[ https://issues.apache.org/jira/browse/MAPREDUCE-2863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13165768#comment-13165768 ]
Hitesh Shah commented on MAPREDUCE-2863: ---------------------------------------- For the most part looks good. Have not yet had a chance to run this on a secure cluster. Had run the previous patch against one so do not expect any issues with this. Will update jira again once I have done that. Minor comments: - inconsistency in use of MediaType.APPLICATION_JSON v/s application/json in unit tests. Could switch all tests to use the defined constant. - missing test for output when media type is not specified ( or both specified ) to test default json behavior. - no tests for xml. Could be done more thoroughly in an additional jira but would help to have atleast one or 2 tests that accept xml only. For further ( later ) investigation: There might be some xss issues which may need to be looked at some point. For example: {code}throw new NotFoundException("app with id: " + appId + " not found");{code} Printing back user input as is ( without escaping ) could effectively execute malicious javascript on a browser. This however depends on what form of input parsing is done by the jaxb framework before the parameter gets to the actual ws handling code. > Support web-services for RM & NM > -------------------------------- > > Key: MAPREDUCE-2863 > URL: https://issues.apache.org/jira/browse/MAPREDUCE-2863 > Project: Hadoop Map/Reduce > Issue Type: Improvement > Components: mrv2, nodemanager, resourcemanager > Affects Versions: 0.23.0 > Reporter: Arun C Murthy > Assignee: Thomas Graves > Priority: Blocker > Attachments: MAPREDUCE-2863.patch, MAPREDUCE-2863.patch, > MAPREDUCE-2863.patch, MAPREDUCE-2863.patch, MAPREDUCE-2863.patch, > MAPREDUCE-2863.patch, MAPREDUCE-2863.patch, MAPREDUCE-2863.patch, > amoutput.txt, appoutput.txt, hsoutput.txt, nmoutput.txt, nmoutput.txt, > nmoutput.txt, rmoutput.txt, rmoutput.txt, rmoutput.txt > > > It will be very useful for RM and NM to support web-services to export > json/xml. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira