files when creating the release artifacts. However 
this contradicts the Apache guidelines (and the INFRA team contacted me about 
this same issue for another Apache project):

http://www.apache.org/dev/release-distribution#sigs-and-sums

"An SHA checksum SHOULD also be created and MUST be suffixed as:

.sha1 for a SHA-1 checksum"



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1116) Builds of src distributions result in unexpected result from gateway version API

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1116:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Builds of src distributions result in unexpected result from gateway version 
> API
> 
>
> Key: KNOX-1116
> URL: https://issues.apache.org/jira/browse/KNOX-1116
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Affects Versions: 0.14.0
>Reporter: Phil Zampino
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1116.patch
>
>
> When a Knox build is executed outside of a git repo (e.g., src 
> distributions), then the build.hash property in build.properties is not 
> populated with an actual value.
> This manifests as an unexpected response to the gateway version API:
> {
> "ServerVersion" : {
>"version" : "0.14.0",
>"hash" : "${buildNumber}"
> }
> This is due to the fact that the buildnumber-maven-plugin attempts to invoke 
> 'git rev-parse --verify HEAD', which fails because it's not in a git repo.
> This plugin apparently has a facility for specifying an alternate value when 
> an scm error is encountered. It would be nice if Knox could employ that 
> facility to provide a better value than ${buildNumber} in these cases.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1116) Builds of src distributions result in unexpected result from gateway version API

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1116:
--
Attachment: KNOX-1116.patch

A proposed patch for this issue. If Knox is built outside of SCM then it just 
uses the current version number for the build hash instead.

> Builds of src distributions result in unexpected result from gateway version 
> API
> 
>
> Key: KNOX-1116
> URL: https://issues.apache.org/jira/browse/KNOX-1116
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Affects Versions: 0.14.0
>Reporter: Phil Zampino
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1116.patch
>
>
> When a Knox build is executed outside of a git repo (e.g., src 
> distributions), then the build.hash property in build.properties is not 
> populated with an actual value.
> This manifests as an unexpected response to the gateway version API:
> {
> "ServerVersion" : {
>"version" : "0.14.0",
>"hash" : "${buildNumber}"
> }
> This is due to the fact that the buildnumber-maven-plugin attempts to invoke 
> 'git rev-parse --verify HEAD', which fails because it's not in a git repo.
> This plugin apparently has a facility for specifying an alternate value when 
> an scm error is encountered. It would be nice if Knox could employ that 
> facility to provide a better value than ${buildNumber} in these cases.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1116) Builds of src distributions result in unexpected result from gateway version API

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1116:
--
Status: Patch Available  (was: Open)

> Builds of src distributions result in unexpected result from gateway version 
> API
> 
>
> Key: KNOX-1116
> URL: https://issues.apache.org/jira/browse/KNOX-1116
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Affects Versions: 0.14.0
>Reporter: Phil Zampino
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
>
> When a Knox build is executed outside of a git repo (e.g., src 
> distributions), then the build.hash property in build.properties is not 
> populated with an actual value.
> This manifests as an unexpected response to the gateway version API:
> {
> "ServerVersion" : {
>"version" : "0.14.0",
>"hash" : "${buildNumber}"
> }
> This is due to the fact that the buildnumber-maven-plugin attempts to invoke 
> 'git rev-parse --verify HEAD', which fails because it's not in a git repo.
> This plugin apparently has a facility for specifying an alternate value when 
> an scm error is encountered. It would be nice if Knox could employ that 
> facility to provide a better value than ${buildNumber} in these cases.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1116) Builds of src distributions result in unexpected result from gateway version API

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1116:
--
Fix Version/s: (was: 0.15.0)
   1.0.0

> Builds of src distributions result in unexpected result from gateway version 
> API
> 
>
> Key: KNOX-1116
> URL: https://issues.apache.org/jira/browse/KNOX-1116
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Affects Versions: 0.14.0
>Reporter: Phil Zampino
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
>
> When a Knox build is executed outside of a git repo (e.g., src 
> distributions), then the build.hash property in build.properties is not 
> populated with an actual value.
> This manifests as an unexpected response to the gateway version API:
> {
> "ServerVersion" : {
>"version" : "0.14.0",
>"hash" : "${buildNumber}"
> }
> This is due to the fact that the buildnumber-maven-plugin attempts to invoke 
> 'git rev-parse --verify HEAD', which fails because it's not in a git repo.
> This plugin apparently has a facility for specifying an alternate value when 
> an scm error is encountered. It would be nice if Knox could employ that 
> facility to provide a better value than ${buildNumber} in these cases.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (KNOX-1116) Builds of src distributions result in unexpected result from gateway version API

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1116?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh reassigned KNOX-1116:
-

Assignee: Colm O hEigeartaigh

> Builds of src distributions result in unexpected result from gateway version 
> API
> 
>
> Key: KNOX-1116
> URL: https://issues.apache.org/jira/browse/KNOX-1116
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Build
>Affects Versions: 0.14.0
>Reporter: Phil Zampino
>Assignee: Colm O hEigeartaigh
> Fix For: 0.15.0
>
>
> When a Knox build is executed outside of a git repo (e.g., src 
> distributions), then the build.hash property in build.properties is not 
> populated with an actual value.
> This manifests as an unexpected response to the gateway version API:
> {
> "ServerVersion" : {
>"version" : "0.14.0",
>"hash" : "${buildNumber}"
> }
> This is due to the fact that the buildnumber-maven-plugin attempts to invoke 
> 'git rev-parse --verify HEAD', which fails because it's not in a git repo.
> This plugin apparently has a facility for specifying an alternate value when 
> an scm error is encountered. It would be nice if Knox could employ that 
> facility to provide a better value than ${buildNumber} in these cases.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1145:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Upgrade Jackson due to CVE-2017-7525
> 
>
> Key: KNOX-1145
> URL: https://issues.apache.org/jira/browse/KNOX-1145
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1145.patch
>
>
> Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
> there is a security advisory CVE-2017-7525 released for this component:
> https://github.com/FasterXML/jackson-databind/issues/1599
> We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16294809#comment-16294809
 ] 

Colm O hEigeartaigh commented on KNOX-1145:
---

OK I will hold off until the branch is merged to master (although it's hardly 
much work to do "git merge master" on the branch). What is the timeline for the 
merge?

> Upgrade Jackson due to CVE-2017-7525
> 
>
> Key: KNOX-1145
> URL: https://issues.apache.org/jira/browse/KNOX-1145
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1145.patch
>
>
> Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
> there is a security advisory CVE-2017-7525 released for this component:
> https://github.com/FasterXML/jackson-databind/issues/1599
> We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16292900#comment-16292900
 ] 

Colm O hEigeartaigh commented on KNOX-1145:
---

Any objections to this patch for master?

> Upgrade Jackson due to CVE-2017-7525
> 
>
> Key: KNOX-1145
> URL: https://issues.apache.org/jira/browse/KNOX-1145
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1145.patch
>
>
> Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
> there is a security advisory CVE-2017-7525 released for this component:
> https://github.com/FasterXML/jackson-databind/issues/1599
> We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1145:
--
Attachment: KNOX-1145.patch

A patch to upgrade to Jackson 2.8.10. I also removed a duplicate test 
dependency that I noticed.

> Upgrade Jackson due to CVE-2017-7525
> 
>
> Key: KNOX-1145
> URL: https://issues.apache.org/jira/browse/KNOX-1145
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1145.patch
>
>
> Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
> there is a security advisory CVE-2017-7525 released for this component:
> https://github.com/FasterXML/jackson-databind/issues/1599
> We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1145?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1145:
--
Status: Patch Available  (was: Open)

> Upgrade Jackson due to CVE-2017-7525
> 
>
> Key: KNOX-1145
> URL: https://issues.apache.org/jira/browse/KNOX-1145
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 1.0.0
>
> Attachments: KNOX-1145.patch
>
>
> Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
> there is a security advisory CVE-2017-7525 released for this component:
> https://github.com/FasterXML/jackson-databind/issues/1599
> We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1145) Upgrade Jackson due to CVE-2017-7525

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1145:
-

 Summary: Upgrade Jackson due to CVE-2017-7525
 Key: KNOX-1145
 URL: https://issues.apache.org/jira/browse/KNOX-1145
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 1.0.0


Apache Knox currently ships the Jackson databind jar version 2.2.2. However, 
there is a security advisory CVE-2017-7525 released for this component:

https://github.com/FasterXML/jackson-databind/issues/1599

We should upgrade Jackson to pick this fix up.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (KNOX-682) Upgrade Rest-Assured test dependency to latest version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh reassigned KNOX-682:


Assignee: Colm O hEigeartaigh

> Upgrade Rest-Assured test dependency to latest version
> --
>
> Key: KNOX-682
> URL: https://issues.apache.org/jira/browse/KNOX-682
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Tests
>Affects Versions: 0.9.0
>Reporter: Kevin Minder
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: Future
>
>
> The version of Rest-Assured being used is currently three years old and no 
> longer matches the easily accessible documentation very well.  Along with all 
> of the other dependency updates it would be nice to update this one as well.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (KNOX-682) Upgrade Rest-Assured test dependency to latest version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-682.
--
Resolution: Fixed

> Upgrade Rest-Assured test dependency to latest version
> --
>
> Key: KNOX-682
> URL: https://issues.apache.org/jira/browse/KNOX-682
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Tests
>Affects Versions: 0.9.0
>Reporter: Kevin Minder
>Priority: Minor
> Fix For: Future
>
>
> The version of Rest-Assured being used is currently three years old and no 
> longer matches the easily accessible documentation very well.  Along with all 
> of the other dependency updates it would be nice to update this one as well.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Closed] (KNOX-682) Upgrade Rest-Assured test dependency to latest version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh closed KNOX-682.


> Upgrade Rest-Assured test dependency to latest version
> --
>
> Key: KNOX-682
> URL: https://issues.apache.org/jira/browse/KNOX-682
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Tests
>Affects Versions: 0.9.0
>Reporter: Kevin Minder
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: Future
>
>
> The version of Rest-Assured being used is currently three years old and no 
> longer matches the easily accessible documentation very well.  Along with all 
> of the other dependency updates it would be nice to update this one as well.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-6) Validate audience of JWT

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-6?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16285850#comment-16285850
 ] 

Colm O hEigeartaigh commented on KNOX-6:


This issue could be resolved as audience validation is now enabled for 
JWTFederationFilter.

> Validate audience of JWT
> 
>
> Key: KNOX-6
> URL: https://issues.apache.org/jira/browse/KNOX-6
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.2.0
>Reporter: Larry McCay
>Assignee: Larry McCay
>  Labels: JWT, Security
> Fix For: Future
>
>
> Must validate that the audience indicated matches the intended target during 
> JWT validation in JWTFederationFilter.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1134) Regression due to KNOX-1119

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1134:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Regression due to KNOX-1119
> ---
>
> Key: KNOX-1134
> URL: https://issues.apache.org/jira/browse/KNOX-1134
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1134.patch
>
>
> There is a regression due to the patch for KNOX-1119, where a NPE results if 
> the idAttribute is null (and it ignores the corresponding id if the 
> idAttribute is not null). 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1134) Regression due to KNOX-1119

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1134:
--
Status: Patch Available  (was: Open)

> Regression due to KNOX-1119
> ---
>
> Key: KNOX-1134
> URL: https://issues.apache.org/jira/browse/KNOX-1134
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1134.patch
>
>
> There is a regression due to the patch for KNOX-1119, where a NPE results if 
> the idAttribute is null (and it ignores the corresponding id if the 
> idAttribute is not null). 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1134) Regression due to KNOX-1119

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1134?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1134:
--
Attachment: KNOX-1134.patch

> Regression due to KNOX-1119
> ---
>
> Key: KNOX-1134
> URL: https://issues.apache.org/jira/browse/KNOX-1134
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1134.patch
>
>
> There is a regression due to the patch for KNOX-1119, where a NPE results if 
> the idAttribute is null (and it ignores the corresponding id if the 
> idAttribute is not null). 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1134) Regression due to KNOX-1119

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1134:
-

 Summary: Regression due to KNOX-1119
 Key: KNOX-1134
 URL: https://issues.apache.org/jira/browse/KNOX-1134
 Project: Apache Knox
  Issue Type: Bug
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 0.14.0


There is a regression due to the patch for KNOX-1119, where a NPE results if 
the idAttribute is null (and it ignores the corresponding id if the idAttribute 
is not null). 



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1076) Update nimbus-jose-jwt to 4.41.2

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1076:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Update nimbus-jose-jwt to 4.41.2
> 
>
> Key: KNOX-1076
> URL: https://issues.apache.org/jira/browse/KNOX-1076
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1076.patch
>
>
> We need to upgrade our dependency on nimbus to the latest release.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1076) Update nimbus-jose-jwt to 4.41.2

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1076:
--
Status: Patch Available  (was: Open)

> Update nimbus-jose-jwt to 4.41.2
> 
>
> Key: KNOX-1076
> URL: https://issues.apache.org/jira/browse/KNOX-1076
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1076.patch
>
>
> We need to upgrade our dependency on nimbus to the latest release.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1076) Update nimbus-jose-jwt to 4.41.2

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1076:
--
Attachment: KNOX-1076.patch

A patch for this issue. I tested successfully with an OpenId Connect provider. 
It also involves two other upgrades that are required due to the Nimbus upgrade:

a) EasyMock 3.0 -> 3.5
b) jsonpath 0.9.1 -> 2.4.0

> Update nimbus-jose-jwt to 4.41.2
> 
>
> Key: KNOX-1076
> URL: https://issues.apache.org/jira/browse/KNOX-1076
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1076.patch
>
>
> We need to upgrade our dependency on nimbus to the latest release.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (KNOX-1076) Update nimbus-jose-jwt to 4.41.2

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh reassigned KNOX-1076:
-

Assignee: Colm O hEigeartaigh

> Update nimbus-jose-jwt to 4.41.2
> 
>
> Key: KNOX-1076
> URL: https://issues.apache.org/jira/browse/KNOX-1076
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
>
> We need to upgrade our dependency on nimbus to the latest release.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1076) Update nimbus-jose-jwt to 4.41.2

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1076:
--
Summary: Update nimbus-jose-jwt to 4.41.2  (was: Update nimbus-jose-jwt to 
4.41.1)

> Update nimbus-jose-jwt to 4.41.2
> 
>
> Key: KNOX-1076
> URL: https://issues.apache.org/jira/browse/KNOX-1076
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
> Fix For: 0.14.0
>
>
> We need to upgrade our dependency on nimbus to the latest release.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1089) Upgrade Jetty

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1089:
--
Fix Version/s: (was: 0.14.0)
   0.15.0

> Upgrade Jetty
> -
>
> Key: KNOX-1089
> URL: https://issues.apache.org/jira/browse/KNOX-1089
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.15.0
>
> Attachments: KNOX-1089.patch
>
>
> We should upgrade Jetty from 9.2.15.v20160210 to 9.2.22.v20170606.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1089) Upgrade Jetty

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1089?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16221934#comment-16221934
 ] 

Colm O hEigeartaigh commented on KNOX-1089:
---

There are no CVEs that I can see, so I'll bump this to 0.15.0...

> Upgrade Jetty
> -
>
> Key: KNOX-1089
> URL: https://issues.apache.org/jira/browse/KNOX-1089
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.15.0
>
> Attachments: KNOX-1089.patch
>
>
> We should upgrade Jetty from 9.2.15.v20160210 to 9.2.22.v20170606.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1089) Upgrade Jetty

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1089?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16220782#comment-16220782
 ] 

Colm O hEigeartaigh commented on KNOX-1089:
---

No particular reason from my POV, just taking advantage of a new major release 
to update the dependencies.

> Upgrade Jetty
> -
>
> Key: KNOX-1089
> URL: https://issues.apache.org/jira/browse/KNOX-1089
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1089.patch
>
>
> We should upgrade Jetty from 9.2.15.v20160210 to 9.2.22.v20170606.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1089) Upgrade Jetty

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1089:
-

 Summary: Upgrade Jetty
 Key: KNOX-1089
 URL: https://issues.apache.org/jira/browse/KNOX-1089
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
 Fix For: 0.14.0


We should upgrade Jetty from 9.2.15.v20160210 to 9.2.22.v20170606.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1089) Upgrade Jetty

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1089:
--
Attachment: KNOX-1089.patch

> Upgrade Jetty
> -
>
> Key: KNOX-1089
> URL: https://issues.apache.org/jira/browse/KNOX-1089
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: KNOX-1089.patch
>
>
> We should upgrade Jetty from 9.2.15.v20160210 to 9.2.22.v20170606.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1088) Remove LDAP BaseDirectoryService*

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1088?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1088:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Remove LDAP BaseDirectoryService*
> -
>
> Key: KNOX-1088
> URL: https://issues.apache.org/jira/browse/KNOX-1088
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
> Attachments: 0001-KNOX-1088-Remove-LDAP-BaseDirectoryService.patch
>
>
> This task is to remove the LDAP BaseDirectoryService* classes in 
> gateway-demo-ldap. Instead we can use DefaultDirectoryService from Apache 
> Directory. BaseDirectoryService* was only created to provide a way to 
> override showSecurityWarnings - but this method is protected in Apache 
> Directory 2.0.0-M16 so there is no need for it any longer.
> Also removed some commented out Apache Directory dependencies from the poms, 
> and removed apacheds-core-integ from gateway-test-release, as it's not needed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1088) Remove LDAP BaseDirectoryService*

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1088?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1088:
--
Attachment: 0001-KNOX-1088-Remove-LDAP-BaseDirectoryService.patch

Tested the distribution that ldap.sh start/stop works correctly, as well as 
authentication.

> Remove LDAP BaseDirectoryService*
> -
>
> Key: KNOX-1088
> URL: https://issues.apache.org/jira/browse/KNOX-1088
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
> Attachments: 0001-KNOX-1088-Remove-LDAP-BaseDirectoryService.patch
>
>
> This task is to remove the LDAP BaseDirectoryService* classes in 
> gateway-demo-ldap. Instead we can use DefaultDirectoryService from Apache 
> Directory. BaseDirectoryService* was only created to provide a way to 
> override showSecurityWarnings - but this method is protected in Apache 
> Directory 2.0.0-M16 so there is no need for it any longer.
> Also removed some commented out Apache Directory dependencies from the poms, 
> and removed apacheds-core-integ from gateway-test-release, as it's not needed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1088) Remove LDAP BaseDirectoryService*

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1088?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1088:
--
Status: Patch Available  (was: Open)

> Remove LDAP BaseDirectoryService*
> -
>
> Key: KNOX-1088
> URL: https://issues.apache.org/jira/browse/KNOX-1088
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
>
> This task is to remove the LDAP BaseDirectoryService* classes in 
> gateway-demo-ldap. Instead we can use DefaultDirectoryService from Apache 
> Directory. BaseDirectoryService* was only created to provide a way to 
> override showSecurityWarnings - but this method is protected in Apache 
> Directory 2.0.0-M16 so there is no need for it any longer.
> Also removed some commented out Apache Directory dependencies from the poms, 
> and removed apacheds-core-integ from gateway-test-release, as it's not needed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1088) Remove LDAP BaseDirectoryService*

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1088:
-

 Summary: Remove LDAP BaseDirectoryService*
 Key: KNOX-1088
 URL: https://issues.apache.org/jira/browse/KNOX-1088
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Priority: Minor
 Fix For: 0.14.0


This task is to remove the LDAP BaseDirectoryService* classes in 
gateway-demo-ldap. Instead we can use DefaultDirectoryService from Apache 
Directory. BaseDirectoryService* was only created to provide a way to override 
showSecurityWarnings - but this method is protected in Apache Directory 
2.0.0-M16 so there is no need for it any longer.

Also removed some commented out Apache Directory dependencies from the poms, 
and removed apacheds-core-integ from gateway-test-release, as it's not needed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1073) Upgrade PAC4J to a more recent version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1073:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Upgrade PAC4J to a more recent version
> --
>
> Key: KNOX-1073
> URL: https://issues.apache.org/jira/browse/KNOX-1073
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: knox-pac4j.patch.3
>
>
> This task is to upgrade PAC4J to a more recent version.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (KNOX-1073) Upgrade PAC4J to a more recent version

[Colm O hEigeartaigh (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-1073?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16218459#comment-16218459
 ] 

Colm O hEigeartaigh commented on KNOX-1073:
---

I've tested successfully with OIDC (Apache CXF Fediz) and SAML SSO (TestShib). 
I am going to commit the patch

> Upgrade PAC4J to a more recent version
> --
>
> Key: KNOX-1073
> URL: https://issues.apache.org/jira/browse/KNOX-1073
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: knox-pac4j.patch.3
>
>
> This task is to upgrade PAC4J to a more recent version.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (KNOX-766) Intermittent Maven package goal fails due to assembly plugin

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-766?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-766.
--
Resolution: Cannot Reproduce

> Intermittent Maven package goal fails due to assembly plugin
> 
>
> Key: KNOX-766
> URL: https://issues.apache.org/jira/browse/KNOX-766
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Build
>Affects Versions: 0.10.0
>Reporter: John McParland
>Priority: Minor
>  Labels: build
> Fix For: 0.14.0
>
>
> When executing a maven build which includes the "package" goal, the 
> maven-assembly-plugin:single goal fails for some modules;
> {code}
> [INFO] 
> 
> [INFO] Building gateway-demo-ldap-launcher 0.10.0-SNAPSHOT
> [INFO] 
> 
> ...
> [INFO] --- maven-assembly-plugin:2.4:single (server-launcher) @ 
> gateway-demo-ldap-launcher ---
> [WARNING] Artifact: 
> org.apache.knox:gateway-demo-ldap-launcher:jar:0.10.0-SNAPSHOT references the 
> same file as the assembly destination file. Moving it to a temporary location 
> for inclusion.
> [INFO] Building jar: 
> /home/mcparlandj/git/knox/gateway-demo-ldap-launcher/target/gateway-demo-ldap-launcher-0.10.0-SNAPSHOT.jar
> [WARNING] Configuration options: 'appendAssemblyId' is set to false, and 
> 'classifier' is missing.
> Instead of attaching the assembly file: 
> /home/mcparlandj/git/knox/gateway-demo-ldap-launcher/target/gateway-demo-ldap-launcher-0.10.0-SNAPSHOT.jar,
>  it will become the file for main project artifact.
> NOTE: If multiple descriptors or descriptor-formats are provided for this 
> project, the value of this file will be non-deterministic!
> [WARNING] Replacing pre-existing project main-artifact file: 
> /home/mcparlandj/git/knox/gateway-demo-ldap-launcher/target/archive-tmp/gateway-demo-ldap-launcher-0.10.0-SNAPSHOT.jar
> with assembly file: 
> /home/mcparlandj/git/knox/gateway-demo-ldap-launcher/target/gateway-demo-ldap-launcher-0.10.0-SNAPSHOT.jar
> ...
> [INFO] --- maven-assembly-plugin:2.4:single (server-launcher) @ 
> gateway-demo-ldap-launcher ---
> [WARNING] Artifact: 
> org.apache.knox:gateway-demo-ldap-launcher:jar:0.10.0-SNAPSHOT references the 
> same file as the assembly destination file. Moving it to a temporary location 
> for inclusion.
> ...
> [ERROR] Failed to execute goal 
> org.apache.maven.plugins:maven-assembly-plugin:2.4:single (server-launcher) 
> on project gateway-demo-ldap-launcher: Execution server-launcher of goal 
> org.apache.maven.plugins:maven-assembly-plugin:2.4:single failed: MALFORMED 
> -> [Help 1]
> {code}
> However given that the following command lines (which omit the "package" 
> goal) work, it appears to be a clash with the package goal and the 
> maven-assembly-plugin:single goal.
> {code}
> mvn clean install -Ppackage
> mvn clean install -Prelease
> mvn clean install
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1073) Upgrade PAC4J to a more recent version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1073:
--
Attachment: knox-pac4j.patch.3

Here's an updated patch that fixes the failing unit test.

> Upgrade PAC4J to a more recent version
> --
>
> Key: KNOX-1073
> URL: https://issues.apache.org/jira/browse/KNOX-1073
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: knox-pac4j.patch.3
>
>
> This task is to upgrade PAC4J to a more recent version.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1073) Upgrade PAC4J to a more recent version

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1073?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1073:
--
Attachment: (was: knox-pac4j.patch.2)

> Upgrade PAC4J to a more recent version
> --
>
> Key: KNOX-1073
> URL: https://issues.apache.org/jira/browse/KNOX-1073
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: knox-pac4j.patch.3
>
>
> This task is to upgrade PAC4J to a more recent version.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (KNOX-1022) Configuring knox token ttl to higher value generates an access token which is not valid

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1022?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1022.
---
Resolution: Fixed

> Configuring knox token ttl to higher value generates an access token which is 
> not valid
> ---
>
> Key: KNOX-1022
> URL: https://issues.apache.org/jira/browse/KNOX-1022
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: J.Andreina
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
>
> If TTL for Knox token is configured to negative value other than -1 or 
> configured to a value in milli seconds which when gets added to current time 
> in milli seconds to calculate the token expiry becomes > LONG.MAX_VALUE, then 
> token expiry will become negative value. In such cases there is no need to go 
> ahead and generate a token which will not be valid at all (already expired).



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (KNOX-1021) Should handle empty string for endpoint token service audience list

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1021?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1021.
---
Resolution: Fixed

> Should handle empty string for endpoint token service audience list
> ---
>
> Key: KNOX-1021
> URL: https://issues.apache.org/jira/browse/KNOX-1021
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: J.Andreina
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
>
>If knox.token.audience is left empty at endpoint , then an empty 
> string is validated against the list of valid token audience list and the 
> token is rejected. Admin might expect the same behaviour when the endpoint 
> audience is null ( ie. Token should be accepted)



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Assigned] (KNOX-1021) Should handle empty string for endpoint token service audience list

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1021?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh reassigned KNOX-1021:
-

Assignee: Colm O hEigeartaigh

> Should handle empty string for endpoint token service audience list
> ---
>
> Key: KNOX-1021
> URL: https://issues.apache.org/jira/browse/KNOX-1021
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: J.Andreina
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
>
>If knox.token.audience is left empty at endpoint , then an empty 
> string is validated against the list of valid token audience list and the 
> token is rejected. Admin might expect the same behaviour when the endpoint 
> audience is null ( ie. Token should be accepted)



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Resolved] (KNOX-1082) Add support to validate the "nbf" claim for JWTs

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1082?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh resolved KNOX-1082.
---
Resolution: Fixed

> Add support to validate the "nbf" claim for JWTs
> 
>
> Key: KNOX-1082
> URL: https://issues.apache.org/jira/browse/KNOX-1082
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.14.0
>
>
> This task is to add support to validate the "nbf" claim for JWTs. Tokens with 
> a NotBefore claim that is in the future should be rejected.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (KNOX-1082) Add support to validate the "nbf" claim for JWTs

[Colm O hEigeartaigh (JIRA)]

Colm O hEigeartaigh created KNOX-1082:
-

 Summary: Add support to validate the "nbf" claim for JWTs
 Key: KNOX-1082
 URL: https://issues.apache.org/jira/browse/KNOX-1082
 Project: Apache Knox
  Issue Type: Improvement
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Priority: Minor
 Fix For: 0.14.0


This task is to add support to validate the "nbf" claim for JWTs. Tokens with a 
NotBefore claim that is in the future should be rejected.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1067) Support different signature algorithms for JWTs

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1067?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1067:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Support different signature algorithms for JWTs
> ---
>
> Key: KNOX-1067
> URL: https://issues.apache.org/jira/browse/KNOX-1067
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: 
> 0001-KNOX-1067-Support-different-signature-algorithms-for.patch
>
>
> Right now, the Knox SSO and Token services can only issue tokens signed with 
> RS256. This task is to support a wider range of signature algorithms. 
> The following changes are proposed:
> a) The Knox Token Service has a new configuration parameter 
> "knox.token.sigalg" which defaults to "RS256".
> b) The Knox SSO Service has a new configuration parameter 
> "knoxsso.token.sigalg" which defaults to "RS256".
> c) The DefaultTokenAuthorityService checks the signing algorithm against a 
> pre-defined list, which is all of the RSA algorithms (RS* and PS*) from the 
> JWA spec. 
> d) The JWTFederationFilter + the SSOCookieFederationFilter have a new 
> configuration parameter "jwt.expected.sigalg" which defaults to "RS256". The 
> received token must be signed with the algorithm that is configured for this 
> value.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1045) Knox Token Service has a trailing whitespace for the token_type attribute

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1045?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1045:
--
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Knox Token Service has a trailing whitespace for the token_type attribute
> -
>
> Key: KNOX-1045
> URL: https://issues.apache.org/jira/browse/KNOX-1045
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 0.14.0
>
> Attachments: 
> 0001-KNOX-1045-Knox-Token-Service-has-a-trailing-whitespa.patch
>
>
> The Knox Token Service has a trailing whitespace for the token_type 
> attribute: "Bearer ", which looks a bit odd.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (KNOX-1067) Support different signature algorithms for JWTs

[Colm O hEigeartaigh (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-1067?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh updated KNOX-1067:
--
Attachment: 0001-KNOX-1067-Support-different-signature-algorithms-for.patch

Rebasing patch, please review!

> Support different signature algorithms for JWTs
> ---
>
> Key: KNOX-1067
> URL: https://issues.apache.org/jira/browse/KNOX-1067
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
> Fix For: 0.14.0
>
> Attachments: 
> 0001-KNOX-1067-Support-different-signature-algorithms-for.patch
>
>
> Right now, the Knox SSO and Token services can only issue tokens signed with 
> RS256. This task is to support a wider range of signature algorithms. 
> The following changes are proposed:
> a) The Knox Token Service has a new configuration parameter 
> "knox.token.sigalg" which defaults to "RS256".
> b) The Knox SSO Service has a new configuration parameter 
> "knoxsso.token.sigalg" which defaults to "RS256".
> c) The DefaultTokenAuthorityService checks the signing algorithm against a 
> pre-defined list, which is all of the RSA algorithms (RS* and PS*) from the 
> JWA spec. 
> d) The JWTFederationFilter + the SSOCookieFederationFilter have a new 
> configuration parameter "jwt.expected.sigalg" which defaults to "RS256". The 
> received token must be signed with the algorithm that is configured for this 
> value.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)