Re: Review Request 52456: Modify HTTP headers to follow best security practices
> On Oct. 9, 2016, 10:39 p.m., Robert Levas wrote: > > Ship It! Thank you Robert. Can you please help push the fix? - Sangeeta --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/52456/#review151944 --- On Oct. 4, 2016, 4:45 p.m., Sangeeta Ravindran wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/52456/ > --- > > (Updated Oct. 4, 2016, 4:45 p.m.) > > > Review request for Ambari, Di Li, Robert Levas, and Yusaku Sako. > > > Bugs: AMBARI-17311 > https://issues.apache.org/jira/browse/AMBARI-17311 > > > Repository: ambari > > > Description > --- > > This patch adds the following HTTP headers to follow security best practices. > > X-Content-Type-Options: nosniff > Cache-control: no-store > Pragma: no-cache > > > Diffs > - > > ambari-server/conf/unix/ambari.properties 4dcbe99 > ambari-server/conf/windows/ambari.properties 64cce3b > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > 2e850ef > > ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java > 05c9ecb > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java > b40953b > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java > 5bff4e3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java > 7be70a3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java > 6537130 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java > c9d7974 > > Diff: https://reviews.apache.org/r/52456/diff/ > > > Testing > --- > > Test cases have been updated to test with the new headers added. > Also did manual testing. > > > File Attachments > > > Patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/32920075-a5ab-481b-bc47-e1be6b569605__AMBARI-17311.patch > Updated patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/674db481-c4e0-4afb-98cb-b051d785c710__AMBARI-17311.patch > > > Thanks, > > Sangeeta Ravindran > >
Re: Review Request 52456: Modify HTTP headers to follow best security practices
> On Oct. 3, 2016, 2:32 p.m., Di Li wrote: > > Ship It! Thank you Di. - Sangeeta --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/52456/#review151168 --- On Oct. 4, 2016, 4:45 p.m., Sangeeta Ravindran wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/52456/ > --- > > (Updated Oct. 4, 2016, 4:45 p.m.) > > > Review request for Ambari, Di Li, Robert Levas, and Yusaku Sako. > > > Bugs: AMBARI-17311 > https://issues.apache.org/jira/browse/AMBARI-17311 > > > Repository: ambari > > > Description > --- > > This patch adds the following HTTP headers to follow security best practices. > > X-Content-Type-Options: nosniff > Cache-control: no-store > Pragma: no-cache > > > Diffs > - > > ambari-server/conf/unix/ambari.properties 4dcbe99 > ambari-server/conf/windows/ambari.properties 64cce3b > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > 2e850ef > > ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java > 05c9ecb > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java > b40953b > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java > 5bff4e3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java > 7be70a3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java > 6537130 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java > c9d7974 > > Diff: https://reviews.apache.org/r/52456/diff/ > > > Testing > --- > > Test cases have been updated to test with the new headers added. > Also did manual testing. > > > File Attachments > > > Patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/32920075-a5ab-481b-bc47-e1be6b569605__AMBARI-17311.patch > Updated patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/674db481-c4e0-4afb-98cb-b051d785c710__AMBARI-17311.patch > > > Thanks, > > Sangeeta Ravindran > >
Re: Review Request 52456: Modify HTTP headers to follow best security practices
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/52456/#review151944 --- Ship it! Ship It! - Robert Levas On Oct. 4, 2016, 12:45 p.m., Sangeeta Ravindran wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/52456/ > --- > > (Updated Oct. 4, 2016, 12:45 p.m.) > > > Review request for Ambari, Di Li, Robert Levas, and Yusaku Sako. > > > Bugs: AMBARI-17311 > https://issues.apache.org/jira/browse/AMBARI-17311 > > > Repository: ambari > > > Description > --- > > This patch adds the following HTTP headers to follow security best practices. > > X-Content-Type-Options: nosniff > Cache-control: no-store > Pragma: no-cache > > > Diffs > - > > ambari-server/conf/unix/ambari.properties 4dcbe99 > ambari-server/conf/windows/ambari.properties 64cce3b > > ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java > 2e850ef > > ambari-server/src/main/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilter.java > 05c9ecb > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.java > b40953b > > ambari-server/src/main/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilter.java > 5bff4e3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AbstractSecurityHeaderFilterTest.java > 7be70a3 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariServerSecurityHeaderFilterTest.java > 6537130 > > ambari-server/src/test/java/org/apache/ambari/server/security/AmbariViewsSecurityHeaderFilterTest.java > c9d7974 > > Diff: https://reviews.apache.org/r/52456/diff/ > > > Testing > --- > > Test cases have been updated to test with the new headers added. > Also did manual testing. > > > File Attachments > > > Patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/32920075-a5ab-481b-bc47-e1be6b569605__AMBARI-17311.patch > Updated patch with review comments addressed > > https://reviews.apache.org/media/uploaded/files/2016/10/04/674db481-c4e0-4afb-98cb-b051d785c710__AMBARI-17311.patch > > > Thanks, > > Sangeeta Ravindran > >
Re: Review Request 50803: [Ambari-19781] Integrate Druid With Ambari
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/50803/#review151941 --- Further, we need to add to Unit test cases for SA, and install, start, stop cases for components, before we checkin. - Swapan Shridhar On Oct. 8, 2016, 3:05 a.m., Nishant Bangarwa wrote: > > --- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/50803/ > --- > > (Updated Oct. 8, 2016, 3:05 a.m.) > > > Review request for Ambari, Renjith Kamath and Swapan Shridhar. > > > Bugs: Ambari-19781 > https://issues.apache.org/jira/browse/Ambari-19781 > > > Repository: ambari > > > Description > --- > > Defines Druid as a new service in HDP 2.6 > > > Diffs > - > > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-broker.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-common.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-coordinator.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-env.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-historical.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-log4j.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-logrotate.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-middlemanager.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-overlord.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/configuration/druid-router.xml > PRE-CREATION > ambari-server/src/main/resources/common-services/DRUID/0.9.2/metainfo.xml > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/broker.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/coordinator.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/druid.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/druid_node.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/historical.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/middlemanager.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/overlord.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/params.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/router.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/service_check.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/package/scripts/status_params.py > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/quicklinks/quicklinks.json > PRE-CREATION > > ambari-server/src/main/resources/common-services/DRUID/0.9.2/themes/theme.json > PRE-CREATION > ambari-server/src/main/resources/stacks/HDP/2.6/role_command_order.json > PRE-CREATION > > ambari-server/src/main/resources/stacks/HDP/2.6/services/DRUID/kerberos.json > PRE-CREATION > ambari-server/src/main/resources/stacks/HDP/2.6/services/DRUID/metainfo.xml > PRE-CREATION > ambari-server/src/main/resources/stacks/HDP/2.6/services/stack_advisor.py > 1f722dc > > Diff: https://reviews.apache.org/r/50803/diff/ > > > Testing > --- > > Tested it locally by installing ambari and adding the newly added resources. > Was able to install druid and start all newly added services. > > > Thanks, > > Nishant Bangarwa > >