[jira] [Commented] (OOZIE-2850) Fix default callback notifications

Attila Sasvari (JIRA) Sun, 02 Apr 2017 07:36:55 -0700

    [ 
https://issues.apache.org/jira/browse/OOZIE-2850?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15952705#comment-15952705
 ]


Attila Sasvari commented on OOZIE-2850:
---------------------------------------

[~rkanter] I see your point but currently there is no reference to 
{{oozie.service.CallbackService.base.url}} in the code ({{git grep 
oozie.service.CallbackService.base.url}} returns only oozie-default.xml). 

This part (callback handling in secure mode) is handled in 
{{server/src/main/java/org/apache/oozie/server/guice/ConstraintSecurityHandlerProvider.java}};
 the idea was to not limit callback servlet endpoint to HTTPS requests.  Here I 
have just noticed a bug. Currently if HTTPS is enabled, a call to 
{{/oozie/callback?id=0000008-170318223842826-oozie-asas-W&status=SUCCEEDED}} 
via HTTP will be rejected with {{HTTP ERROR: 403}}
{code}
Problem accessing /oozie/versions. Reason:

    !Secure
{code}

The problem is the root context path (/oozie) is not added as prefix to the 
unsecure contraint mapping when 
[{{setPathSpec()}}|https://github.com/apache/oozie/blob/e3590b420a0914d959f6cd555185ef04640c5801/server/src/main/java/org/apache/oozie/server/guice/ConstraintSecurityHandlerProvider.java#L32]
 is called on the ConstraintMapping object. 

In the latest patch I changed the server code so that it reads context path 
from oozie-default (from oozie.base.url). 

> Fix default callback notifications
> ----------------------------------
>
>                 Key: OOZIE-2850
>                 URL: https://issues.apache.org/jira/browse/OOZIE-2850
>             Project: Oozie
>          Issue Type: Bug
>            Reporter: Attila Sasvari
>            Assignee: Attila Sasvari
>            Priority: Trivial
>         Attachments: OOZIE-2850-01.patch
>
>
> Currently oozie.service.CallbackService.base.url  in oozie-default.xml is set 
> to use 
> [oozie.base.url/callback| 
> https://github.com/apache/oozie/blob/7c404ad0ea4c61e90e8c86015de25ef196168c29/core/src/main/resources/oozie-default.xml#L1639]
> which defaults to 
> [http://localhost:8080/oozie|https://github.com/apache/oozie/blob/7c404ad0ea4c61e90e8c86015de25ef196168c29/core/src/main/resources/oozie-default.xml#L105].
> As a result, actions finished are not detected by default. (Jetty listens on 
> HTTP port 11000, see [port in oozie-default.xml | 
> https://github.com/apache/oozie/blob/7c404ad0ea4c61e90e8c86015de25ef196168c29/core/src/main/resources/oozie-default.xml#L2535])
> {{oozie.http.hostname}} and {{oozie.http.port}} could be used in 
> {{oozie.base.url}}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (OOZIE-2850) Fix default callback notifications

Reply via email to