[jira] [Commented] (KNOX-924) X-forwarded-host, X-forwared-port header behavior when there are multiple balancers/proxys causing redirection problems

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-924?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15972763#comment-15972763
 ] 

Sumit Gupta commented on KNOX-924:
--

[~jeffreyr97]. Sorry for jumping in late. There has been a lot of discussion 
here so I may be missing something, but essentially you just want a way to 
access the X-Forwarded-Context in the rewrite rules? Does it boil down to that 
or is there more to it?

> X-forwarded-host, X-forwared-port  header behavior when there are multiple 
> balancers/proxys causing redirection problems
> 
>
> Key: KNOX-924
> URL: https://issues.apache.org/jira/browse/KNOX-924
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
>Priority: Critical
>
> When there are other intermediaries between client and Knox it is possible to 
> cause Knox rewrites to not go to the gateway host but in fact the 
> gateway.host reflects X-forwar-host.
> e.g.
> "curl -v -k -u guest:guest-password -H X-Forwarded-Proto: http  -H 
> X-Forwarded-For: jeff -H X-Forwarded-Context:/ordexecvalid-prod/data/ -H 
> X-Forwarded-Port: 843 -H X-Forwarded-Host: myfoo.com -i 
> https://knox1.fyre.ibm.com:8443/gateway/default/webhdfs/v1/apps/hbase/data/hbase.id?op=OPEN
> *   Trying 9.30.57.135...
> * TCP_NODELAY set
> * Connected to knox1.fyre.ibm.com (9.30.57.135) port 8443 (#0)
> * TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
> * Server certificate: localhost
> * Server auth using Basic with user 'guest'
> > GET 
> > /gateway/default/webhdfs/v1//iop/apps/4.3.0.0-/mapreduce/mapreduce.tar.gz?op=OPEN
> >  HTTP/1.1
> > Host: knox1.fyre.ibm.com:8443
> > Authorization: Basic Z3Vlc3Q6Z3Vlc3QtcGFzc3dvcmQ=
> > User-Agent: curl/7.51.0
> > Accept: */*
> > X-Forwarded-Proto: http 
> > X-Forwarded-Server: myfooserver.com
> > X-Forwarded-For: jeff
> > X-Forwarded-Context: /ordexecvalid-prod/data/
> > X-Forwarded-Port: 843
> > X-Forwarded-Host: myfoo.com
> < HTTP/1.1 307 Temporary Redirect
> HTTP/1.1 307 Temporary Redirect
> < Date: Sun, 16 Apr 2017 00:18:44 GMT
> Date: Sun, 16 Apr 2017 00:18:44 GMT
> < Set-Cookie: 
> JSESSIONID=1ry9x2q6sxuju1r5vr5tfkcifu;Path=/gateway/default;Secure;HttpOnly
> Set-Cookie: 
> JSESSIONID=1ry9x2q6sxuju1r5vr5tfkcifu;Path=/gateway/default;Secure;HttpOnly
> < Expires: Thu, 01 Jan 1970 00:00:00 GMT
> Expires: Thu, 01 Jan 1970 00:00:00 GMT
> < Set-Cookie: rememberMe=deleteMe; Path=/gateway/default; Max-Age=0; 
> Expires=Sat, 15-Apr-2017 00:18:44 GMT
> Set-Cookie: rememberMe=deleteMe; Path=/gateway/default; Max-Age=0; 
> Expires=Sat, 15-Apr-2017 00:18:44 GMT
> < Cache-Control: no-cache
> Cache-Control: no-cache
> < Expires: Sun, 16 Apr 2017 00:18:59 GMT
> Expires: Sun, 16 Apr 2017 00:18:59 GMT
> < Date: Sun, 16 Apr 2017 00:18:59 GMT
> Date: Sun, 16 Apr 2017 00:18:59 GMT
> < Pragma: no-cache
> Pragma: no-cache
> < Expires: Sun, 16 Apr 2017 00:18:59 GMT
> Expires: Sun, 16 Apr 2017 00:18:59 GMT
> < Date: Sun, 16 Apr 2017 00:18:59 GMT
> Date: Sun, 16 Apr 2017 00:18:59 GMT
> < Pragma: no-cache
> Pragma: no-cache
> < Location: 
> http://myfoo.com:843/gateway/default/webhdfs/data/v1/webhdfs/v1/iop/apps/4.3.0.0-/mapreduce/mapreduce.tar.gz?_=CBCA3IsAYTfMdBdl3-s2CYz7RWXKMvT_S9OT2LSLanl61bElhqjA3hCyqdCHhVJ1MLvn_NDL6JEBX5xdZ_N8ALSTINW1er2-7qih_nE4riDc17LQFLs9YYkBt2P3dZz_sFKOsPzCPmyNrcaHijxkloX2m4Jy4hkqEqlCakpVFEL-ZVBqiNGlBvFk1O6fbpX_UJn8qbm67uq4M6I
> Location: 
> http://myfoo.com:843/gateway/default/webhdfs/data/v1/webhdfs/v1/iop/apps/4.3.0.0-/mapreduce/mapreduce.tar.gz?_=CBCA3IsAYTfMdBdl3-s2CYz7RWXKMvT_S9OT2LSLanl61bElhqjA3hCyqdCHhVJ1MLvn_NDL6JEBX5xdZ_N8ALSTINW1er2-7qih_nE4riDc17LQFLs9YYkBt2P3dZz_sFKOsPzCPmyNrcaHijxkloX2m4Jy4hkqEqlCakpVFEL-ZVBqiNGlBvFk1O6fbpX_UJn8qbm67uq4M6I
> < Content-Type: application/octet-stream
> Content-Type: application/octet-stream
> < Server: Jetty(6.1.26-ibm)
> Server: Jetty(6.1.26-ibm)
> < Content-Length: 0
> Content-Length: 0
> See here the redirection header.
> http://myfoo.com:843/gateway/default/webhdfs/data/v1/webhdfs/v1/iop/apps/4.3.0.0-/mapreduce/mapreduce.tar.gz?_=CBCA3IsAYTfMdBdl3-s2CYz7RWXKMvT_S9OT2LSLanl61bElhqjA3hCyqdCHhVJ1MLvn_NDL6JEBX5xdZ_N8ALSTINW1er2-7qih_nE4riDc17LQFLs9YYkBt2P3dZz_sFKOsPzCPmyNrcaHijxkloX2m4Jy4hkqEqlCakpVFEL-ZVBqiNGlBvFk1O6fbpX_UJn8qbm67uq4M6I
> This could cause unexpected results.
> The UrlRequestResponse would use the X-Forward headers (even if 
> gateway.xforwarded.enabled is false).
> The documentation is very succinct. It seems like the xforwarded.enabled only 
> accomplish passing the "Knox" x-Forward-* headers when it is not set to false.
> But there is no documentation on the effect of other servers setting up 
> 

[jira] [Commented] (KNOX-911) Ability to scope cookies to a given Path

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-911?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15936436#comment-15936436
 ] 

Sumit Gupta commented on KNOX-911:
--

[~akanto], it does seem a bit of  special case if the two shared clusters as 
you mention it cannot share anything other than the reverse proxy. Can they not 
simply have their own domain and reverse proxy? It would be nice to understand 
if there is a workaround for this use case or if you are blocked and really 
need cookie rewriting to move forward.

> Ability to scope cookies to a given Path
> 
>
> Key: KNOX-911
> URL: https://issues.apache.org/jira/browse/KNOX-911
> Project: Apache Knox
>  Issue Type: Wish
>Reporter: Attila Kanto
>
> If there are multiple individual Knox instances behind of a reverse proxy, 
> then it would be very useful if the Cookies could be scoped to a given Path.
> If a reverse proxy is put at the font of multiple Knox instances then scoping 
> the Cookies to domain is not sufficient since the /gateway1/... and 
> /gateway2/... cookies will overwrite each other.
> {code}
>   +-+
>   | |
>   |Reverse Proxy|
>   | |
>   +-+
>   ||
>/gateway1/topology || /gateway2/topology
>   ||
>  +v+
> +--v--+
>  | || 
> |
>  |  Knox 1 (/gateway1/topology)||  Knox 2 (/gateway2/topology)
> |
>  | || 
> |
>  +-+
> +-+
> {code}
> Proposal:
> Cookies can be scoped with  Set-Cookie: Path=/somepath header field. 
> It would be very convenient if this scope path could be set in 
> gateway-site.xml and Knox would return it in Set-Cookie header field to 
> clients.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-907) Knox Proxy - Ambari HIVE2.0 view doesn't showup due to Servicecheck issues

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-907?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-907.
--
Resolution: Fixed

> Knox Proxy - Ambari HIVE2.0 view doesn't showup due to Servicecheck issues
> --
>
> Key: KNOX-907
> URL: https://issues.apache.org/jira/browse/KNOX-907
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: SuryaKranthi Koneru
>Assignee: Larry McCay
>Priority: Critical
>  Labels: kip-4
> Fix For: 0.12.0
>
> Attachments: KNOX-907-001.patch
>
>
> Ambari URL:-
> http://hostname:8080/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> Knox proxy enabled for Ambari:-
> https://hostname:8443/gateway/ui/ambari/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> steps to reproduce:-
> 1- Configure Knox Proxy for Ambari.
> create ui.xml in /usr/hdp/current/knox-server/conf/topologies
> Note:- I have already deployed ui.xml topology in this path. There is no Knox 
> restart required. 
> below is the sample ui.xml
> 2- Invoke Ambari through knox proxy 
> https://hostname:8443/gateway/ui/ambari/#/login
> 3- Click on hive2.0 view
> Notice all the service checks failed messages. Attached is screenshot
> Note:- If you go through Ambari URL then you will be able to access HIVE2.0 
> view.
> http://hostname:8080/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> ui.xml:-
> 
> 
> 
> authentication
> ShiroProvider
> true
> 
> sessionTimeout
> 30
> 
> 
> main.ldapRealm
> 
> org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm
> 
> 
> main.ldapRealm.userDnTemplate
> 
> uid={0},ou=people,dc=hadoop,dc=apache,dc=org
> 
> 
> main.ldapRealm.contextFactory.url
> ldap://:
> 
> 
> 
> main.ldapRealm.contextFactory.authenticationMechanism
> simple
> 
> 
> urls./**
> authcBasic
> 
> 
> 
> identity-assertion
> Default
> true
> 
> 
> 
> AMBARI
> http://hostname:8080 
> 
> 
> AMBARIUI
> http://hostname:8080
> 
> 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-907) Knox Proxy - Ambari HIVE2.0 view doesn't showup due to Servicecheck issues

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-907?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-907:
-
Fix Version/s: (was: 0.13.0)
   0.12.0

> Knox Proxy - Ambari HIVE2.0 view doesn't showup due to Servicecheck issues
> --
>
> Key: KNOX-907
> URL: https://issues.apache.org/jira/browse/KNOX-907
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: SuryaKranthi Koneru
>Assignee: Larry McCay
>Priority: Critical
>  Labels: kip-4
> Fix For: 0.12.0
>
> Attachments: KNOX-907-001.patch
>
>
> Ambari URL:-
> http://hostname:8080/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> Knox proxy enabled for Ambari:-
> https://hostname:8443/gateway/ui/ambari/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> steps to reproduce:-
> 1- Configure Knox Proxy for Ambari.
> create ui.xml in /usr/hdp/current/knox-server/conf/topologies
> Note:- I have already deployed ui.xml topology in this path. There is no Knox 
> restart required. 
> below is the sample ui.xml
> 2- Invoke Ambari through knox proxy 
> https://hostname:8443/gateway/ui/ambari/#/login
> 3- Click on hive2.0 view
> Notice all the service checks failed messages. Attached is screenshot
> Note:- If you go through Ambari URL then you will be able to access HIVE2.0 
> view.
> http://hostname:8080/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> ui.xml:-
> 
> 
> 
> authentication
> ShiroProvider
> true
> 
> sessionTimeout
> 30
> 
> 
> main.ldapRealm
> 
> org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm
> 
> 
> main.ldapRealm.userDnTemplate
> 
> uid={0},ou=people,dc=hadoop,dc=apache,dc=org
> 
> 
> main.ldapRealm.contextFactory.url
> ldap://:
> 
> 
> 
> main.ldapRealm.contextFactory.authenticationMechanism
> simple
> 
> 
> urls./**
> authcBasic
> 
> 
> 
> identity-assertion
> Default
> true
> 
> 
> 
> AMBARI
> http://hostname:8080 
> 
> 
> AMBARIUI
> http://hostname:8080
> 
> 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-907) Knox Proxy - Ambari HIVE2.0 view doesn't showup due to Servicecheck issues

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-907?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15924188#comment-15924188
 ] 

Sumit Gupta commented on KNOX-907:
--

Looks good to me, I'll get the patch in.

> Knox Proxy - Ambari HIVE2.0 view doesn't showup due to Servicecheck issues
> --
>
> Key: KNOX-907
> URL: https://issues.apache.org/jira/browse/KNOX-907
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: SuryaKranthi Koneru
>Assignee: Larry McCay
>Priority: Critical
>  Labels: kip-4
> Fix For: 0.13.0
>
> Attachments: KNOX-907-001.patch
>
>
> Ambari URL:-
> http://hostname:8080/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> Knox proxy enabled for Ambari:-
> https://hostname:8443/gateway/ui/ambari/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> steps to reproduce:-
> 1- Configure Knox Proxy for Ambari.
> create ui.xml in /usr/hdp/current/knox-server/conf/topologies
> Note:- I have already deployed ui.xml topology in this path. There is no Knox 
> restart required. 
> below is the sample ui.xml
> 2- Invoke Ambari through knox proxy 
> https://hostname:8443/gateway/ui/ambari/#/login
> 3- Click on hive2.0 view
> Notice all the service checks failed messages. Attached is screenshot
> Note:- If you go through Ambari URL then you will be able to access HIVE2.0 
> view.
> http://hostname:8080/#/main/views/HIVE/2.0.0/AUTO_HIVE20_INSTANCE
> ui.xml:-
> 
> 
> 
> authentication
> ShiroProvider
> true
> 
> sessionTimeout
> 30
> 
> 
> main.ldapRealm
> 
> org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm
> 
> 
> main.ldapRealm.userDnTemplate
> 
> uid={0},ou=people,dc=hadoop,dc=apache,dc=org
> 
> 
> main.ldapRealm.contextFactory.url
> ldap://:
> 
> 
> 
> main.ldapRealm.contextFactory.authenticationMechanism
> simple
> 
> 
> urls./**
> authcBasic
> 
> 
> 
> identity-assertion
> Default
> true
> 
> 
> 
> AMBARI
> http://hostname:8080 
> 
> 
> AMBARIUI
> http://hostname:8080
> 
> 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-897) X-Forwarded-Port is incorrectly determined

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15905467#comment-15905467
 ] 

Sumit Gupta commented on KNOX-897:
--

Ah I missed that! Thanks for pointing that out [~smore]. Sorry for the extra 
investigation here but I thought we were potentially missing out on a use case. 
I think this JIRA can go back to being resolved!

> X-Forwarded-Port is incorrectly determined
> --
>
> Key: KNOX-897
> URL: https://issues.apache.org/jira/browse/KNOX-897
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: gateway.log, knox-897.patch, Screen Shot 2017-03-01 at 
> 14.44.03.png
>
>
> If the client fills out the following headers:
> {code}
> Header[X-Forwarded-Host]=local.somehost.com
> Header[X-Forwarded-Proto]=https
> {code}
> And does not specify the port number in X-Forwarded-Host since it uses the 
> the default port, then Knox automatically populates X-Forwarded-Port header 
> field with its own local port e.g. 8443 instead of the default 443 which 
> results in page not founds (see screenshot and log).



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-897) X-Forwarded-Port is incorrectly determined

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15905387#comment-15905387
 ] 

Sumit Gupta commented on KNOX-897:
--

Hmm, not sure [~smore]. I just tried with the 0.12.0 RC and I see this with a 
plain old client request as the outgoing from Knox (I'm looking at the gateway 
log with http wire level debug turned on). There is a config flag in 
gateway-site to turn the x-forwarded population off, but I can't imagine that 
you have set that.

2017-03-10 11:46:16,899 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "GET /webhdfs/v1/?op=LISTSTATUS=guest HTTP/1.1[\r][\n]"
2017-03-10 11:46:16,900 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "X-Forwarded-For: 127.0.0.1[\r][\n]"
2017-03-10 11:46:16,900 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "X-Forwarded-Proto: https[\r][\n]"
2017-03-10 11:46:16,900 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "X-Forwarded-Port: 8443[\r][\n]"
2017-03-10 11:46:16,901 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "X-Forwarded-Host: localhost:8443[\r][\n]"
2017-03-10 11:46:16,901 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "X-Forwarded-Server: localhost[\r][\n]"
2017-03-10 11:46:16,901 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "X-Forwarded-Context: /gateway/sandbox[\r][\n]"
2017-03-10 11:46:16,902 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "Connection: keep-alive[\r][\n]"
2017-03-10 11:46:16,902 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_66)[\r][\n]"
2017-03-10 11:46:16,902 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "Accept-Encoding: gzip,deflate[\r][\n]"
2017-03-10 11:46:16,903 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "Host: c6401.ambari.apache.org:50070[\r][\n]"
2017-03-10 11:46:16,903 DEBUG http.wire (Wire.java:wire(72)) - http-outgoing-0 
>> "[\r][\n]"

> X-Forwarded-Port is incorrectly determined
> --
>
> Key: KNOX-897
> URL: https://issues.apache.org/jira/browse/KNOX-897
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: gateway.log, knox-897.patch, Screen Shot 2017-03-01 at 
> 14.44.03.png
>
>
> If the client fills out the following headers:
> {code}
> Header[X-Forwarded-Host]=local.somehost.com
> Header[X-Forwarded-Proto]=https
> {code}
> And does not specify the port number in X-Forwarded-Host since it uses the 
> the default port, then Knox automatically populates X-Forwarded-Port header 
> field with its own local port e.g. 8443 instead of the default 443 which 
> results in page not founds (see screenshot and log).



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-897) X-Forwarded-Port is incorrectly determined

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15905347#comment-15905347
 ] 

Sumit Gupta commented on KNOX-897:
--

[~akanto], the missing variation in the scenario you describe is :

- User connects directly to Knox specifying no X-Forwarded-* headers at all.

In such a scenario Knox will populate the X-Forwarded-* headers to match its 
own configuration so that those values can be consumed downstream correctly.

> X-Forwarded-Port is incorrectly determined
> --
>
> Key: KNOX-897
> URL: https://issues.apache.org/jira/browse/KNOX-897
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: gateway.log, knox-897.patch, Screen Shot 2017-03-01 at 
> 14.44.03.png
>
>
> If the client fills out the following headers:
> {code}
> Header[X-Forwarded-Host]=local.somehost.com
> Header[X-Forwarded-Proto]=https
> {code}
> And does not specify the port number in X-Forwarded-Host since it uses the 
> the default port, then Knox automatically populates X-Forwarded-Port header 
> field with its own local port e.g. 8443 instead of the default 443 which 
> results in page not founds (see screenshot and log).



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-897) X-Forwarded-Port is incorrectly determined

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15903824#comment-15903824
 ] 

Sumit Gupta commented on KNOX-897:
--

I'm hoping we don't have to choose [~smore] but I haven't really looked at that 
code in a while. Ideally we can figure out if we have received any 
X-Forwarded-* headers and then default to 443 or 80, otherwise default to our 
own port.

> X-Forwarded-Port is incorrectly determined
> --
>
> Key: KNOX-897
> URL: https://issues.apache.org/jira/browse/KNOX-897
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: gateway.log, knox-897.patch, Screen Shot 2017-03-01 at 
> 14.44.03.png
>
>
> If the client fills out the following headers:
> {code}
> Header[X-Forwarded-Host]=local.somehost.com
> Header[X-Forwarded-Proto]=https
> {code}
> And does not specify the port number in X-Forwarded-Host since it uses the 
> the default port, then Knox automatically populates X-Forwarded-Port header 
> field with its own local port e.g. 8443 instead of the default 443 which 
> results in page not founds (see screenshot and log).



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (KNOX-905) Add httpclient properties to knoxshell log4j properties file

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-905:


 Summary: Add httpclient properties to knoxshell log4j properties 
file
 Key: KNOX-905
 URL: https://issues.apache.org/jira/browse/KNOX-905
 Project: Apache Knox
  Issue Type: Bug
  Components: KnoxShell
Affects Versions: 0.12.0
Reporter: Sumit Gupta
Assignee: Sumit Gupta
 Fix For: 0.12.0


The file knoxshell-log4j.properties file does not contain any helpful 
properties for httpclient debugging.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-904) 4.5.2 httpclient dependency re-introduced

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-904.
--
Resolution: Fixed

> 4.5.2 httpclient dependency re-introduced
> -
>
> Key: KNOX-904
> URL: https://issues.apache.org/jira/browse/KNOX-904
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.12.0
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> As per this bug [KNOX-762] there is an issue with this specific version of 
> httpclient. We need to explore the latest version or fall back to 4.5.1 again.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-904) 4.5.2 httpclient dependency re-introduced

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-904?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15903288#comment-15903288
 ] 

Sumit Gupta commented on KNOX-904:
--

Going to 4.5.3 seemed risky since we are trying to release 0.12.0. Mostly 
because 4.5.3 yanked away certain annotations like 

org.apache.http.annotation.NotThreadSafe;

This can be traced back to this 
https://issues.apache.org/jira/browse/HTTPCLIENT-1743

As a note for the future, it looks like we need to uptake the new annotation:

https://hc.apache.org/httpcomponents-core-ga/httpcore/apidocs/org/apache/http/annotation/ThreadingBehavior.html


> 4.5.2 httpclient dependency re-introduced
> -
>
> Key: KNOX-904
> URL: https://issues.apache.org/jira/browse/KNOX-904
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.12.0
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> As per this bug [KNOX-762] there is an issue with this specific version of 
> httpclient. We need to explore the latest version or fall back to 4.5.1 again.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (KNOX-904) 4.5.2 httpclient dependency re-introduced

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-904:


 Summary: 4.5.2 httpclient dependency re-introduced
 Key: KNOX-904
 URL: https://issues.apache.org/jira/browse/KNOX-904
 Project: Apache Knox
  Issue Type: Bug
Affects Versions: 0.12.0
Reporter: Sumit Gupta
 Fix For: 0.12.0


As per this bug [KNOX-762] there is an issue with this specific version of 
httpclient. We need to explore the latest version or fall back to 4.5.1 again.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (KNOX-903) KnoxShell allows self signed certs to be used without any checks

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-903:


 Summary: KnoxShell allows self signed certs to be used without any 
checks
 Key: KNOX-903
 URL: https://issues.apache.org/jira/browse/KNOX-903
 Project: Apache Knox
  Issue Type: Bug
  Components: KnoxShell
Affects Versions: 0.12.0
Reporter: Sumit Gupta
Priority: Critical
 Fix For: 0.12.0


A TrustStrategy of TrustSelfSignedStrategy is being used while setting up http 
clients to communicate with Knox over SSL.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (KNOX-901) Fix Knox-master-daily jenkins build

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-901:


 Summary: Fix Knox-master-daily jenkins build
 Key: KNOX-901
 URL: https://issues.apache.org/jira/browse/KNOX-901
 Project: Apache Knox
  Issue Type: Bug
Reporter: Sumit Gupta


The https://builds.apache.org/job/Knox-master-daily/ is failing at this point 
due to port conflicts. Though the test passes locally we need to put in a fix 
so that our builds work.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-841) Proxy support for Solr UI

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15893032#comment-15893032
 ] 

Sumit Gupta commented on KNOX-841:
--

Thanks for testing it [~risdenk]! The trailing slash issue with UI proxying 
seems to be a recurring thing. At this point we should file a bug for that. 
Since you discovered it, it would be great if you could file it. 

The 6.1.0 version is not a requirement. That version number on the service 
definition was really meant for the service def but it immediately became a way 
to do some book-keeping for what backend service version it represents. So 
essentially it doesn't really matter much but it is important for us to 
document what the minimum version the backend service is for support. 

However, If you are confident it works well with 6.0.0 I can update the version 
number to reflect that.

> Proxy support for Solr UI
> -
>
> Key: KNOX-841
> URL: https://issues.apache.org/jira/browse/KNOX-841
> Project: Apache Knox
>  Issue Type: New Feature
>  Components: Server
>Affects Versions: 0.10.0
>Reporter: Richard Ding
>Assignee: Richard Ding
> Fix For: 0.12.0
>
> Attachments: KNOX_841_1.patch, KNOX-841_2.patch, KNOX-841-3.patch, 
> KNOX_841.patch, Screen Shot 2017-02-05 at 3.01.20 PM.png
>
>
> Provide proxy UI support for the Solr UI. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-841) Proxy support for Solr UI

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-841:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Proxy support for Solr UI
> -
>
> Key: KNOX-841
> URL: https://issues.apache.org/jira/browse/KNOX-841
> Project: Apache Knox
>  Issue Type: New Feature
>  Components: Server
>Affects Versions: 0.10.0
>Reporter: Richard Ding
>Assignee: Richard Ding
> Fix For: 0.12.0
>
> Attachments: KNOX_841_1.patch, KNOX-841_2.patch, KNOX-841-3.patch, 
> KNOX_841.patch, Screen Shot 2017-02-05 at 3.01.20 PM.png
>
>
> Provide proxy UI support for the Solr UI. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-841) Proxy support for Solr UI

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-841:
-
Attachment: KNOX-841-3.patch

Based on the discussion I'm going to push in a slightly modified version of the 
patch that was provided by [~rding]. The only changes I am making are:

1. Renaming the role for the service to "SOLR" since it is both the UI and API.
2. Moving it to the 'solr' folder in the service definitions.

Thanks for the contribution and I do hope you can help test the RC coming up 
soon [~rding]!

> Proxy support for Solr UI
> -
>
> Key: KNOX-841
> URL: https://issues.apache.org/jira/browse/KNOX-841
> Project: Apache Knox
>  Issue Type: New Feature
>  Components: Server
>Affects Versions: 0.10.0
>Reporter: Richard Ding
>Assignee: Richard Ding
> Fix For: 0.12.0
>
> Attachments: KNOX_841_1.patch, KNOX-841_2.patch, KNOX-841-3.patch, 
> KNOX_841.patch, Screen Shot 2017-02-05 at 3.01.20 PM.png
>
>
> Provide proxy UI support for the Solr UI. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-841) Proxy support for Solr UI

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-841?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15890259#comment-15890259
 ] 

Sumit Gupta commented on KNOX-841:
--

+1 on [~lmccay]'s comments above.

> Proxy support for Solr UI
> -
>
> Key: KNOX-841
> URL: https://issues.apache.org/jira/browse/KNOX-841
> Project: Apache Knox
>  Issue Type: New Feature
>  Components: Server
>Affects Versions: 0.10.0
>Reporter: Richard Ding
>Assignee: Richard Ding
> Fix For: 0.12.0
>
> Attachments: KNOX_841_1.patch, KNOX-841_2.patch, KNOX_841.patch, 
> Screen Shot 2017-02-05 at 3.01.20 PM.png
>
>
> Provide proxy UI support for the Solr UI. 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-719:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719-4.patch, KNOX_719_5.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15889422#comment-15889422
 ] 

Sumit Gupta commented on KNOX-719:
--

Thanks [~jeffreyr97]! I think the changes are good enough for now. We'll file 
follow up JIRAs for improvement. I did make some additional changes to the one 
of the tests and then associated changes for a fix. I've attached the final 
patch (number 5) which is what I pushed in.

The crux of the changes I made in addition to your changes were related to 
book-keeping that the ha provider does for what the 'active' URL is. I changed 
your test to test out 3 URLs instead of two for HA and that is where I 
discovered the bug. I added a way to set the active url on the HA provider 
where previously you could only mark a failed URL and an algorithm would figure 
out the next active URL.

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719-4.patch, KNOX_719_5.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-719:
-
Attachment: KNOX_719_5.patch

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719-4.patch, KNOX_719_5.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15885963#comment-15885963
 ] 

Sumit Gupta commented on KNOX-719:
--

Thanks for the update [~jeffreyr97]! The patch looks much better and I tested 
it against a HA setup and it seems to work well. Just a couple of last nitpicks 
before I can push in the code:

1. There is an extraneous class RMUIHaHttpClientDispatch. Can this be removed?
2. There should be an opportunity to share some code between the various HA 
dispatches. There is a a lot of duplicate code that generally makes me 
uncomfortable.
3. There is an extra executeRequest method in the new Dispatch classes that is 
commented as a test method. Is this needed? I'm also uncomfortable with test 
only methods in code.

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719-3.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-839) Add Admin UI development documentation

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-839.
--
Resolution: Fixed

> Add Admin UI development documentation
> --
>
> Key: KNOX-839
> URL: https://issues.apache.org/jira/browse/KNOX-839
> Project: Apache Knox
>  Issue Type: Improvement
>Affects Versions: 0.11.0
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> Add documentation to the wiki and/or README information to allow for 
> developers to continue improving the Admin UI.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-845) Add some tests for the Shell scripts

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-845.
--
Resolution: Fixed

> Add some tests for the Shell scripts
> 
>
> Key: KNOX-845
> URL: https://issues.apache.org/jira/browse/KNOX-845
> Project: Apache Knox
>  Issue Type: Bug
>  Components: ClientDSL
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
>  Labels: KIP-4
> Fix For: 0.12.0
>
>
> The KnoxShell code and scripts are missing any unit/functional tests. Some 
> functional testing based on the MiniDFSCluster methodology (used in the 
> release tests for secure cluster testing)  could be a good starting point.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-728) Don't encode Jobhistory URLs

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15881048#comment-15881048
 ] 

Sumit Gupta commented on KNOX-728:
--

Thanks [~Wancy] for the update. I'm moving this out to 0.13.0 since it is 
likely that we don't need Knox changes anyway.

> Don't encode Jobhistory URLs
> 
>
> Key: KNOX-728
> URL: https://issues.apache.org/jira/browse/KNOX-728
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.9.0
> Environment: Knox 0.9.0, Hadoop 2.7.2
>Reporter: Andrey Kulikov
>Assignee: Shi Wang
> Fix For: 0.13.0
>
>
> I think this problem is similar to KNOX-709. Going to the Jobhistory log page:
> https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop
> {noformat}
> 16/07/26 10:21:37 
> ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request
>  method: GET
> 16/07/26 10:21:37 
> ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response
>  status: 200
> 16/07/26 10:21:37 
> ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response
>  status: 200
> {noformat}
> results in the error:
> {noformat}
> Cannot get container logs. Invalid nodeId: hdp-node2%3A45454
> {noformat}
> Jobhistory can't handle encoded paths.
> Knox 0.8.0 doesn't have this problem.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-751) Need rewrite function to capture href information from single page host to rewrite output of node hosts

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-751?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15880981#comment-15880981
 ] 

Sumit Gupta commented on KNOX-751:
--

[~jeffreyr97], as we are trying to close down 0.12.0 I wanted to know if you 
are going to provide a patch for this or should this be moved out to 0.13.0?

> Need rewrite function to capture href information from single page host to 
> rewrite output of node hosts
> ---
>
> Key: KNOX-751
> URL: https://issues.apache.org/jira/browse/KNOX-751
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.7.0, 0.8.0, 0.9.0, 0.9.1
> Environment: All environment support Knox
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
>
> User Interface page rewriting through Knox presents many challenges. One of 
> the challenges is that a Web page may have more than one link to other hosts 
> of a given type (e.g. Yarn may have a link to more than one  host) which may 
> be different from the originating one. The main issue here is that Knox maps 
> a single host to a rewrite and service. If the page has multiple hosts of a 
> single type the rewrite rules may not be enough without some extra 
> information. For example, Yarn UI may have links to Node URLs (more than one 
> node) and even through the Yarn page may be rewritten to include the schema, 
> and hostname as a query parameters so the dispatcher is able to fetch the 
> correct host like:
> https://localhost:8443/gateway/nodeui/node?scheme=http?host=sandbox1?port=8042
> https://localhost:8443/gateway/nodeui/node?scheme=http?host=sandbox2?port=8042
> https://localhost:8443/gateway/nodeui/node?scheme=http?host=sandbox3?port=8042
> the response pages from each node need to have the right scheme, host, and 
> port attached to their query parameters.   We need a function that given a 
> request to one of the links above can save the information needed to rewrite 
> their request output with the query parameters needed for every response 
> links.
> e.g. 
> if we click link 
> http://localhost:8443/gateway/nodeui/node?scheme=http?host=sandbox2?port=8042
> this can be rewritten as: 
> “/node/node” to 
> https://localhost:8443/gateway/nodeui/node/node?scheme=http?host=sandbox2?port=8042
> These functions are needed:
> $hrefUrl.ur
> $hrefUrl.host
> $hrefUrl.scheme
> $hrefUrl.port
> $hrefUrl.path
> $hrefUrl.query
> The rewrite would then be something like this:
> {code:xml}
> 
>   
> template="{$gateway[url]}/node/node?scheme={hrefUrl.scheme}?host={hrefUrl.host}?port={hrefUrl.port}?{**}”
> 
> {code}
> This way then we are not only able to request the page as we do today but the 
> output response would be rewritten to have the information needed to be 
> accessed.
> There is a KNOX-618 ( patch) but after evaluation we think that relying on 
> the “Host” header still doesn’t provide all the information needed such as 
> the scheme. We have access to the request object so it may be easier to get 
> the information directly from the href request than expecting a header. The 
> “Host” header see https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html 
> section 14.23, only defines host and port. There is no reliable way to get 
> the scheme from the response headers. Thus we can't really make use of the 
> patch since we would still need the function to provide us the scheme 
> function. Also there is still more information we may want such the path and 
> query but those as not as critical to our effort to map all links from Yarn 
> UI at this point.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-789) Apache Atlas REST API support

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-789?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15880979#comment-15880979
 ] 

Sumit Gupta commented on KNOX-789:
--

[~jeffreyr97], as we are trying to close down 0.12.0 I wanted to know if you 
are going to provide a patch for this or should this be moved out to 0.13.0?

> Apache Atlas REST API support
> -
>
> Key: KNOX-789
> URL: https://issues.apache.org/jira/browse/KNOX-789
> Project: Apache Knox
>  Issue Type: New Feature
> Environment: all
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
>
> Apache REST API support through Knox
> https://atlas.incubator.apache.org/api/rest.html



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-788) Apache Atlas Admin UI Support through Knox

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-788?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15880978#comment-15880978
 ] 

Sumit Gupta commented on KNOX-788:
--

[~jeffreyr97], as we are trying to close down 0.12.0 I wanted to know if you 
are going to provide a patch for this or should this be moved out to 0.13.0?

> Apache Atlas Admin UI Support through Knox
> --
>
> Key: KNOX-788
> URL: https://issues.apache.org/jira/browse/KNOX-788
> Project: Apache Knox
>  Issue Type: New Feature
>  Components: Server
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
>
> Apache Atlas Admin UI Support through Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-882) Bind KnoxTokens to the Requesting Clients

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-882:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Bind KnoxTokens to the Requesting Clients
> -
>
> Key: KNOX-882
> URL: https://issues.apache.org/jira/browse/KNOX-882
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Larry McCay
>  Labels: kip-4
> Fix For: 0.13.0
>
>
> When issuing the KnoxToken, the requesting client IP address should be added 
> to the resulting token. This IP address will then need to be validated 
> against the IP address of any incoming request that presents the bearer token 
> as proof of identity.
> This will prevent the misappropriation of a token from allowing access from 
> any other machine.
> We will also want to make this binding requirement configurable and provide 
> appropriate warning messages when not in use.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-793) fail to put when the filesize equal 8g

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-793?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-793:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> fail to put when the filesize equal  8g
> ---
>
> Key: KNOX-793
> URL: https://issues.apache.org/jira/browse/KNOX-793
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.9.1
>Reporter: linwaterbin
> Fix For: 0.13.0
>
>
> when I put a file that size over 8g must fail,but when I test other item as 
> following:
> 1、the filesize is 7.9g，will success
> 2、the filesize is 8.1g，will success
> 3、the filesize is 8g，will fail
> my command is:
> curl  -i -k -u root:123 -L -T l_3306_20161126_041435_xtra.split.0 -X PUT 
> "https://1.1.5.3:8080/db/st/webhdfs/v1/IED/l_3306_20161126_041435_xtra.split.0?op=CREATE;
> the 8g is a magic size，anyone can help me，thanks before :)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-761) KnoxSSO Needs to Support Multi-tenant Usecases

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-761:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> KnoxSSO Needs to Support Multi-tenant Usecases
> --
>
> Key: KNOX-761
> URL: https://issues.apache.org/jira/browse/KNOX-761
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Larry McCay
> Fix For: 0.13.0
>
>
> In a deployment that separates tenant access to Hadoop resources through 
> dedicated topologies with tenant specific authentication, there are a couple 
> issues:
> * pac4j provider seems to be caching config settings in a singleton which 
> makes the redirect url nondeterministic.
> * knoxsso cookie would be trusted across tenant specific topologies which 
> could lead to unauthorized access to resources that belongs to another tenant
> The use of tenant specific audience claims within the JWT token could be used 
> to mitigate the cross tenant trust issue.
> We need to investigate the pac4j provider issue with the singleton config.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-811) Skip parsing of request/response body if no filters/rules apply.

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-811?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-811:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Skip parsing of request/response body if no filters/rules apply.
> 
>
> Key: KNOX-811
> URL: https://issues.apache.org/jira/browse/KNOX-811
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.13.0
>
>
> This is related to [KNOX-767]



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-797) Default Topology Feature Not Working

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-797?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-797:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Default Topology Feature Not Working
> 
>
> Key: KNOX-797
> URL: https://issues.apache.org/jira/browse/KNOX-797
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Larry McCay
> Fix For: 0.13.0
>
>
> From Mohammad Islam:
> I set  "default.app.topology.name" in gateway-site.xml  to "uber" (my default 
> topology name).  
> It worked fine if I gave the full URL. The command looks like this "curl  
> http:///gateway/uber/webhdfs/v1/?op=GETHOMEDIRECTORY'".
>  
> However, when I tried with command "curl  
> http:///webhdfs/v1/?op=GETHOMEDIRECTORY'". I got the HTTP error 
> code 500. I looked into gateway.log file and found quite a few error related 
> to rewrite. The exact error messages are shown below:
> Error message
> {noformat}
> 2016-11-30 00:39:51,565 ERROR hadoop.gateway 
> (UrlRewriteProcessor.java:rewrite(169)) - Failed to rewrite URL: 
> http:///webhdfs/v1/?op=GETHOMEDIRECTORY, direction: IN via rule: 
> WEBHDFS/webhdfs/inbound/namenode/root, status: FAILURE
> 2016-11-30 00:39:51,565 ERROR hadoop.gateway 
> (UrlRewriteProcessor.java:rewrite(169)) - Failed to rewrite URL: 
> http:///webhdfs/v1/?op=GETHOMEDIRECTORY, direction: IN via rule: 
> WEBHDFS/webhdfs/inbound/namenode/root, status: FAILURE
> {noformat}
> After that, I modified the webhdfs/2.4.0/rewrite.xml by rewriting the 
> following pattern and it worked for short URL but long URL faces the same 
> issue.
> Original: 
> {noformat}
>  pattern="*://*:*/**/webhdfs/{version}/?{**}">
> 
> 
> {noformat}
> Modified :
> {noformat}
>  pattern="*://*:*/webhdfs/{version}/?{**}">
> 
> 
> {noformat}
>   
> Overall, the rewrite pattern may be the issue. We will need to support for 
> both short and long URL. May be, we can add multiple rewrite rules for each 
> route in service.xml.
> Is there any other cleaner way which may work for all cases such as webhdfs, 
> yarn, hive, UIs etc?



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-834) Admin UI Fails to Redirect to Knox SSO for API Calls

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-834?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-834:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Admin UI Fails to Redirect to Knox SSO for API Calls
> 
>
> Key: KNOX-834
> URL: https://issues.apache.org/jira/browse/KNOX-834
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
> Fix For: 0.13.0
>
>
> When using KnoxSSO the Admin UI will redirect appropriately to KnoxSSO when 
> attempting to load the main page either the first time or when the 
> cookie/token expires.
> However, when the cookie/token expires or is removed and a different topology 
> is selected or a refresh is initiated the KnoxSSO redirect for the API call 
> is returned into the editor.
> We need to detect that a redirect is being requested for the topology call 
> and force a refresh of the page or do the redirect from js.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-832) Admin UI Should Display Unauthorized Message when 403 is Received via API

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-832?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-832:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Admin UI Should Display Unauthorized Message when 403 is Received via API
> -
>
> Key: KNOX-832
> URL: https://issues.apache.org/jira/browse/KNOX-832
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
> Fix For: 0.13.0
>
>
> Logging into the Admin UI as a non-admin user such as guest in the DEMO LDAP 
> server results in the page being displayed with no topologies listed.
> This should include an Unauthorized error message.
> Additionally, we need to see whether authorization is being enforced on the 
> application itself and not just the API.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-840) Admin UI add ability to create a new topology based on a template

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-840:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Admin UI add ability to create a new topology based on a template
> -
>
> Key: KNOX-840
> URL: https://issues.apache.org/jira/browse/KNOX-840
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: AdminUI
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.13.0
>
>
> Admin user should be able to use the Admin UI to create new topologies based 
> on one of the template files that we ship with Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-727) Authorization Support for Knox Hosted Applications

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-727?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-727:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

> Authorization Support for Knox Hosted Applications
> --
>
> Key: KNOX-727
> URL: https://issues.apache.org/jira/browse/KNOX-727
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.9.0
>Reporter: Zachary Blanco
>Assignee: Zachary Blanco
> Fix For: 0.13.0
>
> Attachments: admin.xml, knoxsso.xml
>
>
> In the process of making an Administrator UI for the Knox, I've encountered 
> an issue where we can log into the app as an unauthorized user, but then fail 
> to make any AJAX requests. The Ajax requests return a 403 - which is probably 
> what should happen when logging into the app with an unauthorized user.
> Steps to reproduce:
> 1. Set up the Knox admin UI app using the instructions here: 
> https://github.com/ZacBlanco/knox-admin-ui/blob/master/README.md
> 2. Place attached knoxsso and admin topology files under conf/topologies
> 3. Navigate to https://www.local.com:8443/gateway/admin/knox-manager
> 4. Attempt to login with guest:guest-password
> The knox-manager page should render but in the dev console you should see 
> 403-Forbidden on the Ajax requests.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-784) java.lang.IllegalArgumentException: A metric named org.apache.http.conn.HttpClientConnectionManager.available-connections already exists

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-784?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-784:
-
Fix Version/s: (was: 0.12.0)
   0.13.0

>  java.lang.IllegalArgumentException: A metric named 
> org.apache.http.conn.HttpClientConnectionManager.available-connections 
> already exists
> -
>
> Key: KNOX-784
> URL: https://issues.apache.org/jira/browse/KNOX-784
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Nishant Bangarwa
>Assignee: Sumit Gupta
> Fix For: 0.13.0
>
>
> Facing this error on latest trunk version - 
> Caused by: java.lang.IllegalArgumentException: A metric named 
> org.apache.http.conn.HttpClientConnectionManager.available-connections 
> already exists
> at 
> com.codahale.metrics.MetricRegistry.register(MetricRegistry.java:91)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:63)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:49)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:41)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:36)
> at 
> org.apache.hadoop.gateway.services.metrics.impl.instr.InstrHttpClientBuilderProvider.getInstrumented(InstrHttpClientBuilderProvider.java:41)
> at 
> org.apache.hadoop.gateway.services.metrics.impl.instr.InstrHttpClientBuilderProvider.getInstrumented(InstrHttpClientBuilderProvider.java:36)
> at 
> org.apache.hadoop.gateway.services.metrics.impl.DefaultMetricsService.getInstrumented(DefaultMetricsService.java:128)
> at 
> org.apache.hadoop.gateway.dispatch.DefaultHttpClientFactory.createHttpClient(DefaultHttpClientFactory.java:67)
> at 
> org.apache.hadoop.gateway.dispatch.GatewayDispatchFilter.init(GatewayDispatchFilter.java:75)
> at 
> org.apache.hadoop.gateway.GatewayFilter$Holder.getInstance(GatewayFilter.java:362)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-874) Update hadoop dependency in root pom

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-874?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-874.
--
Resolution: Fixed

> Update hadoop dependency in root pom
> 
>
> Key: KNOX-874
> URL: https://issues.apache.org/jira/browse/KNOX-874
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Build
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> We are a bit behind in our hadoop dependency. Now that we have added hadoop 
> group lookup we should stay closer to the latest release.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15868414#comment-15868414
 ] 

Sumit Gupta commented on KNOX-719:
--

Thanks [~jeffreyr97], The new patch seems to be the same as the old one. I'll 
move around the classes manually for now, but before I do a deep dive into the 
review I have a few high level observations:

1. I see some new classes that are marked as @Deprecated. What is the purpose 
of these?
2. Does this also require some changes to the service.xml file so that the 
correct classes are used? 
3. The main pom.xml needs to change to be able to add in the new module.

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719-1.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15868094#comment-15868094
 ] 

Sumit Gupta commented on KNOX-719:
--

[~jeffreyr97], Also a question about the HA functionality. This looks almost 
exactly the same as webhdfs HA. My understanding is that in RM HA, there is a 
redirect issued from a standby node to the active node if the standby node is 
up and accessed. Are you also handling this scenario?



> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15868039#comment-15868039
 ] 

Sumit Gupta commented on KNOX-719:
--

[~jeffreyr97], The patch is not applying correctly. You may have not created it 
in the right spot? The new module you created is fine but the files land up 
somewhere else. Probably because of this :

 gateway-service-rm/pom.xml |  81 +
 .../hadoop/gateway/rm/dispatch/RMDispatch.java |  35 
 .../hadoop/gateway/rm/dispatch/RMHaDispatch.java   | 185 +
 .../rm/dispatch/RMHaHttpClientDispatch.java|  36 
 .../gateway/rm/dispatch/RMHttpClientDispatch.java  |  45 +
 .../hadoop/gateway/rm/dispatch/RMUIHaDispatch.java | 185 +
 .../rm/dispatch/RMUIHaHttpClientDispatch.java  |  33 
 .../rm/dispatch/RMUIHttpClientDispatch.java|  45 +
 .../gateway/rm/dispatch/SafeModeException.java |  21 +++
 .../gateway/rm/dispatch/StandbyException.java  |  21 +++
 .../apache/hadoop/gateway/rm/i18n/RMMessages.java  |  43 +
 .../gateway/rm/dispatch/RMHaDispatchTest.java  | 113 +

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-719) Knox support for Yarn Resource Manager HA

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-719?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15867990#comment-15867990
 ] 

Sumit Gupta commented on KNOX-719:
--

This would be a great addition [~jeffreyr97]. I'll take a look at the patch.

> Knox support for Yarn Resource Manager HA
> -
>
> Key: KNOX-719
> URL: https://issues.apache.org/jira/browse/KNOX-719
> Project: Apache Knox
>  Issue Type: Bug
>Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.0, 0.10.0, 0.11.0
>Reporter: Jeffrey E  Rodriguez
>Assignee: Jeffrey E  Rodriguez
> Fix For: 0.12.0
>
> Attachments: KNOX-719.patch
>
>
> This would support both REST/UI YARN Resource Manager HA. Based on other HA 
> providers added in Knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-728) Don't encode Jobhistory URLs

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-728?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15867937#comment-15867937
 ] 

Sumit Gupta commented on KNOX-728:
--

[~Wancy]. we did switch to always encoding URLs. We had a lot of issues with 
special characters in URLs for some services. Specifically when we did it we 
were solving for various URL issues in Ambari. So when you are looking at this, 
please make sure you don't break that functionality and also I would double 
check why jobhistory can't decode URLs.

> Don't encode Jobhistory URLs
> 
>
> Key: KNOX-728
> URL: https://issues.apache.org/jira/browse/KNOX-728
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.9.0
> Environment: Knox 0.9.0, Hadoop 2.7.2
>Reporter: Andrey Kulikov
>Assignee: Shi Wang
>
> I think this problem is similar to KNOX-709. Going to the Jobhistory log page:
> https://hdp-node1:8443/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop
> {noformat}
> 16/07/26 10:21:37 
> ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|unavailable|Request
>  method: GET
> 16/07/26 10:21:37 
> ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||dispatch|uri|http://hdp-node1:19888/jobhistory/logs/hdp-node2%3A45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop/?user.name=akulikov|success|Response
>  status: 200
> 16/07/26 10:21:37 
> ||f4b6aeec-289f-4f96-9a81-fcf6df6cf762|audit|JOBHISTORYUI|akulikov|||access|uri|/gateway/hadoop-staging/jobhistory/joblogs/hdp-node2:45454/container_e696_1469407938027_0072_01_11/attempt_1469407938027_0072_m_09_0/hadoop|success|Response
>  status: 200
> {noformat}
> results in the error:
> {noformat}
> Cannot get container logs. Invalid nodeId: hdp-node2%3A45454
> {noformat}
> Jobhistory can't handle encoded paths.
> Knox 0.8.0 doesn't have this problem.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-848) Support for Gremlin Server REST

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-848:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

Thanks for the contribution [~Wancy]! Please note that I changed the service 
role to 'GREMLIN' from 'GREMLINREST'.

> Support for Gremlin Server REST
> ---
>
> Key: KNOX-848
> URL: https://issues.apache.org/jira/browse/KNOX-848
> Project: Apache Knox
>  Issue Type: New Feature
>Affects Versions: 0.11.0
>Reporter: Shi Wang
>Assignee: Shi Wang
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, 
> 0001-KNOX-848-Support-for-Gremlin-Server-REST.patch, 
> 0001-KNOX-848-Support-for-Titan-REST.patch
>
>
> Support Apache Titan 1.0.0 REST go through knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-865) Add a release module for KnoxShell

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-865.
--
Resolution: Fixed

> Add a release module for KnoxShell
> --
>
> Key: KNOX-865
> URL: https://issues.apache.org/jira/browse/KNOX-865
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> Create a release module for KnoxShell so that it can be downloaded and run 
> independently of the gateway installation.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-848) Support for Titan REST

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15864359#comment-15864359
 ] 

Sumit Gupta commented on KNOX-848:
--

[~Wancy], I tried out the docker environment you provided and the followed the 
curl commands listed. They seem to work fine. Please let me know if you will be 
providing an updated patch with the new names or if you want me to change the 
names. 

Thanks again for the contribution!

> Support for Titan REST
> --
>
> Key: KNOX-848
> URL: https://issues.apache.org/jira/browse/KNOX-848
> Project: Apache Knox
>  Issue Type: New Feature
>Affects Versions: 0.11.0
>Reporter: Shi Wang
>Assignee: Shi Wang
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch, 
> 0001-KNOX-848-Support-for-Titan-REST.patch
>
>
> Support Apache Titan 1.0.0 REST go through knox.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Created] (KNOX-874) Update hadoop dependency in root pom

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-874:


 Summary: Update hadoop dependency in root pom
 Key: KNOX-874
 URL: https://issues.apache.org/jira/browse/KNOX-874
 Project: Apache Knox
  Issue Type: Bug
  Components: Build
Reporter: Sumit Gupta
Assignee: Sumit Gupta
 Fix For: 0.12.0


We are a bit behind in our hadoop dependency. Now that we have added hadoop 
group lookup we should stay closer to the latest release.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Assigned] (KNOX-865) Add a release module for KnoxShell

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta reassigned KNOX-865:


Assignee: Sumit Gupta

> Add a release module for KnoxShell
> --
>
> Key: KNOX-865
> URL: https://issues.apache.org/jira/browse/KNOX-865
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> Create a release module for KnoxShell so that it can be downloaded and run 
> independently of the gateway installation.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-864) Knox init scripts are not Upstart compatible

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-864:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Knox init scripts are not Upstart compatible
> 
>
> Key: KNOX-864
> URL: https://issues.apache.org/jira/browse/KNOX-864
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Server
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: knox-864.patch
>
>
> It is critical that we have a service that can auto-restart during crashes 
> and reboots. On Amazon Linux this tasks are done by Upstart.
> By default Upstart will track the life cycle of the first PID that it 
> executes in the exec or script stanzas (defined in the Upstart config file),  
> however, most Unix services will "daemonize", meaning that they will create a 
> new process (using fork(2)) which is a child of the initial process. This is 
> what also happens when when gateway.sh or ldap.sh is invoked.
> In order to track the right PID, Upstart must determine the final process ID 
> for a job, and in case of  daemonized processes it needs to know how many 
> times that process will call fork(2).
> Upstart supports the followings:
> * *expect fork*: Upstart will expect the process executed to call fork(2) 
> exactly once.
> * *expect daemon*: Upstart will expect the process executed to call fork(2) 
> exactly twice
> Unfortunately none of the above cases fits to gateway.sh and ldap.sh, since 
> they are calling fork many times and Upstart always tracks the wrong PID.
> According to Upstart doc 
> http://upstart.ubuntu.com/cookbook/#how-to-establish-fork-count if the 
> application you are attempting to create a Job Configuration File does not 
> document how many times it forks, you can run it with a tool such as 
> strace(1) which will allow you to count the number of forks:
> {code}
> [root@ip-10-0-4-107 ~]# strace -o /tmp/strace.log -fFv su -c 
> "/usr/hdp/current/knox-server/bin/gateway.sh start" knox
> Starting Gateway succeeded with PID 25528.
> [root@ip-10-0-4-107 ~]# sudo egrep "\<(fork|clone)\>\(" /tmp/strace.log | wc 
> | awk '{print $1}'
> 86
> {code}
> Ambari had similar issues in the past: 
> https://issues.apache.org/jira/browse/AMBARI-14842



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KNOX-864) Knox init scripts are not Upstart compatible

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-864?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15850009#comment-15850009
 ] 

Sumit Gupta commented on KNOX-864:
--

Thanks for the patch [~akanto]! We will review this and get the fix pushed in 
the 0.12.0 timeframe.

> Knox init scripts are not Upstart compatible
> 
>
> Key: KNOX-864
> URL: https://issues.apache.org/jira/browse/KNOX-864
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Server
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: knox-864.patch
>
>
> It is critical that we have a service that can auto-restart during crashes 
> and reboots. On Amazon Linux this tasks are done by Upstart.
> By default Upstart will track the life cycle of the first PID that it 
> executes in the exec or script stanzas (defined in the Upstart config file),  
> however, most Unix services will "daemonize", meaning that they will create a 
> new process (using fork(2)) which is a child of the initial process. This is 
> what also happens when when gateway.sh or ldap.sh is invoked.
> In order to track the right PID, Upstart must determine the final process ID 
> for a job, and in case of  daemonized processes it needs to know how many 
> times that process will call fork(2).
> Upstart supports the followings:
> * *expect fork*: Upstart will expect the process executed to call fork(2) 
> exactly once.
> * *expect daemon*: Upstart will expect the process executed to call fork(2) 
> exactly twice
> Unfortunately none of the above cases fits to gateway.sh and ldap.sh, since 
> they are calling fork many times and Upstart always tracks the wrong PID.
> According to Upstart doc 
> http://upstart.ubuntu.com/cookbook/#how-to-establish-fork-count if the 
> application you are attempting to create a Job Configuration File does not 
> document how many times it forks, you can run it with a tool such as 
> strace(1) which will allow you to count the number of forks:
> {code}
> [root@ip-10-0-4-107 ~]# strace -o /tmp/strace.log -fFv su -c 
> "/usr/hdp/current/knox-server/bin/gateway.sh start" knox
> Starting Gateway succeeded with PID 25528.
> [root@ip-10-0-4-107 ~]# sudo egrep "\<(fork|clone)\>\(" /tmp/strace.log | wc 
> | awk '{print $1}'
> 86
> {code}
> Ambari had similar issues in the past: 
> https://issues.apache.org/jira/browse/AMBARI-14842



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Updated] (KNOX-864) Knox init scripts are not Upstart compatible

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-864:
-
Fix Version/s: 0.12.0

> Knox init scripts are not Upstart compatible
> 
>
> Key: KNOX-864
> URL: https://issues.apache.org/jira/browse/KNOX-864
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: Server
>Affects Versions: 0.11.0
>Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: knox-864.patch
>
>
> It is critical that we have a service that can auto-restart during crashes 
> and reboots. On Amazon Linux this tasks are done by Upstart.
> By default Upstart will track the life cycle of the first PID that it 
> executes in the exec or script stanzas (defined in the Upstart config file),  
> however, most Unix services will "daemonize", meaning that they will create a 
> new process (using fork(2)) which is a child of the initial process. This is 
> what also happens when when gateway.sh or ldap.sh is invoked.
> In order to track the right PID, Upstart must determine the final process ID 
> for a job, and in case of  daemonized processes it needs to know how many 
> times that process will call fork(2).
> Upstart supports the followings:
> * *expect fork*: Upstart will expect the process executed to call fork(2) 
> exactly once.
> * *expect daemon*: Upstart will expect the process executed to call fork(2) 
> exactly twice
> Unfortunately none of the above cases fits to gateway.sh and ldap.sh, since 
> they are calling fork many times and Upstart always tracks the wrong PID.
> According to Upstart doc 
> http://upstart.ubuntu.com/cookbook/#how-to-establish-fork-count if the 
> application you are attempting to create a Job Configuration File does not 
> document how many times it forks, you can run it with a tool such as 
> strace(1) which will allow you to count the number of forks:
> {code}
> [root@ip-10-0-4-107 ~]# strace -o /tmp/strace.log -fFv su -c 
> "/usr/hdp/current/knox-server/bin/gateway.sh start" knox
> Starting Gateway succeeded with PID 25528.
> [root@ip-10-0-4-107 ~]# sudo egrep "\<(fork|clone)\>\(" /tmp/strace.log | wc 
> | awk '{print $1}'
> 86
> {code}
> Ambari had similar issues in the past: 
> https://issues.apache.org/jira/browse/AMBARI-14842



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] (KNOX-838) Admin UI Titles Change

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-838?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-838.
--
Resolution: Fixed

> Admin UI Titles Change
> --
>
> Key: KNOX-838
> URL: https://issues.apache.org/jira/browse/KNOX-838
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: AdminUI
>Reporter: Larry McCay
>Assignee: Sumit Gupta
>Priority: Trivial
> Fix For: 0.12.0
>
>
> Admin UI page titles:
> After some thought, I think that I have titles that might work better:
> Topologies
> Resource Access Management
> Naming.ugh... :)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Resolved] (KNOX-820) Knox query processing: If the originalUrl value has "ampersand"(&) in it, the value after ampersand is ignored.

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-820.
--
   Resolution: Fixed
Fix Version/s: (was: 0.11.0)
   0.12.0

> Knox query processing: If the originalUrl value has "ampersand"(&) in it, the 
> value after ampersand is ignored.
> ---
>
> Key: KNOX-820
> URL: https://issues.apache.org/jira/browse/KNOX-820
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> From Sharmadha Sainath offline:
> Example URL is: 
> https://ctr-e64-1480733150053-8567-01-02.hwx.site:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
> After providing the username and password, the above page gets redirected to 
> "ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25",
>  leaving "query=hive_table". This seems to be an issue with knox query 
> processing.
> Original query:
> http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
> Redirects to
> https://ctr-e64-1480733150053-8567-01-02.hwx.site:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
> Enclosed the URL 
> http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
>  with double quotes and encoded it and gave it as original URL . Still it 
> doesn't work.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Reopened] (KNOX-820) Knox query processing: If the originalUrl value has "ampersand"(&) in it, the value after ampersand is ignored.

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta reopened KNOX-820:
--
  Assignee: Sumit Gupta  (was: Larry McCay)

Found an additional minor issue, so reopening this bug

> Knox query processing: If the originalUrl value has "ampersand"(&) in it, the 
> value after ampersand is ignored.
> ---
>
> Key: KNOX-820
> URL: https://issues.apache.org/jira/browse/KNOX-820
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> From Sharmadha Sainath offline:
> Example URL is: 
> https://ctr-e64-1480733150053-8567-01-02.hwx.site:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
> After providing the username and password, the above page gets redirected to 
> "ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25",
>  leaving "query=hive_table". This seems to be an issue with knox query 
> processing.
> Original query:
> http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
> Redirects to
> https://ctr-e64-1480733150053-8567-01-02.hwx.site:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
> Enclosed the URL 
> http://ctr-e64-1480733150053-8567-01-02.hwx.site:21000/api/atlas/discovery/search/dsl?limit=25=hive_table
>  with double quotes and encoded it and gave it as original URL . Still it 
> doesn't work.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-848) Support for Apache Titan REST

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15839897#comment-15839897
 ] 

Sumit Gupta commented on KNOX-848:
--

[~Wancy], I got an error trying to pull your docker image. Here is what I did:

$ docker pull wancy/knox_titanrest_testing
Using default tag: latest
Error response from daemon: manifest for wancy/knox_titanrest_testing:latest 
not found

Is that the right one?

> Support for Apache Titan REST
> -
>
> Key: KNOX-848
> URL: https://issues.apache.org/jira/browse/KNOX-848
> Project: Apache Knox
>  Issue Type: New Feature
>Affects Versions: 0.11.0
>Reporter: Shi Wang
>Assignee: Shi Wang
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch
>
>
> Support Apache Titan 1.0.0 REST go through knox.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-854) Consolidate DocumentBuilderFactory calls + enable SECURE_PROCESSING

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-854?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-854:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

Thanks [~coheig]! This was some good cleanup and much needed refactoring.

> Consolidate DocumentBuilderFactory calls + enable SECURE_PROCESSING
> ---
>
> Key: KNOX-854
> URL: https://issues.apache.org/jira/browse/KNOX-854
> Project: Apache Knox
>  Issue Type: Improvement
>Affects Versions: 0.11.0
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.12.0
>
> Attachments: 
> 0001-KNOX-854-Consolidate-DocumentBuilderFactory-calls-en.patch
>
>
> This task is to consolidate DocumentBuilderFactory calls into a single class 
> (XmlUtils), in order to remove duplicate code. This task also encompasses 
> enabling the SECURE_PROCESSING feature when parsing XML, which is generally a 
> "good thing to do".



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-848) Support for Apache Titan REST

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832572#comment-15832572
 ] 

Sumit Gupta commented on KNOX-848:
--

Thanks for the notice [~Wancy], please let me know when I can try your new repo.

> Support for Apache Titan REST
> -
>
> Key: KNOX-848
> URL: https://issues.apache.org/jira/browse/KNOX-848
> Project: Apache Knox
>  Issue Type: New Feature
>Affects Versions: 0.11.0
>Reporter: Shi Wang
>Assignee: Shi Wang
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch
>
>
> Support Apache Titan 1.0.0 REST go through knox.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-848) Support for Apache Titan REST

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832291#comment-15832291
 ] 

Sumit Gupta commented on KNOX-848:
--

Thanks [~Wancy], I'll try it out and let you know. That may be enough...

> Support for Apache Titan REST
> -
>
> Key: KNOX-848
> URL: https://issues.apache.org/jira/browse/KNOX-848
> Project: Apache Knox
>  Issue Type: New Feature
>Affects Versions: 0.11.0
>Reporter: Shi Wang
>Assignee: Shi Wang
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch
>
>
> Support Apache Titan 1.0.0 REST go through knox.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-858) Simplify Hamcrest dependencies

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-858:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Simplify Hamcrest dependencies
> --
>
> Key: KNOX-858
> URL: https://issues.apache.org/jira/browse/KNOX-858
> Project: Apache Knox
>  Issue Type: Improvement
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Trivial
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-858-Simplify-Hamcrest-dependencies.patch
>
>
> The Hamcrest dependencies could be simplified:
> a) The Hamcrest "api" module in the root pom is not needed
> b) There is no need to specify the "core" module when the library module is 
> included as a "test" dependency.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-848) Support for Apache Titan REST

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15831973#comment-15831973
 ] 

Sumit Gupta commented on KNOX-848:
--

[~Wancy], any update on this. I would love to test this out and get it 
committed. What kind of KnoxShell JIRA are you looking for? There have been a 
bunch recently. For example [KNOX-828]. Does that help or do you want something 
specific?

> Support for Apache Titan REST
> -
>
> Key: KNOX-848
> URL: https://issues.apache.org/jira/browse/KNOX-848
> Project: Apache Knox
>  Issue Type: New Feature
>Affects Versions: 0.11.0
>Reporter: Shi Wang
>Assignee: Shi Wang
> Fix For: 0.12.0
>
> Attachments: 0001-KNOX-848-Support-for-Apache-Titan-REST.patch
>
>
> Support Apache Titan 1.0.0 REST go through knox.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-857) Incorrect formation of causes oozie mapreduce action failure

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15830377#comment-15830377
 ] 

Sumit Gupta commented on KNOX-857:
--

[~kuldeepkulkarn...@gmail.com], my understanding is that the ${outputDir} 
property is meant to be used for an hdfs directory. Knox provides this as a 
convenience and rewrites the path to work as an hdfs path. As you have 
determined, you don't have to use this in your workflow.xml file.

> Incorrect formation of  causes oozie mapreduce action failure
> --
>
> Key: KNOX-857
> URL: https://issues.apache.org/jira/browse/KNOX-857
> Project: Apache Knox
>  Issue Type: Bug
>  Components: KnoxCLI
>Affects Versions: 0.6.0
> Environment: HDP-2.4.0.0
>Reporter: Kuldeep Kulkarni
>Priority: Critical
> Attachments: job.xml.bug, knox.conf.tar.gz, knox.log.tz
>
>
> When Oozie workflow is submitted via Knox containing mapreduce-action. it 
> always gets failed with below error:
> {code}
> Heart beat
> {"properties":[{"key":"oozie.launcher.job.id","value":"job_1484748086731_0022","isFinal":false,"resource":"programatically"},{"key":"oozie.job.id","value":"017-170118140025343-oozie-oozi-W","isFinal":false,"resource":"programatically"},{"key":"oozie.action.id","value":"017-170118140025343-oozie-oozi-W@mr-node","isFinal":false,"resource":"programatically"},{"key":"mapreduce.job.tags","value":"oozie-20b9b1ecd11f08843b078e701ce5c1ad","isFinal":false,"resource":"programatically"}]}Starting
>  the execution of prepare actions
> Prepare execution in the Launcher Mapper has failed
> Failing Oozie Launcher, Main class 
> [org.apache.oozie.action.hadoop.MapReduceMain], exception invoking main(), 
> java.net.URISyntaxException: Expected scheme-specific part at index 5: hdfs:
> org.apache.oozie.action.hadoop.LauncherException: 
> java.net.URISyntaxException: Expected scheme-specific part at index 5: hdfs:
>   at 
> org.apache.oozie.action.hadoop.LauncherMapper.map(LauncherMapper.java:193)
>   at org.apache.hadoop.mapred.MapRunner.run(MapRunner.java:54)
>   at org.apache.hadoop.mapred.MapTask.runOldMapper(MapTask.java:453)
>   at org.apache.hadoop.mapred.MapTask.run(MapTask.java:343)
>   at org.apache.hadoop.mapred.YarnChild$2.run(YarnChild.java:168)
>   at java.security.AccessController.doPrivileged(Native Method)
>   at javax.security.auth.Subject.doAs(Subject.java:422)
>   at 
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1657)
>   at org.apache.hadoop.mapred.YarnChild.main(YarnChild.java:162)
> Caused by: org.apache.oozie.action.hadoop.LauncherException: 
> java.net.URISyntaxException: Expected scheme-specific part at index 5: hdfs:
>   at 
> org.apache.oozie.action.hadoop.PrepareActionsDriver.doOperations(PrepareActionsDriver.java:77)
>   at 
> org.apache.oozie.action.hadoop.LauncherMapper.executePrepare(LauncherMapper.java:494)
>   at 
> org.apache.oozie.action.hadoop.LauncherMapper.map(LauncherMapper.java:189)
>   ... 8 more
> Caused by: java.lang.IllegalArgumentException: java.net.URISyntaxException: 
> Expected scheme-specific part at index 5: hdfs:
>   at org.apache.hadoop.fs.Path.initialize(Path.java:205)
>   at org.apache.hadoop.fs.Path.(Path.java:171)
>   at org.apache.hadoop.fs.Path.(Path.java:93)
>   at org.apache.hadoop.fs.Globber.glob(Globber.java:211)
>   at org.apache.hadoop.fs.FileSystem.globStatus(FileSystem.java:1655)
>   at 
> org.apache.oozie.action.hadoop.FSLauncherURIHandler.delete(FSLauncherURIHandler.java:59)
>   at 
> org.apache.oozie.action.hadoop.PrepareActionsDriver.execute(PrepareActionsDriver.java:90)
>   at 
> org.apache.oozie.action.hadoop.PrepareActionsDriver.doOperations(PrepareActionsDriver.java:68)
>   ... 10 more
> Caused by: java.net.URISyntaxException: Expected scheme-specific part at 
> index 5: hdfs:
>   at java.net.URI$Parser.fail(URI.java:2848)
>   at java.net.URI$Parser.failExpecting(URI.java:2854)
>   at java.net.URI$Parser.parse(URI.java:3057)
>   at java.net.URI.(URI.java:746)
>   at org.apache.hadoop.fs.Path.initialize(Path.java:202)
>   ... 17 more
> Oozie Launcher failed, finishing Hadoop job gracefully
> {code}
> This happens because,  in the action configuration gets 
> generated incorrectly.
> {code}
>  path="hdfs://oozieknox2.openstacklocal:8020/user/ambari-qa/examples/output-data/hdfs://oozieknox2.openstacklocal:8020/map-reduce"
>  />
> {code}
> Expected value is:
> {code}
>  path="hdfs://oozieknox2.openstacklocal:8020/user/ambari-qa/examples/output-data/map-reduce"
>  />
> {code}
> Command used to submit oozie job is:
> {code}
> [ambari-qa@oozieknox1 ~]$ curl -i -k -u ambari-qa:hadoop -H 
> Content-Type:application/xml 

[jira] [Updated] (KNOX-806) Implement Closeable for deallocable resources

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-806?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-806:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Implement Closeable for deallocable resources
> -
>
> Key: KNOX-806
> URL: https://issues.apache.org/jira/browse/KNOX-806
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>Priority: Minor
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-806.patch
>
>
> org.apache.hadoop.gateway.shell.BasicResponse and 
> org.apache.hadoop.gateway.shell.Hadoop are not java.io.Closeable, which means 
> that we have to do this:
> {code:java}
> BasicResponse response = null;
> String jobId;
> try {
> response = Workflow.submit(getHadoop()).text(xmlConfiguration).now();
> jobId = JsonPath.read(response.getString(), "$.id");
> } finally {
> if(response != null) {
>   response.close();
> }
> }
> {code}
> instead of this:
> {code:java}
> String jobId;
> try (BasicResponse response = 
> Workflow.submit(getHadoop()).text(xmlConfiguration).now()){
> jobId = JsonPath.read(response.getString(), "$.id");
> }
> {code}
> [Source|https://blog.layer4.fr/2016/12/06/knox-production-pitfalls-and-common-mistakes/]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-805) Allow defining a custom HttpClient when creating a new session

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-805?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-805:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

Made a minor change to get the insecureLogin to work.

> Allow defining a custom HttpClient when creating a new session
> --
>
> Key: KNOX-805
> URL: https://issues.apache.org/jira/browse/KNOX-805
> Project: Apache Knox
>  Issue Type: Bug
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-805.patch
>
>
> When creating a new session, I think it should be possible to specify a 
> custom CloseableHttpClient in parameter of the static method 
> Hadoop.login(url, user,password). This will allow to prepare a well defined 
> CloaseableHttpClient if you want to add headers, limit the length of the 
> message send, define specific strategy on dns resolution or hostname 
> verification, size the connection pool…



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-805) Allow defining a custom HttpClient when creating a new session

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-805?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15818988#comment-15818988
 ] 

Sumit Gupta commented on KNOX-805:
--

On trying out the patch I found that loginInsecure does not work anymore. I'll 
look into a fix and try and commit the changes all together.

> Allow defining a custom HttpClient when creating a new session
> --
>
> Key: KNOX-805
> URL: https://issues.apache.org/jira/browse/KNOX-805
> Project: Apache Knox
>  Issue Type: Bug
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-805.patch
>
>
> When creating a new session, I think it should be possible to specify a 
> custom CloseableHttpClient in parameter of the static method 
> Hadoop.login(url, user,password). This will allow to prepare a well defined 
> CloaseableHttpClient if you want to add headers, limit the length of the 
> message send, define specific strategy on dns resolution or hostname 
> verification, size the connection pool…



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-829) HDFS commands for client: append,checksum,concat,homedir,chown,chmod,touch,symlink,truncate

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-829?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15812685#comment-15812685
 ] 

Sumit Gupta commented on KNOX-829:
--

[~treydone], I am incurring a bit of a struggle testing this patch. Some 
operations do not work for me. 

For example, for checksum I get 400 bad request
"{"RemoteException":{"exception":"IllegalArgumentException","javaClassName":"java.lang.IllegalArgumentException","message":"Invalid
 value for webhdfs parameter \"op\": No enum constant 
org.apache.hadoop.hdfs.web.resources.PostOpParam.Op.GETFILECHECKSUM"}}[\r][\n]"

I think that needs to be a GET and not a POST.

Also for symlink I get,

{"RemoteException":{"exception":"UnsupportedOperationException","javaClassName":"java.lang.UnsupportedOperationException","message":"Symlinks
 not supported”}}

Do I need a special setting for this in hdfs?

Append and touch don't seem to do anything for me either. Homedir works great.

Can you help out by providing settings and samples so that I can verify I am 
testing this correctly?


> HDFS commands for client: 
> append,checksum,concat,homedir,chown,chmod,touch,symlink,truncate
> ---
>
> Key: KNOX-829
> URL: https://issues.apache.org/jira/browse/KNOX-829
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>Priority: Minor
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-829.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-845) Add some tests for the Shell scripts

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-845?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-845:
-
Labels: KIP-4  (was: )

> Add some tests for the Shell scripts
> 
>
> Key: KNOX-845
> URL: https://issues.apache.org/jira/browse/KNOX-845
> Project: Apache Knox
>  Issue Type: Bug
>  Components: ClientDSL
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
>  Labels: KIP-4
> Fix For: 0.12.0
>
>
> The KnoxShell code and scripts are missing any unit/functional tests. Some 
> functional testing based on the MiniDFSCluster methodology (used in the 
> release tests for secure cluster testing)  could be a good starting point.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-845) Add some tests for the Shell scripts

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-845:


 Summary: Add some tests for the Shell scripts
 Key: KNOX-845
 URL: https://issues.apache.org/jira/browse/KNOX-845
 Project: Apache Knox
  Issue Type: Bug
  Components: ClientDSL
Reporter: Sumit Gupta
Assignee: Sumit Gupta
 Fix For: 0.12.0


The KnoxShell code and scripts are missing any unit/functional tests. Some 
functional testing based on the MiniDFSCluster methodology (used in the release 
tests for secure cluster testing)  could be a good starting point.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-809) Add copyFromLocal along with the put in HDFS for ClientDSL

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-809?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-809:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Add copyFromLocal along with the put in HDFS for ClientDSL
> --
>
> Key: KNOX-809
> URL: https://issues.apache.org/jira/browse/KNOX-809
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>Priority: Minor
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-809.patch
>
>
> By default, Knox has the “put” endpoint for HDFS. It copies one or multiple 
> sources from local file system to the destination file system. The 
> copyFromLocal is very similar to the put command, except that you have an 
> option to overwrite the destination if it already exists.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-810) Add exists in HDFS for ClientDSL

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-810?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-810:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Add exists in HDFS for ClientDSL
> 
>
> Key: KNOX-810
> URL: https://issues.apache.org/jira/browse/KNOX-810
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>Priority: Minor
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-810.patch
>
>
> The ClientDSL for HDFS provides various methods like "list" or "get", but the 
> "exists" may be very useful too.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-807) Missing resource deallocation

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-807?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15802469#comment-15802469
 ] 

Sumit Gupta commented on KNOX-807:
--

[~treydone], adding a close method along with shutdown seemed a bit confusing 
to me. The client code will need to know what to call when. Can shutdown not 
simply release all resources? The argument I can see is if the user wants to 
cancel requests but keep using the session but that seems weird to me too. What 
are your thoughts on this?

Any input on this [~lmccay]?

> Missing resource deallocation
> -
>
> Key: KNOX-807
> URL: https://issues.apache.org/jira/browse/KNOX-807
> Project: Apache Knox
>  Issue Type: Bug
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-807.patch
>
>
> h2. Release connection to pool after HTTP call
> The close() method in BasicResponse does only 
> EntityUtils.consumeQuietly(response.getEntity()):
> {code}
> public void close() {
> this.consume();
> }
> public void consume() {
> if(!this.consumed) {
> EntityUtils.consumeQuietly(this.response.getEntity());
> this.consumed = true;
> }
> }
> {code}
> The underlying HTTP connection is still held. In order to ensure correct 
> deallocation of OS resources we need to call CloseableHttpResponse#close() 
> like this:
> {code}
> public void close() {
> try {
> this.consume();
> } finally {
> if (response instanceof CloseableHttpResponse) {
> try {
> ((CloseableHttpResponse) response).close();
> } catch (IOException e) {
> throw Throwables.propagate(e);
> }
> }
> }
> }
> {code}
> h2. Shutdown connection pool
> Also when the Hadoop session is no more used, the only method present by to 
> be call is shutdown(), but it close only the ExecutorService. When a 
> CloseableHttpClient instance is no longer needed, we have to shut down the 
> connection manager to ensure immediate deallocation of all OS resources.
> {code}
> public void close() {
> try {
>   executor.shutdownNow();
> } catch(Exception e) {
>   // log something here
> }
> try {
>   client.close();
>   // client.close() should call getConnectionManager().shutdown();
> } catch(Exception e) {
>   // log something here
> }
> }
> {code}
> [Source|https://blog.layer4.fr/2016/12/06/knox-production-pitfalls-and-common-mistakes/]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-813) Add rename in HDFS for ClientDSL

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-813?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-813:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Add rename in HDFS for ClientDSL
> 
>
> Key: KNOX-813
> URL: https://issues.apache.org/jira/browse/KNOX-813
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Affects Versions: 0.7.0
>Reporter: Khanh Maudoux
>Assignee: Vincent Devillers
>Priority: Trivial
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-813.patch
>
>
> The ClientDSL for HDFS shoud provide the rename method.
> It could be easily done with something like that :
> {code:java}
> protected Callable callable() {
> return new Callable() {
> @Override
> public Rename.Response call() throws Exception {
> URIBuilder uri = uri( Hdfs.SERVICE_PATH, file );
> addQueryParam( uri, "op", "RENAME" );
> addQueryParam( uri, "destination", to );
> HttpPut request = new HttpPut( uri.build() );
> return new Rename.Response( execute( request ) );
> }
> };
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-813) Add rename in HDFS for ClientDSL

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-813?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15802431#comment-15802431
 ] 

Sumit Gupta commented on KNOX-813:
--

Added copyright and removed author tags.

> Add rename in HDFS for ClientDSL
> 
>
> Key: KNOX-813
> URL: https://issues.apache.org/jira/browse/KNOX-813
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Affects Versions: 0.7.0
>Reporter: Khanh Maudoux
>Assignee: Vincent Devillers
>Priority: Trivial
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-813.patch
>
>
> The ClientDSL for HDFS shoud provide the rename method.
> It could be easily done with something like that :
> {code:java}
> protected Callable callable() {
> return new Callable() {
> @Override
> public Rename.Response call() throws Exception {
> URIBuilder uri = uri( Hdfs.SERVICE_PATH, file );
> addQueryParam( uri, "op", "RENAME" );
> addQueryParam( uri, "destination", to );
> HttpPut request = new HttpPut( uri.build() );
> return new Rename.Response( execute( request ) );
> }
> };
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-835) Improvements for Oozie in the ClientDSL

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15802352#comment-15802352
 ] 

Sumit Gupta commented on KNOX-835:
--

I also get a build and test failure. If possible can you take a look to see if 
the build passes with this patch in master?

> Improvements for Oozie in the ClientDSL
> ---
>
> Key: KNOX-835
> URL: https://issues.apache.org/jira/browse/KNOX-835
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>Priority: Minor
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-835.patch
>
>
> Implements: list, kill, change, info, definition, rerun, resume, log, start, 
> dryrun



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-835) Improvements for Oozie in the ClientDSL

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15802323#comment-15802323
 ] 

Sumit Gupta commented on KNOX-835:
--

Hey [~treydone], I've started reviewing this patch. The upfront comment I have 
for future patches is that we don't use the @author tag on classes and we 
absolutely require the ASF license header on each file. I'll make the changes 
to your patch if there is nothing else that I find.

> Improvements for Oozie in the ClientDSL
> ---
>
> Key: KNOX-835
> URL: https://issues.apache.org/jira/browse/KNOX-835
> Project: Apache Knox
>  Issue Type: Improvement
>  Components: ClientDSL
>Reporter: Vincent Devillers
>Assignee: Vincent Devillers
>Priority: Minor
>  Labels: KIP-4
> Fix For: 0.12.0
>
> Attachments: KNOX-835.patch
>
>
> Implements: list, kill, change, info, definition, rerun, resume, log, start, 
> dryrun



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-836) Websockets connection is terminated when message size is larger than 65536

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-836?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-836:
-
Resolution: Fixed
Status: Resolved  (was: Patch Available)

> Websockets connection is terminated when message size is larger than 65536
> --
>
> Key: KNOX-836
> URL: https://issues.apache.org/jira/browse/KNOX-836
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Affects Versions: 0.10.0, 0.11.0
>Reporter: Sandeep More
>Assignee: Sandeep More
> Attachments: KNOX-836.001.patch
>
>
> In some cases, or e.g. in Zeppelin with large demo Notebooks, Knox will 
> abruptly close connection with error:
> [exec] org.eclipse.jetty.websocket.api.MessageTooLargeException: Text message 
> size [1313822] exceeds maximum size [65536]
>  [exec]   at 
> org.eclipse.jetty.websocket.api.WebSocketPolicy.assertValidTextMessageSize(WebSocketPolicy.java:140)
>  [exec]   at 
> org.eclipse.jetty.websocket.common.Parser.assertSanePayloadLength(Parser.java:127)
>  [exec]   at 
> org.eclipse.jetty.websocket.common.Parser.parseFrame(Parser.java:482)
>  [exec]   at 
> org.eclipse.jetty.websocket.common.Parser.parse(Parser.java:254)
>  [exec]   at 
> org.eclipse.jetty.websocket.common.io.AbstractWebSocketConnection.readParse(AbstractWebSocketConnection.java:632)
>  [exec]   at 
> org.eclipse.jetty.websocket.common.io.AbstractWebSocketConnection.onFillable(AbstractWebSocketConnection.java:480)
>  [exec]   at 
> org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
>  [exec]   at 
> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
>  [exec]   at 
> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
>  [exec]   at java.lang.Thread.run(Thread.java:745)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-840) Admin UI add ability to create a new topology based on a template

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-840:


 Summary: Admin UI add ability to create a new topology based on a 
template
 Key: KNOX-840
 URL: https://issues.apache.org/jira/browse/KNOX-840
 Project: Apache Knox
  Issue Type: Improvement
  Components: AdminUI
Reporter: Sumit Gupta
 Fix For: 0.12.0


Admin user should be able to use the Admin UI to create new topologies based on 
one of the template files that we ship with Knox.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-839) Add Admin UI development documentation

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-839:


 Summary: Add Admin UI development documentation
 Key: KNOX-839
 URL: https://issues.apache.org/jira/browse/KNOX-839
 Project: Apache Knox
  Issue Type: Improvement
Affects Versions: 0.11.0
Reporter: Sumit Gupta
Assignee: Sumit Gupta
 Fix For: 0.12.0


Add documentation to the wiki and/or README information to allow for developers 
to continue improving the Admin UI.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-827) Admin UI needs a way to configure API URL

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-827?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15770332#comment-15770332
 ] 

Sumit Gupta commented on KNOX-827:
--

For completeness : This change essentially changes the hardcoding to 
/gateway/manager/api/v1 instead. That makes the UI fixed to a topology but 
allows for configurability outside of the Admin API used by other services.

> Admin UI needs a way to configure API URL
> -
>
> Key: KNOX-827
> URL: https://issues.apache.org/jira/browse/KNOX-827
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> The Admin UI is hard coded to use the colocated Admin API that is essentially 
> /gateway/admin/api/v1. We need a mechanism to be able to configure this URL 
> so that other topologies can be used to host the API.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Assigned] (KNOX-827) Admin UI needs a way to configure API URL

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-827?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta reassigned KNOX-827:


Assignee: Sumit Gupta

> Admin UI needs a way to configure API URL
> -
>
> Key: KNOX-827
> URL: https://issues.apache.org/jira/browse/KNOX-827
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> The Admin UI is hard coded to use the colocated Admin API that is essentially 
> /gateway/admin/api/v1. We need a mechanism to be able to configure this URL 
> so that other topologies can be used to host the API.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-827) Admin UI needs a way to configure API URL

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-827?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15770324#comment-15770324
 ] 

Sumit Gupta commented on KNOX-827:
--

I think a separate topology has merits anyway as discussed in [KNOX-749]. 
Pushing that solution in...

> Admin UI needs a way to configure API URL
> -
>
> Key: KNOX-827
> URL: https://issues.apache.org/jira/browse/KNOX-827
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.11.0
>
>
> The Admin UI is hard coded to use the colocated Admin API that is essentially 
> /gateway/admin/api/v1. We need a mechanism to be able to configure this URL 
> so that other topologies can be used to host the API.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-749) Simple Admin UI

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-749?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15770318#comment-15770318
 ] 

Sumit Gupta commented on KNOX-749:
--

Some issues here with admin-ui in admin topology has made us rethink things and 
add a manager topology after all. See [KNOX-827]

> Simple Admin UI
> ---
>
> Key: KNOX-749
> URL: https://issues.apache.org/jira/browse/KNOX-749
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
> Attachments: knox-admin-ui-001.patch
>
>
> We need to a simple UI for management/admin insights based on the Knox Admin 
> API.
> We can start with a read-only iteration and extend it in a future release.
> [~zacblanco] has expressed interest in this effort on the dev list and 
> possibly other JIRAs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KNOX-825) Turn off directory browsing that Admin UI exposes

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-825?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-825.
--
Resolution: Fixed

> Turn off directory browsing that Admin UI exposes
> -
>
> Key: KNOX-825
> URL: https://issues.apache.org/jira/browse/KNOX-825
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> While testing the admin ui from [KNOX-749] it is apparent that you can browse 
> the directory for example:
> https://localhost:8443/gateway/admin/admin-ui/assets/
> The directory browsing capability should be turned off.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-825) Turn off directory browsing that Admin UI exposes

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-825:


 Summary: Turn off directory browsing that Admin UI exposes
 Key: KNOX-825
 URL: https://issues.apache.org/jira/browse/KNOX-825
 Project: Apache Knox
  Issue Type: Bug
Reporter: Sumit Gupta
Assignee: Sumit Gupta
 Fix For: 0.11.0


While testing the admin ui from [KNOX-749] it is apparent that you can browse 
the directory for example:

https://localhost:8443/gateway/admin/admin-ui/assets/

The directory browsing capability should be turned off.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KNOX-749) Simple Admin UI

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-749?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-749.
--
Resolution: Fixed

> Simple Admin UI
> ---
>
> Key: KNOX-749
> URL: https://issues.apache.org/jira/browse/KNOX-749
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
> Attachments: knox-admin-ui-001.patch
>
>
> We need to a simple UI for management/admin insights based on the Knox Admin 
> API.
> We can start with a read-only iteration and extend it in a future release.
> [~zacblanco] has expressed interest in this effort on the dev list and 
> possibly other JIRAs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KNOX-824) WebAppSec providers don't work with Jersey based services

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-824.
--
Resolution: Fixed

> WebAppSec providers don't work with Jersey based services
> -
>
> Key: KNOX-824
> URL: https://issues.apache.org/jira/browse/KNOX-824
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> The following configuration doesn't get applied in deployment (thus doesn't 
> affect the topology) for a Jersey based service in a topology file.
> {code}
> 
> webappsec
> WebAppSec
> true
> csrf.enabledtrue
> 
> csrf.customHeaderX-XSRF-Header
> 
> csrf.methodsToIgnoreGET,OPTIONS,HEAD
> cors.enabledtrue
> 
> xframe-options.enabledtrue
> 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-824) WebAppSec providers don't work with Jersey based services

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-824:
-
Fix Version/s: 0.11.0

> WebAppSec providers don't work with Jersey based services
> -
>
> Key: KNOX-824
> URL: https://issues.apache.org/jira/browse/KNOX-824
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.11.0
>
>
> The following configuration doesn't get applied in deployment (thus doesn't 
> affect the topology) for a Jersey based service in a topology file.
> {code}
> 
> webappsec
> WebAppSec
> true
> csrf.enabledtrue
> 
> csrf.customHeaderX-XSRF-Header
> 
> csrf.methodsToIgnoreGET,OPTIONS,HEAD
> cors.enabledtrue
> 
> xframe-options.enabledtrue
> 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Assigned] (KNOX-824) WebAppSec providers don't work with Jersey based services

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-824?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta reassigned KNOX-824:


Assignee: Sumit Gupta

> WebAppSec providers don't work with Jersey based services
> -
>
> Key: KNOX-824
> URL: https://issues.apache.org/jira/browse/KNOX-824
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> The following configuration doesn't get applied in deployment (thus doesn't 
> affect the topology) for a Jersey based service in a topology file.
> {code}
> 
> webappsec
> WebAppSec
> true
> csrf.enabledtrue
> 
> csrf.customHeaderX-XSRF-Header
> 
> csrf.methodsToIgnoreGET,OPTIONS,HEAD
> cors.enabledtrue
> 
> xframe-options.enabledtrue
> 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KNOX-802) Inconsistent gateway.xml deployment descriptors when topology contains application

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-802.
--
Resolution: Fixed

Closing this issue as the root cause is because of [KNOX-824]

> Inconsistent gateway.xml deployment descriptors when topology contains 
> application
> --
>
> Key: KNOX-802
> URL: https://issues.apache.org/jira/browse/KNOX-802
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.12.0
>
>
> Topologies with applications don't get gateway.xml updates on redeployment.
> To reproduce, add an application to the admin.xml topology. For example
> 
> admin-ui
> 
> Then add a new provider, for example:
>   
> webappsec
> WebAppSec
> true
> 
> xframe.options.enabled
> true
> 
> 
> cors.enabled
> true
>  
> 
> The deployment now contains two gateway.xml files and only the gateway.xml 
> file contains the WebAppSec related filters.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-824) WebAppSec providers don't work with Jersey based services

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-824:


 Summary: WebAppSec providers don't work with Jersey based services
 Key: KNOX-824
 URL: https://issues.apache.org/jira/browse/KNOX-824
 Project: Apache Knox
  Issue Type: Bug
Reporter: Sumit Gupta


The following configuration doesn't get applied in deployment (thus doesn't 
affect the topology) for a Jersey based service in a topology file.

{code}

webappsec
WebAppSec
true
csrf.enabledtrue

csrf.customHeaderX-XSRF-Header

csrf.methodsToIgnoreGET,OPTIONS,HEAD
cors.enabledtrue

xframe-options.enabledtrue


{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-749) Simple Admin UI

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-749?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15765257#comment-15765257
 ] 

Sumit Gupta commented on KNOX-749:
--

Thanks [~lmccay], this makes life easier for sure to integrate the UI in. There 
is an issue with WebAppSec getting included into a topology file's deployment 
that just contains the 'KNOX' service. This is what triggered the filing of the 
bug [KNOX-802], but now that I understand the issue more I might need to modify 
this bug or file another one. 

Anyhow, aside from the related implementation issue the topologies as described 
make sense.

> Simple Admin UI
> ---
>
> Key: KNOX-749
> URL: https://issues.apache.org/jira/browse/KNOX-749
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server
>Reporter: Larry McCay
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
> Attachments: knox-admin-ui-001.patch
>
>
> We need to a simple UI for management/admin insights based on the Knox Admin 
> API.
> We can start with a read-only iteration and extend it in a future release.
> [~zacblanco] has expressed interest in this effort on the dev list and 
> possibly other JIRAs.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KNOX-804) Knox ehcache usage has intermittent CacheManger exception

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-804.
--
Resolution: Fixed

> Knox ehcache usage has intermittent CacheManger exception
> -
>
> Key: KNOX-804
> URL: https://issues.apache.org/jira/browse/KNOX-804
> Project: Apache Knox
>  Issue Type: Bug
>  Components: Server, Site
>Affects Versions: 0.10.0
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> There is an intermittent issue when using ehcache in the shiro config. It 
> doesn't seem to happen in a new topology file.
> 2016-10-10 08:22:09,171 ERROR env.EnvironmentLoader 
> (EnvironmentLoader.java:initEnvironment(146)) - Shiro environment 
> initialization failed
> org.apache.shiro.cache.CacheException: net.sf.ehcache.CacheException: Another 
> unnamed CacheManager already exists in the same VM. Please provide unique 
> names for each CacheManager in the config or do one of following:
> 1. Use one of the CacheManager.create() static factory methods to reuse same 
> CacheManager with same name or create one if necessary
> 2. Shutdown the earlier cacheManager before creating new one with same name.
> The source of the existing CacheManager is: InputStreamConfigurationSource 
> stream=sun.net.www.protocol.jar.JarURLConnection$JarURLInputStream@42caa857
> at 
> org.apache.shiro.cache.ehcache.EhCacheManager.ensureCacheManager(EhCacheManager.java:224)
> at org.apache.shiro.cache.ehcache.EhCacheManager.init(EhCacheManager.java:199)
> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:45)
> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:40)
> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:61)
> at 
> org.apache.shiro.config.ReflectionBuilder.buildObjects(ReflectionBuilder.java:129)
> at 
> org.apache.shiro.config.IniSecurityManagerFactory.buildInstances(IniSecurityManagerFactory.java:161)
> at 
> org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:124)
> at 
> org.apache.shiro.config.IniSecurityManagerFactory.createSecurityManager(IniSecurityManagerFactory.java:102)
> at 
> org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:88)
> at 
> org.apache.shiro.config.IniSecurityManagerFactory.createInstance(IniSecurityManagerFactory.java:46)
> at 
> org.apache.shiro.config.IniFactorySupport.createInstance(IniFactorySupport.java:123)
> at org.apache.shiro.util.AbstractFactory.getInstance(AbstractFactory.java:47)
> at 
> org.apache.shiro.web.env.IniWebEnvironment.createWebSecurityManager(IniWebEnvironment.java:203)
> at 
> org.apache.shiro.web.env.IniWebEnvironment.configure(IniWebEnvironment.java:99)
> at org.apache.shiro.web.env.IniWebEnvironment.init(IniWebEnvironment.java:92)
> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:45)
> at org.apache.shiro.util.LifecycleUtils.init(LifecycleUtils.java:40)
> at 
> org.apache.shiro.web.env.EnvironmentLoader.createEnvironment(EnvironmentLoader.java:221)
> at 
> org.apache.shiro.web.env.EnvironmentLoader.initEnvironment(EnvironmentLoader.java:133)
> at 
> org.apache.shiro.web.env.EnvironmentLoaderListener.contextInitialized(EnvironmentLoaderListener.java:58)
> at 
> org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:782)
> at 
> org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:424)
> at 
> org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:774)
> at 
> org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:249)
> at 
> org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1242)
> at 
> org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:717)
> at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:494)
> at 
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
> at 
> org.apache.hadoop.gateway.GatewayServer.internalDeploy(GatewayServer.java:364)
> at org.apache.hadoop.gateway.GatewayServer.access$700(GatewayServer.java:72)
> at 
> org.apache.hadoop.gateway.GatewayServer$InternalTopologyListener.handleCreateDeployment(GatewayServer.java:441)
> at 
> org.apache.hadoop.gateway.GatewayServer$InternalTopologyListener.handleTopologyEvent(GatewayServer.java:402)
> at 
> org.apache.hadoop.gateway.services.topology.impl.DefaultTopologyService.notifyChangeListeners(DefaultTopologyService.java:347)
> at 
> org.apache.hadoop.gateway.services.topology.impl.DefaultTopologyService.reloadTopologies(DefaultTopologyService.java:321)
> at 
> 

[jira] [Resolved] (KNOX-818) Admin API PUT corrupts the topology file

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-818.
--
Resolution: Fixed

> Admin API PUT corrupts the topology file
> 
>
> Key: KNOX-818
> URL: https://issues.apache.org/jira/browse/KNOX-818
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> When using the Admin API to PUT/save a topology file, the content doesn't 
> always wind up being correct.
> For example when saving the sandbox topology:
> curl -iku admin:admin-password -H "Accept: application/xml" -H "Content-Type: 
> application/xml" -T sandbox.xml -X PUT 
> http://localhost:8443/gateway/admin/api/v1/topologies/sandbox
> The following is saved:
> {code}
> 
> 
>sandbox2
>
>   
>  authentication
>  ShiroProvider
>  true
>   
>   
>  identity-assertion
>  Default
>  true
>   
>   
>  hostmap
>  static
>  true
>   
>
>
>   NAMENODE
>   hdfs://localhost:8020
>
>
>   JOBTRACKER
>   rpc://localhost:8050
>
>
>   WEBHDFS
>   http://localhost:50070/webhdfs
>
>
>   WEBHCAT
>   http://localhost:50111/templeton
>
>
>   OOZIE
>   http://localhost:11000/oozie
>
>
>   WEBHBASE
>   http://localhost:60080
>
>
>   HIVE
>   http://localhost:10001/cliservice
>
>
>   RESOURCEMANAGER
>   http://localhost:8088/ws
>
>
>   DRUID-COORDINATOR-UI
>   http://localhost:8081
>
>
>   DRUID-COORDINATOR
>   http://localhost:8081
>
>
>   DRUID-BROKER
>   http://localhost:8082
>
>
>   DRUID-ROUTER
>   http://localhost:8082
>
>
>   DRUID-OVERLORD
>   http://localhost:8090
>
>
>   DRUID-OVERLORD-UI
>   http://localhost:8090
>
> 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (KNOX-801) proper escaping of html attributes while rewriting

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-801?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta resolved KNOX-801.
--
Resolution: Fixed

Resolved by [KNOX-791]

> proper escaping of html attributes while rewriting
> --
>
> Key: KNOX-801
> URL: https://issues.apache.org/jira/browse/KNOX-801
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Nishant Bangarwa
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
> Attachments: KNOX-801.patch
>
>
> while parsing and rewriting html attributes, If the attribute contains 
> special characters e.g quotes, they are not escaped properly. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-784) java.lang.IllegalArgumentException: A metric named org.apache.http.conn.HttpClientConnectionManager.available-connections already exists

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-784?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-784:
-
Fix Version/s: (was: 0.11.0)
   0.12.0

>  java.lang.IllegalArgumentException: A metric named 
> org.apache.http.conn.HttpClientConnectionManager.available-connections 
> already exists
> -
>
> Key: KNOX-784
> URL: https://issues.apache.org/jira/browse/KNOX-784
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Nishant Bangarwa
>Assignee: Sumit Gupta
> Fix For: 0.12.0
>
>
> Facing this error on latest trunk version - 
> Caused by: java.lang.IllegalArgumentException: A metric named 
> org.apache.http.conn.HttpClientConnectionManager.available-connections 
> already exists
> at 
> com.codahale.metrics.MetricRegistry.register(MetricRegistry.java:91)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:63)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:49)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:41)
> at 
> com.codahale.metrics.httpclient.InstrumentedHttpClientConnectionManager.(InstrumentedHttpClientConnectionManager.java:36)
> at 
> org.apache.hadoop.gateway.services.metrics.impl.instr.InstrHttpClientBuilderProvider.getInstrumented(InstrHttpClientBuilderProvider.java:41)
> at 
> org.apache.hadoop.gateway.services.metrics.impl.instr.InstrHttpClientBuilderProvider.getInstrumented(InstrHttpClientBuilderProvider.java:36)
> at 
> org.apache.hadoop.gateway.services.metrics.impl.DefaultMetricsService.getInstrumented(DefaultMetricsService.java:128)
> at 
> org.apache.hadoop.gateway.dispatch.DefaultHttpClientFactory.createHttpClient(DefaultHttpClientFactory.java:67)
> at 
> org.apache.hadoop.gateway.dispatch.GatewayDispatchFilter.init(GatewayDispatchFilter.java:75)
> at 
> org.apache.hadoop.gateway.GatewayFilter$Holder.getInstance(GatewayFilter.java:362)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Assigned] (KNOX-818) Admin API PUT corrupts the topology file

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta reassigned KNOX-818:


Assignee: Sumit Gupta

> Admin API PUT corrupts the topology file
> 
>
> Key: KNOX-818
> URL: https://issues.apache.org/jira/browse/KNOX-818
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sumit Gupta
> Fix For: 0.11.0
>
>
> When using the Admin API to PUT/save a topology file, the content doesn't 
> always wind up being correct.
> For example when saving the sandbox topology:
> curl -iku admin:admin-password -H "Accept: application/xml" -H "Content-Type: 
> application/xml" -T sandbox.xml -X PUT 
> http://localhost:8443/gateway/admin/api/v1/topologies/sandbox
> The following is saved:
> {code}
> 
> 
>sandbox2
>
>   
>  authentication
>  ShiroProvider
>  true
>   
>   
>  identity-assertion
>  Default
>  true
>   
>   
>  hostmap
>  static
>  true
>   
>
>
>   NAMENODE
>   hdfs://localhost:8020
>
>
>   JOBTRACKER
>   rpc://localhost:8050
>
>
>   WEBHDFS
>   http://localhost:50070/webhdfs
>
>
>   WEBHCAT
>   http://localhost:50111/templeton
>
>
>   OOZIE
>   http://localhost:11000/oozie
>
>
>   WEBHBASE
>   http://localhost:60080
>
>
>   HIVE
>   http://localhost:10001/cliservice
>
>
>   RESOURCEMANAGER
>   http://localhost:8088/ws
>
>
>   DRUID-COORDINATOR-UI
>   http://localhost:8081
>
>
>   DRUID-COORDINATOR
>   http://localhost:8081
>
>
>   DRUID-BROKER
>   http://localhost:8082
>
>
>   DRUID-ROUTER
>   http://localhost:8082
>
>
>   DRUID-OVERLORD
>   http://localhost:8090
>
>
>   DRUID-OVERLORD-UI
>   http://localhost:8090
>
> 
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (KNOX-818) Admin API PUT corrupts the topology file

[Sumit Gupta (JIRA)]

Sumit Gupta created KNOX-818:


 Summary: Admin API PUT corrupts the topology file
 Key: KNOX-818
 URL: https://issues.apache.org/jira/browse/KNOX-818
 Project: Apache Knox
  Issue Type: Bug
Reporter: Sumit Gupta
 Fix For: 0.11.0


When using the Admin API to PUT/save a topology file, the content doesn't 
always wind up being correct.

For example when saving the sandbox topology:

curl -iku admin:admin-password -H "Accept: application/xml" -H "Content-Type: 
application/xml" -T sandbox.xml -X PUT 
http://localhost:8443/gateway/admin/api/v1/topologies/sandbox

The following is saved:

{code}


   sandbox2
   
  
 authentication
 ShiroProvider
 true
  
  
 identity-assertion
 Default
 true
  
  
 hostmap
 static
 true
  
   
   
  NAMENODE
  hdfs://localhost:8020
   
   
  JOBTRACKER
  rpc://localhost:8050
   
   
  WEBHDFS
  http://localhost:50070/webhdfs
   
   
  WEBHCAT
  http://localhost:50111/templeton
   
   
  OOZIE
  http://localhost:11000/oozie
   
   
  WEBHBASE
  http://localhost:60080
   
   
  HIVE
  http://localhost:10001/cliservice
   
   
  RESOURCEMANAGER
  http://localhost:8088/ws
   
   
  DRUID-COORDINATOR-UI
  http://localhost:8081
   
   
  DRUID-COORDINATOR
  http://localhost:8081
   
   
  DRUID-BROKER
  http://localhost:8082
   
   
  DRUID-ROUTER
  http://localhost:8082
   
   
  DRUID-OVERLORD
  http://localhost:8090
   
   
  DRUID-OVERLORD-UI
  http://localhost:8090
   

{code}







--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KNOX-802) Inconsistent gateway.xml deployment descriptors when topology contains application

[Sumit Gupta (JIRA)]

 [ 
https://issues.apache.org/jira/browse/KNOX-802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sumit Gupta updated KNOX-802:
-
Fix Version/s: 0.12.0

> Inconsistent gateway.xml deployment descriptors when topology contains 
> application
> --
>
> Key: KNOX-802
> URL: https://issues.apache.org/jira/browse/KNOX-802
> Project: Apache Knox
>  Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.12.0
>
>
> Topologies with applications don't get gateway.xml updates on redeployment.
> To reproduce, add an application to the admin.xml topology. For example
> 
> admin-ui
> 
> Then add a new provider, for example:
>   
> webappsec
> WebAppSec
> true
> 
> xframe.options.enabled
> true
> 
> 
> cors.enabled
> true
>  
> 
> The deployment now contains two gateway.xml files and only the gateway.xml 
> file contains the WebAppSec related filters.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KNOX-791) "

[Sumit Gupta (JIRA)]

[ 
https://issues.apache.org/jira/browse/KNOX-791?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15743272#comment-15743272
 ] 

Sumit Gupta commented on KNOX-791:
--

Thanks [~smore]! I'd love to take a look but it looks like you attached the 
patch for KNOX-237 instead by accident. Also, can you see if there is overlap 
with the patch/bug for [KNOX-801]?


> "