> On Oct. 6, 2016, 12:05 a.m., Alexander Kolbasov wrote: > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAdminServlet.java, > > line 39 > > <https://reviews.apache.org/r/45859/diff/4/?file=1522419#file1522419line39> > > > > Please add some comment explaining where did this teplate come from. > > Did you invent it? Did you copy it from somewhere?
sure. I copied the way used in com.codahale.metrics.servlets.AdminServlet, and the contents is different since we are using the twitter bootstrap kit. Also here we only use the TEMPLATE as a static html with some links referenced to other debug pages. > On Oct. 6, 2016, 12:05 a.m., Alexander Kolbasov wrote: > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAdminServlet.java, > > line 92 > > <https://reviews.apache.org/r/45859/diff/4/?file=1522419#file1522419line92> > > > > Do you need to add > > > > Pragma: no-cache > > Expires: 0 > > > > as well to disable caching? Different clients usig differet mechanisms. since it is only used for admin to debug / test, I assume there are not many clients using it. Also do we really want it is cached, since it contains very sensitive info? - Li ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/45859/#review151591 ----------------------------------------------------------- On Oct. 4, 2016, 10:23 p.m., Li Li wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/45859/ > ----------------------------------------------------------- > > (Updated Oct. 4, 2016, 10:23 p.m.) > > > Review request for sentry, Alexander Kolbasov, Anne Yu, Hao Hao, Lenni Kuff, > and Sravya Tirukkovalur. > > > Repository: sentry > > > Description > ------- > > Show role / privileges info in Sentry Service Webpage. Since it is only used > for debug / test currently, this webpage can be seen only when > SENTRY_WEB_ADMIN_SERVLET_ENABLED is true. > > > Diffs > ----- > > > sentry-service/sentry-service-common/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java > 5ec364c460e74d0a9dae8a28c20042360157b8a0 > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAdminServlet.java > PRE-CREATION > > sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java > a42f395270996da345ce49edca909e0438383759 > > Diff: https://reviews.apache.org/r/45859/diff/ > > > Testing > ------- > > Already tested in kerberos cluster. When > sentry.service.web.authentication.type is set to KERBEROS, only the > SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS can see this page. Also this webpage > can be seen only when SENTRY_WEB_ADMIN_SERVLET_ENABLED is true. > > > Thanks, > > Li Li > >