----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/51892/#review148910 -----------------------------------------------------------
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java <https://reviews.apache.org/r/51892/#comment216428> This is now handled by Spring via the `spring-security.xml` file. ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java <https://reviews.apache.org/r/51892/#comment216427> This is now handled by Spring via the `spring-security.xml` file. ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilter.java <https://reviews.apache.org/r/51892/#comment216423> This class was renamed to `AmbariBasicAuthenticationFilter` since `AmbariAuthenticationFilter` made for a better interface name for Ambari-specific authentication filter implementations. ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java (line 52) <https://reviews.apache.org/r/51892/#comment216421> This was basically renamed from `AmbariAuthenticationFilter` since `AmbariAuthenticationFilter` made for a better interface name. ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java (line 51) <https://reviews.apache.org/r/51892/#comment216425> `AmbariJWTAuthenticationFilter` was created fir symmetrical reasons and to augment the behavior of `JwtAuthenticationFilter` to capture inforamtion for the audit loggger. It works like the `AmbariBasicAuthenticationFilter` in this respect. ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml (line 64) <https://reviews.apache.org/r/51892/#comment216426> This sets up the `AmbariJWTAuthenticationFilter` and negates the need to inject members. Therefore the code to invoke injection is removed from the `AmbariServer` class. ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml (line 72) <https://reviews.apache.org/r/51892/#comment216430> This sets up the `AmbariAuthorizationFilter` and negates the need to inject members. Therefore the code to invoke injection is removed from the `AmbariServer` class. - Robert Levas On Sept. 14, 2016, 11:42 a.m., Robert Levas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/51892/ > ----------------------------------------------------------- > > (Updated Sept. 14, 2016, 11:42 a.m.) > > > Review request for Ambari, Daniel Gergely, Jonathan Hurley, Myroslav > Papirkovskyy, Nate Cole, and Sebastian Toader. > > > Bugs: AMBARI-18367 > https://issues.apache.org/jira/browse/AMBARI-18367 > > > Repository: ambari > > > Description > ------- > > Create a Spring authentication filter to encapsulate the various Ambari > authentication methods since the Spring filter chain allows for a single > authentication filter and Ambari needs to allow for multiple, optional, > authentication filters to handle one of (but not limited to) the following > authentication methods: > > - Basic Auth > - SSO (JWT) > - Kerberos token > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java > deac313 > > ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java > bd34c25 > > ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilter.java > 0a312f3 > > ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilter.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java > 2f676b4 > > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/jwt/AuthenticationJwtUserNotFoundException.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/authorization/jwt/JwtAuthenticationFilter.java > 760621e > ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml e1697e2 > > ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariAuthenticationFilterTest.java > 0f2b104 > > ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilterTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilterTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilterTest.java > PRE-CREATION > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java > 1d71fe6 > > ambari-server/src/test/java/org/apache/ambari/server/security/authorization/jwt/JwtAuthenticationFilterTest.java > b08d1ac > > Diff: https://reviews.apache.org/r/51892/diff/ > > > Testing > ------- > > Manually tested > > #Local test results: > > [INFO] > ------------------------------------------------------------------------ > [INFO] BUILD SUCCESS > [INFO] > ------------------------------------------------------------------------ > [INFO] Total time: 1:40:31.332s > [INFO] Finished at: Wed Sep 14 10:18:07 EDT 2016 > [INFO] Final Memory: 67M/693M > [INFO] > ------------------------------------------------------------------------ > > > # Jenkins test results: PENDING > > > Thanks, > > Robert Levas > >