svn commit: r1812752 - in /knox: site/ site/books/knox-0-10-0/ site/books/knox-0-11-0/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-0-4-0/ site/books/knox-0-

2017-10-20 Thread more 
Author: more
Date: Fri Oct 20 14:48:44 2017
New Revision: 1812752

URL: http://svn.apache.org/viewvc?rev=1812752=rev
Log:
KNOX-1053 - Document Support for Apache SOLR + HA Support for HBase & Kafka 
(Rick Kellogg via Sandeep More)

Added:
knox/trunk/books/0.14.0/service_solr.md
Modified:
knox/site/books/knox-0-10-0/deployment-overview.png
knox/site/books/knox-0-10-0/deployment-provider.png
knox/site/books/knox-0-10-0/deployment-service.png
knox/site/books/knox-0-10-0/general_saml_flow.png
knox/site/books/knox-0-10-0/runtime-overview.png
knox/site/books/knox-0-10-0/runtime-request-processing.png
knox/site/books/knox-0-11-0/deployment-overview.png
knox/site/books/knox-0-11-0/deployment-provider.png
knox/site/books/knox-0-11-0/deployment-service.png
knox/site/books/knox-0-11-0/general_saml_flow.png
knox/site/books/knox-0-11-0/runtime-overview.png
knox/site/books/knox-0-11-0/runtime-request-processing.png
knox/site/books/knox-0-12-0/deployment-overview.png
knox/site/books/knox-0-12-0/deployment-provider.png
knox/site/books/knox-0-12-0/deployment-service.png
knox/site/books/knox-0-12-0/general_saml_flow.png
knox/site/books/knox-0-12-0/runtime-overview.png
knox/site/books/knox-0-12-0/runtime-request-processing.png
knox/site/books/knox-0-13-0/deployment-overview.png
knox/site/books/knox-0-13-0/deployment-provider.png
knox/site/books/knox-0-13-0/deployment-service.png
knox/site/books/knox-0-13-0/general_saml_flow.png
knox/site/books/knox-0-13-0/runtime-overview.png
knox/site/books/knox-0-13-0/runtime-request-processing.png
knox/site/books/knox-0-14-0/user-guide.html
knox/site/books/knox-0-4-0/deployment-overview.png
knox/site/books/knox-0-4-0/deployment-provider.png
knox/site/books/knox-0-4-0/deployment-service.png
knox/site/books/knox-0-4-0/runtime-overview.png
knox/site/books/knox-0-4-0/runtime-request-processing.png
knox/site/books/knox-0-5-0/deployment-overview.png
knox/site/books/knox-0-5-0/deployment-provider.png
knox/site/books/knox-0-5-0/deployment-service.png
knox/site/books/knox-0-5-0/runtime-overview.png
knox/site/books/knox-0-5-0/runtime-request-processing.png
knox/site/books/knox-0-6-0/deployment-overview.png
knox/site/books/knox-0-6-0/deployment-provider.png
knox/site/books/knox-0-6-0/deployment-service.png
knox/site/books/knox-0-6-0/runtime-overview.png
knox/site/books/knox-0-6-0/runtime-request-processing.png
knox/site/books/knox-0-7-0/deployment-overview.png
knox/site/books/knox-0-7-0/deployment-provider.png
knox/site/books/knox-0-7-0/deployment-service.png
knox/site/books/knox-0-7-0/general_saml_flow.png
knox/site/books/knox-0-7-0/runtime-overview.png
knox/site/books/knox-0-7-0/runtime-request-processing.png
knox/site/books/knox-0-8-0/deployment-overview.png
knox/site/books/knox-0-8-0/deployment-provider.png
knox/site/books/knox-0-8-0/deployment-service.png
knox/site/books/knox-0-8-0/general_saml_flow.png
knox/site/books/knox-0-8-0/runtime-overview.png
knox/site/books/knox-0-8-0/runtime-request-processing.png
knox/site/books/knox-0-9-0/deployment-overview.png
knox/site/books/knox-0-9-0/deployment-provider.png
knox/site/books/knox-0-9-0/deployment-service.png
knox/site/books/knox-0-9-0/general_saml_flow.png
knox/site/books/knox-0-9-0/runtime-overview.png
knox/site/books/knox-0-9-0/runtime-request-processing.png
knox/site/books/knox-0-9-1/deployment-overview.png
knox/site/books/knox-0-9-1/deployment-provider.png
knox/site/books/knox-0-9-1/deployment-service.png
knox/site/books/knox-0-9-1/general_saml_flow.png
knox/site/books/knox-0-9-1/runtime-overview.png
knox/site/books/knox-0-9-1/runtime-request-processing.png
knox/site/index.html
knox/site/issue-tracking.html
knox/site/license.html
knox/site/mail-lists.html
knox/site/project-info.html
knox/site/team-list.html
knox/trunk/books/0.14.0/book.md
knox/trunk/books/0.14.0/book_getting-started.md
knox/trunk/books/0.14.0/book_service-details.md
knox/trunk/books/0.14.0/service_hbase.md
knox/trunk/books/0.14.0/service_kafka.md
knox/trunk/build.xml

Modified: knox/site/books/knox-0-10-0/deployment-overview.png
URL: 
http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/deployment-overview.png?rev=1812752=1812751=1812752=diff
==
Binary files - no diff available.

Modified: knox/site/books/knox-0-10-0/deployment-provider.png
URL: 
http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/deployment-provider.png?rev=1812752=1812751=1812752=diff
==
Binary files - no diff available.

Modified: knox/site/books/knox-0-10-0/deployment-service.png
URL:

knox git commit: KNOX-1041 - High Availability Support For Apache SOLR, HBase & Kafka (Rick Kellogg via Sandeep More)

2017-10-20 Thread more 
Repository: knox
Updated Branches:
  refs/heads/master aa62fa2db -> a08aaf742


KNOX-1041 - High Availability Support For Apache SOLR, HBase & Kafka (Rick 
Kellogg via Sandeep More)


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/a08aaf74
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/a08aaf74
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/a08aaf74

Branch: refs/heads/master
Commit: a08aaf742a97a3c35c94e28406fc4b6ef3184005
Parents: aa62fa2
Author: Sandeep More 
Authored: Fri Oct 20 10:38:34 2017 -0400
Committer: Sandeep More 
Committed: Fri Oct 20 10:38:34 2017 -0400

--
 .../provider/impl/BaseZookeeperURLManager.java  | 195 +++
 .../provider/impl/HBaseZookeeperURLManager.java | 138 +
 .../provider/impl/KafkaZookeeperURLManager.java | 152 +++
 .../provider/impl/SOLRZookeeperURLManager.java  | 118 +++
 .../ha/provider/impl/StringResponseHandler.java |  49 +
 ...apache.hadoop.gateway.ha.provider.URLManager |   5 +-
 .../impl/HBaseZookeeperURLManagerTest.java  |  72 +++
 .../impl/KafkaZookeeperURLManagerTest.java  |  71 +++
 .../impl/SOLRZookeeperURLManagerTest.java   | 110 +++
 9 files changed, 909 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/knox/blob/a08aaf74/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/BaseZookeeperURLManager.java
--
diff --git 
a/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/BaseZookeeperURLManager.java
 
b/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/BaseZookeeperURLManager.java
new file mode 100644
index 000..0b16144
--- /dev/null
+++ 
b/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/BaseZookeeperURLManager.java
@@ -0,0 +1,195 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.ha.provider.impl;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.concurrent.ConcurrentLinkedQueue;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.hadoop.gateway.ha.provider.HaServiceConfig;
+import org.apache.hadoop.gateway.ha.provider.URLManager;
+import org.apache.hadoop.gateway.ha.provider.impl.i18n.HaMessages;
+import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
+import org.apache.http.client.config.RequestConfig;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+
+import com.google.common.collect.Lists;
+
+/**
+ * Base implementation of URLManager intended for query of Zookeeper active 
hosts. In
+ * the event of a failure via markFailed, Zookeeper is queried again for active
+ * host information.
+ * 
+ * When configuring the HAProvider in the topology, the zookeeperEnsemble 
attribute must be set to a
+ * comma delimited list of the host and port number, i.e. 
host1:2181,host2:2181. 
+ */
+public abstract class BaseZookeeperURLManager implements URLManager {
+   protected static final HaMessages LOG = 
MessagesFactory.get(HaMessages.class);
+   /**
+* Host Ping Timeout
+*/
+   private static final int TIMEOUT = 2000;
+
+   private String zooKeeperEnsemble;
+   private ConcurrentLinkedQueue urls = new 
ConcurrentLinkedQueue();
+
+   // 
-
+   // URLManager interface methods
+   // 
-
+
+   @Override
+   public boolean supportsConfig(HaServiceConfig config) {
+   if 
(!config.getServiceName().equalsIgnoreCase(getServiceName())) {
+   return false;
+   }
+   
+   String zookeeperEnsemble =

knox git commit: KNOX-1022 - Configuring knox token ttl to higher value generates an access token which is not valid

2017-10-20 Thread coheigea 
Repository: knox
Updated Branches:
  refs/heads/master 986615ff6 -> aa62fa2db


KNOX-1022 - Configuring knox token ttl to higher value generates an access 
token which is not valid


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/aa62fa2d
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/aa62fa2d
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/aa62fa2d

Branch: refs/heads/master
Commit: aa62fa2dbdca59b175eefb62e97b5528f40d076b
Parents: 986615f
Author: Colm O hEigeartaigh 
Authored: Fri Oct 20 11:14:23 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Fri Oct 20 11:14:23 2017 +0100

--
 .../gateway/service/knoxsso/WebSSOResource.java |   7 +-
 .../service/knoxsso/WebSSOResourceTest.java | 230 +++
 .../service/knoxtoken/TokenResource.java|   7 +-
 .../knoxtoken/TokenServiceResourceTest.java | 226 ++
 4 files changed, 468 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/knox/blob/aa62fa2d/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
--
diff --git 
a/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
 
b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
index 36aa075..97b0441 100644
--- 
a/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
+++ 
b/gateway-service-knoxsso/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.java
@@ -68,12 +68,13 @@ public class WebSSOResource {
   private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt";
   // default for the whitelist - open up for development - relative paths and 
localhost only
   private static final String DEFAULT_WHITELIST = 
"^/.*$;^https?://(localhost|127.0.0.1|0:0:0:0:0:0:0:1|::1):\\d{0,9}/.*$";
+  private static final long TOKEN_TTL_DEFAULT = 3L;
   static final String RESOURCE_PATH = "/api/v1/websso";
   private static KnoxSSOMessages log = MessagesFactory.get( 
KnoxSSOMessages.class );
   private String cookieName = null;
   private boolean secureOnly = true;
   private int maxAge = -1;
-  private long tokenTTL = 3l;
+  private long tokenTTL = TOKEN_TTL_DEFAULT;
   private String whitelist = null;
   private String domainSuffix = null;
   private List targetAudiences = new ArrayList<>();
@@ -137,6 +138,10 @@ public class WebSSOResource {
 if (ttl != null) {
   try {
 tokenTTL = Long.parseLong(ttl);
+if (tokenTTL < -1 || (tokenTTL + System.currentTimeMillis() < 0)) {
+  log.invalidTokenTTLEncountered(ttl);
+  tokenTTL = TOKEN_TTL_DEFAULT;
+}
   }
   catch (NumberFormatException nfe) {
 log.invalidTokenTTLEncountered(ttl);

http://git-wip-us.apache.org/repos/asf/knox/blob/aa62fa2d/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
--
diff --git 
a/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
 
b/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
index 516f9ae..dedc912 100644
--- 
a/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
+++ 
b/gateway-service-knoxsso/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOResourceTest.java
@@ -30,6 +30,7 @@ import java.security.interfaces.RSAPublicKey;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -341,6 +342,235 @@ public class WebSSOResourceTest {
 assertTrue(parsedToken.getHeader().contains("RS512"));
   }
 
+  @Test
+  public void testDefaultTTL() throws Exception {
+
+ServletContext context = EasyMock.createNiceMock(ServletContext.class);
+
EasyMock.expect(context.getInitParameter("knoxsso.cookie.name")).andReturn(null);
+
EasyMock.expect(context.getInitParameter("knoxsso.cookie.secure.only")).andReturn(null);
+
EasyMock.expect(context.getInitParameter("knoxsso.cookie.max.age")).andReturn(null);
+
EasyMock.expect(context.getInitParameter("knoxsso.cookie.domain.suffix")).andReturn(null);
+
EasyMock.expect(context.getInitParameter("knoxsso.redirect.whitelist.regex")).andReturn(null);
+
EasyMock.expect(context.getInitParameter("knoxsso.token.audiences")).andReturn(null);
+