Re: Review Request 66549: Lens Server: SPNEGO authentication
> On May 9, 2018, 1:58 p.m., Puneet Gupta wrote: > > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > > Lines 80 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016756#file2016756line80> > > > > can we also add details on usage or user and password ? This filter is added by default while building `LensConnection` in `LensConnectionParams.setupRequestFilters`. > On May 9, 2018, 1:58 p.m., Puneet Gupta wrote: > > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > > Lines 132 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016756#file2016756line132> > > > > can be private ? done > On May 9, 2018, 1:58 p.m., Puneet Gupta wrote: > > lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java > > Line 1515 (original), 1515 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016757#file2016757line1515> > > > > why is this renoved ? It was duplicate. It's fixed in master now. Added it back. - Barun --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review202754 --- On May 14, 2018, 2 p.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 14, 2018, 2 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f99529a > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java > 08a5cff4f > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > 63eea6313 > > > Diff: https://reviews.apache.org/r/66549/diff/3/ > > > Testing > --- > > [INFO] Reactor Summary: > [INFO] > [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] > [INFO] Lens .. SUCCESS [3.567s] > [INFO] Lens API .. SUCCESS [19.185s] > [INFO] Lens API for server and extensions SUCCESS [17.395s] > [INFO] Lens Cube . SUCCESS [3:00.221s] > [INFO] Lens DB storage ... SUCCESS [13.920s] > [INFO] Lens Query Library SUCCESS [11.039s] > [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] > [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] > [INFO] Lens Elastic Search Driver SUCCESS [17.640s] > [INFO] Lens Server ... SUCCESS > [10:18.23
Re: Review Request 66549: Lens Server: SPNEGO authentication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/ --- (Updated May 14, 2018, 2 p.m.) Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. Changes --- Fixed review comments. Bugs: LENS-1509 https://issues.apache.org/jira/browse/LENS-1509 Repository: lens Description --- Currently authentication in lens works by taking username/password while opening a session and validating it. This change will add support of SPNEGO support in lens server and clinet so that it can negotiate the authentication scheme. Currently only Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc can be added as well later. Diffs (updated) - contrib/clients/python/lens/client/auth.py PRE-CREATION contrib/clients/python/lens/client/session.py a1ccc4ba3 contrib/clients/python/setup.py de59d32a9 lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java PRE-CREATION lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java b703e132d lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java 3a5dcdb82 lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java PRE-CREATION lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java f14ae44af lens-server/src/main/java/org/apache/lens/server/BaseLensService.java b5248f3d5 lens-server/src/main/java/org/apache/lens/server/LensApplication.java c3f99529a lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java 08a5cff4f lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java 63eea6313 Diff: https://reviews.apache.org/r/66549/diff/3/ Changes: https://reviews.apache.org/r/66549/diff/2-3/ Testing --- [INFO] Reactor Summary: [INFO] [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] [INFO] Lens .. SUCCESS [3.567s] [INFO] Lens API .. SUCCESS [19.185s] [INFO] Lens API for server and extensions SUCCESS [17.395s] [INFO] Lens Cube . SUCCESS [3:00.221s] [INFO] Lens DB storage ... SUCCESS [13.920s] [INFO] Lens Query Library SUCCESS [11.039s] [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] [INFO] Lens Elastic Search Driver SUCCESS [17.640s] [INFO] Lens Server ... SUCCESS [10:18.231s] [INFO] Lens client ... SUCCESS [1:27.686s] [INFO] Lens CLI .. SUCCESS [1:32.599s] [INFO] Lens Examples . SUCCESS [8.707s] [INFO] Lens Ship Jars to Distributed Cache ... SUCCESS [0.691s] [INFO] Lens Distribution . SUCCESS [8.002s] [INFO] Lens ML Lib ... SUCCESS [1:06.984s] [INFO] Lens ML Ext Distribution .. SUCCESS [2.084s] [INFO] Lens Regression ... SUCCESS [12.962s] [INFO] Lens UI ... SUCCESS [35.012s] [INFO] Lens Contrib .. SUCCESS [0.263s] [INFO] Lens Contributed Clients .. SUCCESS [0.266s] [INFO] Lens Python Client SUCCESS [0.247s] [INFO] Thanks, Barun Kumar
Re: Review Request 66549: Lens Server: SPNEGO authentication
> On May 9, 2018, 1:58 p.m., Rajitha R wrote: > > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > > Lines 95 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016754#file2016754line95> > > > > Is this config password required? This might require user to set these > > config in lens-client xml file. Shouldn't Kinit suffice here This is not required. Removed. > On May 9, 2018, 1:58 p.m., Rajitha R wrote: > > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > > Lines 56 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016755#file2016755line56> > > > > Can this be made configurable ? We can and earlier I did make it configurable but every client will have to add it in configuration. SO going for a default addition. - Barun --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review202755 ------- On May 14, 2018, 2 p.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 14, 2018, 2 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f99529a > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java > 08a5cff4f > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > 63eea6313 > > > Diff: https://reviews.apache.org/r/66549/diff/3/ > > > Testing > --- > > [INFO] Reactor Summary: > [INFO] > [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] > [INFO] Lens .. SUCCESS [3.567s] > [INFO] Lens API .. SUCCESS [19.185s] > [INFO] Lens API for server and extensions SUCCESS [17.395s] > [INFO] Lens Cube . SUCCESS [3:00.221s] > [INFO] Lens DB storage ... SUCCESS [13.920s] > [INFO] Lens Query Library SUCCESS [11.039s] > [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] > [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] > [INFO] Lens Elastic Search Driver SUCCESS [17.640s] > [INFO] Lens Server ... SUCCESS > [10:18.231s] > [INFO] Lens client ... SUCCESS [1:27.686s] > [INFO] Lens CLI .. SUCCESS [1:32.599s] > [INFO] Lens Examples
Re: Review Request 66549: Lens Server: SPNEGO authentication
> On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > > Line 164 (original), 169 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016759#file2016759line169> > > > > Why are we passing a negate value here? If auth scheme is set, > > shouldn't this be sent as true? the last argument is to do the old auth. if auth scheme is present then we are not doing old auth. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > > Lines 79 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016760#file2016760line79> > > > > The purpose of NotAuthorizedExceptionMapper isn't clear. Can existing > > GenericeExceptionMapper not serve the purpose? THe purpose of this class is to handle NotAuthorizedException and return proper error to client. Yew we can use GenericeExceptionMapper instead but it does a lot of thing which could be avoided by having specific exception mapper for exception rather than having one for "Exception" class. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 66 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016763#file2016763line66> > > > > Can't see this property defined anywhere in the patch. This is an existing property. We will have to add this filter in that. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 272 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016763#file2016763line272> > > > > I dont still recommend this. Please go through other exceptions in lens > > (check lens-error.conf). We should handle this one similar to others to > > have some consistency in the code lens-error.conf contains error code specific to lens-server. I think authentication is orthogonal to it and we should deal with standard HTTP level error code and JAX-RS API. NotAuthorizedException is standard exception defined in JAX-RS API for authentication failure. > On May 7, 2018, 12:10 p.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > > Lines 128 (patched) > > <https://reviews.apache.org/r/66549/diff/2/?file=2016766#file2016766line128> > > > > Since this flow is only valid for Negotiate scheme, can we have the > > additional check if the scheme is only negotiate? This can be valid for any auth scheme. The validation for Negotiate is happening in SpnegoAuthenticationFilter. - Barun ------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review202544 --- On May 14, 2018, 2 p.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 14, 2018, 2 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org
Re: Review Request 66549: Lens Server: SPNEGO authentication
> On April 23, 2018, 6:09 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > > Lines 71 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995747#file1995747line71> > > > > Should we not have the authentication across all resources than just > > session? We have taken call to have it only on session resourece as of now. - Barun --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review201719 ------- On May 14, 2018, 2 p.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 14, 2018, 2 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f99529a > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java > 08a5cff4f > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > 63eea6313 > > > Diff: https://reviews.apache.org/r/66549/diff/3/ > > > Testing > --- > > [INFO] Reactor Summary: > [INFO] > [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] > [INFO] Lens .. SUCCESS [3.567s] > [INFO] Lens API .. SUCCESS [19.185s] > [INFO] Lens API for server and extensions SUCCESS [17.395s] > [INFO] Lens Cube . SUCCESS [3:00.221s] > [INFO] Lens DB storage ... SUCCESS [13.920s] > [INFO] Lens Query Library SUCCESS [11.039s] > [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] > [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] > [INFO] Lens Elastic Search Driver SUCCESS [17.640s] > [INFO] Lens Server ... SUCCESS > [10:18.231s] > [INFO] Lens client ... SUCCESS [1:27.686s] > [INFO] Lens CLI .. SUCCESS [1:32.599s] > [INFO] Lens Examples . SUCCESS [8.707s] > [INFO] Lens Ship Jars to Distributed Cache ... SUCCESS [0.691s] > [INFO] Lens Distribution . SUCCESS [8.002s] > [INFO] Lens ML Lib ... SUCCESS [1:06.984s] > [INFO] Lens ML Ext Distribution .. SUCCESS [2.084s] > [INFO] Lens Regression
Re: Review Request 66549: Lens Server: SPNEGO authentication
> On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > > Lines 78 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995740#file1995740line78> > > > > the service already has conf defined. This shouldn't be required No this doesn't have it defined. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > > Lines 77 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995747#file1995747line77> > > > > we should get conf from session service than initializing again here No method in SessionService to get conf. - Barun --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review200978 --- On May 4, 2018, 12:48 p.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 4, 2018, 12:48 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java > e83eacb11 > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f99529a > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java > 08a5cff4f > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > 63eea6313 > > > Diff: https://reviews.apache.org/r/66549/diff/2/ > > > Testing > --- > > [INFO] Reactor Summary: > [INFO] > [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] > [INFO] Lens .. SUCCESS [3.567s] > [INFO] Lens API .. SUCCESS [19.185s] > [INFO] Lens API for server and extensions SUCCESS [17.395s] > [INFO] Lens Cube . SUCCESS [3:00.221s] > [INFO] Lens DB storage ... SUCCESS [13.920s] > [INFO] Lens Query Library SUCCESS [11.039s] > [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] > [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] > [INFO] Lens Elastic Search Driver SUCCESS [17.640s] > [INFO] Lens Server ... SUCCESS > [10:18.231s] > [INFO] Lens client ... SUCCESS [1:27.686s] > [INFO] Lens CLI .. SUCCESS [1:32.599s] > [INFO] Lens Examples
Re: Review Request 66549: Lens Server: SPNEGO authentication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/ --- (Updated May 4, 2018, 12:48 p.m.) Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. Bugs: LENS-1509 https://issues.apache.org/jira/browse/LENS-1509 Repository: lens Description --- Currently authentication in lens works by taking username/password while opening a session and validating it. This change will add support of SPNEGO support in lens server and clinet so that it can negotiate the authentication scheme. Currently only Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc can be added as well later. Diffs (updated) - contrib/clients/python/lens/client/auth.py PRE-CREATION contrib/clients/python/lens/client/session.py a1ccc4ba3 contrib/clients/python/setup.py de59d32a9 lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java PRE-CREATION lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java b703e132d lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java 3a5dcdb82 lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java PRE-CREATION lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java e83eacb11 lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java f14ae44af lens-server/src/main/java/org/apache/lens/server/BaseLensService.java b5248f3d5 lens-server/src/main/java/org/apache/lens/server/LensApplication.java c3f99529a lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java 08a5cff4f lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java 63eea6313 Diff: https://reviews.apache.org/r/66549/diff/2/ Changes: https://reviews.apache.org/r/66549/diff/1-2/ Testing --- [INFO] Reactor Summary: [INFO] [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] [INFO] Lens .. SUCCESS [3.567s] [INFO] Lens API .. SUCCESS [19.185s] [INFO] Lens API for server and extensions SUCCESS [17.395s] [INFO] Lens Cube . SUCCESS [3:00.221s] [INFO] Lens DB storage ... SUCCESS [13.920s] [INFO] Lens Query Library SUCCESS [11.039s] [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] [INFO] Lens Elastic Search Driver SUCCESS [17.640s] [INFO] Lens Server ... SUCCESS [10:18.231s] [INFO] Lens client ... SUCCESS [1:27.686s] [INFO] Lens CLI .. SUCCESS [1:32.599s] [INFO] Lens Examples . SUCCESS [8.707s] [INFO] Lens Ship Jars to Distributed Cache ... SUCCESS [0.691s] [INFO] Lens Distribution . SUCCESS [8.002s] [INFO] Lens ML Lib ... SUCCESS [1:06.984s] [INFO] Lens ML Ext Distribution .. SUCCESS [2.084s] [INFO] Lens Regression ... SUCCESS [12.962s] [INFO] Lens UI ... SUCCESS [35.012s] [INFO] Lens Contrib .. SUCCESS [0.263s] [INFO] Lens Contributed Clients .. SUCCESS [0.266s] [INFO] Lens Python Client SUCCESS [0.247s] [INFO] Thanks, Barun Kumar
Re: Review Request 66549: Lens Server: SPNEGO authentication
> On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 64 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995744#file1995744line64> > > > > What exactly is this id? Can this be made configurable than a hardcoded > > value ? This is not a configuration param so hardcoded it. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 65 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995744#file1995744line65> > > > > Please move all constant fields to lensconstants class This constant is private to this class. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 73 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995744#file1995744line73> > > > > Does Spnego only support NEGOTIATE scheme? Can we have a default scheme > > implemented as well? There is no default scheme. Others are Plain/Digest etc. We are only doing Negotiate as of now. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 106 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995744#file1995744line106> > > > > shouldn't we check if all the parameters(uriinfo, resourceinfo etc) are > > non null before fetching any data in this method? This is injected by JAX-RS container so this is not nullable. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > > Lines 257 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995744#file1995744line257> > > > > Can we create a new error code and throw Lens exception for all > > authentication failures? We are using standard JAX-RS exception here for 401 status code. I think this is better. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > > Lines 128 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995747#file1995747line128> > > > > is this flow valid for all auth schemes? Yes. This is valid for all schemes. But againg only Negotiate is implemented as of now. - Barun ------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review200978 --- On May 4, 2018, 11:04 a.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 4, 2018, 11:04 a.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4b > contrib/clients/python/setup.py de59d32 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e13 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java > e83eacb > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > 0e05d28 > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f9952 > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/l
Re: Review Request 66549: Lens Server: SPNEGO authentication
> On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java > > Line 1516 (original) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995738#file1995738line1516> > > > > revert this This is a duplicate method. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > > Line 164 (original), 169 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995740#file1995740line169> > > > > the ! condition here is intentional? yes. > On April 12, 2018, 8:22 a.m., Rajitha R wrote: > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > > Lines 63 (patched) > > <https://reviews.apache.org/r/66549/diff/1/?file=1995743#file1995743line63> > > > > The purpose of this class isn't clear. All the methods return null fixed. - Barun --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/#review200978 --- On May 4, 2018, 12:48 p.m., Barun Kumar wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66549/ > --- > > (Updated May 4, 2018, 12:48 p.m.) > > > Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. > > > Bugs: LENS-1509 > https://issues.apache.org/jira/browse/LENS-1509 > > > Repository: lens > > > Description > --- > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > > This change will add support of SPNEGO support in lens server and clinet so > that it can negotiate the authentication scheme. Currently only > Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc > can be added as well later. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py PRE-CREATION > contrib/clients/python/lens/client/session.py a1ccc4ba3 > contrib/clients/python/setup.py de59d32a9 > lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java > PRE-CREATION > lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java > b703e132d > lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java > 3a5dcdb82 > lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java > PRE-CREATION > lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java > e83eacb11 > > lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java > f14ae44af > lens-server/src/main/java/org/apache/lens/server/BaseLensService.java > b5248f3d5 > lens-server/src/main/java/org/apache/lens/server/LensApplication.java > c3f99529a > lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java > PRE-CREATION > > lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java > 08a5cff4f > > lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java > 63eea6313 > > > Diff: https://reviews.apache.org/r/66549/diff/2/ > > > Testing > --- > > [INFO] Reactor Summary: > [INFO] > [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] > [INFO] Lens .. SUCCESS [3.567s] > [INFO] Lens API .. SUCCESS [19.185s] > [INFO] Lens API for server and extensions SUCCESS [17.395s] > [INFO] Lens Cube . SUCCESS [3:00.221s] > [INFO] Lens DB storage ... SUCCESS [13.920s] > [INFO] Lens Query Library SUCCESS [11.039s] > [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] > [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] > [INFO] Lens Elastic Search Driver SUCCESS [17.640s] > [INFO] Lens Server ... SUCCESS > [10:18.231s] > [I
Re: Review Request 66549: Lens Server: SPNEGO authentication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/ --- (Updated May 18, 2018, 8:08 a.m.) Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. Changes --- Fixed krbLoginModule conf. It requires "true" instead of true (string vs boolean) Bugs: LENS-1509 https://issues.apache.org/jira/browse/LENS-1509 Repository: lens Description --- Currently authentication in lens works by taking username/password while opening a session and validating it. This change will add support of SPNEGO support in lens server and clinet so that it can negotiate the authentication scheme. Currently only Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc can be added as well later. Diffs (updated) - contrib/clients/python/lens/client/auth.py PRE-CREATION contrib/clients/python/lens/client/session.py a1ccc4ba3 contrib/clients/python/setup.py de59d32a9 lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java PRE-CREATION lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java b703e132d lens-client/src/main/java/org/apache/lens/client/LensConnection.java bb15b23ca lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java 3a5dcdb82 lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java PRE-CREATION lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java f14ae44af lens-server/src/main/java/org/apache/lens/server/BaseLensService.java b5248f3d5 lens-server/src/main/java/org/apache/lens/server/LensApplication.java c3f99529a lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java 08a5cff4f lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java 63eea6313 Diff: https://reviews.apache.org/r/66549/diff/4/ Changes: https://reviews.apache.org/r/66549/diff/3-4/ Testing --- [INFO] Reactor Summary: [INFO] [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] [INFO] Lens .. SUCCESS [3.567s] [INFO] Lens API .. SUCCESS [19.185s] [INFO] Lens API for server and extensions SUCCESS [17.395s] [INFO] Lens Cube . SUCCESS [3:00.221s] [INFO] Lens DB storage ... SUCCESS [13.920s] [INFO] Lens Query Library SUCCESS [11.039s] [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] [INFO] Lens Elastic Search Driver SUCCESS [17.640s] [INFO] Lens Server ... SUCCESS [10:18.231s] [INFO] Lens client ... SUCCESS [1:27.686s] [INFO] Lens CLI .. SUCCESS [1:32.599s] [INFO] Lens Examples . SUCCESS [8.707s] [INFO] Lens Ship Jars to Distributed Cache ... SUCCESS [0.691s] [INFO] Lens Distribution . SUCCESS [8.002s] [INFO] Lens ML Lib ... SUCCESS [1:06.984s] [INFO] Lens ML Ext Distribution .. SUCCESS [2.084s] [INFO] Lens Regression ... SUCCESS [12.962s] [INFO] Lens UI ... SUCCESS [35.012s] [INFO] Lens Contrib .. SUCCESS [0.263s] [INFO] Lens Contributed Clients .. SUCCESS [0.266s] [INFO] Lens Python Client SUCCESS [0.247s] [INFO] Thanks, Barun Kumar
Re: Review Request 66549: Lens Server: SPNEGO authentication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/ --- (Updated May 18, 2018, 8:58 a.m.) Review request for lens, Ankit Kailaswar, Puneet Gupta, and Rajitha R. Changes --- Made some method private. Bugs: LENS-1509 https://issues.apache.org/jira/browse/LENS-1509 Repository: lens Description --- Currently authentication in lens works by taking username/password while opening a session and validating it. This change will add support of SPNEGO support in lens server and clinet so that it can negotiate the authentication scheme. Currently only Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc can be added as well later. Diffs (updated) - contrib/clients/python/lens/client/auth.py PRE-CREATION contrib/clients/python/lens/client/session.py a1ccc4ba3 contrib/clients/python/setup.py de59d32a9 lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java PRE-CREATION lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java b703e132d lens-client/src/main/java/org/apache/lens/client/LensConnection.java bb15b23ca lens-client/src/main/java/org/apache/lens/client/LensConnectionParams.java 3a5dcdb82 lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java PRE-CREATION lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java f14ae44af lens-server/src/main/java/org/apache/lens/server/BaseLensService.java b5248f3d5 lens-server/src/main/java/org/apache/lens/server/LensApplication.java c3f99529a lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java 08a5cff4f lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java 63eea6313 Diff: https://reviews.apache.org/r/66549/diff/5/ Changes: https://reviews.apache.org/r/66549/diff/4-5/ Testing --- [INFO] Reactor Summary: [INFO] [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] [INFO] Lens .. SUCCESS [3.567s] [INFO] Lens API .. SUCCESS [19.185s] [INFO] Lens API for server and extensions SUCCESS [17.395s] [INFO] Lens Cube . SUCCESS [3:00.221s] [INFO] Lens DB storage ... SUCCESS [13.920s] [INFO] Lens Query Library SUCCESS [11.039s] [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] [INFO] Lens Elastic Search Driver SUCCESS [17.640s] [INFO] Lens Server ... SUCCESS [10:18.231s] [INFO] Lens client ... SUCCESS [1:27.686s] [INFO] Lens CLI .. SUCCESS [1:32.599s] [INFO] Lens Examples . SUCCESS [8.707s] [INFO] Lens Ship Jars to Distributed Cache ... SUCCESS [0.691s] [INFO] Lens Distribution . SUCCESS [8.002s] [INFO] Lens ML Lib ... SUCCESS [1:06.984s] [INFO] Lens ML Ext Distribution .. SUCCESS [2.084s] [INFO] Lens Regression ... SUCCESS [12.962s] [INFO] Lens UI ... SUCCESS [35.012s] [INFO] Lens Contrib .. SUCCESS [0.263s] [INFO] Lens Contributed Clients .. SUCCESS [0.266s] [INFO] Lens Python Client SUCCESS [0.247s] [INFO] Thanks, Barun Kumar
Re: Review Request 67427: LENS-1517: Python3 compatibility issues with python client
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/67427/#review204243 --- contrib/clients/python/lens/client/auth.py Lines 17 (patched) <https://reviews.apache.org/r/67427/#comment286647> Can you add "future" module to setup.py install_requires as well? - Barun Kumar On June 3, 2018, 2:51 p.m., Michael McCarthy wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/67427/ > --- > > (Updated June 3, 2018, 2:51 p.m.) > > > Review request for lens. > > > Repository: lens > > > Description > --- > > Fix of urlparse import in auth.py to make compatibiliy with Python 2 and 3. > > > Diffs > - > > contrib/clients/python/lens/client/auth.py fccc75c9 > > > Diff: https://reviews.apache.org/r/67427/diff/1/ > > > Testing > --- > > Tested with Python 2.7.12 and Python 3.5.2. > > > Thanks, > > Michael McCarthy > >
Re: Review Request 66549: Lens Server: SPNEGO authentication
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66549/ --- (Updated April 12, 2018, 8:16 a.m.) Review request for lens, Ankit Kailaswar and Rajitha R. Repository: lens Description --- Currently authentication in lens works by taking username/password while opening a session and validating it. This change will add support of SPNEGO support in lens server and clinet so that it can negotiate the authentication scheme. Currently only Negotiate(Kerberos) scheme is implemented but others like Basic/Digest etc can be added as well later. Diffs - contrib/clients/python/lens/client/auth.py PRE-CREATION contrib/clients/python/lens/client/session.py a1ccc4b contrib/clients/python/setup.py de59d32 lens-api/src/main/java/org/apache/lens/api/auth/AuthScheme.java PRE-CREATION lens-client/src/main/java/org/apache/lens/client/LensClientConfig.java b703e13 lens-client/src/main/java/org/apache/lens/client/SpnegoClientFilter.java PRE-CREATION lens-cube/src/test/java/org/apache/lens/cube/parse/TestCubeRewriter.java e83eacb lens-server-api/src/main/java/org/apache/lens/server/api/LensConfConstants.java 0e05d28 lens-server/src/main/java/org/apache/lens/server/BaseLensService.java b5248f3 lens-server/src/main/java/org/apache/lens/server/LensApplication.java c3f9952 lens-server/src/main/java/org/apache/lens/server/auth/Authenticate.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/LensSecurityContext.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/auth/SpnegoAuthenticationFilter.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/error/NotAuthorizedExceptionMapper.java PRE-CREATION lens-server/src/main/java/org/apache/lens/server/session/LensSessionImpl.java 08a5cff lens-server/src/main/java/org/apache/lens/server/session/SessionResource.java 63eea63 Diff: https://reviews.apache.org/r/66549/diff/1/ Testing (updated) --- [INFO] Reactor Summary: [INFO] [INFO] Lens Checkstyle Rules . SUCCESS [1.458s] [INFO] Lens .. SUCCESS [3.567s] [INFO] Lens API .. SUCCESS [19.185s] [INFO] Lens API for server and extensions SUCCESS [17.395s] [INFO] Lens Cube . SUCCESS [3:00.221s] [INFO] Lens DB storage ... SUCCESS [13.920s] [INFO] Lens Query Library SUCCESS [11.039s] [INFO] Lens Hive Driver .. SUCCESS [1:06.122s] [INFO] Lens Driver for JDBC .. SUCCESS [42.723s] [INFO] Lens Elastic Search Driver SUCCESS [17.640s] [INFO] Lens Server ... SUCCESS [10:18.231s] [INFO] Lens client ... SUCCESS [1:27.686s] [INFO] Lens CLI .. SUCCESS [1:32.599s] [INFO] Lens Examples . SUCCESS [8.707s] [INFO] Lens Ship Jars to Distributed Cache ... SUCCESS [0.691s] [INFO] Lens Distribution . SUCCESS [8.002s] [INFO] Lens ML Lib ... SUCCESS [1:06.984s] [INFO] Lens ML Ext Distribution .. SUCCESS [2.084s] [INFO] Lens Regression ... SUCCESS [12.962s] [INFO] Lens UI ... SUCCESS [35.012s] [INFO] Lens Contrib .. SUCCESS [0.263s] [INFO] Lens Contributed Clients .. SUCCESS [0.266s] [INFO] Lens Python Client SUCCESS [0.247s] [INFO] Thanks, Barun Kumar
[jira] [Updated] (LENS-1509) Lens Server: SPNEGO authentication
[ https://issues.apache.org/jira/browse/LENS-1509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1509: -- Attachment: LENS-1509_4.patch > Lens Server: SPNEGO authentication > -- > > Key: LENS-1509 > URL: https://issues.apache.org/jira/browse/LENS-1509 > Project: Apache Lens > Issue Type: Improvement > Components: api, client, python-client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1509.patch, LENS-1509_4.patch > > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > This change will add support of [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] > support in lens server and clinet so that it can negotiate the authentication > scheme. Currently only Negotiate(Kerberos) scheme is implemented but others > like Basic/Digest etc can be added as well later. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1513) Fix python client setup.py
[ https://issues.apache.org/jira/browse/LENS-1513?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1513: -- Status: Patch Available (was: Open) > Fix python client setup.py > -- > > Key: LENS-1513 > URL: https://issues.apache.org/jira/browse/LENS-1513 > Project: Apache Lens > Issue Type: Bug > Components: python-client > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1513.patch > > > Python client setup.py is not working as it has incorrect install_requires. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (LENS-1513) Fix python client setup.py
[ https://issues.apache.org/jira/browse/LENS-1513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16482355#comment-16482355 ] Barun Kumar commented on LENS-1513: --- https://reviews.apache.org/r/67233 > Fix python client setup.py > -- > > Key: LENS-1513 > URL: https://issues.apache.org/jira/browse/LENS-1513 > Project: Apache Lens > Issue Type: Bug > Components: python-client > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1513.patch > > > Python client setup.py is not working as it has incorrect install_requires. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1513) Fix python client setup.py
[ https://issues.apache.org/jira/browse/LENS-1513?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1513: -- Attachment: LENS-1513.patch > Fix python client setup.py > -- > > Key: LENS-1513 > URL: https://issues.apache.org/jira/browse/LENS-1513 > Project: Apache Lens > Issue Type: Bug > Components: python-client > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1513.patch > > > Python client setup.py is not working as it has incorrect install_requires. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (LENS-1513) Fix python client setup.py
Barun Kumar created LENS-1513: - Summary: Fix python client setup.py Key: LENS-1513 URL: https://issues.apache.org/jira/browse/LENS-1513 Project: Apache Lens Issue Type: Bug Components: python-client Reporter: Barun Kumar Assignee: Barun Kumar Python client setup.py is not working as it has incorrect install_requires. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Closed] (LENS-1514) Support HDFS delegation token authentication
[ https://issues.apache.org/jira/browse/LENS-1514?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar closed LENS-1514. - > Support HDFS delegation token authentication > > > Key: LENS-1514 > URL: https://issues.apache.org/jira/browse/LENS-1514 > Project: Apache Lens > Issue Type: Improvement > Components: client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Fix For: 2.8 > > Attachments: LENS-1514_1.patch > > > As part of LENS-1509, we have added Spnego authentication based on Kerberos > to lens. This will work in client-server mode. But this approach will cease > to work in a hadoop cluster in which user is using lens client in a mapred > job(such as oozie java action) since there will not be keytabs in the hadoop > cluster. The authentication in hadoop work on concept of delegation > token([https://blog.cloudera.com/blog/2017/12/hadoop-delegation-tokens-explained/).] > Here we are introducing delegation token auth in lens. We are piggybacking on > HDFS to do authentication by passing it's token and performing a filesystem > operation. > > We will add proper delegation token implementation as future improvement. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (LENS-1514) Support HDFS delegation token authentication
[ https://issues.apache.org/jira/browse/LENS-1514?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16489090#comment-16489090 ] Barun Kumar commented on LENS-1514: --- https://reviews.apache.org/r/67269/ > Support HDFS delegation token authentication > > > Key: LENS-1514 > URL: https://issues.apache.org/jira/browse/LENS-1514 > Project: Apache Lens > Issue Type: Improvement > Components: client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1514_1.patch > > > As part of LENS-1509, we have added Spnego authentication based on Kerberos > to lens. This will work in client-server mode. But this approach will cease > to work in a hadoop cluster in which user is using lens client in a mapred > job(such as oozie java action) since there will not be keytabs in the hadoop > cluster. The authentication in hadoop work on concept of delegation > token([https://blog.cloudera.com/blog/2017/12/hadoop-delegation-tokens-explained/).] > Here we are introducing delegation token auth in lens. We are piggybacking on > HDFS to do authentication by passing it's token and performing a filesystem > operation. > > We will add proper delegation token implementation as future improvement. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1514) Support HDFS delegation token authentication
[ https://issues.apache.org/jira/browse/LENS-1514?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1514: -- Status: Patch Available (was: Open) > Support HDFS delegation token authentication > > > Key: LENS-1514 > URL: https://issues.apache.org/jira/browse/LENS-1514 > Project: Apache Lens > Issue Type: Improvement > Components: client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1514_1.patch > > > As part of LENS-1509, we have added Spnego authentication based on Kerberos > to lens. This will work in client-server mode. But this approach will cease > to work in a hadoop cluster in which user is using lens client in a mapred > job(such as oozie java action) since there will not be keytabs in the hadoop > cluster. The authentication in hadoop work on concept of delegation > token([https://blog.cloudera.com/blog/2017/12/hadoop-delegation-tokens-explained/).] > Here we are introducing delegation token auth in lens. We are piggybacking on > HDFS to do authentication by passing it's token and performing a filesystem > operation. > > We will add proper delegation token implementation as future improvement. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1514) Support HDFS delegation token authentication
[ https://issues.apache.org/jira/browse/LENS-1514?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1514: -- Attachment: LENS-1514_1.patch > Support HDFS delegation token authentication > > > Key: LENS-1514 > URL: https://issues.apache.org/jira/browse/LENS-1514 > Project: Apache Lens > Issue Type: Improvement > Components: client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1514_1.patch > > > As part of LENS-1509, we have added Spnego authentication based on Kerberos > to lens. This will work in client-server mode. But this approach will cease > to work in a hadoop cluster in which user is using lens client in a mapred > job(such as oozie java action) since there will not be keytabs in the hadoop > cluster. The authentication in hadoop work on concept of delegation > token([https://blog.cloudera.com/blog/2017/12/hadoop-delegation-tokens-explained/).] > Here we are introducing delegation token auth in lens. We are piggybacking on > HDFS to do authentication by passing it's token and performing a filesystem > operation. > > We will add proper delegation token implementation as future improvement. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1512) Checkstyle fix
[ https://issues.apache.org/jira/browse/LENS-1512?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1512: -- Attachment: LENS-1512.patch > Checkstyle fix > -- > > Key: LENS-1512 > URL: https://issues.apache.org/jira/browse/LENS-1512 > Project: Apache Lens > Issue Type: Task > Components: server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1512.patch > > > Some checkstyle fix -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1509) Lens Server: SPNEGO authentication
[ https://issues.apache.org/jira/browse/LENS-1509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1509: -- Attachment: LENS-1509_5.patch > Lens Server: SPNEGO authentication > -- > > Key: LENS-1509 > URL: https://issues.apache.org/jira/browse/LENS-1509 > Project: Apache Lens > Issue Type: Improvement > Components: api, client, python-client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1509.patch, LENS-1509_4.patch, LENS-1509_5.patch > > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > This change will add support of [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] > support in lens server and clinet so that it can negotiate the authentication > scheme. Currently only Negotiate(Kerberos) scheme is implemented but others > like Basic/Digest etc can be added as well later. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1509) Lens Server: SPNEGO authentication
[ https://issues.apache.org/jira/browse/LENS-1509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1509: -- Status: Patch Available (was: Open) > Lens Server: SPNEGO authentication > -- > > Key: LENS-1509 > URL: https://issues.apache.org/jira/browse/LENS-1509 > Project: Apache Lens > Issue Type: Improvement > Components: api, client, python-client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1509.patch, LENS-1509_4.patch, LENS-1509_5.patch > > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > This change will add support of [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] > support in lens server and clinet so that it can negotiate the authentication > scheme. Currently only Negotiate(Kerberos) scheme is implemented but others > like Basic/Digest etc can be added as well later. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (LENS-1512) Checkstyle fix
Barun Kumar created LENS-1512: - Summary: Checkstyle fix Key: LENS-1512 URL: https://issues.apache.org/jira/browse/LENS-1512 Project: Apache Lens Issue Type: Task Components: server Reporter: Barun Kumar Assignee: Barun Kumar Some checkstyle fix -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1512) Checkstyle fix
[ https://issues.apache.org/jira/browse/LENS-1512?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1512: -- Status: Patch Available (was: Open) > Checkstyle fix > -- > > Key: LENS-1512 > URL: https://issues.apache.org/jira/browse/LENS-1512 > Project: Apache Lens > Issue Type: Task > Components: server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1512.patch > > > Some checkstyle fix -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1514) Support HDFS delegation token authentication
[ https://issues.apache.org/jira/browse/LENS-1514?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1514: -- Summary: Support HDFS delegation token authentication (was: Support HDFS delegation token suthentication) > Support HDFS delegation token authentication > > > Key: LENS-1514 > URL: https://issues.apache.org/jira/browse/LENS-1514 > Project: Apache Lens > Issue Type: Improvement > Components: client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > > As part of LENS-1509, we have added Spnego authentication based on Kerberos > to lens. This will work in client-server mode. But this approach will cease > to work in a hadoop cluster in which user is using lens client in a mapred > job(such as oozie java action) since there will not be keytabs in the hadoop > cluster. The authentication in hadoop work on concept of delegation > token([https://blog.cloudera.com/blog/2017/12/hadoop-delegation-tokens-explained/).] > Here we are introducing delegation token auth in lens. We are piggybacking on > HDFS to do authentication by passing it's token and performing a filesystem > operation. > > We will add proper delegation token implementation as future improvement. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (LENS-1514) Support HDFS delegation token suthentication
Barun Kumar created LENS-1514: - Summary: Support HDFS delegation token suthentication Key: LENS-1514 URL: https://issues.apache.org/jira/browse/LENS-1514 Project: Apache Lens Issue Type: Improvement Components: client, server Reporter: Barun Kumar Assignee: Barun Kumar As part of LENS-1509, we have added Spnego authentication based on Kerberos to lens. This will work in client-server mode. But this approach will cease to work in a hadoop cluster in which user is using lens client in a mapred job(such as oozie java action) since there will not be keytabs in the hadoop cluster. The authentication in hadoop work on concept of delegation token([https://blog.cloudera.com/blog/2017/12/hadoop-delegation-tokens-explained/).] Here we are introducing delegation token auth in lens. We are piggybacking on HDFS to do authentication by passing it's token and performing a filesystem operation. We will add proper delegation token implementation as future improvement. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (LENS-1527) Fix session restore issue
[ https://issues.apache.org/jira/browse/LENS-1527?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16574858#comment-16574858 ] Barun Kumar commented on LENS-1527: --- Review req: https://reviews.apache.org/r/68279/ > Fix session restore issue > - > > Key: LENS-1527 > URL: https://issues.apache.org/jira/browse/LENS-1527 > Project: Apache Lens > Issue Type: Bug > Components: api, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > > When a session is created in Lens, corresponding hive session is created for > cluster user and session count map for user is updated. But when Lens is > started and restores it's sessions, the session count map is updated for > cluster user. > > Since many user may have same cluster user, on restart of Lens the session > count for cluster user will be a lot and if you try to create session using > that cluster user, you might get 429(which is sent when session limit is > exhausted for a user). > The fix for this is while resotring the session, use loggedin user to update > the session count map. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (LENS-1527) Fix session restore issue
Barun Kumar created LENS-1527: - Summary: Fix session restore issue Key: LENS-1527 URL: https://issues.apache.org/jira/browse/LENS-1527 Project: Apache Lens Issue Type: Bug Components: api, server Reporter: Barun Kumar Assignee: Barun Kumar When a session is created in Lens, corresponding hive session is created for cluster user and session count map for user is updated. But when Lens is started and restores it's sessions, the session count map is updated for cluster user. Since many user may have same cluster user, on restart of Lens the session count for cluster user will be a lot and if you try to create session using that cluster user, you might get 429(which is sent when session limit is exhausted for a user). The fix for this is while resotring the session, use loggedin user to update the session count map. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1527) Fix session restore issue
[ https://issues.apache.org/jira/browse/LENS-1527?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1527: -- Status: Patch Available (was: Open) > Fix session restore issue > - > > Key: LENS-1527 > URL: https://issues.apache.org/jira/browse/LENS-1527 > Project: Apache Lens > Issue Type: Bug > Components: api, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1527_1.patch > > > When a session is created in Lens, corresponding hive session is created for > cluster user and session count map for user is updated. But when Lens is > started and restores it's sessions, the session count map is updated for > cluster user. > > Since many user may have same cluster user, on restart of Lens the session > count for cluster user will be a lot and if you try to create session using > that cluster user, you might get 429(which is sent when session limit is > exhausted for a user). > The fix for this is while resotring the session, use loggedin user to update > the session count map. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (LENS-1527) Fix session restore issue
[ https://issues.apache.org/jira/browse/LENS-1527?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar updated LENS-1527: -- Attachment: LENS-1527_1.patch > Fix session restore issue > - > > Key: LENS-1527 > URL: https://issues.apache.org/jira/browse/LENS-1527 > Project: Apache Lens > Issue Type: Bug > Components: api, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1527_1.patch > > > When a session is created in Lens, corresponding hive session is created for > cluster user and session count map for user is updated. But when Lens is > started and restores it's sessions, the session count map is updated for > cluster user. > > Since many user may have same cluster user, on restart of Lens the session > count for cluster user will be a lot and if you try to create session using > that cluster user, you might get 429(which is sent when session limit is > exhausted for a user). > The fix for this is while resotring the session, use loggedin user to update > the session count map. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (LENS-1509) Lens Server: SPNEGO authentication
[ https://issues.apache.org/jira/browse/LENS-1509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16433851#comment-16433851 ] Barun Kumar commented on LENS-1509: --- Review Request: https://reviews.apache.org/r/66549/ > Lens Server: SPNEGO authentication > -- > > Key: LENS-1509 > URL: https://issues.apache.org/jira/browse/LENS-1509 > Project: Apache Lens > Issue Type: Improvement > Components: api, client, python-client, server > Reporter: Barun Kumar >Priority: Major > Attachments: LENS-1509.patch > > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > This change will add support of [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] > support in lens server and clinet so that it can negotiate the authentication > scheme. Currently only Negotiate(Kerberos) scheme is implemented but others > like Basic/Digest etc can be added as well later. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (LENS-1509) Lens Server: SPNEGO authentication
[ https://issues.apache.org/jira/browse/LENS-1509?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Barun Kumar reassigned LENS-1509: - Assignee: Barun Kumar > Lens Server: SPNEGO authentication > -- > > Key: LENS-1509 > URL: https://issues.apache.org/jira/browse/LENS-1509 > Project: Apache Lens > Issue Type: Improvement > Components: api, client, python-client, server > Reporter: Barun Kumar > Assignee: Barun Kumar >Priority: Major > Attachments: LENS-1509.patch > > > Currently authentication in lens works by taking username/password while > opening a session and validating it. > This change will add support of [SPNEGO|https://en.wikipedia.org/wiki/SPNEGO] > support in lens server and clinet so that it can negotiate the authentication > scheme. Currently only Negotiate(Kerberos) scheme is implemented but others > like Basic/Digest etc can be added as well later. > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
