[jira] [Commented] (KNOX-788) Apache Atlas Admin UI Support through Knox
[ https://issues.apache.org/jira/browse/KNOX-788?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16063474#comment-16063474 ] Shi Wang commented on KNOX-788: --- Hi [~nixonrodrigues], Sorry for delayed reply, I agree with Larry's opinion, and from my testing the patch works fine. > Apache Atlas Admin UI Support through Knox > -- > > Key: KNOX-788 > URL: https://issues.apache.org/jira/browse/KNOX-788 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Jeffrey E Rodriguez >Assignee: Chandana Mirashi > Fix For: 0.13.0 > > Attachments: KNOX-788.patch > > > Apache Atlas Admin UI Support through Knox. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Comment Edited] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16063463#comment-16063463 ] Shi Wang edited comment on KNOX-789 at 6/26/17 5:31 PM: Hi [~nixonrodrigues], Since you've been working on this patch let me assign this to you, and the patch looks good to me. But seems you are not in the list of assignees, are you added as a knox contributor yet? was (Author: wancy): Hi [~nixonrodrigues], Since you've been working on this patch let me assign this to you, and the patch looks good to me. > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: 0001-Apache-Atlas-REST-API-support.patch, > 0001-KNOX-789-newpatch.patch, KNOX-789.1.patch, KNOX-789.patch > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16063463#comment-16063463 ] Shi Wang commented on KNOX-789: --- Hi [~nixonrodrigues], Since you've been working on this patch let me assign this to you, and the patch looks good to me. > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: 0001-Apache-Atlas-REST-API-support.patch, > 0001-KNOX-789-newpatch.patch, KNOX-789.1.patch, KNOX-789.patch > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (KNOX-788) Apache Atlas Admin UI Support through Knox
[ https://issues.apache.org/jira/browse/KNOX-788?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16041404#comment-16041404 ] Shi Wang commented on KNOX-788: --- Thanks [~nixonrodrigues], After applying the change from ATLAS-1823 the image could be loaded. It works fine for me. > Apache Atlas Admin UI Support through Knox > -- > > Key: KNOX-788 > URL: https://issues.apache.org/jira/browse/KNOX-788 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Jeffrey E Rodriguez >Assignee: Chandana Mirashi > Fix For: 0.13.0 > > Attachments: KNOX-788.patch > > > Apache Atlas Admin UI Support through Knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-788) Apache Atlas Admin UI Support through Knox
[ https://issues.apache.org/jira/browse/KNOX-788?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16039716#comment-16039716 ] Shi Wang commented on KNOX-788: --- Hi [~nixonrodrigues], I tested your patch with browser, seems Atlas UI will load some resource using REST call, I think need to add some outbound rule in the patch of KNOX-789, or it will show error like "GET https://gatway:8443/api/atlas/admin/session ?=..." 404 not found. > Apache Atlas Admin UI Support through Knox > -- > > Key: KNOX-788 > URL: https://issues.apache.org/jira/browse/KNOX-788 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Jeffrey E Rodriguez >Assignee: Chandana Mirashi > Fix For: 0.13.0 > > Attachments: KNOX-788.patch > > > Apache Atlas Admin UI Support through Knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16026990#comment-16026990 ] Shi Wang commented on KNOX-789: --- Hi [~nixonrodrigues], Your patch works for me and please just remove those policies. Thanks. > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: 0001-Apache-Atlas-REST-API-support.patch, > 0001-KNOX-789-newpatch.patch, KNOX-789.patch > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16026713#comment-16026713 ] Shi Wang commented on KNOX-789: --- Hi [~nixonrodrigues], Sorry for the delay cause I just got a working atlas instance, Thanks for pointing out the missing PassAllHeaderDispatch, I added in the previous patch and upload a new patch, it works fine for me. Your patch looks good, let me test with it soon today, and a first look seems these code could be removed and using the default filters, cause this way the AsserterFilter is not added here. > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: 0001-Apache-Atlas-REST-API-support.patch, > 0001-KNOX-789-newpatch.patch, KNOX-789.patch > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-789: -- Attachment: 0001-KNOX-789-newpatch.patch > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: 0001-Apache-Atlas-REST-API-support.patch, > 0001-KNOX-789-newpatch.patch, KNOX-789.patch > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16022176#comment-16022176 ] Shi Wang commented on KNOX-931: --- Hi [~lmc...@apache.org] Your interpret of the use case is totally correct and that's a good question :) I actually found this issue because someone didnt add -H "Content-Type: application/json" in the curl command and then found asType could "magically" solve this without specifying -H "Content-Type: application/json" but without asserterFilter. And then I did some search found in KNOX-18 Kevin mentioned about the request body manipulate. So I thought it could be necessary to find a solution about this. And I understand your concern now. I think it will take more time and more tests to do it appropriately and comprehensively. Since it is not a common use case maybe we can lower the priority and give it more time for future releases? > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16020475#comment-16020475 ] Shi Wang commented on KNOX-931: --- Yes, there is existing example code in services/ambari/2.2.0 that include this asType case, but to reproduce need to manually delete the because it is not using IdentityAsserter filter. It is not a client error although a workaround could be specify a different content type in the command, because if we set content type as application/x-www-form-urlencoded in the curl command, intended to encode the request url using application/x-www-form-urlencoded, but wanna use application/json for the body. So we define it in the rewrite rule. However, IdentityAsserter filter will make this asType setting invalid, which will encode the body with urlencoding anyway. I think this is a minor defect and you can decide to fix it for now or not. But please let me know the cases that will break and let's see if there is better solutions, thanks! > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Comment Edited] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16020424#comment-16020424 ] Shi Wang edited comment on KNOX-931 at 5/22/17 11:54 PM: - [~lmc...@apache.org] Sorry I didnt make it clear in the description. The use case is: if I add the following in rewrite.xml and in the service.xml I apply this filter to the request body such as And when do curl command without specifying the content-type header, it will by default using application/x-www-form-urlencoded to encode the request body. But I intend to use application/json to encode the request body just like defined in the rewrite asType rule. But in the IdentityAsserterHttpServletsWrapper.java, it will overwrite the correctly encode request body with urlencoded method, which makes the rewrite rule invalid. In this case the server may not understand the urlencoded request body with the present of %, because it is expecting a json formatted payload was (Author: wancy): [~lmc...@apache.org] Sorry I didnt make it clear in the description. The use case is: if I add the following in rewrite.xml and in the service.xml I apply this filter to the request body such as And when do curl command without specifying the content-type header, it will by default using application/x-www-form-urlencoded to encode the request body. But I intend to use application/json to encode the request body just like defined in the rewrite asType rule. But in the IdentityAsserterHttpServletsWrapper.java, it will overwrite the correctly encode request body with urlencoded method, which makes the rewrite rule invalid. > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16020424#comment-16020424 ] Shi Wang commented on KNOX-931: --- [~lmc...@apache.org] Sorry I didnt make it clear in the description. The use case is: if I add the following in rewrite.xml and in the service.xml I apply this filter to the request body such as And when do curl command without specifying the content-type header, it will by default using application/x-www-form-urlencoded to encode the request body. But I intend to use application/json to encode the request body just like defined in the rewrite asType rule. But in the IdentityAsserterHttpServletsWrapper.java, it will overwrite the correctly encode request body with urlencoded method, which makes the rewrite rule invalid. > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-789: -- Attachment: 0001-Apache-Atlas-REST-API-support.patch > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: 0001-Apache-Atlas-REST-API-support.patch > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16011288#comment-16011288 ] Shi Wang commented on KNOX-931: --- Hi [~lmc...@apache.org], I attached the patch as well. Do you have any suggestion to replace the instanceof method? > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-931: -- Attachment: 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-931-asType-will-not-work-for-body-filter-when-u.patch > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16003758#comment-16003758 ] Shi Wang commented on KNOX-931: --- The solution in this commit is that if there is rewrite filter added, then let the rewrite filter do the body manipulation. If there is no rewrite filter, keep the way assertion filter deal with the body encoding. [~lmc...@apache.org] Please help review, thanks! > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-931: -- Status: Patch Available (was: Open) > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-931: -- Fix Version/s: 0.13.0 > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15997775#comment-15997775 ] Shi Wang commented on KNOX-931: --- Yes [~lmc...@apache.org] I'll work on it soon, changing it to 0.13.0 > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-931: -- Description: In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), The body will always be urlEncoded if the contentType is "application/x-www-form-urlencoded" And self defined filter that change "application/x-www-form-urlencoded" as other contentType for requestbody will be invalid. > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > In IdentityAsserterHttpServletsWrapper.java, method getInputStream(), > The body will always be urlEncoded if the contentType is > "application/x-www-form-urlencoded" > And self defined filter that change "application/x-www-form-urlencoded" as > other contentType for requestbody will be invalid. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
[ https://issues.apache.org/jira/browse/KNOX-931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-931: -- Affects Version/s: 0.11.0 > asType will not work for body filter when using IdentityAsserterFilter > -- > > Key: KNOX-931 > URL: https://issues.apache.org/jira/browse/KNOX-931 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-931) asType will not work for body filter when using IdentityAsserterFilter
Shi Wang created KNOX-931: - Summary: asType will not work for body filter when using IdentityAsserterFilter Key: KNOX-931 URL: https://issues.apache.org/jira/browse/KNOX-931 Project: Apache Knox Issue Type: Bug Reporter: Shi Wang Assignee: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-18) IdentityAssertionHttpServletRequestWrapper should only be used when required by the service
[ https://issues.apache.org/jira/browse/KNOX-18?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15987936#comment-15987936 ] Shi Wang commented on KNOX-18: -- [~kminder] I recently encounter an issue regarding to 1) in your comment. Say if we specify a rewrite filter for the request body and in the filter we want to change type application/x-www-form-urlencoded to asType application/octet-stream, then this personalized filter will be invalid since the request body will still be applied contentType as application/x-www-form-urlencoded. Maybe we should check if there is any asType for request body first before doing the urlEncode? > IdentityAssertionHttpServletRequestWrapper should only be used when required > by the service > --- > > Key: KNOX-18 > URL: https://issues.apache.org/jira/browse/KNOX-18 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.2.0 >Reporter: Kevin Minder > Fix For: Future > > > From BUG-4297 > This is a performance issue since it filters the request stream. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15987144#comment-15987144 ] Shi Wang commented on KNOX-789: --- Thanks for this valuable info [~mad...@apache.org], I'll test with Atlas 0.8 then. > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez >Assignee: Shi Wang > Fix For: 0.13.0 > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-789) Apache Atlas REST API support
[ https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15985156#comment-15985156 ] Shi Wang commented on KNOX-789: --- Hi [~jeffreyr97] I would like to work on this jira > Apache Atlas REST API support > - > > Key: KNOX-789 > URL: https://issues.apache.org/jira/browse/KNOX-789 > Project: Apache Knox > Issue Type: New Feature > Environment: all >Reporter: Jeffrey E Rodriguez > Fix For: 0.13.0 > > > Apache REST API support through Knox > https://atlas.incubator.apache.org/api/rest.html -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15965088#comment-15965088 ] Shi Wang commented on KNOX-920: --- Thanks [~lmc...@apache.org] > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-920-Make-avatica-service-use-default-policies.patch > > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-920: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-920-Make-avatica-service-use-default-policies.patch > > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15960386#comment-15960386 ] Shi Wang commented on KNOX-920: --- [~lmc...@apache.org] please help review, thanks! > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-920-Make-avatica-service-use-default-policies.patch > > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-920: -- Attachment: 0001-KNOX-920-Make-avatica-service-use-default-policies.patch > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > Attachments: > 0001-KNOX-920-Make-avatica-service-use-default-policies.patch > > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-920: -- Status: Patch Available (was: Open) > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15959967#comment-15959967 ] Shi Wang commented on KNOX-920: --- Hi [~lmc...@apache.org], Yes, I can submit a patch soon. > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-920: -- Description: is lacking the identity-assertion role, which will append "doAs" or "user.name" in the end. Either we can remove the policies and use the default ones, which include the identity-assertion filter, or add identity-assertion in the policy. > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > > > > > > > is lacking the identity-assertion role, which will append "doAs" or > "user.name" in the end. Either we can remove the policies and use the default > ones, which include the identity-assertion filter, or add identity-assertion > in the policy. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-920) Make avatica service use default policies
[ https://issues.apache.org/jira/browse/KNOX-920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-920: -- Affects Version/s: 0.11.0 > Make avatica service use default policies > - > > Key: KNOX-920 > URL: https://issues.apache.org/jira/browse/KNOX-920 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-920) Make avatica service use default policies
Shi Wang created KNOX-920: - Summary: Make avatica service use default policies Key: KNOX-920 URL: https://issues.apache.org/jira/browse/KNOX-920 Project: Apache Knox Issue Type: Bug Reporter: Shi Wang Assignee: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15949882#comment-15949882 ] Shi Wang commented on KNOX-916: --- Hi [~jeffreyr97], Thanks for your suggestions, I tried that but still get 401. The way it could work without kdestroy the ticket (if there happens to be any) is changing renewTGT=true and useTicketCache=true to renewTGT=true useTicketCache=false > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Comment Edited] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15949882#comment-15949882 ] Shi Wang edited comment on KNOX-916 at 3/30/17 9:30 PM: Hi [~jeffreyr97], Thanks for your suggestions, I tried that but still get 401. The way it could work without kdestroy the ticket (if there happens to be any) is changing renewTGT=true and useTicketCache=true to renewTGT=false useTicketCache=false was (Author: wancy): Hi [~jeffreyr97], Thanks for your suggestions, I tried that but still get 401. The way it could work without kdestroy the ticket (if there happens to be any) is changing renewTGT=true and useTicketCache=true to renewTGT=true useTicketCache=false > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang resolved KNOX-916. --- Resolution: Won't Fix > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15949865#comment-15949865 ] Shi Wang commented on KNOX-916: --- [~lmccay] Thanks for your opinion on this! Then I guess the current solution is if anyone hit the same issue here, just modify the jaas file accordingly. > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15949602#comment-15949602 ] Shi Wang commented on KNOX-916: --- Hi [~jeffreyr97], Because if we set useTicketCache=true in jaas file, we are supposed to be able to use cached ticket to authenticate, but this test indicates cached ticket is not able to authenticate. > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15949484#comment-15949484 ] Shi Wang commented on KNOX-916: --- I can reproduce the error on a rh linux 6.8 machine by kinit knox principal (knox/_HOSTNAME) in my case. And then curl -ik -u guest:guest-password -X GET https://knox_gateway:8443/gateway/default/webhdfs/v1/?op=LISTSTATUS show 401 error in the log, it will show 2017-03-28 22:13:34,700 DEBUG auth.HttpAuthenticator (HttpAuthenticator.java:generateAuthResponse(198)) - Generating response to an authentication challenge using Negotiate scheme 2017-03-28 22:13:34,701 DEBUG auth.SPNegoScheme (GGSSchemeBase.java:authenticate(216)) - init knox_gateway 2017-03-28 22:13:34,801 WARN auth.HttpAuthenticator (HttpAuthenticator.java:generateAuthResponse(207)) - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))) but if there is no valid ticket cached for knox, it will send the encoded token correctly like 2017-03-28 22:27:50,084 DEBUG auth.SPNegoScheme (GGSSchemeBase.java:authenticate(240)) - Sending response 'YIIFDwYGKwYBBQUCoIIFAzCCBP+gDTALBgkqhkiG9xIBAgKhBAMCAfaiggTmBIIE4mCCBN4GCSqGSIb3EgECAgEAboIEzTCC. back to the auth server Also if look at the jaas file for other services, like hbase rest server, region server, they are all using keytab principal for authentication instead of cached ticket. I am concerned that allowing both using ticket cache and keytab will cause some issues? Can anyone address the reason why JAAS file for knox is configured this way? Thanks! > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15948157#comment-15948157 ] Shi Wang commented on KNOX-916: --- >From first look seems in krb5JAASLogin.conf that knox is using, should change >useTicketCache=true to useTicketCache=false. So knox always uses this JAAS >file for kerberos authentication. > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-916: -- Description: For example, if webhdfs uses SPNEGO authentication, and curl through knox, su knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, then it will show 401 unauthorized error. But if the cached ticket expired or do not have any cached ticket, could get 200 correct result. > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-916) When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error
Shi Wang created KNOX-916: - Summary: When REST endpoint enables SPNEGO and there is valid kerberos ticket cache for knox user, REST call through knox will show 401 error Key: KNOX-916 URL: https://issues.apache.org/jira/browse/KNOX-916 Project: Apache Knox Issue Type: Bug Affects Versions: 0.11.0 Reporter: Shi Wang Assignee: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-728) Don't encode Jobhistory URLs
[ https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15891059#comment-15891059 ] Shi Wang commented on KNOX-728: --- Closing this one since YARN-1728 is committed. And the patch works for me. > Don't encode Jobhistory URLs > > > Key: KNOX-728 > URL: https://issues.apache.org/jira/browse/KNOX-728 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.0 > Environment: Knox 0.9.0, Hadoop 2.7.2 >Reporter: Andrey Kulikov >Assignee: Shi Wang > Fix For: 0.13.0 > > > I think this problem is similar to KNOX-709. Going to the Jobhistory log page: > https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop > {noformat} > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request > method: GET > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response > status: 200 > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response > status: 200 > {noformat} > results in the error: > {noformat} > Cannot get container logs. Invalid nodeId: hdp-node2%3A45454 > {noformat} > Jobhistory can't handle encoded paths. > Knox 0.8.0 doesn't have this problem. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (KNOX-893) Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error
[ https://issues.apache.org/jira/browse/KNOX-893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang resolved KNOX-893. --- Resolution: Not A Problem > Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error > - > > Key: KNOX-893 > URL: https://issues.apache.org/jira/browse/KNOX-893 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > Use phoenix thin JDBC driver through knox using command: > bin/sqlline-thin.py > https://knox_gateway:8443/gateway/default/avatica;authentication=BASIC;avatica_user=guest;avatica_password=guest-password > will get HTTP/401 error. > 401 is unauthorized error, that is because in the request header, need to add > Authorization Basic {encodedCredential}. In CALCITE-1025, some changes are > proposed to be added on avatica side, but if refer to the support for hive > beeline connection, this is done in HiveDispatchUtils. We may need similar > thing for phoenix thin. > Also from my testing, knox didnt do ldap authentication for the connection in > this case, also need to add this part. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-893) Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error
[ https://issues.apache.org/jira/browse/KNOX-893?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15886920#comment-15886920 ] Shi Wang commented on KNOX-893: --- Turns out an issue with the usage of old version of sqlline-thin.py. Closing this one. > Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error > - > > Key: KNOX-893 > URL: https://issues.apache.org/jira/browse/KNOX-893 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > Use phoenix thin JDBC driver through knox using command: > bin/sqlline-thin.py > https://knox_gateway:8443/gateway/default/avatica;authentication=BASIC;avatica_user=guest;avatica_password=guest-password > will get HTTP/401 error. > 401 is unauthorized error, that is because in the request header, need to add > Authorization Basic {encodedCredential}. In CALCITE-1025, some changes are > proposed to be added on avatica side, but if refer to the support for hive > beeline connection, this is done in HiveDispatchUtils. We may need similar > thing for phoenix thin. > Also from my testing, knox didnt do ldap authentication for the connection in > this case, also need to add this part. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-893) Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error
[ https://issues.apache.org/jira/browse/KNOX-893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-893: -- Description: Use phoenix thin JDBC driver through knox using command: bin/sqlline-thin.py https://knox_gateway:8443/gateway/default/avatica;authentication=BASIC;avatica_user=guest;avatica_password=guest-password will get HTTP/401 error. 401 is unauthorized error, that is because in the request header, need to add Authorization Basic {encodedCredential}. In CALCITE-1025, some changes are proposed to be added on avatica side, but if refer to the support for hive beeline connection, this is done in HiveDispatchUtils. We may need similar thing for phoenix thin. Also from my testing, knox didnt do ldap authentication for the connection in this case, also need to add this part. > Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error > - > > Key: KNOX-893 > URL: https://issues.apache.org/jira/browse/KNOX-893 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > > Use phoenix thin JDBC driver through knox using command: > bin/sqlline-thin.py > https://knox_gateway:8443/gateway/default/avatica;authentication=BASIC;avatica_user=guest;avatica_password=guest-password > will get HTTP/401 error. > 401 is unauthorized error, that is because in the request header, need to add > Authorization Basic {encodedCredential}. In CALCITE-1025, some changes are > proposed to be added on avatica side, but if refer to the support for hive > beeline connection, this is done in HiveDispatchUtils. We may need similar > thing for phoenix thin. > Also from my testing, knox didnt do ldap authentication for the connection in > this case, also need to add this part. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-893) Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error
Shi Wang created KNOX-893: - Summary: Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error Key: KNOX-893 URL: https://issues.apache.org/jira/browse/KNOX-893 Project: Apache Knox Issue Type: Bug Reporter: Shi Wang Assignee: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-893) Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error
[ https://issues.apache.org/jira/browse/KNOX-893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-893: -- Fix Version/s: 0.13.0 > Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error > - > > Key: KNOX-893 > URL: https://issues.apache.org/jira/browse/KNOX-893 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-893) Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error
[ https://issues.apache.org/jira/browse/KNOX-893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-893: -- Affects Version/s: 0.11.0 > Use Phoenix "thin" JDBC driver HTTP basic auth got HTTP/401 error > - > > Key: KNOX-893 > URL: https://issues.apache.org/jira/browse/KNOX-893 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.13.0 > > -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-844) Add documentation for support of Apache Phoenix via Knox
[ https://issues.apache.org/jira/browse/KNOX-844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872590#comment-15872590 ] Shi Wang commented on KNOX-844: --- I added -Djavax.net.ssl.trustStore -Djavax.net.ssl.trustStorePassword in PHOENIX_OPTS, the ssl handshake success, but then it throws 401 error java.lang.RuntimeException: Failed to execute HTTP Request, got HTTP/401 at org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientImpl.send(AvaticaCommonsHttpClientImpl.java:138) at org.apache.calcite.avatica.remote.RemoteProtobufService._apply(RemoteProtobufService.java:44) at org.apache.calcite.avatica.remote.ProtobufService.apply(ProtobufService.java:81) at org.apache.calcite.avatica.remote.Driver.connect(Driver.java:175) at sqlline.DatabaseConnection.connect(DatabaseConnection.java:157) at sqlline.DatabaseConnection.getConnection(DatabaseConnection.java:203) at sqlline.Commands.connect(Commands.java:1064) at sqlline.Commands.connect(Commands.java:996) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sqlline.ReflectiveCommandHandler.execute(ReflectiveCommandHandler.java:36) at sqlline.SqlLine.dispatch(SqlLine.java:803) at sqlline.SqlLine.initArgs(SqlLine.java:588) at sqlline.SqlLine.begin(SqlLine.java:656) at sqlline.SqlLine.start(SqlLine.java:398) at sqlline.SqlLine.main(SqlLine.java:292) at org.apache.phoenix.queryserver.client.SqllineWrapper.main(SqllineWrapper.java:83) sqlline version 1.1.9 I was wondering if user guest or knox need to be added in some acl? > Add documentation for support of Apache Phoenix via Knox > > > Key: KNOX-844 > URL: https://issues.apache.org/jira/browse/KNOX-844 > Project: Apache Knox > Issue Type: Improvement > Components: Site >Affects Versions: 0.11.0 >Reporter: John McParland >Assignee: Josh Elser > Fix For: 0.11.0 > > Attachments: KNOX-844.001.patch, KNOX-844.002.patch, Knox_Phoenix.png > > > We would like to access data stored in Hadoop (especially HBase) using > traditional tools which rely on ODBC connections and SQL. > Phoenix provides the SQL interface to HBase, and Hortonworks have an [ODBC > Connector for > Phoenix|http://hortonworks.com/hadoop-tutorial/bi-apache-phoenix-odbc/] > However this is unsecured - in so far as accessing from outside of the > perimeter of the Big Data Platform. > This ticket should address that by allowing the ODBC connection to Phoenix to > be proxied through Knox, to enforce perimeter level security. > h4. Acceptance Criteria > - Connections to Phoenix via Knox are only allowed with valid credentials, as > enforced by Knox > - Connections to Phoenix via Knox are NOT allowed if Knox finds invalid > credentials. > - Connection to Phoenix via Knox can are made via an ODBC connector -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-728) Don't encode Jobhistory URLs
[ https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15869017#comment-15869017 ] Shi Wang commented on KNOX-728: --- Thanks [~lmccay] and [~sumit.gupta] for your reply! So should we do something similar to what KNOX-709 did for hbase, that implement a separate dispatch for jobhistory? > Don't encode Jobhistory URLs > > > Key: KNOX-728 > URL: https://issues.apache.org/jira/browse/KNOX-728 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.0 > Environment: Knox 0.9.0, Hadoop 2.7.2 >Reporter: Andrey Kulikov >Assignee: Shi Wang > Fix For: 0.12.0 > > > I think this problem is similar to KNOX-709. Going to the Jobhistory log page: > https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop > {noformat} > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request > method: GET > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response > status: 200 > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response > status: 200 > {noformat} > results in the error: > {noformat} > Cannot get container logs. Invalid nodeId: hdp-node2%3A45454 > {noformat} > Jobhistory can't handle encoded paths. > Knox 0.8.0 doesn't have this problem. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Comment Edited] (KNOX-728) Don't encode Jobhistory URLs
[ https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15866896#comment-15866896 ] Shi Wang edited comment on KNOX-728 at 2/14/17 11:12 PM: - I would like to work on this bug. I am able to reproduce in knox-0.11, Hadoop 2.7.2, also I verify in knox-0.7 doesnt have this issue. was (Author: wancy): I would like to work on this bug. I am able to reproduce in knox-0.11, also I verify in knox-0.7 doesnt have this issue. > Don't encode Jobhistory URLs > > > Key: KNOX-728 > URL: https://issues.apache.org/jira/browse/KNOX-728 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.0 > Environment: Knox 0.9.0, Hadoop 2.7.2 >Reporter: Andrey Kulikov >Assignee: Shi Wang > > I think this problem is similar to KNOX-709. Going to the Jobhistory log page: > https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop > {noformat} > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request > method: GET > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response > status: 200 > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response > status: 200 > {noformat} > results in the error: > {noformat} > Cannot get container logs. Invalid nodeId: hdp-node2%3A45454 > {noformat} > Jobhistory can't handle encoded paths. > Knox 0.8.0 doesn't have this problem. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-728) Don't encode Jobhistory URLs
[ https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15866896#comment-15866896 ] Shi Wang commented on KNOX-728: --- I would like to work on this bug. I am able to reproduce in knox-0.11, also I verify in knox-0.7 doesnt have this issue. > Don't encode Jobhistory URLs > > > Key: KNOX-728 > URL: https://issues.apache.org/jira/browse/KNOX-728 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.0 > Environment: Knox 0.9.0, Hadoop 2.7.2 >Reporter: Andrey Kulikov > > I think this problem is similar to KNOX-709. Going to the Jobhistory log page: > https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop > {noformat} > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request > method: GET > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response > status: 200 > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response > status: 200 > {noformat} > results in the error: > {noformat} > Cannot get container logs. Invalid nodeId: hdp-node2%3A45454 > {noformat} > Jobhistory can't handle encoded paths. > Knox 0.8.0 doesn't have this problem. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Assigned] (KNOX-728) Don't encode Jobhistory URLs
[ https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang reassigned KNOX-728: - Assignee: Shi Wang > Don't encode Jobhistory URLs > > > Key: KNOX-728 > URL: https://issues.apache.org/jira/browse/KNOX-728 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.0 > Environment: Knox 0.9.0, Hadoop 2.7.2 >Reporter: Andrey Kulikov >Assignee: Shi Wang > > I think this problem is similar to KNOX-709. Going to the Jobhistory log page: > https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop > {noformat} > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request > method: GET > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response > status: 200 > 16/07/26 10:21:37 > ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response > status: 200 > {noformat} > results in the error: > {noformat} > Cannot get container logs. Invalid nodeId: hdp-node2%3A45454 > {noformat} > Jobhistory can't handle encoded paths. > Knox 0.8.0 doesn't have this problem. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-848) Support for Gremlin Server REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15864787#comment-15864787 ] Shi Wang commented on KNOX-848: --- Thanks [~sumit.gupta] > Support for Gremlin Server REST > --- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Gremlin-Server-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-848) Support for Gremlin Server REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Attachment: 0001-KNOX-848-Support-for-Gremlin-Server-REST.patch > Support for Gremlin Server REST > --- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Gremlin-Server-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-848) Support for Gremlin Server REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Summary: Support for Gremlin Server REST (was: Support for Titan REST) > Support for Gremlin Server REST > --- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-848) Support for Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15863201#comment-15863201 ] Shi Wang commented on KNOX-848: --- Hi [~lmccay] I am totally fine with testing this feature before release, and I already created KNOX-860 for adding KnoxShell classes and groovy scripts, will work on it soon. As to the name, I agree calling it Titan could be confused and limit the future usage, and I suggest to change it to "gremlin" since it is the gremlin server provides the REST endpoint in Titan/JanusGraph. > Support for Titan REST > -- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-848) Support for Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15854570#comment-15854570 ] Shi Wang commented on KNOX-848: --- Hi [~lmccay] and [~sumit.gupta], I updated the titan image and it can now work well with docker-compose, you could try follow the instructions, let me know if you have any problems using it, thanks. > Support for Titan REST > -- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-848) Support for Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Attachment: (was: 0001-KNOX-848-Support-for-Titan-REST.patch) > Support for Titan REST > -- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-848) Support for Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Attachment: 0001-KNOX-848-Support-for-Titan-REST.patch > Support for Titan REST > -- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-848) Support for Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15853116#comment-15853116 ] Shi Wang commented on KNOX-848: --- Thanks [~lars_francke] for the correction! I renew the patch after more testing. For the docker build, compose command "run docker-compose up -d" cannot keep titan service container interactive somehow, but by using docker run to separately run each container and adding -it in docker command it works, however I didnt find any command works as well as volume in docker, will figure out the correct steps to run later, and [~lmccay]I'll update the testing command by adding more specific query params as well. If anyone has better idea of docker usage in this case please let me know, thanks! > Support for Titan REST > -- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-848) Support for Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Attachment: 0001-KNOX-848-Support-for-Titan-REST.patch > Support for Titan REST > -- > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, > 0001-KNOX-848-Support-for-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15840224#comment-15840224 ] Shi Wang commented on KNOX-848: --- [~sumit.gupta] I used knox as the tag, you can pull wancy/knox_titanrest_testing:knox and will get the latest build. > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15838315#comment-15838315 ] Shi Wang commented on KNOX-848: --- Hi [~sumit.gupta] You can try it out, let me know if there is any questions, thanks! > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832426#comment-15832426 ] Shi Wang commented on KNOX-848: --- Hi [~sumit.gupta] The elubow/titan-gremlin repository I am using seems not working, I am building my own titan-gremlin repo. > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-860) Add TitanREST test for Shell script
[ https://issues.apache.org/jira/browse/KNOX-860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-860: -- Description: Add groovy scripts and Shell classes for TitanREST testing. > Add TitanREST test for Shell script > --- > > Key: KNOX-860 > URL: https://issues.apache.org/jira/browse/KNOX-860 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > > Add groovy scripts and Shell classes for TitanREST testing. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-860) Add TitanREST test for Shell script
[ https://issues.apache.org/jira/browse/KNOX-860?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-860: -- Affects Version/s: 0.11.0 > Add TitanREST test for Shell script > --- > > Key: KNOX-860 > URL: https://issues.apache.org/jira/browse/KNOX-860 > Project: Apache Knox > Issue Type: Bug >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (KNOX-860) Add TitanREST test for Shell script
Shi Wang created KNOX-860: - Summary: Add TitanREST test for Shell script Key: KNOX-860 URL: https://issues.apache.org/jira/browse/KNOX-860 Project: Apache Knox Issue Type: Bug Reporter: Shi Wang Assignee: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832270#comment-15832270 ] Shi Wang commented on KNOX-848: --- Hi [~sumit.gupta], Thanks for your reply! For this patch to be committed, I built a Docker hub repository wancy/knox_titanrest_testing for testing. And for adding groovy script and KnoxShell class for TitanREST, I'll do it in a separate jira as [~lmccay] suggested. What else do you think is needed for this patch? > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Resolved] (KNOX-847) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang resolved KNOX-847. --- Resolution: Duplicate Duplicated jira with KNOX-848 > Support for Apache Titan REST > - > > Key: KNOX-847 > URL: https://issues.apache.org/jira/browse/KNOX-847 > Project: Apache Knox > Issue Type: New Feature >Reporter: Shi Wang >Assignee: Shi Wang > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Description: Support Apache Titan 1.0.0 REST go through knox. (was: Support Titan 1.0.0 REST go through knox.) > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Apache Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Description: Support Titan 1.0.0 REST go through knox. (was: Support Titan REST go through knox.) > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Titan 1.0.0 REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Attachment: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Titan REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Status: Patch Available (was: Open) > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch > > > Support Titan REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Description: Support Titan REST go through knox. > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > > Support Titan REST go through knox. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-848) Support for Apache Titan REST
[ https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-848: -- Affects Version/s: 0.11.0 Fix Version/s: 0.12.0 > Support for Apache Titan REST > - > > Key: KNOX-848 > URL: https://issues.apache.org/jira/browse/KNOX-848 > Project: Apache Knox > Issue Type: New Feature >Affects Versions: 0.11.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.12.0 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (KNOX-847) Support for Apache Titan REST
Shi Wang created KNOX-847: - Summary: Support for Apache Titan REST Key: KNOX-847 URL: https://issues.apache.org/jira/browse/KNOX-847 Project: Apache Knox Issue Type: New Feature Reporter: Shi Wang Assignee: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-844) Add support for Apache Phoenix via Knox
[ https://issues.apache.org/jira/browse/KNOX-844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15802407#comment-15802407 ] Shi Wang commented on KNOX-844: --- Hi John, I was recently working on knox support for Phoenix query server REST, not sure if it is the same issue addressed in this jira? > Add support for Apache Phoenix via Knox > --- > > Key: KNOX-844 > URL: https://issues.apache.org/jira/browse/KNOX-844 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Affects Versions: 0.11.0 >Reporter: John McParland >Assignee: John McParland > > We would like to access data stored in Hadoop (especially HBase) using > traditional tools which rely on ODBC connections and SQL. > Phoenix provides the SQL interface to HBase, and Hortonworks have an [ODSC > Connector for > Phoenix|http://hortonworks.com/hadoop-tutorial/bi-apache-phoenix-odbc/] > However this is unsecured - in so far as accessing from outside of the > perimeter of the Big Data Platform. > This ticket should address that by allowing the ODBC connection to Phoenix to > be proxied through Knox, to enforce perimeter level security. > h4. Acceptance Criteria > - Connections to Phoenix via Knox are only allowed with valid credentials, as > enforced by Knox > - Connections to Phoenix via Knox are NOT allowed if Knox finds invalid > credentials. > - Connection to Phoenix via Knox can are made via an ODBC connector -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-803) Adding rewrite rules for Map Reduce History Server UI
[ https://issues.apache.org/jira/browse/KNOX-803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15727258#comment-15727258 ] Shi Wang commented on KNOX-803: --- Thanks Larry, The Hadoop version I tested against is 2.7.2 > Adding rewrite rules for Map Reduce History Server UI > - > > Key: KNOX-803 > URL: https://issues.apache.org/jira/browse/KNOX-803 > Project: Apache Knox > Issue Type: Task >Affects Versions: 0.7.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.11.0 > > Attachments: > 0001-KNOX-803-Adding-rewrite-rules-for-Map-Reduce-History.patch > > > The rewrite rule of Map Reduce History Server hasn't been updated for a while > and some link on Map Reduce UI is changed or added, we need to update the > rewrite rules according to these changes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Assigned] (KNOX-803) Adding rewrite rules for Map Reduce History Server UI
[ https://issues.apache.org/jira/browse/KNOX-803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang reassigned KNOX-803: - Assignee: Shi Wang > Adding rewrite rules for Map Reduce History Server UI > - > > Key: KNOX-803 > URL: https://issues.apache.org/jira/browse/KNOX-803 > Project: Apache Knox > Issue Type: Task >Affects Versions: 0.7.0 >Reporter: Shi Wang >Assignee: Shi Wang > Fix For: 0.11.0 > > Attachments: > 0001-KNOX-803-Adding-rewrite-rules-for-Map-Reduce-History.patch > > > The rewrite rule of Map Reduce History Server hasn't been updated for a while > and some link on Map Reduce UI is changed or added, we need to update the > rewrite rules according to these changes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-803) Adding rewrite rules for Map Reduce History Server UI
[ https://issues.apache.org/jira/browse/KNOX-803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-803: -- Attachment: 0001-KNOX-803-Adding-rewrite-rules-for-Map-Reduce-History.patch > Adding rewrite rules for Map Reduce History Server UI > - > > Key: KNOX-803 > URL: https://issues.apache.org/jira/browse/KNOX-803 > Project: Apache Knox > Issue Type: Task >Affects Versions: 0.7.0 >Reporter: Shi Wang > Fix For: 0.11.0 > > Attachments: > 0001-KNOX-803-Adding-rewrite-rules-for-Map-Reduce-History.patch > > > The rewrite rule of Map Reduce History Server hasn't been updated for a while > and some link on Map Reduce UI is changed or added, we need to update the > rewrite rules according to these changes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-803) Adding rewrite rules for Map Reduce History Server UI
[ https://issues.apache.org/jira/browse/KNOX-803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-803: -- Fix Version/s: 0.11.0 Affects Version/s: 0.7.0 Status: Patch Available (was: Open) > Adding rewrite rules for Map Reduce History Server UI > - > > Key: KNOX-803 > URL: https://issues.apache.org/jira/browse/KNOX-803 > Project: Apache Knox > Issue Type: Task >Affects Versions: 0.7.0 >Reporter: Shi Wang > Fix For: 0.11.0 > > > The rewrite rule of Map Reduce History Server hasn't been updated for a while > and some link on Map Reduce UI is changed or added, we need to update the > rewrite rules according to these changes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-803) Adding rewrite rules for Map Reduce History Server UI
[ https://issues.apache.org/jira/browse/KNOX-803?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shi Wang updated KNOX-803: -- Description: The rewrite rule of Map Reduce History Server hasn't been updated for a while and some link on Map Reduce UI is changed or added, we need to update the rewrite rules according to these changes. > Adding rewrite rules for Map Reduce History Server UI > - > > Key: KNOX-803 > URL: https://issues.apache.org/jira/browse/KNOX-803 > Project: Apache Knox > Issue Type: Task >Reporter: Shi Wang > > The rewrite rule of Map Reduce History Server hasn't been updated for a while > and some link on Map Reduce UI is changed or added, we need to update the > rewrite rules according to these changes. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (KNOX-803) Adding rewrite rules for Map Reduce History Server UI
Shi Wang created KNOX-803: - Summary: Adding rewrite rules for Map Reduce History Server UI Key: KNOX-803 URL: https://issues.apache.org/jira/browse/KNOX-803 Project: Apache Knox Issue Type: Task Reporter: Shi Wang -- This message was sent by Atlassian JIRA (v6.3.4#6332)