[jira] [Created] (TC-400) incomplete error message from TO api
Dan Kirkwood created TC-400: --- Summary: incomplete error message from TO api Key: TC-400 URL: https://issues.apache.org/jira/browse/TC-400 Project: Traffic Control Issue Type: Improvement Components: Traffic Ops API Affects Versions: 2.1.0 Environment: from command line: curl -s --cookie "$COOKIEJAR" -X POST --data @"$jsonfile" "$TO_SERVER/api/1.2/deliveryservice/create" Reporter: Dan Kirkwood Attachments: new.json When doing a `POST /api/1.2/deliveryservices` with the attached json, I get this error: {"alerts":[{"level":"error","text":"parameter profileName is must."}]} I assume it means that a profile name must be provided, but is poorly worded and incomplete. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Closed] (TC-399) PUT /api/1.2/deliveryservices/:serverId: overwrites some data with null/empty
[ https://issues.apache.org/jira/browse/TC-399?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Kirkwood closed TC-399. --- Resolution: Not A Bug this is not an issue -- PUT expects to have all data provided for the object.. > PUT /api/1.2/deliveryservices/:serverId: overwrites some data with null/empty > - > > Key: TC-399 > URL: https://issues.apache.org/jira/browse/TC-399 > Project: Traffic Control > Issue Type: Bug > Components: Traffic Ops API >Affects Versions: 2.1.0 >Reporter: Dan Kirkwood > Fix For: 2.1.0 > > > Putting together a test case. Will update when I have that. > Also, unknown if this affects 2.0. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (TC-399) PUT /api/1.2/deliveryservices/:serverId: overwrites some data with null/empty
[ https://issues.apache.org/jira/browse/TC-399?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16056589#comment-16056589 ] Dan Kirkwood commented on TC-399: - this is not an issue -- PUT expects to have all data provided for the object.. > PUT /api/1.2/deliveryservices/:serverId: overwrites some data with null/empty > - > > Key: TC-399 > URL: https://issues.apache.org/jira/browse/TC-399 > Project: Traffic Control > Issue Type: Bug > Components: Traffic Ops API >Affects Versions: 2.1.0 >Reporter: Dan Kirkwood > Fix For: 2.1.0 > > > Putting together a test case. Will update when I have that. > Also, unknown if this affects 2.0. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[GitHub] incubator-trafficcontrol pull request #695: TrafficMonitor IPV6 improvements
GitHub user serDrem opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/695 TrafficMonitor IPV6 improvements Enables TM to poll health information over IPV6, and optionally combine it with IPV4 information for traffic router. You can merge this pull request into a Git repository by running: $ git pull https://github.com/serDrem/incubator-trafficcontrol tm_ipv6_2 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/695.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #695 commit 6e435a9ff05c859d735caddf0d5dc2bb71cab90b Author: serDremDate: 2017-05-30T15:30:28Z improved ipv6 handling commit e9808a4ec4c11f53ba1e0af91cbe9e46375d3816 Author: serDrem Date: 2017-06-20T20:14:33Z new ipv6 for tm commit 93afe94d499ff2f9aebb6515dd4b4a7a8faeb522 Author: serDrem Date: 2017-06-20T20:21:31Z remove nagios.go commit e5808a7223600d7aa6ee383a22040f7ee5f9d0d9 Author: serDrem Date: 2017-06-20T20:31:13Z removed weird files commit 049bf6923564f27b37e42a1699a91f8931c5a979 Author: serDrem Date: 2017-06-20T21:12:58Z Delete cen...@tm.cdn.sys.comcast.net commit 4a4869b6c0f68152f9a983482f085a967f845777 Author: serDrem Date: 2017-06-20T21:13:19Z Delete traffic_monitor --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #694: TrafficMonitor IPV6 improvements
Github user serDrem closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/694 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #694: TrafficMonitor IPV6 improvements
GitHub user serDrem opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/694 TrafficMonitor IPV6 improvements Enables TM to poll health information over IPV6, and optionally combine it with IPV4 information for traffic router. You can merge this pull request into a Git repository by running: $ git pull https://github.com/serDrem/incubator-trafficcontrol tm_ipv6_2 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/694.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #694 commit 6e435a9ff05c859d735caddf0d5dc2bb71cab90b Author: serDremDate: 2017-05-30T15:30:28Z improved ipv6 handling commit e9808a4ec4c11f53ba1e0af91cbe9e46375d3816 Author: serDrem Date: 2017-06-20T20:14:33Z new ipv6 for tm commit 93afe94d499ff2f9aebb6515dd4b4a7a8faeb522 Author: serDrem Date: 2017-06-20T20:21:31Z remove nagios.go commit e5808a7223600d7aa6ee383a22040f7ee5f9d0d9 Author: serDrem Date: 2017-06-20T20:31:13Z removed weird files --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user amiryesh commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 @limited Right --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #693: TrafficMonitor IPV6 improvements
GitHub user serDrem opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/693 TrafficMonitor IPV6 improvements Enables TM to poll health information over IPV6, and optionally combine it with IPV4 information for traffic router. You can merge this pull request into a Git repository by running: $ git pull https://github.com/serDrem/incubator-trafficcontrol tm_ipv6_2 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/693.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #693 commit 6e435a9ff05c859d735caddf0d5dc2bb71cab90b Author: serDremDate: 2017-05-30T15:30:28Z improved ipv6 handling commit e9808a4ec4c11f53ba1e0af91cbe9e46375d3816 Author: serDrem Date: 2017-06-20T20:14:33Z new ipv6 for tm commit 93afe94d499ff2f9aebb6515dd4b4a7a8faeb522 Author: serDrem Date: 2017-06-20T20:21:31Z remove nagios.go commit e5808a7223600d7aa6ee383a22040f7ee5f9d0d9 Author: serDrem Date: 2017-06-20T20:31:13Z removed weird files --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Resolved] (TC-395) traffic_ops install doc references rpm on apache build server
[ https://issues.apache.org/jira/browse/TC-395?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Dan Kirkwood resolved TC-395. - Resolution: Fixed > traffic_ops install doc references rpm on apache build server > - > > Key: TC-395 > URL: https://issues.apache.org/jira/browse/TC-395 > Project: Traffic Control > Issue Type: Improvement > Components: Documentation, Traffic Ops >Affects Versions: 2.0.0 >Reporter: Dan Kirkwood >Assignee: Dan Kirkwood > Labels: documentation > Fix For: 2.0.0 > > > {quote} > docs/source/admin/traffic_ops/installation.rst > {quote} > references an rpm on the apache build server. That area is for development > only and shouldn't be accessed by users. Any rpms found there are unofficial. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user limited commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 Thanks Amir- Perfect sense! Just to make sure I understood correctly, we will keep both the auth server and API gateway as optional components that could be switched out for production deployments if desired? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user amiryesh commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 @limited Hi, I agree with your view on the benefits of using industry standard software wherever applicable. Let me share my view on how the API GW and the auth server are to be considered. IMO, the auth server and API GW implementation is to be considered as an entry point towards breaking the TO monolith into microservice architecture. The auth server is far from being production grade. It does not support standard OAuth2 flows. It probably has security flaws. More than that, users management and access control is implemented as a part of TC. I believe that in production, one would want to use different identity services to manage her users, and implement more complex authentication flows. The API GW architecture allows you to manage your users externally and provide a JWT with proper TO claims. However, this is a very complex setup. We would want users to be able to run a simple working TC instance as easy as possible. This is why the auth server was implemented. The same rational applies also to the API GW implementation. I agree that if we can configure nginx to do what we need it is most likely a better fit for production. What we do get from the API GW is custom authorization code. We have our own simple code that can verify our custom claims. I don't have much nginx experience, I think that custom authorization logic is likely to be harder to configure, but maybe I'm wrong. Hope that makes sense, /amiry --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #567: API GW phase 0 (replaces #551, d...
Github user dewrich commented on a diff in the pull request: https://github.com/apache/incubator-trafficcontrol/pull/567#discussion_r123063580 --- Diff: traffic_ops/experimental/webfront/webfront.go --- @@ -122,188 +145,324 @@ func main() { Logger.Fatal(http.ListenAndServeTLS(":" + strconv.Itoa(int(config.ListenPort)), "server.pem", "server.key", s)) } -func validateToken(tokenString string) (*jwt.Token, error) { - - tokenString = strings.Replace(tokenString, "Bearer ", "", 1) - token, err := jwt.ParseWithClaims(tokenString, {}, func(token *jwt.Token) (interface{}, error) { - if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - return []byte(os.Args[2]), nil - }) - return token, err -} - -// NewServer constructs a Server that reads rules from file with a period -// specified by poll. +// NewServer constructs a Server that reads Rules from file with a period +// specified by poll func NewServer(file string, poll time.Duration) (*Server, error) { s := new(Server) if err := s.loadRules(file); err != nil { - Logger.Fatal("Error loading rules file: ", err) + Logger.Fatal(fmt.Errorf("Load rules failed: %s", err)) } + + // TODO(amiry) - Reload config using NOHUP signal instead of poll for changes go s.refreshRules(file, poll) + return s, nil } -// ServeHTTP matches the Request with a Rule and, if found, serves the -// request with the Rule's handler. If the rule's secure field is true, it will -// only allow access if the request has a valid JWT bearer token. -func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { +func makeTLSConfig(config *Config) *tls.Config { - rule := s.getRule(r) - if rule == nil { - Logger.Printf("%v %v No mapping in rules file!", r.Method, r.URL.RequestURI()) - http.Error(w, "Not found", http.StatusNotFound) - return + s := false + if config.InsecureSkipVerify == true { + Logger.Printf("NOTICE: Skip sertificate verification") + s = true + } + return {InsecureSkipVerify: s} +} + +// loadRules tests whether file has been modified since its last invocation +// and, if so, loads the rule set from file. +func (s *Server) loadRules(file string) error { + + fi, err := os.Stat(file) + if err != nil { + return err } - isAuthorized := false + mtime := fi.ModTime() + if !mtime.After(s.last) && s.Rules != nil { + return nil // no change + } - if rule.Secure { - tokenValid := false - token, err := validateToken(r.Header.Get("Authorization")) + Rules, err := parseRules(file) + if err != nil { + return err + } - if err == nil { - tokenValid = true - } else { - Logger.Println("Token Error:", err.Error()) + s.mu.Lock() + s.last = mtime + s.Rules = Rules + s.mu.Unlock() + return nil +} + +// refreshRules polls file periodically and refreshes the Server's rule set +// if the file has been modified. +func (s *Server) refreshRules(file string, poll time.Duration) { + for { + if err := s.loadRules(file); err != nil { + Logger.Printf("Refresh rules failed: %s", err) } + time.Sleep(poll) + } +} - if !tokenValid { - Logger.Printf("%v %v Valid token required, but none found!", r.Method, r.URL.RequestURI()) - w.WriteHeader(http.StatusForbidden) - return +// parseRules reads rule definitions from file, constructs the rule handlers, +// and returns the resultant rules. +func parseRules(file string) ([]*FwdRule, error) { + + f, err := os.Open(file) + if err != nil { + return nil, err + } + defer f.Close() + + Logger.Printf("Loading rules file: %s", file) + + var rules []*FwdRule + if err := json.NewDecoder(f).Decode(); err != nil { + return nil, err + } + + for _, r := range rules { + + if r.Auth { + r.routes, err = parseRoutes(r.RoutesFile) + if err != nil { + Logger.Printf("Skip rule %s ERROR: %s", r.Path, err) + continue + } } - claims, ok :=
[GitHub] incubator-trafficcontrol pull request #692: fix commenting problem
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/692 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #692: fix commenting problem
GitHub user dg4prez opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/692 fix commenting problem Fixes problems in the seeds and patches sql files that prevent upgrades from running. You can merge this pull request into a Git repository by running: $ git pull https://github.com/dg4prez/incubator-trafficcontrol sql_fix Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/692.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #692 commit 7f3e797ee1fb05f4c5411d7e445d6c003a5aa6f3 Author: Derek GelinasDate: 2017-06-20T18:37:10Z fix commenting problem --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Commented] (TC-398) Create User API - Broken due to merge issue
[ https://issues.apache.org/jira/browse/TC-398?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16056252#comment-16056252 ] ASF GitHub Bot commented on TC-398: --- GitHub user nir-sopher opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/691 [TC-398] "create user" API - moving password hashing to scrypt You can merge this pull request into a Git repository by running: $ git pull https://github.com/nir-sopher/incubator-trafficcontrol user-pm-fix Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/691.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #691 commit ec4055a5314fc526a77c95d93a691bad6968e204 Author: nir-sopherDate: 2017-06-20T05:04:10Z fix a merge issues in "create user" API + moving Change TO password hashing to scrypt > Create User API - Broken due to merge issue > --- > > Key: TC-398 > URL: https://issues.apache.org/jira/browse/TC-398 > Project: Traffic Control > Issue Type: Bug > Components: Traffic Ops >Affects Versions: 2.1.0 >Reporter: Nir Sopher > Fix For: 2.1.0 > > > "Create" user API was recently added to TO. > Additionally, TO password hashing was changed to scrypt. > The merge between the 2 changes left the "create" command with the old "sha1" > calls. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[GitHub] incubator-trafficcontrol pull request #691: [TC-398] "create user" API - mov...
GitHub user nir-sopher opened a pull request: https://github.com/apache/incubator-trafficcontrol/pull/691 [TC-398] "create user" API - moving password hashing to scrypt You can merge this pull request into a Git repository by running: $ git pull https://github.com/nir-sopher/incubator-trafficcontrol user-pm-fix Alternatively you can review and apply these changes as the patch at: https://github.com/apache/incubator-trafficcontrol/pull/691.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #691 commit ec4055a5314fc526a77c95d93a691bad6968e204 Author: nir-sopherDate: 2017-06-20T05:04:10Z fix a merge issues in "create user" API + moving Change TO password hashing to scrypt --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[jira] [Created] (TC-398) Create User API - Broken due to merge issue
Nir Sopher created TC-398: - Summary: Create User API - Broken due to merge issue Key: TC-398 URL: https://issues.apache.org/jira/browse/TC-398 Project: Traffic Control Issue Type: Bug Components: Traffic Ops Affects Versions: 2.1.0 Reporter: Nir Sopher Fix For: 2.1.0 "Create" user API was recently added to TO. Additionally, TO password hashing was changed to scrypt. The merge between the 2 changes left the "create" command with the old "sha1" calls. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user dewrich commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 Suggestions: 1. Documentation: Once I understood how the pieces fit together, it was relatively simple (but I also had some background about how it was built). This can be improved down the road once this gets approved and tested more 2. apigateway subdirectory I would combine the webfront and auth dirs into an "apigateway" subdir just to show they are grouped which will also help with potentially understanding how auth and webfront fit together. 3. Logging: Each request should be written to "access.log" and follow similar layouts (such as Apache Webserver), because that can be parsed and loaded for Analytics. It would also be nice to have an "apigw.log" (or something) where I can turn up logging to see more output as to how the rules are being evaluated for troubleshooting/development more rules). In case I fat fingered some syntax 4. Better Error handling: As a POC, I stood up 1 TO API and a basic microservice. Each were accessible through the gateway. When I brought down the microservice endpoint, the Gateway responded with a "blank" response. With standard servers a 502 "Bad Gateway" response is sent back to the client like this: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/502 What I liked: 1. Setup was relatively easy 2. I liked the "hot" loading of the .json rules I will continue testing, but just wanted to give initial feedback. All in all nice work! Thanks, -Dewayne --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #628: Fix parent.config generation so ...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/628 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user dewrich commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 FYI: I was able to access a TO API endpoint from the webfront with success. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user dewrich commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 @amiryesh Thanks for clarification. It wasn't obvious that the "auth" dir and "webfront" was included in the "apigateway" --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #628: Fix parent.config generation so that un...
Github user jrushford commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/628 @dg4prez and @dneuman64 - I've fixed this pr to include the ui code, squashed and rebased. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #561: Adds documentation for configfil...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/561 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #662: updated to add docker-compose.de...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/662 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol pull request #670: removed profiles, because they m...
Github user asfgit closed the pull request at: https://github.com/apache/incubator-trafficcontrol/pull/670 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---
[GitHub] incubator-trafficcontrol issue #567: API GW phase 0 (replaces #551, depends ...
Github user limited commented on the issue: https://github.com/apache/incubator-trafficcontrol/pull/567 This look pretty nice Amir- Have you considered using an open source proxy like nginx or varnish in place of writing our own? Both pieces of software can almost certainly validate JWT and perform remaps. They have the advantage of already providing support for a wide range of HTTP transformations that webfront doesn't yet have. For example, I might like to use this proxy in front of grafana to perform authentication (based on setting some HTTP request headers). With nginx or varnish, I could easily add those headers. I'm sure we'll have many other use cases arise where we'd want to continously add more functionality to the API GW proxy. Also, those other open source proxies are much better tested and have many more miles on their tires- they could be a quick path to a very stable component here. Are there certain reasons why we prefer writing our own proxy to using one of several alternatives? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---