[jira] [Commented] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15850360#comment-15850360 ] Sandeep More commented on KNOX-861: --- Hello [~kamrul] Thanks for the path again, it looks good, following are some of my initial thoughts on the patch, I did not check the UnitTests yet. 1) pom.xml (gateway-provider-security-preauth) - All version should be defined in the main project POM 1.1) Remove version for mockito-core 1.2) Same as above, remove gateway-server version 2) AbstractPreauthFederationFilter 2.1) filterConfig variable is protected should be private 2.2) we should be importing * i.e. java.util.*, insted import only the required classes 3) PreAuthUtils 3.1) I would recommend calling this class something like 'PreAuthService' since it deals with loading of various Impls from classpath. 3.2) it would be good to have validatorMap as a ConcurrentHashMap rather than just a HashMap 3.3) getValidatorMap() should be removed or be private, the validatorMap is exposed via a public static method where it could accidentally be modified, 3.4) initializeValidators() should be private 3.5) A nitpick - add @Since 0.12 tag 4) PreAuthValidator 4.1) Is there a reason why we change to Abstract class from Interface because making it abstract will limit the extensibility. 5) PreAuthFederationFilter 5.1) Remove unused imports and variables (I think 5 imports and 3 variables. 5.2) public PreAuthValidator getValidator() - exposes the internal private validator via public method. Again, thanks for picking this up ! > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-867) Fix FindBugs "bad practice" issues
[ https://issues.apache.org/jira/browse/KNOX-867?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15850396#comment-15850396 ] Sandeep More commented on KNOX-867: --- Thanks a lot [~coheigea] ! the patch looks good, I will check it in. Again thanks a lot for your contribution ! > Fix FindBugs "bad practice" issues > -- > > Key: KNOX-867 > URL: https://issues.apache.org/jira/browse/KNOX-867 > Project: Apache Knox > Issue Type: Improvement >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 0.12.0 > > Attachments: 0001-KNOX-867-Fix-FindBugs-bad-practice-issues.patch > > > Similar to KNOX-792, this task is to fix (some of) the "bad practice" issues > identified by FindBugs in the Knox code base. The issues fixed in the > attached patch are: > a) Not checking the return value of File.mkdirs() > b) Not implementing Serializable when implementing Comparator > c) A few performance regressions where keySet is used instead of entrySet > d) Using platform specific "\n" instead of "%n" in String.format > e) Not overriding hashCode when overriding equals -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-867) Fix FindBugs "bad practice" issues
[ https://issues.apache.org/jira/browse/KNOX-867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-867: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Fix FindBugs "bad practice" issues > -- > > Key: KNOX-867 > URL: https://issues.apache.org/jira/browse/KNOX-867 > Project: Apache Knox > Issue Type: Improvement >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 0.12.0 > > Attachments: 0001-KNOX-867-Fix-FindBugs-bad-practice-issues.patch > > > Similar to KNOX-792, this task is to fix (some of) the "bad practice" issues > identified by FindBugs in the Knox code base. The issues fixed in the > attached patch are: > a) Not checking the return value of File.mkdirs() > b) Not implementing Serializable when implementing Comparator > c) A few performance regressions where keySet is used instead of entrySet > d) Using platform specific "\n" instead of "%n" in String.format > e) Not overriding hashCode when overriding equals -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Comment Edited] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15851955#comment-15851955 ] Sandeep More edited comment on KNOX-861 at 2/3/17 7:53 PM: --- Looking at the code it looks like only one validator can be used as of now, it might be be a good enhancement if we can use multiple validators. for e.g. PreAuthService.getValidator() could return List then AbstractPreAuthFederationFilter.isValid() method can iterate over all validators and amke sure they are valid. Just a thought ! -- This probably should be a separate Jira, putting it here as a mental dump. was (Author: smore): Looking at the code it looks like only one validator can be used as of now, it might be be a good enhancement if we can use multiple validators. for e.g. PreAuthService.getValidator() could return List then AbstractPreAuthFederationFilter.isValid() method can iterate over all validators and amke sure they are valid. Just a thought ! > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15851796#comment-15851796 ] Sandeep More commented on KNOX-861: --- Also, it would be awesome if you could provide some steps on how to go about testing this feature and some documentation about this new feature ! > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15851790#comment-15851790 ] Sandeep More commented on KNOX-861: --- Thanks for the quick turnaround [~kamrul] really appreciate it ! There are few minor comments: 1) DefaultValidator 1.1) Nitpick - add @sine tag 1.2) Nitpick - Typo in comments, perfromed -> performed, get rid of the '+' symbols in the comments 2) HeaderPreAuthFederationFilterTest 2.1) Change 'MyValidator' class name to something like DummyValidator or TestValidator - basically avoid using words like 'My' 3) IPValidatorTest 3.1) The test testNotInitialized() passes because httpRequest.getRemoteAddr() is null (because of Mockito) in real world there will always be a value for httpRequest.getRemoteAddr(). This is because the test hits a case which it should not in IpAddressValidator.java #76 > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15851955#comment-15851955 ] Sandeep More commented on KNOX-861: --- Looking at the code it looks like only one validator can be used as of now, it might be be a good enhancement if we can use multiple validators. for e.g. PreAuthService.getValidator() could return List then AbstractPreAuthFederationFilter.isValid() method can iterate over all validators and amke sure they are valid. Just a thought ! > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-769) SecureClusterTest fails for Java 1.7
[ https://issues.apache.org/jira/browse/KNOX-769?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15852303#comment-15852303 ] Sandeep More commented on KNOX-769: --- Oh yes, it did fall through the cracks. The patch is working and ready to go. I will test it again on master and push it. > SecureClusterTest fails for Java 1.7 > > > Key: KNOX-769 > URL: https://issues.apache.org/jira/browse/KNOX-769 > Project: Apache Knox > Issue Type: Bug > Components: Tests >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Fix For: 0.12.0 > > Attachments: KNOX-769.001.patch, KNOX-769.002.patch > > > SecureClusterTest seems to be failing for java versions less than 1.8. > The error is : > [exec] Running org.apache.hadoop.gateway.SecureClusterTest > [exec] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: > 0.001 sec <<< FAILURE! - in org.apache.hadoop.gateway.SecureClusterTest > [exec] initializationError(org.apache.hadoop.gateway.SecureClusterTest) > Time elapsed: 0.001 sec <<< ERROR! > [exec] java.lang.UnsupportedClassVersionError: > org/apache/hadoop/minikdc/MiniKdc : Unsupported major.minor version 52.0 -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-871) Fix FindBugs "Malicious code vulnerability" issues
[ https://issues.apache.org/jira/browse/KNOX-871?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-871: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Fix FindBugs "Malicious code vulnerability" issues > -- > > Key: KNOX-871 > URL: https://issues.apache.org/jira/browse/KNOX-871 > Project: Apache Knox > Issue Type: Improvement >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh >Priority: Minor > Fix For: 0.12.0 > > Attachments: > 0001-KNOX-871-Fix-FindBugs-Malicious-code-vulnerability-i.patch > > > This task is to fix the Fix FindBugs "Malicious code vulnerability" issues. > The patch attached makes the following changes: > a) Make static class variables final where possible > b) Change all "final static" -> "static final" for consistency + to follow > the standard naming convention. > c) Disallow access to mutable objects (internal arrays) -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15854265#comment-15854265 ] Sandeep More commented on KNOX-861: --- [~kamrul] Thanks for the patch ! I will try to check it in today. Thanks for the two bugs. About Documentation you can find information here https://cwiki.apache.org/confluence/display/KNOX/Site+Maintenance If you run into issues let me know we can either talk it out on the JIRA or mailing list. Thanks again ! > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.3.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-769) SecureClusterTest fails for Java 1.7
[ https://issues.apache.org/jira/browse/KNOX-769?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-769: -- Resolution: Fixed Status: Resolved (was: Patch Available) > SecureClusterTest fails for Java 1.7 > > > Key: KNOX-769 > URL: https://issues.apache.org/jira/browse/KNOX-769 > Project: Apache Knox > Issue Type: Bug > Components: Tests >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Fix For: 0.12.0 > > Attachments: KNOX-769.001.patch, KNOX-769.002.patch > > > SecureClusterTest seems to be failing for java versions less than 1.8. > The error is : > [exec] Running org.apache.hadoop.gateway.SecureClusterTest > [exec] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: > 0.001 sec <<< FAILURE! - in org.apache.hadoop.gateway.SecureClusterTest > [exec] initializationError(org.apache.hadoop.gateway.SecureClusterTest) > Time elapsed: 0.001 sec <<< ERROR! > [exec] java.lang.UnsupportedClassVersionError: > org/apache/hadoop/minikdc/MiniKdc : Unsupported major.minor version 52.0 -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-872) java.lang.OutOfMemoryError when building Knox with Java 7
Sandeep More created KNOX-872: - Summary: java.lang.OutOfMemoryError when building Knox with Java 7 Key: KNOX-872 URL: https://issues.apache.org/jira/browse/KNOX-872 Project: Apache Knox Issue Type: Bug Components: Build Reporter: Sandeep More Knox build hangs when building with Java 7. The problem appears to be in 'webhdfs-test' package. This is the error: [exec] INFO: Initiating Jersey application, version 'Jersey: 1.9 09/02/2011 11:17 AM' [exec] Exception: java.lang.OutOfMemoryError thrown from the UncaughtExceptionHandler in thread "1896021387@qtp-830207783-0" [exec] Exception: java.lang.OutOfMemoryError thrown from the UncaughtExceptionHandler in thread "org.apache.hadoop.util.JvmPauseMonitor$Monitor@1de8d926" [exec] Exception: java.lang.OutOfMemoryError thrown from the UncaughtExceptionHandler in thread "org.apache.hadoop.util.JvmPauseMonitor$Monitor@15e1e8de" [exec] Exception: java.lang.OutOfMemoryError thrown from the UncaughtExceptionHandler in thread "org.apache.hadoop.util.JvmPauseMonitor$Monitor@1b9e8cfd" [exec] Exception: java.lang.OutOfMemoryError thrown from the UncaughtExceptionHandler in thread "IPC Client (1150691523) connection to localhost/127.0.0.1:20112 from x" -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15854811#comment-15854811 ] Sandeep More commented on KNOX-861: --- [~kamrul] Do you have instructions on how to test custom validators ? > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.3.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-871) Fix FindBugs "Malicious code vulnerability" issues
[ https://issues.apache.org/jira/browse/KNOX-871?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15856590#comment-15856590 ] Sandeep More commented on KNOX-871: --- Thanks for the patch [~coheigea] ! I will review it and try to get it in today. > Fix FindBugs "Malicious code vulnerability" issues > -- > > Key: KNOX-871 > URL: https://issues.apache.org/jira/browse/KNOX-871 > Project: Apache Knox > Issue Type: Improvement >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh >Priority: Minor > Fix For: 0.12.0 > > Attachments: > 0001-KNOX-871-Fix-FindBugs-Malicious-code-vulnerability-i.patch > > > This task is to fix the Fix FindBugs "Malicious code vulnerability" issues. > The patch attached makes the following changes: > a) Make static class variables final where possible > b) Change all "final static" -> "static final" for consistency + to follow > the standard naming convention. > c) Disallow access to mutable objects (internal arrays) -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-861) Support pluggable validator for Header pre authentication provider
[ https://issues.apache.org/jira/browse/KNOX-861?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-861: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Support pluggable validator for Header pre authentication provider > --- > > Key: KNOX-861 > URL: https://issues.apache.org/jira/browse/KNOX-861 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-861.2.patch, KNOX-861.3.patch, KNOX-861.patch > > > Currently there are two validators : IPValidator, DefaultValidator, > IPValidator validates the source IP. DefaultValidator is basically a > no-auth. > The proposal is to provide a pluggable validator to support any custom > validation logic. Another requirement is to maintain the backward > compatibility of any existing features. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-859) Knox shows a blank page when opening Zeppelin
[
https://issues.apache.org/jira/browse/KNOX-859?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832349#comment-15832349
]
Sandeep More commented on KNOX-859:
---
[~prabhjyotsingh] for some reason I do not have the permissions to close out
the bug, when you get time can you please mark this bug as resolved.
> Knox shows a blank page when opening Zeppelin
> -
>
> Key: KNOX-859
> URL: https://issues.apache.org/jira/browse/KNOX-859
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Affects Versions: 0.11.0
>Reporter: Prabhjyot Singh
>Assignee: Prabhjyot Singh
> Labels: patch
> Fix For: 0.11.0
>
> Attachments: KNOX-859.001.patch
>
>
> Knox shows a blank page when opening Zeppelin, this is primarily because
> location on app.js is now moved from "./scripts" to root ("./").
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (KNOX-859) Knox shows a blank page when opening Zeppelin
[
https://issues.apache.org/jira/browse/KNOX-859?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15832301#comment-15832301
]
Sandeep More commented on KNOX-859:
---
Thanks [~prabhjyotsingh] !
+1 for the patch, I will try to commit the patch.
> Knox shows a blank page when opening Zeppelin
> -
>
> Key: KNOX-859
> URL: https://issues.apache.org/jira/browse/KNOX-859
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Affects Versions: 0.11.0
>Reporter: Prabhjyot Singh
>Assignee: Prabhjyot Singh
> Labels: patch
> Fix For: 0.11.0
>
> Attachments: KNOX-859.001.patch
>
>
> Knox shows a blank page when opening Zeppelin, this is primarily because
> location on app.js is now moved from "./scripts" to root ("./").
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (KNOX-859) Knox shows a blank page when opening Zeppelin
[
https://issues.apache.org/jira/browse/KNOX-859?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-859:
--
Resolution: Fixed
Fix Version/s: (was: 0.11.0)
0.12.0
Status: Resolved (was: Patch Available)
> Knox shows a blank page when opening Zeppelin
> -
>
> Key: KNOX-859
> URL: https://issues.apache.org/jira/browse/KNOX-859
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Affects Versions: 0.11.0
>Reporter: Prabhjyot Singh
>Assignee: Prabhjyot Singh
> Labels: patch
> Fix For: 0.12.0
>
> Attachments: KNOX-859.001.patch
>
>
> Knox shows a blank page when opening Zeppelin, this is primarily because
> location on app.js is now moved from "./scripts" to root ("./").
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (KNOX-855) Add "application/x-javascript" mime type to the list of compressed resources
[ https://issues.apache.org/jira/browse/KNOX-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-855: -- Resolution: Fixed Fix Version/s: 0.12.0 Status: Resolved (was: Patch Available) > Add "application/x-javascript" mime type to the list of compressed resources > - > > Key: KNOX-855 > URL: https://issues.apache.org/jira/browse/KNOX-855 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > Fix For: 0.12.0 > > Attachments: KNOX-855.001.patch > > > "application/x-javascript" mime type resources are not getting compressed by > Knox this is an issue for Ambari as it uses > Content-Type:application/x-javascript a lot. Also make the mime types > configurable so they can be added dynamically. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-886) Documenting the multiple preauth validators feature
[ https://issues.apache.org/jira/browse/KNOX-886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-886: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Documenting the multiple preauth validators feature > --- > > Key: KNOX-886 > URL: https://issues.apache.org/jira/browse/KNOX-886 > Project: Apache Knox > Issue Type: Bug >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-886.1.patch > > > KNOX-869 adds the support multiple preauth validator. > This is to primarily add the required documentation in user -guide.. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-886) Documenting the multiple preauth validators feature
[ https://issues.apache.org/jira/browse/KNOX-886?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15876089#comment-15876089 ] Sandeep More commented on KNOX-886: --- Big thanks [~kamrul] for documenting this, I made some minor changes (in verbiage) and committed the patch. Again, thank you for your contribution. > Documenting the multiple preauth validators feature > --- > > Key: KNOX-886 > URL: https://issues.apache.org/jira/browse/KNOX-886 > Project: Apache Knox > Issue Type: Bug >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-886.1.patch > > > KNOX-869 adds the support multiple preauth validator. > This is to primarily add the required documentation in user -guide.. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-886) Documenting the multiple preauth validators feature
[ https://issues.apache.org/jira/browse/KNOX-886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-886: -- Fix Version/s: 0.12.0 > Documenting the multiple preauth validators feature > --- > > Key: KNOX-886 > URL: https://issues.apache.org/jira/browse/KNOX-886 > Project: Apache Knox > Issue Type: Bug >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-886.1.patch > > > KNOX-869 adds the support multiple preauth validator. > This is to primarily add the required documentation in user -guide.. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-869) Support multiple preauth Validators
[ https://issues.apache.org/jira/browse/KNOX-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15874654#comment-15874654 ] Sandeep More commented on KNOX-869: --- Thank you [~kamrul] for your contribution ! I have committed the patch. This is a nice feature and it would be great to have it documented (especially the validator order) so folks can find it easily ! Thanks again ! > Support multiple preauth Validators > --- > > Key: KNOX-869 > URL: https://issues.apache.org/jira/browse/KNOX-869 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-869.1.patch, KNOX-869.2.patch > > > Currently KNOX-861 supports one validator. This task is to support a chain of > validators. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-869) Support multiple preauth Validators
[ https://issues.apache.org/jira/browse/KNOX-869?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-869: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Support multiple preauth Validators > --- > > Key: KNOX-869 > URL: https://issues.apache.org/jira/browse/KNOX-869 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-869.1.patch, KNOX-869.2.patch > > > Currently KNOX-861 supports one validator. This task is to support a chain of > validators. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-868) Allow native library auto included through java.library.path property
[ https://issues.apache.org/jira/browse/KNOX-868?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871991#comment-15871991 ] Sandeep More commented on KNOX-868: --- Thanks for the patch [~kamrul] any thoughts on how to go about testing this ? > Allow native library auto included through java.library.path property > -- > > Key: KNOX-868 > URL: https://issues.apache.org/jira/browse/KNOX-868 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-868.1.patch > > > Currently user can add custom jars by copying it into $GATEWAY_HOME/ext > directory. However, there is no easy way to include native library (.so). > The use case is: a lot of authentication mechanism libraries are implemented > using C/C++ library. And user may want to integrate it with Knox. > One of the option could be: user can add .so files into > $GATEWAY_HOME/ext/native directory. At the same time, gateway service can > include that directory through java.library.path property during start up. > We can potentially use launcher.cfg to support it. > Any other alternative approach? -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-869) Support multiple preauth Validators
[ https://issues.apache.org/jira/browse/KNOX-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870747#comment-15870747 ] Sandeep More commented on KNOX-869: --- The patch looks great ! following are some minor suggestions 1. PreAuthService 1.1 getValidator(filterConfig) can be getValidators(filterConfig) in keeping with the naming used in the rest of the patch. 1.2 Any reason why we are using LinkedHashSet and not HashSet ? basically is order important here ? 2. PreAuthServiceTest 2.1 in testMultipleValidatorsNegative() method 'request' is not used > Support multiple preauth Validators > --- > > Key: KNOX-869 > URL: https://issues.apache.org/jira/browse/KNOX-869 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-869.1.patch > > > Currently KNOX-861 supports one validator. This task is to support a chain of > validators. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-868) Allow native library auto included through java.library.path property
[ https://issues.apache.org/jira/browse/KNOX-868?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15876888#comment-15876888 ] Sandeep More commented on KNOX-868: --- Thank you [~kamrul] for your contribution, I have committed the patch. > Allow native library auto included through java.library.path property > -- > > Key: KNOX-868 > URL: https://issues.apache.org/jira/browse/KNOX-868 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-868.1.patch > > > Currently user can add custom jars by copying it into $GATEWAY_HOME/ext > directory. However, there is no easy way to include native library (.so). > The use case is: a lot of authentication mechanism libraries are implemented > using C/C++ library. And user may want to integrate it with Knox. > One of the option could be: user can add .so files into > $GATEWAY_HOME/ext/native directory. At the same time, gateway service can > include that directory through java.library.path property during start up. > We can potentially use launcher.cfg to support it. > Any other alternative approach? -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-868) Allow native library auto included through java.library.path property
[ https://issues.apache.org/jira/browse/KNOX-868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-868: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Allow native library auto included through java.library.path property > -- > > Key: KNOX-868 > URL: https://issues.apache.org/jira/browse/KNOX-868 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-868.1.patch > > > Currently user can add custom jars by copying it into $GATEWAY_HOME/ext > directory. However, there is no easy way to include native library (.so). > The use case is: a lot of authentication mechanism libraries are implemented > using C/C++ library. And user may want to integrate it with Knox. > One of the option could be: user can add .so files into > $GATEWAY_HOME/ext/native directory. At the same time, gateway service can > include that directory through java.library.path property during start up. > We can potentially use launcher.cfg to support it. > Any other alternative approach? -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-875) topology schema file (topology-v1.xsd) is missing "version" element definition.
[ https://issues.apache.org/jira/browse/KNOX-875?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15866315#comment-15866315 ] Sandeep More commented on KNOX-875: --- Hello [~jeffreyr97], I am trying to test the patch, for some reason I am having issues with the 'validate-topology' command (without the patch) I get the 'Error retrieving schema from ClassLoader' did to see this happen ? Must be something to do with my machine or a possible bug. > topology schema file (topology-v1.xsd) is missing "version" element > definition. > > > Key: KNOX-875 > URL: https://issues.apache.org/jira/browse/KNOX-875 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.1, 0.11.0 > Environment: any >Reporter: Jeffrey E Rodriguez >Assignee: Jeffrey E Rodriguez >Priority: Minor > Labels: patch > Fix For: 0.12.0 > > Attachments: KNOX-875.patch > > Original Estimate: 1h > Remaining Estimate: 1h > > Developer guide, testcases and code mention a topology "version" subelement > for "service" element. The definition is not updated on the topology-v1.xsd > thus attempting to validate a topology against schema would fail. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-875) topology schema file (topology-v1.xsd) is missing "version" element definition.
[ https://issues.apache.org/jira/browse/KNOX-875?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15866391#comment-15866391 ] Sandeep More commented on KNOX-875: --- Ah ! thanks [~rding] ! somehow I missed KNOX-866, I'll try to get that first then come back to this one. Thanks for the help [~jeffreyr97] ! > topology schema file (topology-v1.xsd) is missing "version" element > definition. > > > Key: KNOX-875 > URL: https://issues.apache.org/jira/browse/KNOX-875 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.1, 0.11.0 > Environment: any >Reporter: Jeffrey E Rodriguez >Assignee: Jeffrey E Rodriguez >Priority: Minor > Labels: patch > Fix For: 0.12.0 > > Attachments: KNOX-875.patch > > Original Estimate: 1h > Remaining Estimate: 1h > > Developer guide, testcases and code mention a topology "version" subelement > for "service" element. The definition is not updated on the topology-v1.xsd > thus attempting to validate a topology against schema would fail. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-870) Documentation: how to support custom pre-auth validator
[ https://issues.apache.org/jira/browse/KNOX-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15860201#comment-15860201 ] Sandeep More commented on KNOX-870: --- Hello [~kamrul] the patch looks good, few things though, 1. Can you move the section you added *Supporting a Custom Validator* to Dev Guide instead of User Guide since this is an extension to Knox. 2. Link it back to the User Guide so one knows about Custom Validators. Also, I noticed that the current book is 0.11, it should be 0.12. I will create a new book for 0.12 so you can create a patch for it there (currently you have it against 0.11). I will let you know once I am done so you can create a patch. > Documentation: how to support custom pre-auth validator > > > Key: KNOX-870 > URL: https://issues.apache.org/jira/browse/KNOX-870 > Project: Apache Knox > Issue Type: Task >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-870.1.patch > > > KNOX-861 supports pluggable preauth validator. > This task is to add proper documentation about how to add custom validator(s). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-863) Consolidate TransformerFactory calls + enable SECURE_PROCESSING
[ https://issues.apache.org/jira/browse/KNOX-863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15864507#comment-15864507 ] Sandeep More commented on KNOX-863: --- Thanks for the updated patch [~coheigea]. I checked in your patch. Thanks for your contribution ! > Consolidate TransformerFactory calls + enable SECURE_PROCESSING > --- > > Key: KNOX-863 > URL: https://issues.apache.org/jira/browse/KNOX-863 > Project: Apache Knox > Issue Type: Improvement >Affects Versions: 0.11.0 >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh >Priority: Minor > Fix For: 0.12.0 > > Attachments: > 0001-KNOX-863-Consolidate-TransformerFactory-calls-enable.patch > > > Similar to KNOX-854, this task is to consolidate TransformerFactory calls > into a single class (XmlUtils), in order to remove duplicate code. This task > also encompasses enabling the SECURE_PROCESSING feature when parsing XML, > which is generally a "good thing to do". -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-863) Consolidate TransformerFactory calls + enable SECURE_PROCESSING
[ https://issues.apache.org/jira/browse/KNOX-863?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-863: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Consolidate TransformerFactory calls + enable SECURE_PROCESSING > --- > > Key: KNOX-863 > URL: https://issues.apache.org/jira/browse/KNOX-863 > Project: Apache Knox > Issue Type: Improvement >Affects Versions: 0.11.0 >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh >Priority: Minor > Fix For: 0.12.0 > > Attachments: > 0001-KNOX-863-Consolidate-TransformerFactory-calls-enable.patch > > > Similar to KNOX-854, this task is to consolidate TransformerFactory calls > into a single class (XmlUtils), in order to remove duplicate code. This task > also encompasses enabling the SECURE_PROCESSING feature when parsing XML, > which is generally a "good thing to do". -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (KNOX-880) Knox-site: Add a new book for 0.12
[ https://issues.apache.org/jira/browse/KNOX-880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More resolved KNOX-880. --- Resolution: Fixed > Knox-site: Add a new book for 0.12 > --- > > Key: KNOX-880 > URL: https://issues.apache.org/jira/browse/KNOX-880 > Project: Apache Knox > Issue Type: Bug > Components: Site >Affects Versions: 0.12.0 >Reporter: Sandeep More >Assignee: Sandeep More >Priority: Minor > Fix For: 0.12.0 > > > In order to take documentation contributions from the community for 0.12 > release we need to add 0.12 book. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-870) Documentation: how to support custom pre-auth validator
[ https://issues.apache.org/jira/browse/KNOX-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15861504#comment-15861504 ] Sandeep More commented on KNOX-870: --- [~kamrul] I added a new 0.12.0 book so now you should be able to create a new patch against it. > Documentation: how to support custom pre-auth validator > > > Key: KNOX-870 > URL: https://issues.apache.org/jira/browse/KNOX-870 > Project: Apache Knox > Issue Type: Task >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-870.1.patch > > > KNOX-861 supports pluggable preauth validator. > This task is to add proper documentation about how to add custom validator(s). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-863) Consolidate TransformerFactory calls + enable SECURE_PROCESSING
[
https://issues.apache.org/jira/browse/KNOX-863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15861912#comment-15861912
]
Sandeep More commented on KNOX-863:
---
Hello [~coheigea], those are some nice improvements, thanks for the patch.
I have a question about the patch
There are few places, 3 I believe, where we have the following change:
{code:xml}
- XmlUtils.writeXml( document, writer );
+ Transformer t = XmlUtils.getTransformer( false, true, 4, false );
+ XmlUtils.writeXml( document, writer, t );
{code}
Insted of changing this in multiple places do you think we can just update
the writeXml( document, writer ) method in XmlUtils (rather then deleting it)
something like
{code:java}
public static void writeXml( Document document, Writer writer ) throws
TransformerException {
Transformer t = getTransformer( false, true, 4, false );
writeXml( document, writer, t );
}
{code}
We keep the existing api with greater code reuse.
Let me know your thoughts.
> Consolidate TransformerFactory calls + enable SECURE_PROCESSING
> ---
>
> Key: KNOX-863
> URL: https://issues.apache.org/jira/browse/KNOX-863
> Project: Apache Knox
> Issue Type: Improvement
>Affects Versions: 0.11.0
>Reporter: Colm O hEigeartaigh
>Assignee: Colm O hEigeartaigh
>Priority: Minor
> Fix For: 0.12.0
>
> Attachments:
> 0001-KNOX-863-Consolidate-TransformerFactory-calls-enable.patch
>
>
> Similar to KNOX-854, this task is to consolidate TransformerFactory calls
> into a single class (XmlUtils), in order to remove duplicate code. This task
> also encompasses enabling the SECURE_PROCESSING feature when parsing XML,
> which is generally a "good thing to do".
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (KNOX-870) Documentation: how to support custom pre-auth validator
[ https://issues.apache.org/jira/browse/KNOX-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15861471#comment-15861471 ] Sandeep More commented on KNOX-870: --- Sorry I was mistaken with my previous comments, this is what I meant. Update: 1. Can you move the section you added *Supporting a Custom Validator* to Dev Guide instead of User Guide since this is an extension to Knox. 2. Let's have generic instructions in user guide with a link to how to add custom validators that points to the dev guide. > Documentation: how to support custom pre-auth validator > > > Key: KNOX-870 > URL: https://issues.apache.org/jira/browse/KNOX-870 > Project: Apache Knox > Issue Type: Task >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-870.1.patch > > > KNOX-861 supports pluggable preauth validator. > This task is to add proper documentation about how to add custom validator(s). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Comment Edited] (KNOX-870) Documentation: how to support custom pre-auth validator
[ https://issues.apache.org/jira/browse/KNOX-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15860201#comment-15860201 ] Sandeep More edited comment on KNOX-870 at 2/10/17 4:14 PM: Hello [~kamrul] the patch looks good, few things though, 1. Can you move the section you added *Supporting a Custom Validator* to Dev Guide instead of User Guide since this is an extension to Knox. 2. -Link it back to the User Guide so one knows about Custom Validators.- see the next comment Also, I noticed that the current book is 0.11, it should be 0.12. I will create a new book for 0.12 so you can create a patch for it there (currently you have it against 0.11). I will let you know once I am done so you can create a patch. was (Author: smore): Hello [~kamrul] the patch looks good, few things though, 1. Can you move the section you added *Supporting a Custom Validator* to Dev Guide instead of User Guide since this is an extension to Knox. 2. Link it back to the User Guide so one knows about Custom Validators. Also, I noticed that the current book is 0.11, it should be 0.12. I will create a new book for 0.12 so you can create a patch for it there (currently you have it against 0.11). I will let you know once I am done so you can create a patch. > Documentation: how to support custom pre-auth validator > > > Key: KNOX-870 > URL: https://issues.apache.org/jira/browse/KNOX-870 > Project: Apache Knox > Issue Type: Task >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-870.1.patch > > > KNOX-861 supports pluggable preauth validator. > This task is to add proper documentation about how to add custom validator(s). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-869) Support multiple preauth Validators
[ https://issues.apache.org/jira/browse/KNOX-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15862450#comment-15862450 ] Sandeep More commented on KNOX-869: --- I like the idea of 'comma-separated list of validators' this will also be in line with the other places we use multiple values. 1. IMO if one validator returns false we should return false, i.e AND behavior. The thought behind this approach is, since these are 'validators' if *any* of them fail the request does not satisfy a valid criteria specified. 2. Ya, I think so. It better to fail fast. > Support multiple preauth Validators > --- > > Key: KNOX-869 > URL: https://issues.apache.org/jira/browse/KNOX-869 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > > Currently KNOX-861 supports one validator. This task is to support a chain of > validators. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Comment Edited] (KNOX-869) Support multiple preauth Validators
[ https://issues.apache.org/jira/browse/KNOX-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15862450#comment-15862450 ] Sandeep More edited comment on KNOX-869 at 2/11/17 5:01 PM: I like the idea of 'comma-separated list of validators' this will also be in line with the other places we use multiple values. 1. IMO if one validator returns false we should return false, i.e AND behavior. The thought behind this approach is, since these are 'validators' if *any* of them fail the request does not satisfy a valid criteria specified. 2. Yes, I think so. It's better to fail fast. was (Author: smore): I like the idea of 'comma-separated list of validators' this will also be in line with the other places we use multiple values. 1. IMO if one validator returns false we should return false, i.e AND behavior. The thought behind this approach is, since these are 'validators' if *any* of them fail the request does not satisfy a valid criteria specified. 2. Ya, I think so. It better to fail fast. > Support multiple preauth Validators > --- > > Key: KNOX-869 > URL: https://issues.apache.org/jira/browse/KNOX-869 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > > Currently KNOX-861 supports one validator. This task is to support a chain of > validators. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-870) Documentation: how to support custom pre-auth validator
[ https://issues.apache.org/jira/browse/KNOX-870?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-870: -- Resolution: Fixed Status: Resolved (was: Patch Available) > Documentation: how to support custom pre-auth validator > > > Key: KNOX-870 > URL: https://issues.apache.org/jira/browse/KNOX-870 > Project: Apache Knox > Issue Type: Task >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-870.1.patch, KNOX-870.2.patch > > > KNOX-861 supports pluggable preauth validator. > This task is to add proper documentation about how to add custom validator(s). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-870) Documentation: how to support custom pre-auth validator
[ https://issues.apache.org/jira/browse/KNOX-870?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15865979#comment-15865979 ] Sandeep More commented on KNOX-870: --- Thank you for the documentation [~kamrul] ! I checked it in. > Documentation: how to support custom pre-auth validator > > > Key: KNOX-870 > URL: https://issues.apache.org/jira/browse/KNOX-870 > Project: Apache Knox > Issue Type: Task >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-870.1.patch, KNOX-870.2.patch > > > KNOX-861 supports pluggable preauth validator. > This task is to add proper documentation about how to add custom validator(s). -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-875) topology schema file (topology-v1.xsd) is missing "version" element definition.
[ https://issues.apache.org/jira/browse/KNOX-875?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-875: -- Resolution: Fixed Status: Resolved (was: Patch Available) > topology schema file (topology-v1.xsd) is missing "version" element > definition. > > > Key: KNOX-875 > URL: https://issues.apache.org/jira/browse/KNOX-875 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.6.0, 0.7.0, 0.8.0, 0.9.1, 0.11.0 > Environment: any >Reporter: Jeffrey E Rodriguez >Assignee: Jeffrey E Rodriguez >Priority: Minor > Labels: patch > Fix For: 0.12.0 > > Attachments: KNOX-875.patch > > Original Estimate: 1h > Remaining Estimate: 1h > > Developer guide, testcases and code mention a topology "version" subelement > for "service" element. The definition is not updated on the topology-v1.xsd > thus attempting to validate a topology against schema would fail. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Resolved] (KNOX-866) Knox CLI topology validation unsuccessful
[
https://issues.apache.org/jira/browse/KNOX-866?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More resolved KNOX-866.
---
Resolution: Fixed
> Knox CLI topology validation unsuccessful
> -
>
> Key: KNOX-866
> URL: https://issues.apache.org/jira/browse/KNOX-866
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxCLI
>Affects Versions: 0.11.0
>Reporter: Richard Ding
>Assignee: Richard Ding
>Priority: Minor
> Fix For: 0.12.0
>
> Attachments: KNOX-866_1.patch, KNOX-866.patch
>
>
> Encountered error when running Knox CLI to validate topology:
> {code}
> # ./knoxcli.sh validate-topology --cluster admin
> File to be validated:
> .../knox/bin/../conf/topologies/admin.xml
> ==
> Error retrieving schema from ClassLoader
> Topology validation unsuccessful
> {code}
> The Java version is
> {code}
> openjdk version "1.8.0_77"
> OpenJDK Runtime Environment (build 1.8.0_77-b03)
> OpenJDK 64-Bit Server VM (build 25.77-b03, mixed mode)
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (KNOX-876) Fix FindBugs "Experimental" issues
[ https://issues.apache.org/jira/browse/KNOX-876?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15861371#comment-15861371 ] Sandeep More commented on KNOX-876: --- Interesting, thanks [~coheigea] for pointing out issues with Java 1.6. Unfortunately our [quickstart guide | http://knox.apache.org/books/knox-0-11-0/user-guide.html#Quick+Start] states bq. Java 1.6 or later is required for the Knox Gateway runtime I will update it to 1.7 in the docs going forward. > Fix FindBugs "Experimental" issues > -- > > Key: KNOX-876 > URL: https://issues.apache.org/jira/browse/KNOX-876 > Project: Apache Knox > Issue Type: Improvement >Affects Versions: 0.11.0 >Reporter: Colm O hEigeartaigh >Assignee: Colm O hEigeartaigh > Fix For: 0.12.0 > > Attachments: 0001-KNOX-876-Fix-FindBugs-Experimental-issues.patch > > > This task is to fix the FindBugs "Experimental" issues - namely to use > try-with-resources to ensure that input/output streams are properly closed on > exception. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-880) Knox-site: Add a new book for 0.12
[ https://issues.apache.org/jira/browse/KNOX-880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-880: -- Fix Version/s: 0.12.0 > Knox-site: Add a new book for 0.12 > --- > > Key: KNOX-880 > URL: https://issues.apache.org/jira/browse/KNOX-880 > Project: Apache Knox > Issue Type: Bug > Components: Site >Affects Versions: 0.12.0 >Reporter: Sandeep More >Assignee: Sandeep More >Priority: Minor > Fix For: 0.12.0 > > > In order to take documentation contributions from the community for 0.12 > release we need to add 0.12 book. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Created] (KNOX-880) Knox-site: Add a new book for 0.12
Sandeep More created KNOX-880: - Summary: Knox-site: Add a new book for 0.12 Key: KNOX-880 URL: https://issues.apache.org/jira/browse/KNOX-880 Project: Apache Knox Issue Type: Bug Components: Site Affects Versions: 0.12.0 Reporter: Sandeep More Assignee: Sandeep More Priority: Minor In order to take documentation contributions from the community for 0.12 release we need to add 0.12 book. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-869) Support multiple preauth Validators
[ https://issues.apache.org/jira/browse/KNOX-869?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15870423#comment-15870423 ] Sandeep More commented on KNOX-869: --- Thank you for the patch [~kamrul] I will take a look at it. > Support multiple preauth Validators > --- > > Key: KNOX-869 > URL: https://issues.apache.org/jira/browse/KNOX-869 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Attachments: KNOX-869.1.patch > > > Currently KNOX-861 supports one validator. This task is to support a chain of > validators. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-879:
--
Resolution: Fixed
Status: Resolved (was: Patch Available)
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
> Attachments: KNOX-879.001.patch
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Updated] (KNOX-868) Allow native library auto included through java.library.path property
[ https://issues.apache.org/jira/browse/KNOX-868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-868: -- Fix Version/s: 0.12.0 > Allow native library auto included through java.library.path property > -- > > Key: KNOX-868 > URL: https://issues.apache.org/jira/browse/KNOX-868 > Project: Apache Knox > Issue Type: Improvement >Reporter: Mohammad Kamrul Islam >Assignee: Mohammad Kamrul Islam > Fix For: 0.12.0 > > Attachments: KNOX-868.1.patch > > > Currently user can add custom jars by copying it into $GATEWAY_HOME/ext > directory. However, there is no easy way to include native library (.so). > The use case is: a lot of authentication mechanism libraries are implemented > using C/C++ library. And user may want to integrate it with Knox. > One of the option could be: user can add .so files into > $GATEWAY_HOME/ext/native directory. At the same time, gateway service can > include that directory through java.library.path property during start up. > We can potentially use launcher.cfg to support it. > Any other alternative approach? -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Updated] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-879:
--
Attachment: KNOX-879.001.patch
Fixed the bug and added couple of UnitTests
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
> Attachments: KNOX-879.001.patch
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Commented] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15868658#comment-15868658
]
Sandeep More commented on KNOX-879:
---
Thank you for reporting the bug [~ssainath] !
The problem here seems to be the special character " (double quotes) and not
the = (equals) symbol you suspect.
Infact in your second example you have = symbol two times, it worked because it
did not have " symbol.
The problem seems to be coming from our code which is expecting the url that is
passed by SSO as URI. URI spec specifically state that (see RFC 3986 -
https://tools.ietf.org/html/rfc3986#section-2.2)
Changing URI to URL will work since " (double quotes) is not part of the
reserved symbols for URL as per RFC 1738 https://www.ietf.org/rfc/rfc1738.txt
i.e. reserved = ";" | "/" | "?" | ":" | "@" | "&" | "="
I will upload the patch that fixes this issue so folks can review it.
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Updated] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-879:
--
Status: Patch Available (was: Open)
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Updated] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-879:
--
Fix Version/s: 0.12.0
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxCLI
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Assigned] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More reassigned KNOX-879:
-
Assignee: Sandeep More
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxCLI
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Updated] (KNOX-879) Error in knox query processing when original url contains a parameter with value containing "="
[
https://issues.apache.org/jira/browse/KNOX-879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-879:
--
Component/s: (was: KnoxCLI)
Server
> Error in knox query processing when original url contains a parameter with
> value containing "="
> ---
>
> Key: KNOX-879
> URL: https://issues.apache.org/jira/browse/KNOX-879
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Sharmadha Sainath
>Assignee: Sandeep More
> Fix For: 0.12.0
>
>
> Issue seen while working Atlas with Knox SSO.
> Atlas is set up to use Knox SSO form login for authentication.
> DSL Search query : hive_table where name="table_1" is encoded by Atlas as
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> When the above query is fired , it is redirected to knox gateway as :
> {code}
> https:/KnoxGatewayHost:8443/gateway/knoxsso/knoxauth/login.html?originalUrl=http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table+where+name%3D%22table_1%22
> {code}
> On providing correct credentials and trying to sign in , knox threw 500
> Internal server error with response :
> {code}
> Problem accessing /gateway/knoxsso/api/v1/websso.
> {code}
> Following exceptions are found in knox gateway logs :
> {code}
> 2017-02-10 11:19:36,649 INFO service.knoxsso
> (WebSSOResource.java:getCookieValue(317)) - Unable to find cookie with name:
> original-url
> 2017-02-10 11:19:36,653 ERROR service.knoxsso
> (WebSSOResource.java:addJWTHadoopCookie(294)) - Unable to add cookie to
> response. Illegal character in query at index 103:
> http://x:21000/api/atlas/v2/search/dsl?limit=25="table_1":
> [Ljava.lang.StackTraceElement;@47f5
> {code}
> (Note : host name is masked with "x" chars matching with length of the actual
> Atlas host name so that "index 103" in gateway logs would make sense)
> Actual query was :
> hive_table where name="table_"
> which now became :
> "table_1"
> because of the equals character found twice in the query (near query once and
> near name once)
> {code}
> ?limit=25=hive_table where name="table_1"
> {code}
> The following query is processed well by Knox as there are no extra "equals"
> {code}
> http://AtlasHost:21000/api/atlas/v2/search/dsl?limit=25=hive_table
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Created] (KNOX-855) Add "application/x-javascript" mime type to the list of compressed resources
Sandeep More created KNOX-855: - Summary: Add "application/x-javascript" mime type to the list of compressed resources Key: KNOX-855 URL: https://issues.apache.org/jira/browse/KNOX-855 Project: Apache Knox Issue Type: Bug Components: Server Reporter: Sandeep More Assignee: Sandeep More "application/x-javascript" mime type resources are not getting compressed by Knox this is an issue for Ambari as it uses Content-Type:application/x-javascript a lot. Also make the mime types configurable so they can be added dynamically. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-855) Add "application/x-javascript" mime type to the list of compressed resources
[ https://issues.apache.org/jira/browse/KNOX-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-855: -- Status: Patch Available (was: Open) Patch that 1) compresses files with Content-Type:application/x-javascript 2) lets users configure mime-type to be compressed > Add "application/x-javascript" mime type to the list of compressed resources > - > > Key: KNOX-855 > URL: https://issues.apache.org/jira/browse/KNOX-855 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > > "application/x-javascript" mime type resources are not getting compressed by > Knox this is an issue for Ambari as it uses > Content-Type:application/x-javascript a lot. Also make the mime types > configurable so they can be added dynamically. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-855) Add "application/x-javascript" mime type to the list of compressed resources
[ https://issues.apache.org/jira/browse/KNOX-855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-855: -- Attachment: KNOX-855.001.patch > Add "application/x-javascript" mime type to the list of compressed resources > - > > Key: KNOX-855 > URL: https://issues.apache.org/jira/browse/KNOX-855 > Project: Apache Knox > Issue Type: Bug > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > Attachments: KNOX-855.001.patch > > > "application/x-javascript" mime type resources are not getting compressed by > Knox this is an issue for Ambari as it uses > Content-Type:application/x-javascript a lot. Also make the mime types > configurable so they can be added dynamically. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-896) Documentation has wrong JRE requirements
[ https://issues.apache.org/jira/browse/KNOX-896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15888965#comment-15888965 ] Sandeep More commented on KNOX-896: --- Hello [~aw] you are right, current Knox release probably will not build with JDK 1.6, documentation should be fixed going forward with [0.12.0 release | https://knox.apache.org/books/knox-0-12-0/user-guide.html#Quick+Start] > Documentation has wrong JRE requirements > > > Key: KNOX-896 > URL: https://issues.apache.org/jira/browse/KNOX-896 > Project: Apache Knox > Issue Type: Bug >Reporter: Allen Wittenauer > > From what I can tell, KNOX-532 set the default version to JDK 1.7 to build. > However, the user documentation > (https://knox.apache.org/books/knox-0-11-0/user-guide.html) says that it can > run with JRE 1.6. Unless I'm missing something (likely!), you can't actually > build with JDK 1.6 to make jars that work anymore. -- This message was sent by Atlassian JIRA (v6.3.15#6346)
[jira] [Commented] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15453250#comment-15453250
]
Sandeep More commented on KNOX-740:
---
Hello !
I am planning on taking this up, would be great if you would assign it to me.
Thanks !
Sandeep
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.10.0
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
> 115 roles.addAll(user.getUnixUser().getGroups());
> 116 }
> 117
> SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_ROLES,
>
[jira] [Updated] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-740:
--
Attachment: KNOX-740.001.patch
Initial patch aiming to fix the 3 reported defects.
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
> 115 roles.addAll(user.getUnixUser().getGroups());
> 116 }
> 117
> SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_ROLES,
> roles);
> 118
[jira] [Commented] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15453657#comment-15453657
]
Sandeep More commented on KNOX-740:
---
Great, thanks !
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
> 115 roles.addAll(user.getUnixUser().getGroups());
> 116 }
> 117
> SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_ROLES,
> roles);
>
[jira] [Updated] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-740:
--
Flags: Patch
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch, KNOX-740.002.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
> 115 roles.addAll(user.getUnixUser().getGroups());
> 116 }
> 117
> SecurityUtils.getSubject().getSession().setAttribute(SUBJECT_USER_ROLES,
> roles);
> 118
[jira] [Commented] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15459003#comment-15459003
]
Sandeep More commented on KNOX-740:
---
That's odd, investigating it.
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch, KNOX-740.002.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
> 115 roles.addAll(user.getUnixUser().getGroups());
> 116 }
> 117
>
[jira] [Updated] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-740:
--
Attachment: KNOX-740.003.patch
Not sure why the previous patch failed to apply I am speculating it was because
the previous patch consisted of two parts (my error or my git client). The
patch *003.patch is much cleaner (does the same thing though).
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch, KNOX-740.002.patch,
> KNOX-740.003.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114
[jira] [Commented] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15459350#comment-15459350
]
Sandeep More commented on KNOX-740:
---
Thanks, Glad to contribute !
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch, KNOX-740.002.patch,
> KNOX-740.003.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
> 115 roles.addAll(user.getUnixUser().getGroups());
> 116 }
> 117
>
[jira] [Commented] (KNOX-748) Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
[
https://issues.apache.org/jira/browse/KNOX-748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15467234#comment-15467234
]
Sandeep More commented on KNOX-748:
---
Thank you [~lmccay] !
> Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
> --
>
> Key: KNOX-748
> URL: https://issues.apache.org/jira/browse/KNOX-748
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Larry McCay
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-748.001.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> ** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
>
> *** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
> 293
> 294 char[] password = "changeme".toCharArray();
> 295 ks.load(null, password);
> 296 ks.setCertificateEntry("gateway-identity", cert);
> 297
> 298 FileOutputStream fos = new FileOutputStream(file);
>CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
>Variable "fos" going out of scope leaks the resource it refers to.
> 299 ks.store(fos, password);
> 300 fos.close();
> 301 }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (KNOX-740) Address new coverity scan issues
[
https://issues.apache.org/jira/browse/KNOX-740?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-740:
--
Attachment: KNOX-740.002.patch
Thanks for the feedback [~lmccay] ! This patch takes care of the misplaced
curly brace and the formatting of KnoxPamRealm to include spaces instead of
tabs to closely adhere to the standard.
Thanks !
Sandeep
> Address new coverity scan issues
>
>
> Key: KNOX-740
> URL: https://issues.apache.org/jira/browse/KNOX-740
> Project: Apache Knox
> Issue Type: Bug
>Reporter: Sumit Gupta
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-740.001.patch, KNOX-740.002.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
>
>
>
>
> *** CID 1361684: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 140 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken)()
> 134 ShiroLog.failedLoginAttempt(e.getCause());
> 135 throw new AuthenticationException(e);
> 136 }
> 137 HashRequest.Builder builder = new HashRequest.Builder();
> 138 Hash credentialsHash = hashService
> 139
> .computeHash(builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
> >>> CID 1361684: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "credentialsHash".
> 140 return new SimpleAuthenticationInfo(new
> UnixUserPrincipal(user) , credentialsHash.toHex(), credentialsHash.getSalt(),
> 141 getName());
> 142 }
> 143
>
> ** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
>
>
>
>
> *** CID 1361683: Null pointer dereferences (NULL_RETURNS)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/filter/ShiroSubjectIdentityAdapter.java:
> 71 in
> org.apache.hadoop.gateway.filter.ShiroSubjectIdentityAdapter.doFilter(javax.servlet.ServletRequest,
> javax.servlet.ServletResponse, javax.servlet.FilterChain)()
> 65 Subject subject = SecurityUtils.getSubject();
> 66
> 67 // trigger call to shiro authorization realm
> 68 // we use shiro authorization realm to look up groups
> 69 subject.hasRole("authenticatedUser");
> 70
> >>> CID 1361683: Null pointer dereferences (NULL_RETURNS)
> >>> Calling a method on null object "subject.getPrincipal()".
> 71 final String principalName = (String)
> subject.getPrincipal().toString();
> 72
> 73 CallableChain callableChain = new CallableChain(request,
> response, chain);
> 74 SecurityUtils.getSubject().execute(callableChain);
> 75 }
> 76
>
> ** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
>
>
>
>
> *** CID 1361682: Null pointer dereferences (FORWARD_NULL)
>
> /gateway-provider-security-shiro/src/main/java/org/apache/hadoop/gateway/shirorealm/KnoxPamRealm.java:
> 119 in
> org.apache.hadoop.gateway.shirorealm.KnoxPamRealm.doGetAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection)()
> 113 UnixUserPrincipal user =
> principals.oneByType(UnixUserPrincipal.class);
> 114 if (user != null) {
>
[jira] [Updated] (KNOX-748) Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
[
https://issues.apache.org/jira/browse/KNOX-748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More updated KNOX-748:
--
Attachment: KNOX-748.001.patch
This is an initial patch. This patch basically wraps the resource 'fos' in try,
finally block. Let me know how it goes !
Thanks !
Sandeep
> Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
> --
>
> Key: KNOX-748
> URL: https://issues.apache.org/jira/browse/KNOX-748
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Larry McCay
>Assignee: Sandeep More
> Fix For: 0.10.0
>
> Attachments: KNOX-748.001.patch
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> ** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
>
> *** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
> 293
> 294 char[] password = "changeme".toCharArray();
> 295 ks.load(null, password);
> 296 ks.setCertificateEntry("gateway-identity", cert);
> 297
> 298 FileOutputStream fos = new FileOutputStream(file);
>CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
>Variable "fos" going out of scope leaks the resource it refers to.
> 299 ks.store(fos, password);
> 300 fos.close();
> 301 }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (KNOX-748) Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
[
https://issues.apache.org/jira/browse/KNOX-748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15455860#comment-15455860
]
Sandeep More commented on KNOX-748:
---
I'll pick this one up, looks like resource "fos" needs to be closed in finally.
> Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
> --
>
> Key: KNOX-748
> URL: https://issues.apache.org/jira/browse/KNOX-748
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Larry McCay
> Fix For: 0.10.0
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> ** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
>
> *** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
> 293
> 294 char[] password = "changeme".toCharArray();
> 295 ks.load(null, password);
> 296 ks.setCertificateEntry("gateway-identity", cert);
> 297
> 298 FileOutputStream fos = new FileOutputStream(file);
>CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
>Variable "fos" going out of scope leaks the resource it refers to.
> 299 ks.store(fos, password);
> 300 fos.close();
> 301 }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Assigned] (KNOX-748) Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
[
https://issues.apache.org/jira/browse/KNOX-748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More reassigned KNOX-748:
-
Assignee: Sandeep More
> Fix Resource Leak in X509CertificateUtil.writeCertificateToJKS
> --
>
> Key: KNOX-748
> URL: https://issues.apache.org/jira/browse/KNOX-748
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
>Reporter: Larry McCay
>Assignee: Sandeep More
> Fix For: 0.10.0
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> ** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
>
> *** CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
> /gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/impl/X509CertificateUtil.java:
> 299 in
> org.apache.hadoop.gateway.services.security.impl.X509CertificateUtil.writeCertificateToJKS(java.security.cert.Certificate,
> java.io.File)()
> 293
> 294 char[] password = "changeme".toCharArray();
> 295 ks.load(null, password);
> 296 ks.setCertificateEntry("gateway-identity", cert);
> 297
> 298 FileOutputStream fos = new FileOutputStream(file);
>CID 1361992: Exceptional resource leaks (RESOURCE_LEAK)
>Variable "fos" going out of scope leaks the resource it refers to.
> 299 ks.store(fos, password);
> 300 fos.close();
> 301 }
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Assigned] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More reassigned KNOX-732: - Assignee: Sandeep More > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.10.0 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15474445#comment-15474445 ] Sandeep More commented on KNOX-732: --- Oh ok, makes sense, I'll try to go down that route. Thanks for the review !! > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.10.0 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15477911#comment-15477911 ] Sandeep More commented on KNOX-732: --- My initial thought was to bite the bullet and upgrade Jetty but now I see your point with the backport and given the refactoring involved I think Gzip Filter would be a better way forward ! > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.10.0 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-732: -- Attachment: KNOX-732.003.patch As per recommendation, updating the gzip handler. Changes from previous patch -gzipHandler.setHandler(correlationHandler); +gzipHandler.setHandler(contexts); Thanks ! Sandeep > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.1 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch, KNOX-732.002.patch, > KNOX-732.003.patch, Screen Shot 2016-09-10 at 2.41.25 PM.png > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-732: -- Attachment: Screen Shot 2016-09-10 at 2.41.25 PM.png This seems to work for the JS files required by AmbariUI (app.js and vendor.js). I am attaching a screenshot for it. I will try to set handler to "contexts" and see how it goes. > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.1 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch, KNOX-732.002.patch, Screen Shot > 2016-09-10 at 2.41.25 PM.png > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-732: -- Attachment: KNOX-732.004.patch Reformatting code so its a bit better to follow through and added some comments for posterity. Hope this is a bit better to follow. Thanks, Sandeep > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.1 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch, KNOX-732.002.patch, > KNOX-732.003.patch, KNOX-732.004.patch, Screen Shot 2016-09-10 at 2.41.25 > PM.png > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15493591#comment-15493591 ] Sandeep More commented on KNOX-732: --- Results of some test I ran locally. Setup, using VM (Ambari 2.4.0.0 ) and running Knox (0.9.1) locally. The results are for the file app.js (compressed size 995 KB, decompressed size 7 MB) with browser caching disabled. Before KNOX-732 fix - Direct 442 ms - Gateway 1.16 s After KNOX-732 fix - Direct 442 ms - Gateway 837 ms These numbers should help us understand the relative improvement. YMMV. > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.1 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch, KNOX-732.002.patch, > KNOX-732.003.patch, KNOX-732.004.patch, Screen Shot 2016-09-10 at 2.41.25 > PM.png > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15478115#comment-15478115 ] Sandeep More commented on KNOX-732: --- Okay, looks like I was wrong when I said that Gzip Handler is not available in Jetty 9.2.x, it is available but in a different package, jetty-servlets. I'll try this later today .. > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.10.0 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-732) Knox does not recompress javascript resources
[ https://issues.apache.org/jira/browse/KNOX-732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15496676#comment-15496676 ] Sandeep More commented on KNOX-732: --- [~lmccay] do you think this can be marked as fixed ? Thanks ! > Knox does not recompress javascript resources > - > > Key: KNOX-732 > URL: https://issues.apache.org/jira/browse/KNOX-732 > Project: Apache Knox > Issue Type: Bug > Components: Server >Affects Versions: 0.9.1 >Reporter: Sumit Gupta >Assignee: Sandeep More > Fix For: 0.10.0 > > Attachments: KNOX-732.001.patch, KNOX-732.002.patch, > KNOX-732.003.patch, KNOX-732.004.patch, Screen Shot 2016-09-10 at 2.41.25 > PM.png > > > When using the Ambari UI proxy service it is observed that the app.js file is > about 7MB whereas it is much smaller (about 1MB) when the UI is not proxied > by Knox. > A compression solution needs to be investigated. Possibly by adding a gzip > compression handler or filter to jetty. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-756) Build failure with "ant release"
[ https://issues.apache.org/jira/browse/KNOX-756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-756: -- Description: With the recent changes, tests for org.apache.hadoop.test.category.ReleaseTest group are failing. Specifically org.apache.hadoop.gateway.SecureClusterTest. To reproduce the problem run Knox build with either of the following commands: 1) ant clean release 2) mvn -Ppackage,release install 'mvn -Ppackage install' works fine (does not run the ReleaseTest group causing problem) A quick look at the dependencies shows that SecureClusterTest is referring to older 'apacheds' release (apacheds-*-2.0.0-M15) was: With the recent changes, org.apache.hadoop.test.category.ReleaseTest are failing. Specifically org.apache.hadoop.gateway.SecureClusterTest. To reproduce the problem run Knox build with either of the following commands: 1) ant clean release 2) mvn -Ppackage,release install 'mvn -Ppackage install' works fine (does not run the ReleaseTest causing problem) A quick look at the dependencies shows that SecureClusterTest is referring to older 'apacheds' release (apacheds-*-2.0.0-M15) > Build failure with "ant release" > > > Key: KNOX-756 > URL: https://issues.apache.org/jira/browse/KNOX-756 > Project: Apache Knox > Issue Type: Bug > Components: Build >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > > With the recent changes, tests for > org.apache.hadoop.test.category.ReleaseTest group are failing. Specifically > org.apache.hadoop.gateway.SecureClusterTest. > To reproduce the problem run Knox build with either of the following commands: > 1) ant clean release > 2) mvn -Ppackage,release install > 'mvn -Ppackage install' works fine (does not run the ReleaseTest group > causing problem) > A quick look at the dependencies shows that SecureClusterTest is referring to > older 'apacheds' release (apacheds-*-2.0.0-M15) -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (KNOX-764) Create ServiceDefinitionRegistry for mapping between routes and services.
Sandeep More created KNOX-764: - Summary: Create ServiceDefinitionRegistry for mapping between routes and services. Key: KNOX-764 URL: https://issues.apache.org/jira/browse/KNOX-764 Project: Apache Knox Issue Type: Sub-task Affects Versions: 0.10.0 Reporter: Sandeep More -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15606987#comment-15606987 ] Sandeep More commented on KNOX-752: --- Patch Comments: Following are the comments for the patch "KNOX-752.002.patch" as a result of an offline discussion with [~lmccay] and [~sumit.gupta] gateway-site.xml 1) Remove all the newly added elements except the property "gateway.websocket.feature.enabled" 2) Change "gateway.websocket.feature.enabled" to be false by default. 3) Get rid of the white space. Next iteration: 1) Move config params during creating connections (topology based). GatewayServer.java 1) Undo the reformatting for the code that is not touched. 2) Get rid of the white space. GatewayConfigImpl.java 1) Change "gateway.websocket.feature.enabled" to be false by default. 2) Get rid of the white space. POM.xml 1) White space GatewayWebsocketHandler.java: 1) Cleanup unused code - urlRewriteRules 2) Derive topology from request path. 3) It was suggested to create a ServiceDefinitionRegistry - probably a separate JIRA, to optimize the for loops, mapping between routes and services. 4) File a JIRA for the api ServiceRegistry.lookupServiceURL() - accepts only uppercase string, should be case insensitive. ProxyWebSocketAdapter.java: 1) Fix the fixmes : throw unsupportedmethod exception for methods not yet implemented. Gracefully close connection. 2) Fix the FIXME LOG statements. > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Status: Patch Available (was: Open) > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch, > KNOX-752.003.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Status: Open (was: Patch Available) > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch, > KNOX-752.003.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Attachment: KNOX-752.003.patch The new patch that incorporates [~sumit.gupta] patch that contains a bunch of optimizations. It also incorporates the review comments. > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch, > KNOX-752.003.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15615931#comment-15615931 ] Sandeep More commented on KNOX-752: --- Oh right, will add some tests covering those cases ! > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch, > KNOX-752.003.patch, KNOX-752.004.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Attachment: KNOX-752.005.patch Added few more Tests mostly to handle failure cases such as 1) Backend websocket server down. 2) Bad URL. 3) Websocket Message too long. 4) Abrupt connection close. Small changes to code to handle failures more gracefully. Let me know what you think and if anything else needs to be added. Thanks ! Sandeep > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch, > KNOX-752.003.patch, KNOX-752.004.patch, KNOX-752.005.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (KNOX-778) Documentation for Websocket support
Sandeep More created KNOX-778: - Summary: Documentation for Websocket support Key: KNOX-778 URL: https://issues.apache.org/jira/browse/KNOX-778 Project: Apache Knox Issue Type: Improvement Components: Site Reporter: Sandeep More Assignee: Sandeep More Need documentation to go along with the Websocket functionality that was added by KNOX-752. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-778) Documentation for Websocket support
[ https://issues.apache.org/jira/browse/KNOX-778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-778: -- Issue Type: Sub-task (was: Improvement) Parent: KNOX-752 > Documentation for Websocket support > --- > > Key: KNOX-778 > URL: https://issues.apache.org/jira/browse/KNOX-778 > Project: Apache Knox > Issue Type: Sub-task > Components: Site >Reporter: Sandeep More >Assignee: Sandeep More > > Need documentation to go along with the Websocket functionality that was > added by KNOX-752. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-778) Documentation for Websocket support
[ https://issues.apache.org/jira/browse/KNOX-778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-778: -- Status: Patch Available (was: Open) Initial patch for the site documentation. > Documentation for Websocket support > --- > > Key: KNOX-778 > URL: https://issues.apache.org/jira/browse/KNOX-778 > Project: Apache Knox > Issue Type: Sub-task > Components: Site >Reporter: Sandeep More >Assignee: Sandeep More > > Need documentation to go along with the Websocket functionality that was > added by KNOX-752. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Description: Provide support to proxy websocket connections, this will help UIs such as Zeppelin which use Websockets. KIP for the feature: https://cwiki.apache.org/confluence/display/KNOX/KIP-3+Websocket+Support was:Provide support to proxy websocket connections, this will help UIs such as Zeppelin which use Websockets. > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch, > KNOX-752.003.patch, KNOX-752.004.patch, KNOX-752.005.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. > KIP for the feature: > https://cwiki.apache.org/confluence/display/KNOX/KIP-3+Websocket+Support -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-778) Documentation for Websocket support
[ https://issues.apache.org/jira/browse/KNOX-778?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15644742#comment-15644742 ] Sandeep More commented on KNOX-778: --- Thanks [~sumit.gupta] ! One note one the patch, it is created from the directory 'knox-site/trunk' this was done so as to prevent /site/* changes from getting into the patch. I figured that we probably cannot ignore site/* so I created the patch from one level below. Let me know if this is an issue. Thanks ! > Documentation for Websocket support > --- > > Key: KNOX-778 > URL: https://issues.apache.org/jira/browse/KNOX-778 > Project: Apache Knox > Issue Type: Sub-task > Components: Site >Reporter: Sandeep More >Assignee: Sandeep More > Attachments: KNOX-778.001.patch > > > Need documentation to go along with the Websocket functionality that was > added by KNOX-752. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-778) Documentation for Websocket support
[ https://issues.apache.org/jira/browse/KNOX-778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-778: -- Attachment: KNOX-778.001.patch > Documentation for Websocket support > --- > > Key: KNOX-778 > URL: https://issues.apache.org/jira/browse/KNOX-778 > Project: Apache Knox > Issue Type: Sub-task > Components: Site >Reporter: Sandeep More >Assignee: Sandeep More > Attachments: KNOX-778.001.patch > > > Need documentation to go along with the Websocket functionality that was > added by KNOX-752. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Labels: features (was: ) Affects Version/s: 0.10.0 Status: Patch Available (was: Open) > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Description: Provide support to proxy websocket connections, this will help UIs such as Zeppelin which use Websockets. (was: Provide proxy UI support for the Zeppelin UI.) > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > Fix For: 0.10.0 > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Summary: Knox Websocket support (was: Zeppelin UI Proxy support ) > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Reporter: Sandeep More >Assignee: Sandeep More > Fix For: 0.10.0 > > > Provide proxy UI support for the Zeppelin UI. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-752) Knox Websocket support
[ https://issues.apache.org/jira/browse/KNOX-752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sandeep More updated KNOX-752: -- Attachment: KNOX-752.002.patch Format patch differently to make Jenkins build happy. > Knox Websocket support > --- > > Key: KNOX-752 > URL: https://issues.apache.org/jira/browse/KNOX-752 > Project: Apache Knox > Issue Type: New Feature > Components: Server >Affects Versions: 0.10.0 >Reporter: Sandeep More >Assignee: Sandeep More > Labels: features > Fix For: 0.10.0 > > Attachments: KNOX-752.001.patch, KNOX-752.002.patch > > > Provide support to proxy websocket connections, this will help UIs such as > Zeppelin which use Websockets. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Created] (KNOX-769) SecureClusterTest fails for Java 1.7
Sandeep More created KNOX-769: - Summary: SecureClusterTest fails for Java 1.7 Key: KNOX-769 URL: https://issues.apache.org/jira/browse/KNOX-769 Project: Apache Knox Issue Type: Bug Components: Tests Affects Versions: 0.10.0 Reporter: Sandeep More Assignee: Sandeep More SecureClusterTest seems to be failing for java versions less than 1.8. The error is : [exec] Running org.apache.hadoop.gateway.SecureClusterTest [exec] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.001 sec <<< FAILURE! - in org.apache.hadoop.gateway.SecureClusterTest [exec] initializationError(org.apache.hadoop.gateway.SecureClusterTest) Time elapsed: 0.001 sec <<< ERROR! [exec] java.lang.UnsupportedClassVersionError: org/apache/hadoop/minikdc/MiniKdc : Unsupported major.minor version 52.0 -- This message was sent by Atlassian JIRA (v6.3.4#6332)
