[GitHub] [knox] lmccay commented on a change in pull request #367: KNOX-2413 - Added JWT support in HadoopAuth provider
lmccay commented on a change in pull request #367:
URL: https://github.com/apache/knox/pull/367#discussion_r463320044
##
File path:
gateway-provider-security-hadoopauth/src/main/java/org/apache/knox/gateway/hadoopauth/filter/HadoopAuthFilter.java
##
@@ -116,11 +125,34 @@ public void init(FilterConfig filterConfig) throws
ServletException {
}
super.init(filterConfig);
+
+final String supportJwt = filterConfig.getInitParameter(SUPPORT_JWT);
+final boolean jwtSupported = Boolean.parseBoolean(supportJwt == null ?
"false" : supportJwt);
+if (jwtSupported) {
+ jwtFilter = new JWTFederationFilter();
+ ((GatewayFilter.Holder)filterConfig).removeParamPrefix(JWT_PREFIX);
+ jwtFilter.init(filterConfig);
+ LOG.initializedJwtFilter();
+}
}
@Override
- protected void doFilter(FilterChain filterChain, HttpServletRequest request,
- HttpServletResponse response) throws IOException,
ServletException {
+ public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
+if (shouldUseJwtFilter(jwtFilter, filterChain, (HttpServletRequest)
request, (HttpServletResponse) response)) {
Review comment:
It seems like a client with the intent to use JWT that sends an expired
token will end up with a kerberos challenge here. I can imagine argument for
both sides of this but I think that we probably want to allow the JWT
validation failure be reflected in the response rather than falling back to
kerberos.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Work logged] (KNOX-2413) Add JWT support for HadoopAuth provider
[
https://issues.apache.org/jira/browse/KNOX-2413?focusedWorklogId=464786=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-464786
]
ASF GitHub Bot logged work on KNOX-2413:
Author: ASF GitHub Bot
Created on: 30/Jul/20 23:12
Start Date: 30/Jul/20 23:12
Worklog Time Spent: 10m
Work Description: lmccay commented on a change in pull request #367:
URL: https://github.com/apache/knox/pull/367#discussion_r463320044
##
File path:
gateway-provider-security-hadoopauth/src/main/java/org/apache/knox/gateway/hadoopauth/filter/HadoopAuthFilter.java
##
@@ -116,11 +125,34 @@ public void init(FilterConfig filterConfig) throws
ServletException {
}
super.init(filterConfig);
+
+final String supportJwt = filterConfig.getInitParameter(SUPPORT_JWT);
+final boolean jwtSupported = Boolean.parseBoolean(supportJwt == null ?
"false" : supportJwt);
+if (jwtSupported) {
+ jwtFilter = new JWTFederationFilter();
+ ((GatewayFilter.Holder)filterConfig).removeParamPrefix(JWT_PREFIX);
+ jwtFilter.init(filterConfig);
+ LOG.initializedJwtFilter();
+}
}
@Override
- protected void doFilter(FilterChain filterChain, HttpServletRequest request,
- HttpServletResponse response) throws IOException,
ServletException {
+ public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
+if (shouldUseJwtFilter(jwtFilter, filterChain, (HttpServletRequest)
request, (HttpServletResponse) response)) {
Review comment:
It seems like a client with the intent to use JWT that sends an expired
token will end up with a kerberos challenge here. I can imagine argument for
both sides of this but I think that we probably want to allow the JWT
validation failure be reflected in the response rather than falling back to
kerberos.
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
Issue Time Tracking
---
Worklog Id: (was: 464786)
Time Spent: 20m (was: 10m)
> Add JWT support for HadoopAuth provider
> ---
>
> Key: KNOX-2413
> URL: https://issues.apache.org/jira/browse/KNOX-2413
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
>Affects Versions: 1.5.0
>Reporter: Sandor Molnar
>Assignee: Sandor Molnar
>Priority: Major
> Fix For: 1.5.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> There is a need for adding JWT support in the HadoopAuth security provider as
> follows: if the incoming request has a valid JWT token (as a {{bearer}}
> token) extracted from the {{Authorization}} header the request is then
> processed on behalf of the user represented by the JWT token (using the
> existing JWT federation provider). If there is no _valid_ JWT token, the
> {{HadoopAuth}} authentication filter should do its job as it does today.
> The ability to implement a general composite authentication provider is
> discussed in KNOX-2411, but we agreed that such a provider would need more
> planning and maybe a KIP so that this feature should be targeted in a
> separate JIRA.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (KNOX-2413) Add JWT support for HadoopAuth provider
[
https://issues.apache.org/jira/browse/KNOX-2413?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar updated KNOX-2413:
Status: Patch Available (was: In Progress)
> Add JWT support for HadoopAuth provider
> ---
>
> Key: KNOX-2413
> URL: https://issues.apache.org/jira/browse/KNOX-2413
> Project: Apache Knox
> Issue Type: New Feature
> Components: Server
>Affects Versions: 1.5.0
>Reporter: Sandor Molnar
>Assignee: Sandor Molnar
>Priority: Major
> Fix For: 1.5.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> There is a need for adding JWT support in the HadoopAuth security provider as
> follows: if the incoming request has a valid JWT token (as a {{bearer}}
> token) extracted from the {{Authorization}} header the request is then
> processed on behalf of the user represented by the JWT token (using the
> existing JWT federation provider). If there is no _valid_ JWT token, the
> {{HadoopAuth}} authentication filter should do its job as it does today.
> The ability to implement a general composite authentication provider is
> discussed in KNOX-2411, but we agreed that such a provider would need more
> planning and maybe a KIP so that this feature should be targeted in a
> separate JIRA.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[GitHub] [knox] smolnar82 opened a new pull request #367: KNOX-2413 - Added JWT support in HadoopAuth provider
smolnar82 opened a new pull request #367:
URL: https://github.com/apache/knox/pull/367
## What changes were proposed in this pull request?
Added a new provider configuration parameter in the `HadoopAuth` security
provider to enable end-users to use JWT tokens instead of the usual Hadoop
Authentication mechanism if there is a Bearer token defined in the request's
`Authorization` header. The new parameter name is `support.jwt`. If that is set
to `true` (defaults to `false`) and there is a _valid_ (parsable, non-expired)
JWT token in the authorization header Knox will use that token in the
HadoopAuth security provider.
## How was this patch tested?
Updated and ran JUnit tests:
```
[INFO]
[INFO] BUILD SUCCESS
[INFO]
[INFO] Total time: 20:01 min (Wall Clock)
[INFO] Finished at: 2020-07-30T22:42:31+02:00
[INFO] Final Memory: 448M/2323M
[INFO]
```
Additionally, the following E2E test steps were executed:
1. Deployed the Knox Gateway with my changes
2. Added the KNOXTOKEN service into `sandbox` (to be able to get a Knox
delegation token)
3. Had the following the `authentication` provider in the `metadata`
topology:
```
{
"role": "authentication",
"name": "HadoopAuth",
"enabled": "true",
"params": {
"config.prefix": "hadoop.auth.config",
"hadoop.auth.config.type": "kerberos",
"hadoop.auth.config.signature.secret": "password",
"hadoop.auth.config.simple.anonymous.allowed": "false",
"hadoop.auth.config.token.validity": "1800",
"hadoop.auth.config.cookie.path": "/",
"hadoop.auth.config.kerberos.principal": "HTTP/$GATEWAY_HOST@$REALM",
"hadoop.auth.config.kerberos.keytab": "/$KEYTAB_PATH/knox.keytab",
"hadoop.auth.config.kerberos.name.rules": "DEFAULT",
"support.jwt": "true"
}
```
4. Logged into Kerberos as `knox` and tried to get metadata about the
`sandbox` topology using Kerberos:
```
$ curl -s --negotiate -u: -k
"http://$GATEWAY_HOST:8444/gateway/metadata/api/v1/metadata/topologies/sandbox;
sandbox
false
...
```
5. Obtained a Knox delegation token (using the `KNOXTOKEN` service in
sandbox)
6. Tried to get metadata about the `sandbox` topology using the acquired
JWT token:
```
$ curl -v -H "Authorization: Bearer
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJrbm94IiwiYXVkIjoiaWRicm9rZXIiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTk2MTQzNzg4LCJrbm94LmlkIjoiMGM2NTUwZGItNzM4ZS00NjYwLWI1YWMtNGJlN2ZjNTllNzc2In0.KwRWOaye-7lgUN5pG-AV11HvRGwQKT6BSZWSWKOapn8DHaKce5hTaO4eTkHlyIx8kg7zaI65Cq950pC6lQf3Ocznh8DQaqbm_OxgBZQCI6wFl3UTHe1m1BbK7G3HxrOUHLnGUk4g5_z-gv_CN4vQDpgvPCNjC34knOUIeoc7uUHl_IABsQGDa4i57K5Gb9-iBJlhEWwFYEiIA24vE0fL1MnOvmUzypAth6l8x8m3FUpLYLMJOFOT9dXBTXKTklfy7S4pPRW5TFI9kwArhBr5-_KtT-ZZhiPu_LJPjVZHu1LwBgtYE_uJjVzE8RR1T20iYSPub15sPiX4ntUerto1Rg"
"http://$GATEWAY_HOST:8444/gateway/metadata/api/v1/metadata/topologies/sandbox;
* About to connect() to $GATEWAY_HOST port 8444 (#0)
* Trying xxx...
* Connected to $GATEWAY_HOST (xxx...) port 8444 (#0)
> GET /gateway/metadata/api/v1/metadata/topologies/sandbox HTTP/1.1
> User-Agent: curl/7.29.0
> Host: $GATEWAY_HOST:8444
> Accept: */*
> Authorization: Bearer
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJrbm94IiwiYXVkIjoiaWRicm9rZXIiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTk2MTQzNzg4LCJrbm94LmlkIjoiMGM2NTUwZGItNzM4ZS00NjYwLWI1YWMtNGJlN2ZjNTllNzc2In0.KwRWOaye-7lgUN5pG-AV11HvRGwQKT6BSZWSWKOapn8DHaKce5hTaO4eTkHlyIx8kg7zaI65Cq950pC6lQf3Ocznh8DQaqbm_OxgBZQCI6wFl3UTHe1m1BbK7G3HxrOUHLnGUk4g5_z-gv_CN4vQDpgvPCNjC34knOUIeoc7uUHl_IABsQGDa4i57K5Gb9-iBJlhEWwFYEiIA24vE0fL1MnOvmUzypAth6l8x8m3FUpLYLMJOFOT9dXBTXKTklfy7S4pPRW5TFI9kwArhBr5-_KtT-ZZhiPu_LJPjVZHu1LwBgtYE_uJjVzE8RR1T20iYSPub15sPiX4ntUerto1Rg
>
< HTTP/1.1 200 OK
< Date: Thu, 30 Jul 2020 20:18:31 GMT
< Content-Type: application/xml
< Transfer-Encoding: chunked
<
sandbox
false
...
* Connection #0 to host $GATEWAY_HOST left intact
```
7. Checked the `gateway.log` (set the logging level to `DEBUG` before I
started the gateway) and found that everything worked as expected
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
[jira] [Work logged] (KNOX-2413) Add JWT support for HadoopAuth provider
[
https://issues.apache.org/jira/browse/KNOX-2413?focusedWorklogId=464732=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-464732
]
ASF GitHub Bot logged work on KNOX-2413:
Author: ASF GitHub Bot
Created on: 30/Jul/20 21:07
Start Date: 30/Jul/20 21:07
Worklog Time Spent: 10m
Work Description: smolnar82 opened a new pull request #367:
URL: https://github.com/apache/knox/pull/367
## What changes were proposed in this pull request?
Added a new provider configuration parameter in the `HadoopAuth` security
provider to enable end-users to use JWT tokens instead of the usual Hadoop
Authentication mechanism if there is a Bearer token defined in the request's
`Authorization` header. The new parameter name is `support.jwt`. If that is set
to `true` (defaults to `false`) and there is a _valid_ (parsable, non-expired)
JWT token in the authorization header Knox will use that token in the
HadoopAuth security provider.
## How was this patch tested?
Updated and ran JUnit tests:
```
[INFO]
[INFO] BUILD SUCCESS
[INFO]
[INFO] Total time: 20:01 min (Wall Clock)
[INFO] Finished at: 2020-07-30T22:42:31+02:00
[INFO] Final Memory: 448M/2323M
[INFO]
```
Additionally, the following E2E test steps were executed:
1. Deployed the Knox Gateway with my changes
2. Added the KNOXTOKEN service into `sandbox` (to be able to get a Knox
delegation token)
3. Had the following the `authentication` provider in the `metadata`
topology:
```
{
"role": "authentication",
"name": "HadoopAuth",
"enabled": "true",
"params": {
"config.prefix": "hadoop.auth.config",
"hadoop.auth.config.type": "kerberos",
"hadoop.auth.config.signature.secret": "password",
"hadoop.auth.config.simple.anonymous.allowed": "false",
"hadoop.auth.config.token.validity": "1800",
"hadoop.auth.config.cookie.path": "/",
"hadoop.auth.config.kerberos.principal": "HTTP/$GATEWAY_HOST@$REALM",
"hadoop.auth.config.kerberos.keytab": "/$KEYTAB_PATH/knox.keytab",
"hadoop.auth.config.kerberos.name.rules": "DEFAULT",
"support.jwt": "true"
}
```
4. Logged into Kerberos as `knox` and tried to get metadata about the
`sandbox` topology using Kerberos:
```
$ curl -s --negotiate -u: -k
"http://$GATEWAY_HOST:8444/gateway/metadata/api/v1/metadata/topologies/sandbox;
sandbox
false
...
```
5. Obtained a Knox delegation token (using the `KNOXTOKEN` service in
sandbox)
6. Tried to get metadata about the `sandbox` topology using the acquired
JWT token:
```
$ curl -v -H "Authorization: Bearer
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJrbm94IiwiYXVkIjoiaWRicm9rZXIiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTk2MTQzNzg4LCJrbm94LmlkIjoiMGM2NTUwZGItNzM4ZS00NjYwLWI1YWMtNGJlN2ZjNTllNzc2In0.KwRWOaye-7lgUN5pG-AV11HvRGwQKT6BSZWSWKOapn8DHaKce5hTaO4eTkHlyIx8kg7zaI65Cq950pC6lQf3Ocznh8DQaqbm_OxgBZQCI6wFl3UTHe1m1BbK7G3HxrOUHLnGUk4g5_z-gv_CN4vQDpgvPCNjC34knOUIeoc7uUHl_IABsQGDa4i57K5Gb9-iBJlhEWwFYEiIA24vE0fL1MnOvmUzypAth6l8x8m3FUpLYLMJOFOT9dXBTXKTklfy7S4pPRW5TFI9kwArhBr5-_KtT-ZZhiPu_LJPjVZHu1LwBgtYE_uJjVzE8RR1T20iYSPub15sPiX4ntUerto1Rg"
"http://$GATEWAY_HOST:8444/gateway/metadata/api/v1/metadata/topologies/sandbox;
* About to connect() to $GATEWAY_HOST port 8444 (#0)
* Trying xxx...
* Connected to $GATEWAY_HOST (xxx...) port 8444 (#0)
> GET /gateway/metadata/api/v1/metadata/topologies/sandbox HTTP/1.1
> User-Agent: curl/7.29.0
> Host: $GATEWAY_HOST:8444
> Accept: */*
> Authorization: Bearer
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJrbm94IiwiYXVkIjoiaWRicm9rZXIiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTk2MTQzNzg4LCJrbm94LmlkIjoiMGM2NTUwZGItNzM4ZS00NjYwLWI1YWMtNGJlN2ZjNTllNzc2In0.KwRWOaye-7lgUN5pG-AV11HvRGwQKT6BSZWSWKOapn8DHaKce5hTaO4eTkHlyIx8kg7zaI65Cq950pC6lQf3Ocznh8DQaqbm_OxgBZQCI6wFl3UTHe1m1BbK7G3HxrOUHLnGUk4g5_z-gv_CN4vQDpgvPCNjC34knOUIeoc7uUHl_IABsQGDa4i57K5Gb9-iBJlhEWwFYEiIA24vE0fL1MnOvmUzypAth6l8x8m3FUpLYLMJOFOT9dXBTXKTklfy7S4pPRW5TFI9kwArhBr5-_KtT-ZZhiPu_LJPjVZHu1LwBgtYE_uJjVzE8RR1T20iYSPub15sPiX4ntUerto1Rg
>
< HTTP/1.1 200 OK
< Date: Thu, 30 Jul 2020 20:18:31 GMT
< Content-Type: application/xml
< Transfer-Encoding: chunked
<
sandbox
false
...
* Connection #0 to host $GATEWAY_HOST left intact
```
7. Checked the `gateway.log` (set the logging level to `DEBUG` before I
started the gateway) and found that everything worked as expected
[jira] [Work logged] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
[ https://issues.apache.org/jira/browse/KNOX-2434?focusedWorklogId=464715=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-464715 ] ASF GitHub Bot logged work on KNOX-2434: Author: ASF GitHub Bot Created on: 30/Jul/20 19:55 Start Date: 30/Jul/20 19:55 Worklog Time Spent: 10m Work Description: risdenk commented on pull request #366: URL: https://github.com/apache/knox/pull/366#issuecomment-47357 I'm still working on this - just want to make sure it gets a few CI runs through different JDK versions. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org Issue Time Tracking --- Worklog Id: (was: 464715) Time Spent: 20m (was: 10m) > Knox should fallback to JDK default keystore/truststore type instead of > hardcoding JKS > -- > > Key: KNOX-2434 > URL: https://issues.apache.org/jira/browse/KNOX-2434 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Currently Knox has a few configuration options for overriding the > keystore/truststore type and if these are not specified it falls back to > hardcoded "JKS". This should fallback instead of the JDK default configured > keystore/truststore type. This will cause issues when an administrator wants > to control the keystore type globally at the JDK level. This happens when > doing FIPS crypto modules. > It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [knox] risdenk commented on pull request #366: KNOX-2434 - Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
risdenk commented on pull request #366: URL: https://github.com/apache/knox/pull/366#issuecomment-47357 I'm still working on this - just want to make sure it gets a few CI runs through different JDK versions. This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
[ https://issues.apache.org/jira/browse/KNOX-2434?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2434: --- Status: Patch Available (was: In Progress) > Knox should fallback to JDK default keystore/truststore type instead of > hardcoding JKS > -- > > Key: KNOX-2434 > URL: https://issues.apache.org/jira/browse/KNOX-2434 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Currently Knox has a few configuration options for overriding the > keystore/truststore type and if these are not specified it falls back to > hardcoded "JKS". This should fallback instead of the JDK default configured > keystore/truststore type. This will cause issues when an administrator wants > to control the keystore type globally at the JDK level. This happens when > doing FIPS crypto modules. > It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[GitHub] [knox] risdenk opened a new pull request #366: KNOX-2434 - Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
risdenk opened a new pull request #366: URL: https://github.com/apache/knox/pull/366 ## What changes were proposed in this pull request? Replace hardcoded `JKS` with `KeyStore.getDefaultType()` ## How was this patch tested? * `mvn -U -T.75C clean verify -Ppackage,release -Dshellcheck` * Check that this fixes FIPS crypto when default keystore configured at JDK level This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Commented] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
[ https://issues.apache.org/jira/browse/KNOX-2434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168183#comment-17168183 ] Kevin Risden commented on KNOX-2434: PR - https://github.com/apache/knox/pull/366 > Knox should fallback to JDK default keystore/truststore type instead of > hardcoding JKS > -- > > Key: KNOX-2434 > URL: https://issues.apache.org/jira/browse/KNOX-2434 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > > Currently Knox has a few configuration options for overriding the > keystore/truststore type and if these are not specified it falls back to > hardcoded "JKS". This should fallback instead of the JDK default configured > keystore/truststore type. This will cause issues when an administrator wants > to control the keystore type globally at the JDK level. This happens when > doing FIPS crypto modules. > It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work logged] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
[ https://issues.apache.org/jira/browse/KNOX-2434?focusedWorklogId=464711=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-464711 ] ASF GitHub Bot logged work on KNOX-2434: Author: ASF GitHub Bot Created on: 30/Jul/20 19:50 Start Date: 30/Jul/20 19:50 Worklog Time Spent: 10m Work Description: risdenk opened a new pull request #366: URL: https://github.com/apache/knox/pull/366 ## What changes were proposed in this pull request? Replace hardcoded `JKS` with `KeyStore.getDefaultType()` ## How was this patch tested? * `mvn -U -T.75C clean verify -Ppackage,release -Dshellcheck` * Check that this fixes FIPS crypto when default keystore configured at JDK level This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org Issue Time Tracking --- Worklog Id: (was: 464711) Remaining Estimate: 0h Time Spent: 10m > Knox should fallback to JDK default keystore/truststore type instead of > hardcoding JKS > -- > > Key: KNOX-2434 > URL: https://issues.apache.org/jira/browse/KNOX-2434 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Currently Knox has a few configuration options for overriding the > keystore/truststore type and if these are not specified it falls back to > hardcoded "JKS". This should fallback instead of the JDK default configured > keystore/truststore type. This will cause issues when an administrator wants > to control the keystore type globally at the JDK level. This happens when > doing FIPS crypto modules. > It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Created] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
Kevin Risden created KNOX-2434: -- Summary: Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS Key: KNOX-2434 URL: https://issues.apache.org/jira/browse/KNOX-2434 Project: Apache Knox Issue Type: Improvement Components: Server Affects Versions: 1.4.0 Reporter: Kevin Risden Assignee: Kevin Risden Fix For: 1.5.0 Currently Knox has a few configuration options for overriding the keystore/truststore type and if these are not specified it falls back to hardcoded "JKS". This should fallback instead of the JDK default configured keystore/truststore type. This will cause issues when an administrator wants to control the keystore type globally at the JDK level. This happens when doing FIPS crypto modules. It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
[ https://issues.apache.org/jira/browse/KNOX-2434?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2434 started by Kevin Risden. -- > Knox should fallback to JDK default keystore/truststore type instead of > hardcoding JKS > -- > > Key: KNOX-2434 > URL: https://issues.apache.org/jira/browse/KNOX-2434 > Project: Apache Knox > Issue Type: Improvement > Components: Server >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > > Currently Knox has a few configuration options for overriding the > keystore/truststore type and if these are not specified it falls back to > hardcoded "JKS". This should fallback instead of the JDK default configured > keystore/truststore type. This will cause issues when an administrator wants > to control the keystore type globally at the JDK level. This happens when > doing FIPS crypto modules. > It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2337) Upgrade pac4j to 4.0.3 and opensaml to 3.4.5
[ https://issues.apache.org/jira/browse/KNOX-2337?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168078#comment-17168078 ] Kevin Risden commented on KNOX-2337: The PR is looking good now - just rebased on latest and running through set of tests. > Upgrade pac4j to 4.0.3 and opensaml to 3.4.5 > > > Key: KNOX-2337 > URL: https://issues.apache.org/jira/browse/KNOX-2337 > Project: Apache Knox > Issue Type: Sub-task >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Time Spent: 1h > Remaining Estimate: 0h > > Upgrade pac4j 3.8.3 to 4.0.3 and opensaml 3.4.3 to 3.4.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2432) Upgrade spotbugs to 4.0.6
[ https://issues.apache.org/jira/browse/KNOX-2432?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2432: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade spotbugs to 4.0.6 > - > > Key: KNOX-2432 > URL: https://issues.apache.org/jira/browse/KNOX-2432 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2432.patch > > > Upgrade spotbugs 4.0.1 to 4.0.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2424) Upgrade protobuf-java to 3.12.4
[ https://issues.apache.org/jira/browse/KNOX-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2424: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade protobuf-java to 3.12.4 > --- > > Key: KNOX-2424 > URL: https://issues.apache.org/jira/browse/KNOX-2424 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2424.patch > > > Upgrade protobuf-java 3.11.4 to 3.12.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2423) Upgrade commons-io to 2.7
[ https://issues.apache.org/jira/browse/KNOX-2423?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2423: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade commons-io to 2.7 > - > > Key: KNOX-2423 > URL: https://issues.apache.org/jira/browse/KNOX-2423 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2423.patch > > > Upgrade commons-io 2.6 to 2.7 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2431) Upgrade rest-assured to 4.3.1
[ https://issues.apache.org/jira/browse/KNOX-2431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2431: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade rest-assured to 4.3.1 > - > > Key: KNOX-2431 > URL: https://issues.apache.org/jira/browse/KNOX-2431 > Project: Apache Knox > Issue Type: Sub-task > Components: Tests >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2431.patch > > > Upgrade rest-assured 4.3.0 to 4.3.1 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2433) Upgrade spotbugs-maven-plugin to 4.0.4
[ https://issues.apache.org/jira/browse/KNOX-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2433: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade spotbugs-maven-plugin to 4.0.4 > -- > > Key: KNOX-2433 > URL: https://issues.apache.org/jira/browse/KNOX-2433 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Attachments: KNOX-2433.patch > > > Upgrade spotbugs-maven-plugin 4.0.0 to 4.0.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2429) Upgrade bcprov-jdk15on to 1.66
[ https://issues.apache.org/jira/browse/KNOX-2429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2429: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade bcprov-jdk15on to 1.66 > -- > > Key: KNOX-2429 > URL: https://issues.apache.org/jira/browse/KNOX-2429 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2429.patch > > > Upgrade bcprov-jdk15on 1.65 to 1.66 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2425) Upgrade checkstyle to 8.35
[ https://issues.apache.org/jira/browse/KNOX-2425?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2425: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade checkstyle to 8.35 > -- > > Key: KNOX-2425 > URL: https://issues.apache.org/jira/browse/KNOX-2425 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2425.patch > > > Upgrade checkstyle 8.31 to 8.35 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2426) Upgrade groovy to 3.0.5
[ https://issues.apache.org/jira/browse/KNOX-2426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2426: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade groovy to 3.0.5 > --- > > Key: KNOX-2426 > URL: https://issues.apache.org/jira/browse/KNOX-2426 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2426.patch > > > Upgrade groovy 3.0.3 to 3.0.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2430) Upgrade caffeine to 2.8.5
[ https://issues.apache.org/jira/browse/KNOX-2430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2430: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade caffeine to 2.8.5 > - > > Key: KNOX-2430 > URL: https://issues.apache.org/jira/browse/KNOX-2430 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2430.patch > > > Upgrade caffeine 2.8.1 to 2.8.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2427) Upgrade aspectj to 1.9.6
[ https://issues.apache.org/jira/browse/KNOX-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2427: --- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade aspectj to 1.9.6 > > > Key: KNOX-2427 > URL: https://issues.apache.org/jira/browse/KNOX-2427 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2427.patch > > > Upgrade aspectj 1.9.5 to 1.9.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2432) Upgrade spotbugs to 4.0.6
[ https://issues.apache.org/jira/browse/KNOX-2432?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168061#comment-17168061 ] ASF subversion and git services commented on KNOX-2432: --- Commit 6bef73989a1e4aea68a19096ca3e7f9b97c05e07 in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=6bef739 ] KNOX-2432 / KNOX-2433 - Upgrade spotbugs to 4.0.6 and spotbugs-maven-plugin to 4.0.4 Signed-off-by: Kevin Risden > Upgrade spotbugs to 4.0.6 > - > > Key: KNOX-2432 > URL: https://issues.apache.org/jira/browse/KNOX-2432 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2432.patch > > > Upgrade spotbugs 4.0.1 to 4.0.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2431) Upgrade rest-assured to 4.3.1
[ https://issues.apache.org/jira/browse/KNOX-2431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168060#comment-17168060 ] ASF subversion and git services commented on KNOX-2431: --- Commit 486836c031c5a786dd0055c18147c0c88bb26846 in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=486836c ] KNOX-2431 - Upgrade rest-assured to 4.3.1 Signed-off-by: Kevin Risden > Upgrade rest-assured to 4.3.1 > - > > Key: KNOX-2431 > URL: https://issues.apache.org/jira/browse/KNOX-2431 > Project: Apache Knox > Issue Type: Sub-task > Components: Tests >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2431.patch > > > Upgrade rest-assured 4.3.0 to 4.3.1 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2425) Upgrade checkstyle to 8.35
[ https://issues.apache.org/jira/browse/KNOX-2425?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168057#comment-17168057 ] ASF subversion and git services commented on KNOX-2425: --- Commit d38272c0c21d685884fd8c460f10140fd4c42ca4 in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=d38272c ] KNOX-2425 - Upgrade checkstyle to 8.35 Signed-off-by: Kevin Risden > Upgrade checkstyle to 8.35 > -- > > Key: KNOX-2425 > URL: https://issues.apache.org/jira/browse/KNOX-2425 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2425.patch > > > Upgrade checkstyle 8.31 to 8.35 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2426) Upgrade groovy to 3.0.5
[ https://issues.apache.org/jira/browse/KNOX-2426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168058#comment-17168058 ] ASF subversion and git services commented on KNOX-2426: --- Commit 2613313c5fe3a7de6ecbba871187281e22213f95 in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=2613313 ] KNOX-2426 - Upgrade groovy to 3.0.5 Signed-off-by: Kevin Risden > Upgrade groovy to 3.0.5 > --- > > Key: KNOX-2426 > URL: https://issues.apache.org/jira/browse/KNOX-2426 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2426.patch > > > Upgrade groovy 3.0.3 to 3.0.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2433) Upgrade spotbugs-maven-plugin to 4.0.4
[ https://issues.apache.org/jira/browse/KNOX-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168062#comment-17168062 ] ASF subversion and git services commented on KNOX-2433: --- Commit 6bef73989a1e4aea68a19096ca3e7f9b97c05e07 in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=6bef739 ] KNOX-2432 / KNOX-2433 - Upgrade spotbugs to 4.0.6 and spotbugs-maven-plugin to 4.0.4 Signed-off-by: Kevin Risden > Upgrade spotbugs-maven-plugin to 4.0.4 > -- > > Key: KNOX-2433 > URL: https://issues.apache.org/jira/browse/KNOX-2433 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Attachments: KNOX-2433.patch > > > Upgrade spotbugs-maven-plugin 4.0.0 to 4.0.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2430) Upgrade caffeine to 2.8.5
[ https://issues.apache.org/jira/browse/KNOX-2430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168056#comment-17168056 ] ASF subversion and git services commented on KNOX-2430: --- Commit 4f3fafb0d2fe00507e322b62db9078cc7536146f in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=4f3fafb ] KNOX-2430 - Upgrade caffeine to 2.8.5 Signed-off-by: Kevin Risden > Upgrade caffeine to 2.8.5 > - > > Key: KNOX-2430 > URL: https://issues.apache.org/jira/browse/KNOX-2430 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2430.patch > > > Upgrade caffeine 2.8.1 to 2.8.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2423) Upgrade commons-io to 2.7
[ https://issues.apache.org/jira/browse/KNOX-2423?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168053#comment-17168053 ] ASF subversion and git services commented on KNOX-2423: --- Commit 1028645baf5b1c7c45eb29616a0f59485866206c in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=1028645 ] KNOX-2423 - Upgrade commons-io to 2.7 Requires upgrading forbiddenapis as well Signed-off-by: Kevin Risden > Upgrade commons-io to 2.7 > - > > Key: KNOX-2423 > URL: https://issues.apache.org/jira/browse/KNOX-2423 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2423.patch > > > Upgrade commons-io 2.6 to 2.7 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2424) Upgrade protobuf-java to 3.12.4
[ https://issues.apache.org/jira/browse/KNOX-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168059#comment-17168059 ] ASF subversion and git services commented on KNOX-2424: --- Commit 7ccd35823bfd0f59a8dabb1eb9ed4fb553d4454c in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=7ccd358 ] KNOX-2424 - Upgrade protobuf-java to 3.12.4 Signed-off-by: Kevin Risden > Upgrade protobuf-java to 3.12.4 > --- > > Key: KNOX-2424 > URL: https://issues.apache.org/jira/browse/KNOX-2424 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2424.patch > > > Upgrade protobuf-java 3.11.4 to 3.12.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2427) Upgrade aspectj to 1.9.6
[ https://issues.apache.org/jira/browse/KNOX-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168054#comment-17168054 ] ASF subversion and git services commented on KNOX-2427: --- Commit 3f3a9195044d770ee2a59595f3ff063ac3f2336a in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=3f3a919 ] KNOX-2427 - Upgrade aspectj to 1.9.6 Signed-off-by: Kevin Risden > Upgrade aspectj to 1.9.6 > > > Key: KNOX-2427 > URL: https://issues.apache.org/jira/browse/KNOX-2427 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2427.patch > > > Upgrade aspectj 1.9.5 to 1.9.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (KNOX-2429) Upgrade bcprov-jdk15on to 1.66
[ https://issues.apache.org/jira/browse/KNOX-2429?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17168055#comment-17168055 ] ASF subversion and git services commented on KNOX-2429: --- Commit 27819370afaeb3482121b337f60988d67b281e6e in knox's branch refs/heads/master from Kevin Risden [ https://gitbox.apache.org/repos/asf?p=knox.git;h=2781937 ] KNOX-2429 - Upgrade bcprov-jdk15on to 1.66 Signed-off-by: Kevin Risden > Upgrade bcprov-jdk15on to 1.66 > -- > > Key: KNOX-2429 > URL: https://issues.apache.org/jira/browse/KNOX-2429 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2429.patch > > > Upgrade bcprov-jdk15on 1.65 to 1.66 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2432) Upgrade spotbugs to 4.0.6
[ https://issues.apache.org/jira/browse/KNOX-2432?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2432: --- Attachment: KNOX-2432.patch > Upgrade spotbugs to 4.0.6 > - > > Key: KNOX-2432 > URL: https://issues.apache.org/jira/browse/KNOX-2432 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2432.patch > > > Upgrade spotbugs 4.0.1 to 4.0.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2432) Upgrade spotbugs to 4.0.6
[ https://issues.apache.org/jira/browse/KNOX-2432?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2432: --- Status: Patch Available (was: In Progress) > Upgrade spotbugs to 4.0.6 > - > > Key: KNOX-2432 > URL: https://issues.apache.org/jira/browse/KNOX-2432 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2432.patch > > > Upgrade spotbugs 4.0.1 to 4.0.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2432) Upgrade spotbugs to 4.0.6
[ https://issues.apache.org/jira/browse/KNOX-2432?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2432 started by Kevin Risden. -- > Upgrade spotbugs to 4.0.6 > - > > Key: KNOX-2432 > URL: https://issues.apache.org/jira/browse/KNOX-2432 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2432.patch > > > Upgrade spotbugs 4.0.1 to 4.0.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2433) Upgrade spotbugs-maven-plugin to 4.0.4
[ https://issues.apache.org/jira/browse/KNOX-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2433 started by Kevin Risden. -- > Upgrade spotbugs-maven-plugin to 4.0.4 > -- > > Key: KNOX-2433 > URL: https://issues.apache.org/jira/browse/KNOX-2433 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Attachments: KNOX-2433.patch > > > Upgrade spotbugs-maven-plugin 4.0.0 to 4.0.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2433) Upgrade spotbugs-maven-plugin to 4.0.4
[ https://issues.apache.org/jira/browse/KNOX-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2433: --- Attachment: KNOX-2433.patch > Upgrade spotbugs-maven-plugin to 4.0.4 > -- > > Key: KNOX-2433 > URL: https://issues.apache.org/jira/browse/KNOX-2433 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Attachments: KNOX-2433.patch > > > Upgrade spotbugs-maven-plugin 4.0.0 to 4.0.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2433) Upgrade spotbugs-maven-plugin to 4.0.4
[ https://issues.apache.org/jira/browse/KNOX-2433?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2433: --- Status: Patch Available (was: In Progress) > Upgrade spotbugs-maven-plugin to 4.0.4 > -- > > Key: KNOX-2433 > URL: https://issues.apache.org/jira/browse/KNOX-2433 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Major > Fix For: 1.5.0 > > Attachments: KNOX-2433.patch > > > Upgrade spotbugs-maven-plugin 4.0.0 to 4.0.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2424) Upgrade protobuf-java to 3.12.4
[ https://issues.apache.org/jira/browse/KNOX-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2424 started by Kevin Risden. -- > Upgrade protobuf-java to 3.12.4 > --- > > Key: KNOX-2424 > URL: https://issues.apache.org/jira/browse/KNOX-2424 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2424.patch > > > Upgrade protobuf-java 3.11.4 to 3.12.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2431) Upgrade rest-assured to 4.3.1
[ https://issues.apache.org/jira/browse/KNOX-2431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2431: --- Status: Patch Available (was: In Progress) > Upgrade rest-assured to 4.3.1 > - > > Key: KNOX-2431 > URL: https://issues.apache.org/jira/browse/KNOX-2431 > Project: Apache Knox > Issue Type: Sub-task > Components: Tests >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2431.patch > > > Upgrade rest-assured 4.3.0 to 4.3.1 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2424) Upgrade protobuf-java to 3.12.4
[ https://issues.apache.org/jira/browse/KNOX-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2424: --- Status: Patch Available (was: In Progress) > Upgrade protobuf-java to 3.12.4 > --- > > Key: KNOX-2424 > URL: https://issues.apache.org/jira/browse/KNOX-2424 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2424.patch > > > Upgrade protobuf-java 3.11.4 to 3.12.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2431) Upgrade rest-assured to 4.3.1
[ https://issues.apache.org/jira/browse/KNOX-2431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2431: --- Attachment: KNOX-2431.patch > Upgrade rest-assured to 4.3.1 > - > > Key: KNOX-2431 > URL: https://issues.apache.org/jira/browse/KNOX-2431 > Project: Apache Knox > Issue Type: Sub-task > Components: Tests >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2431.patch > > > Upgrade rest-assured 4.3.0 to 4.3.1 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2431) Upgrade rest-assured to 4.3.1
[ https://issues.apache.org/jira/browse/KNOX-2431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2431 started by Kevin Risden. -- > Upgrade rest-assured to 4.3.1 > - > > Key: KNOX-2431 > URL: https://issues.apache.org/jira/browse/KNOX-2431 > Project: Apache Knox > Issue Type: Sub-task > Components: Tests >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2431.patch > > > Upgrade rest-assured 4.3.0 to 4.3.1 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2424) Upgrade protobuf-java to 3.12.4
[ https://issues.apache.org/jira/browse/KNOX-2424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2424: --- Attachment: KNOX-2424.patch > Upgrade protobuf-java to 3.12.4 > --- > > Key: KNOX-2424 > URL: https://issues.apache.org/jira/browse/KNOX-2424 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2424.patch > > > Upgrade protobuf-java 3.11.4 to 3.12.4 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2426) Upgrade groovy to 3.0.5
[ https://issues.apache.org/jira/browse/KNOX-2426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2426 started by Kevin Risden. -- > Upgrade groovy to 3.0.5 > --- > > Key: KNOX-2426 > URL: https://issues.apache.org/jira/browse/KNOX-2426 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2426.patch > > > Upgrade groovy 3.0.3 to 3.0.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2426) Upgrade groovy to 3.0.5
[ https://issues.apache.org/jira/browse/KNOX-2426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2426: --- Attachment: KNOX-2426.patch > Upgrade groovy to 3.0.5 > --- > > Key: KNOX-2426 > URL: https://issues.apache.org/jira/browse/KNOX-2426 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2426.patch > > > Upgrade groovy 3.0.3 to 3.0.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2426) Upgrade groovy to 3.0.5
[ https://issues.apache.org/jira/browse/KNOX-2426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2426: --- Status: Patch Available (was: In Progress) > Upgrade groovy to 3.0.5 > --- > > Key: KNOX-2426 > URL: https://issues.apache.org/jira/browse/KNOX-2426 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2426.patch > > > Upgrade groovy 3.0.3 to 3.0.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2425) Upgrade checkstyle to 8.35
[ https://issues.apache.org/jira/browse/KNOX-2425?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2425: --- Attachment: KNOX-2425.patch > Upgrade checkstyle to 8.35 > -- > > Key: KNOX-2425 > URL: https://issues.apache.org/jira/browse/KNOX-2425 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2425.patch > > > Upgrade checkstyle 8.31 to 8.35 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2425) Upgrade checkstyle to 8.35
[ https://issues.apache.org/jira/browse/KNOX-2425?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2425: --- Status: Patch Available (was: In Progress) > Upgrade checkstyle to 8.35 > -- > > Key: KNOX-2425 > URL: https://issues.apache.org/jira/browse/KNOX-2425 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2425.patch > > > Upgrade checkstyle 8.31 to 8.35 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2425) Upgrade checkstyle to 8.35
[ https://issues.apache.org/jira/browse/KNOX-2425?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2425 started by Kevin Risden. -- > Upgrade checkstyle to 8.35 > -- > > Key: KNOX-2425 > URL: https://issues.apache.org/jira/browse/KNOX-2425 > Project: Apache Knox > Issue Type: Sub-task > Components: Build >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Minor > Fix For: 1.5.0 > > Attachments: KNOX-2425.patch > > > Upgrade checkstyle 8.31 to 8.35 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2430) Upgrade caffeine to 2.8.5
[ https://issues.apache.org/jira/browse/KNOX-2430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2430 started by Kevin Risden. -- > Upgrade caffeine to 2.8.5 > - > > Key: KNOX-2430 > URL: https://issues.apache.org/jira/browse/KNOX-2430 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2430.patch > > > Upgrade caffeine 2.8.1 to 2.8.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2430) Upgrade caffeine to 2.8.5
[ https://issues.apache.org/jira/browse/KNOX-2430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2430: --- Attachment: KNOX-2430.patch > Upgrade caffeine to 2.8.5 > - > > Key: KNOX-2430 > URL: https://issues.apache.org/jira/browse/KNOX-2430 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2430.patch > > > Upgrade caffeine 2.8.1 to 2.8.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2430) Upgrade caffeine to 2.8.5
[ https://issues.apache.org/jira/browse/KNOX-2430?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2430: --- Status: Patch Available (was: In Progress) > Upgrade caffeine to 2.8.5 > - > > Key: KNOX-2430 > URL: https://issues.apache.org/jira/browse/KNOX-2430 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2430.patch > > > Upgrade caffeine 2.8.1 to 2.8.5 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2429) Upgrade bcprov-jdk15on to 1.66
[ https://issues.apache.org/jira/browse/KNOX-2429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2429: --- Status: Patch Available (was: In Progress) > Upgrade bcprov-jdk15on to 1.66 > -- > > Key: KNOX-2429 > URL: https://issues.apache.org/jira/browse/KNOX-2429 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2429.patch > > > Upgrade bcprov-jdk15on 1.65 to 1.66 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2427) Upgrade aspectj to 1.9.6
[ https://issues.apache.org/jira/browse/KNOX-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2427: --- Attachment: KNOX-2427.patch > Upgrade aspectj to 1.9.6 > > > Key: KNOX-2427 > URL: https://issues.apache.org/jira/browse/KNOX-2427 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2427.patch > > > Upgrade aspectj 1.9.5 to 1.9.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2429) Upgrade bcprov-jdk15on to 1.66
[ https://issues.apache.org/jira/browse/KNOX-2429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2429 started by Kevin Risden. -- > Upgrade bcprov-jdk15on to 1.66 > -- > > Key: KNOX-2429 > URL: https://issues.apache.org/jira/browse/KNOX-2429 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2429.patch > > > Upgrade bcprov-jdk15on 1.65 to 1.66 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2429) Upgrade bcprov-jdk15on to 1.66
[ https://issues.apache.org/jira/browse/KNOX-2429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2429: --- Attachment: KNOX-2429.patch > Upgrade bcprov-jdk15on to 1.66 > -- > > Key: KNOX-2429 > URL: https://issues.apache.org/jira/browse/KNOX-2429 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2429.patch > > > Upgrade bcprov-jdk15on 1.65 to 1.66 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Work started] (KNOX-2427) Upgrade aspectj to 1.9.6
[ https://issues.apache.org/jira/browse/KNOX-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Work on KNOX-2427 started by Kevin Risden. -- > Upgrade aspectj to 1.9.6 > > > Key: KNOX-2427 > URL: https://issues.apache.org/jira/browse/KNOX-2427 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2427.patch > > > Upgrade aspectj 1.9.5 to 1.9.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Updated] (KNOX-2427) Upgrade aspectj to 1.9.6
[ https://issues.apache.org/jira/browse/KNOX-2427?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Kevin Risden updated KNOX-2427: --- Status: Patch Available (was: In Progress) > Upgrade aspectj to 1.9.6 > > > Key: KNOX-2427 > URL: https://issues.apache.org/jira/browse/KNOX-2427 > Project: Apache Knox > Issue Type: Sub-task >Affects Versions: 1.4.0 >Reporter: Kevin Risden >Assignee: Kevin Risden >Priority: Trivial > Fix For: 1.5.0 > > Attachments: KNOX-2427.patch > > > Upgrade aspectj 1.9.5 to 1.9.6 -- This message was sent by Atlassian Jira (v8.3.4#803005)
