(knox) branch master updated: KNOX-3043 - NullpointerException in calling loadBuildProperties (#917)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new b7f93f6db KNOX-3043 - NullpointerException in calling loadBuildProperties (#917) b7f93f6db is described below commit b7f93f6db3665ccaf77d4de0011cea4e4461c264 Author: senthh AuthorDate: Thu Jun 20 19:38:28 2024 +0530 KNOX-3043 - NullpointerException in calling loadBuildProperties (#917) * KNOX-3043 - NullpointerException in calling loadBuildProperties --- .../main/java/org/apache/knox/gateway/GatewayMessages.java | 6 ++ .../src/main/java/org/apache/knox/gateway/GatewayServer.java | 11 --- .../src/main/java/org/apache/knox/gateway/util/KnoxCLI.java | 12 +--- 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayMessages.java b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayMessages.java index 7ce032d8e..7206c6271 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayMessages.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayMessages.java @@ -63,6 +63,12 @@ public interface GatewayMessages { @Message( level = MessageLevel.INFO, text = "Loading configuration file {0}" ) void loadingConfigurationFile( String file ); + @Message( level = MessageLevel.INFO, text = "Failed to find configuration file {0}" ) + void failedToFindConfig( String path ); + + @Message( level = MessageLevel.INFO, text = "Failed to find configuration file {0}: {1}" ) + void failedToFindConfig( String path, @StackTrace( level = MessageLevel.INFO ) Exception e ); + @Message( level = MessageLevel.WARN, text = "Failed to load configuration file {0}: {1}" ) void failedToLoadConfig( String path, @StackTrace( level = MessageLevel.DEBUG ) Exception e ); diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java index 01c04cf7f..e81385363 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java @@ -304,10 +304,15 @@ public class GatewayServer { private static Properties loadBuildProperties() { Properties properties = new Properties(); -try(InputStream inputStream = GatewayServer.class.getClassLoader().getResourceAsStream( "build.properties" )) { - properties.load( inputStream ); +String BUILD_PROPERTY = "build.properties"; +try(InputStream inputStream = GatewayServer.class.getClassLoader().getResourceAsStream( BUILD_PROPERTY )) { + if (inputStream != null) { +properties.load(inputStream); + } else { +log.failedToFindConfig( BUILD_PROPERTY); + } } catch( IOException e ) { - // Ignore. + log.failedToFindConfig( BUILD_PROPERTY, e ); } return properties; } diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/util/KnoxCLI.java b/gateway-server/src/main/java/org/apache/knox/gateway/util/KnoxCLI.java index 4ce440f4a..b2d3b3059 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/util/KnoxCLI.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/util/KnoxCLI.java @@ -2570,10 +2570,16 @@ public class KnoxCLI extends Configured implements Tool { private static Properties loadBuildProperties() { Properties properties = new Properties(); -try(InputStream inputStream = KnoxCLI.class.getClassLoader().getResourceAsStream( "build.properties" )) { - properties.load(inputStream); +String BUILD_PROPERTY = "build.properties"; +PrintStream out = System.out; +try(InputStream inputStream = KnoxCLI.class.getClassLoader().getResourceAsStream( BUILD_PROPERTY )) { + if (inputStream != null) { +properties.load(inputStream); + } else { +out.println("Failed to find configuration file " + BUILD_PROPERTY); + } } catch( IOException e ) { - // Ignore. + out.println("Failed to find configuration file " + BUILD_PROPERTY + e.getMessage()); } return properties; }
(knox) branch master updated: KNOX-3036 - Add Primary Group Virtual Group (#905)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 6c26ec610 KNOX-3036 - Add Primary Group Virtual Group (#905) 6c26ec610 is described below commit 6c26ec6101b715d00219771997cd3b792893b6ee Author: lmccay AuthorDate: Mon May 6 10:35:38 2024 -0400 KNOX-3036 - Add Primary Group Virtual Group (#905) * KNOX-3036 - Add Primary Group Virtual Group --- .../identityasserter/common/filter/VirtualGroupMapper.java| 11 +++ .../java/org/apache/knox/gateway/plang/InterpreterTest.java | 11 +++ 2 files changed, 22 insertions(+) diff --git a/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/VirtualGroupMapper.java b/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/VirtualGroupMapper.java index 9ab392019..783835f6e 100644 --- a/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/VirtualGroupMapper.java +++ b/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/VirtualGroupMapper.java @@ -32,6 +32,7 @@ import org.apache.knox.gateway.plang.AbstractSyntaxTree; import org.apache.knox.gateway.plang.Interpreter; public class VirtualGroupMapper { +public static final String PRIMARY_GROUP = "$PRIMARY_GROUP"; private final IdentityAsserterMessages LOG = MessagesFactory.get(IdentityAsserterMessages.class); private final Map virtualGroupToPredicateMap; @@ -46,6 +47,9 @@ public class VirtualGroupMapper { Set virtualGroups = new HashSet<>(); for (Map.Entry each : virtualGroupToPredicateMap.entrySet()) { String virtualGroupName = each.getKey(); +// check for logical virtual groups - names to be dynamically created +virtualGroupName = resolveLogicalGroupName(username, virtualGroupName); + AbstractSyntaxTree predicate = each.getValue(); if (evalPredicate(virtualGroupName, username, groups, predicate, request)) { virtualGroups.add(virtualGroupName); @@ -56,6 +60,13 @@ public class VirtualGroupMapper { return virtualGroups; } +private String resolveLogicalGroupName(String username, String virtualGroupName) { +if (PRIMARY_GROUP.equalsIgnoreCase(virtualGroupName)) { +virtualGroupName = username; +} +return virtualGroupName; +} + /** * @return true if the user should be added to the virtual group based on the given predicate */ diff --git a/gateway-util-common/src/test/java/org/apache/knox/gateway/plang/InterpreterTest.java b/gateway-util-common/src/test/java/org/apache/knox/gateway/plang/InterpreterTest.java index 8e7880d7d..aea7ef921 100644 --- a/gateway-util-common/src/test/java/org/apache/knox/gateway/plang/InterpreterTest.java +++ b/gateway-util-common/src/test/java/org/apache/knox/gateway/plang/InterpreterTest.java @@ -268,6 +268,17 @@ public class InterpreterTest { assertFalse((boolean)eval("(empty groups)")); } +/** + * Adding the ability to create a primary group + * (group with same name as username) when it is missing + */ +@Test +public void testPrimaryGroup() { +interpreter.addConstant("username", "user1"); +interpreter.addConstant("groups", singletonList("grp1")); +assertTrue((boolean)eval("(not (member username))")); +} + @Test public void testLowerUpper() { assertEquals("apple", eval("(lowercase 'APPLE')"));
(knox) branch master updated: KNOX-3028 - add support for OAuth Token Exchange to KNOXTOKEN (#900)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new d74fb4f84 KNOX-3028 - add support for OAuth Token Exchange to KNOXTOKEN (#900) d74fb4f84 is described below commit d74fb4f8492191d24ab556fbefd50bbf0ebc8ad8 Author: lmccay AuthorDate: Mon Apr 15 13:55:16 2024 -0400 KNOX-3028 - add support for OAuth Token Exchange to KNOXTOKEN (#900) * KNOX-3028 - add support for OAuth Token Exchange to KNOXTOKEN --- .../gateway/service/knoxtoken/OAuthResource.java | 133 +++ .../gateway/service/knoxtoken/TokenResource.java | 420 + .../deploy/TokenServiceDeploymentContributor.java | 2 +- .../knoxtoken/TokenServiceResourceTest.java| 41 +- 4 files changed, 436 insertions(+), 160 deletions(-) diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/OAuthResource.java b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/OAuthResource.java new file mode 100644 index 0..71cf28b2d --- /dev/null +++ b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/OAuthResource.java @@ -0,0 +1,133 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.knox.gateway.service.knoxtoken; + +import org.apache.knox.gateway.i18n.messages.MessagesFactory; +import org.apache.knox.gateway.util.JsonUtils; + +import javax.inject.Singleton; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Response; + +import java.time.Duration; +import java.time.format.DateTimeParseException; +import java.util.HashMap; + +import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static javax.ws.rs.core.MediaType.APPLICATION_XML; + +@Singleton +@Path(OAuthResource.RESOURCE_PATH) +public class OAuthResource extends TokenResource { +private static TokenServiceMessages log = MessagesFactory.get(TokenServiceMessages.class); +static final String RESOURCE_PATH = "/{serviceName:.*}/v1/{oauthSegment:(oauth|token)}{path:(/tokens)?}"; +public static final String ISSUED_TOKEN_TYPE = "issued_token_type"; +public static final String REFRESH_TOKEN = "refresh_token"; +public static final String ISSUED_TOKEN_TYPE_ACCESS_TOKEN_VALUE = "urn:ietf:params:oauth:token-type:access_token"; + +@Override +@GET +@Produces({ APPLICATION_JSON, APPLICATION_XML }) +public Response doGet() { +return super.doGet(); +} + +@Override +@POST +@Produces({ APPLICATION_JSON, APPLICATION_XML }) +public Response doPost() { +return super.doPost(); +} + +@Override +public Response getAuthenticationToken() { + +Response response = enforceClientCertIfRequired(); +if (response != null) { return response; } + +response = onlyAllowGroupsToBeAddedWhenEnabled(); +if (response != null) { return response; } + +UserContext context = buildUserContext(request); + +response = enforceTokenLimitsAsRequired(context.userName); +if (response != null) { return response; } + +TokenResponseContext resp = getTokenResponse(context); +// if the responseMap isn't null then the knoxtoken request was successful +// if not then there may have been an error and the underlying response +// builder will communicate those details +if (resp.responseMap != null) { +// let's get the subset of the KnoxToken Response needed for OAuth +String accessToken = resp.responseMap.accessToken; +String passcode = resp.responseMap.passcode; +long expires = (long) resp.responseMap.map.get(EXPIRES_IN); +String tokenType = (String) resp.responseMap.map.get(TOKEN_TYPE); + +// build and return the expected OAuth response +final HashMap map = new HashMap<>(); +map.put(ACCESS_TOKEN, accessToken);
(knox) branch master updated: KNOX-3016 - add support for client credentials flow (#876)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 8f38723bb KNOX-3016 - add support for client credentials flow (#876) 8f38723bb is described below commit 8f38723bb6b8111eb93b01697e89dd98fb6f59f2 Author: lmccay AuthorDate: Tue Mar 12 18:12:59 2024 -0400 KNOX-3016 - add support for client credentials flow (#876) * KNOX-3016 - add support for client credentials flow --- .../federation/jwt/filter/AbstractJWTFilter.java | 19 +++- .../federation/jwt/filter/JWTFederationFilter.java | 41 ++-- ...lientIdAndClientSecretFederationFilterTest.java | 54 ++ 3 files changed, 109 insertions(+), 5 deletions(-) diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java index 07ce39030..90fd117b9 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java @@ -96,6 +96,8 @@ public abstract class AbstractJWTFilter implements Filter { */ public static final String JWT_EXPECTED_SIGALG = "jwt.expected.sigalg"; public static final String JWT_DEFAULT_SIGALG = "RS256"; + public static final String TYPE = "type"; + public static final String CLIENT_ID = "CLIENT_ID"; static JWTMessages log = MessagesFactory.get( JWTMessages.class ); @@ -300,8 +302,23 @@ public abstract class AbstractJWTFilter implements Filter { public Subject createSubjectFromTokenIdentifier(final String tokenId) throws UnknownTokenException { TokenMetadata metadata = tokenStateService.getTokenMetadata(tokenId); +String username = null; if (metadata != null) { - return createSubjectFromTokenData(metadata.getUserName(), null); + String type = metadata.getMetadata(TYPE); + // using tokenID and passcode as CLIENT_ID and CLIENT_SECRET will + // result in a metadata item called "type". If the value is set + // to CLIENT_ID then it will be assumed to be a CLIENT_ID and we + // will use the token id as the username. Since we don't know the + // token id until it is created, the username is always the same + // in the record. Using the token id makes it a unique username for + // audit and the like. + if (CLIENT_ID.equalsIgnoreCase(type)) { +username = tokenId; + } + else { +username = metadata.getUserName(); + } + return createSubjectFromTokenData(username, null); } return null; } diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java index 64ac556d0..9c2001057 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java @@ -58,6 +58,9 @@ public class JWTFederationFilter extends AbstractJWTFilter { private static final JWTMessages LOGGER = MessagesFactory.get( JWTMessages.class ); /* A semicolon separated list of paths that need to bypass authentication */ public static final String JWT_UNAUTHENTICATED_PATHS_PARAM = "jwt.unauthenticated.path.list"; + public static final String GRANT_TYPE = "grant_type"; + public static final String CLIENT_CREDENTIALS = "client_credentials"; + public static final String CLIENT_SECRET = "client_secret"; public enum TokenType { JWT, Passcode; @@ -239,15 +242,45 @@ public class JWTFederationFilter extends AbstractJWTFilter { } if (parsed == null) { - token = request.getParameter(this.paramName); - if (token != null) { -parsed = Pair.of(TokenType.JWT, token); - } +parsed = parseFromClientCredentialsFlow(request); + } + + if (parsed == null) { +token = request.getParameter(this.paramName); +if (token != null) { + parsed = Pair.of(TokenType.JWT, token); +} } return parsed; } +private Pair parseFromClientCredentialsFlow(ServletRequest request) { + Pair parsed = null; + String token = null; + + /* +POST /{tenant}/oauth2/v2.0/token HTTP/1.1 +Host: login.microsoftonline.com:
(knox) branch master updated: KNOX-3009 - KNOX-SESSION missing from Manager Topology and Admin UI (#843)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new d60c67fa8 KNOX-3009 - KNOX-SESSION missing from Manager Topology and Admin UI (#843) d60c67fa8 is described below commit d60c67fa88ffa3c7fae1a35764dabe167a71c184 Author: lmccay AuthorDate: Sat Feb 24 17:16:44 2024 -0500 KNOX-3009 - KNOX-SESSION missing from Manager Topology and Admin UI (#843) --- gateway-release/home/conf/topologies/manager.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/gateway-release/home/conf/topologies/manager.xml b/gateway-release/home/conf/topologies/manager.xml index acade305c..1634d0093 100644 --- a/gateway-release/home/conf/topologies/manager.xml +++ b/gateway-release/home/conf/topologies/manager.xml @@ -80,6 +80,9 @@ + + KNOX-SESSION + KNOX
[knox] branch master updated: KNOX-2824 - Make SameSite attribute on KnoxSSO Cookie Configurable (#647)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 2a4bba163 KNOX-2824 - Make SameSite attribute on KnoxSSO Cookie Configurable (#647) 2a4bba163 is described below commit 2a4bba1638fdae3c39da1c424bd32da501afae0e Author: lmccay AuthorDate: Wed Oct 12 12:20:00 2022 -0400 KNOX-2824 - Make SameSite attribute on KnoxSSO Cookie Configurable (#647) --- .../gateway/service/knoxsso/WebSSOResource.java| 10 - .../service/knoxsso/WebSSOResourceTest.java| 25 ++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java index 39725129a..6f14bd219 100644 --- a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java +++ b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOResource.java @@ -76,6 +76,7 @@ public class WebSSOResource { private static final String SSO_COOKIE_SECURE_ONLY_INIT_PARAM = "knoxsso.cookie.secure.only"; private static final String SSO_COOKIE_MAX_AGE_INIT_PARAM = "knoxsso.cookie.max.age"; private static final String SSO_COOKIE_DOMAIN_SUFFIX_PARAM = "knoxsso.cookie.domain.suffix"; + private static final String SSO_COOKIE_SAMESITE_PARAM = "knoxsso.cookie.samesite"; private static final String SSO_COOKIE_TOKEN_TTL_PARAM = "knoxsso.token.ttl"; private static final String SSO_COOKIE_TOKEN_AUDIENCES_PARAM = "knoxsso.token.audiences"; private static final String SSO_COOKIE_TOKEN_SIG_ALG = "knoxsso.token.sigalg"; @@ -93,6 +94,7 @@ public class WebSSOResource { private static final String ORIGINAL_URL_REQUEST_PARAM = "originalUrl"; private static final String ORIGINAL_URL_COOKIE_NAME = "original-url"; private static final String DEFAULT_SSO_COOKIE_NAME = "hadoop-jwt"; + private static final String SSO_COOKIE_SAMESITE_DEFAULT = "Strict"; private static final long TOKEN_TTL_DEFAULT = 3L; static final String RESOURCE_PATH = "/api/v1/websso"; private String cookieName; @@ -108,6 +110,8 @@ public class WebSSOResource { private String clusterName; private String tokenIssuer; + private String sameSiteValue; + @Context HttpServletRequest request; @@ -136,6 +140,10 @@ public class WebSSOResource { if (expectedParams != null) { ssoExpectedparams = Arrays.asList(expectedParams.split(",")); } + +this.sameSiteValue = StringUtils.isBlank(context.getInitParameter(SSO_COOKIE_SAMESITE_PARAM)) +? SSO_COOKIE_SAMESITE_DEFAULT +: context.getInitParameter(SSO_COOKIE_SAMESITE_PARAM); } private void setSignatureAlogrithm() throws AliasServiceException { @@ -405,7 +413,7 @@ public class WebSSOResource { if (maxAge != -1) { setCookie.append("; Max-Age=").append(maxAge); } - setCookie.append("; SameSite=None"); + setCookie.append("; SameSite=").append(this.sameSiteValue); response.setHeader("Set-Cookie", setCookie.toString()); LOGGER.addedJWTCookie(); } catch (Exception e) { diff --git a/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java b/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java index d1d625429..5f6389e09 100644 --- a/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java +++ b/gateway-service-knoxsso/src/test/java/org/apache/knox/gateway/service/knoxsso/WebSSOResourceTest.java @@ -414,6 +414,31 @@ public class WebSSOResourceTest { assertEquals(expectedknoxSsoSecureOnly, cookie.getSecure()); } + @Test + public void testSameConfigurableSite() throws Exception { +testSameSite("None", "None"); // explicitly set to None +testSameSite(null, "Strict"); // default value +testSameSite("Lax", "Lax"); // explicitly set to Lax + } + + private void testSameSite(String knoxSsoCookiesameSite, String expectedknoxSsoSecureOnly) throws Exception { + configureCommonExpectations(Collections.singletonMap("knoxsso.cookie.samesite", knoxSsoCookiesameSite == null ? null : knoxSsoCookiesameSite)); + +final WebSSOResource webSSOResponse = new WebSSOResource(); +webSSOResponse.request = request; +webSSOResponse.response = responseWrapper; +webSSOResponse.context = context; +webSSOResponse.init(); + +// Issue a token +webSSORes
[knox] branch master updated: KNOX-2798 - Add a trim method to KnoxShellTable to trim all values in a Column (#628)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 428804e51 KNOX-2798 - Add a trim method to KnoxShellTable to trim all values in a Column (#628) 428804e51 is described below commit 428804e518d3b0078b32dd34df39d43a98602b7e Author: lmccay AuthorDate: Fri Sep 2 17:25:22 2022 -0400 KNOX-2798 - Add a trim method to KnoxShellTable to trim all values in a Column (#628) --- .../knox/gateway/shell/table/KnoxShellTable.java | 26 ++ .../gateway/shell/table/KnoxShellTableTest.java| 18 +++ 2 files changed, 44 insertions(+) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java index 06acd164d..179fbd132 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java @@ -289,6 +289,32 @@ public class KnoxShellTable { return this; } + /** + * Trims the String value of whitespace for each of the values in a column + * given the column name. + * @param colIndex + * @return table + */ + public KnoxShellTable trim(String colName) { +int colIndex = headers.indexOf(colName); +return trim(colIndex); + } + + /** + * Trims the String value of whitespace for each of the values in a column + * given the column index. + * @param colIndex + * @return table + */ + public KnoxShellTable trim(int colIndex) { +List> col = values(colIndex); +for (int i = 0; i < col.size(); i++) { + String v = (String) col.get(i); + rows.get(i).set(colIndex, v.trim()); +} +return this; + } + public List getHeaders() { return headers == null || headers.isEmpty() ? null : headers; } diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index b46bc9f1f..0d32f86f5 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -295,6 +295,24 @@ public class KnoxShellTableTest { assertEquals(table2.getRows().get(1).get(1), "012"); } + @Test + public void testTrim() throws IOException { +KnoxShellTable table = new KnoxShellTable(); + +table.header("Column A").header("Column B").header("Column C"); + +table.row().value(" 789").value("012").value("8"); +table.row().value(" 123").value("456").value("3"); + +KnoxShellTable table2 = table.trim("Column A"); +assertEquals(table2.getRows().get(0).get(0), "789"); +assertEquals(table2.getRows().get(1).get(0), "123"); + +KnoxShellTable table3 = table.trim(0); +assertEquals(table3.getRows().get(0).get(0), "789"); +assertEquals(table3.getRows().get(1).get(0), "123"); + } + @Test public void testSortStringValuesNumerically() throws IOException { KnoxShellTable table = new KnoxShellTable();
[knox] branch master updated: KNOX-2779 - support multiple hosts for gateway.host config (#613)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new d51173a83 KNOX-2779 - support multiple hosts for gateway.host config (#613) d51173a83 is described below commit d51173a83e364d6eacf19d9ac8823ea2afb807f5 Author: 南慧荣 AuthorDate: Thu Aug 11 02:23:56 2022 +0800 KNOX-2779 - support multiple hosts for gateway.host config (#613) --- .../org/apache/knox/gateway/GatewayServer.java | 84 -- .../gateway/config/impl/GatewayConfigImpl.java | 20 -- .../gateway/config/impl/GatewayConfigImplTest.java | 15 .../org/apache/knox/gateway/GatewayTestConfig.java | 16 +++-- .../apache/knox/gateway/config/GatewayConfig.java | 4 +- .../gateway/SimpleDescriptorHandlerFuncTest.java | 3 +- 6 files changed, 92 insertions(+), 50 deletions(-) diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java index 5f80fe548..6d618800c 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java @@ -399,50 +399,53 @@ public class GatewayServer { * use the port provided in GatewayConfig. * @param topologyName Connector name, only used when not null */ - private Connector createConnector(final Server server, + private List createConnector(final Server server, final GatewayConfig config, final int port, final String topologyName) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, AliasServiceException { -ServerConnector connector; +List connectors = new ArrayList<>(); // Determine the socket address and check availability. -InetSocketAddress address = config.getGatewayAddress(); -checkAddressAvailability( address ); - -final int connectorPort = port > 0 ? port : address.getPort(); - -checkPortConflict(connectorPort, topologyName, config); - -HttpConfiguration httpConfig = new HttpConfiguration(); -httpConfig.setRequestHeaderSize( config.getHttpServerRequestHeaderBuffer() ); -httpConfig.setResponseHeaderSize( config.getHttpServerResponseHeaderBuffer() ); -httpConfig.setOutputBufferSize( config.getHttpServerResponseBuffer() ); - -if (config.isSSLEnabled()) { - HttpConfiguration httpsConfig = new HttpConfiguration( httpConfig ); - httpsConfig.setSecureScheme( "https" ); - httpsConfig.setSecurePort( connectorPort ); - httpsConfig.addCustomizer( new SecureRequestCustomizer() ); - SSLService ssl = services.getService(ServiceType.SSL_SERVICE); - SslContextFactory sslContextFactory = (SslContextFactory)ssl.buildSslContextFactory( config ); - connector = new ServerConnector( server, sslContextFactory, new HttpConnectionFactory( httpsConfig ) ); -} else { - connector = new ServerConnector( server ); -} -connector.setHost( address.getHostName() ); -connector.setPort( connectorPort ); +List addressList = config.getGatewayAddress(); +for (InetSocketAddress address : addressList) { + ServerConnector connector; + checkAddressAvailability( address ); + + final int connectorPort = port > 0 ? port : address.getPort(); + + checkPortConflict(connectorPort, topologyName, config); + + HttpConfiguration httpConfig = new HttpConfiguration(); + httpConfig.setRequestHeaderSize( config.getHttpServerRequestHeaderBuffer() ); + httpConfig.setResponseHeaderSize( config.getHttpServerResponseHeaderBuffer() ); + httpConfig.setOutputBufferSize( config.getHttpServerResponseBuffer() ); + + if (config.isSSLEnabled()) { +HttpConfiguration httpsConfig = new HttpConfiguration( httpConfig ); +httpsConfig.setSecureScheme( "https" ); +httpsConfig.setSecurePort( connectorPort ); +httpsConfig.addCustomizer( new SecureRequestCustomizer() ); +SSLService ssl = services.getService(ServiceType.SSL_SERVICE); +SslContextFactory sslContextFactory = (SslContextFactory)ssl.buildSslContextFactory( config ); +connector = new ServerConnector( server, sslContextFactory, new HttpConnectionFactory( httpsConfig ) ); + } else { +connector = new ServerConnector( server ); + } + connector.setHost( address.getHostName() ); + connector.setPort( connectorPort ); -if(!StringUtils.isBlank(topologyName)) { - connector.setName(topologyName); -} + if(!StringUtils.isBlank(topologyName)) { +connector.setName(topologyName); + } -long idleTimeout = config.getGatewayIdleTimeout(); -if (idleTimeout > 0L) { - connector.setIdleTimeout(id
[knox] branch master updated: KNOX-2772 - add configuration for jetty renegotiation (#605)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 07cd031e1 KNOX-2772 - add configuration for jetty renegotiation (#605) 07cd031e1 is described below commit 07cd031e1ee2e6be14308749d61cb5a495a6fe11 Author: 南慧荣 AuthorDate: Wed Jul 27 01:20:06 2022 +0800 KNOX-2772 - add configuration for jetty renegotiation (#605) --- .../apache/knox/gateway/config/impl/GatewayConfigImpl.java | 6 ++ .../knox/gateway/services/security/impl/JettySSLService.java | 2 ++ .../knox/gateway/config/impl/GatewayConfigImplTest.java | 12 .../gateway/services/security/impl/JettySSLServiceTest.java | 1 + .../main/java/org/apache/knox/gateway/GatewayTestConfig.java | 5 + .../java/org/apache/knox/gateway/config/GatewayConfig.java | 2 ++ 6 files changed, 28 insertions(+) diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java b/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java index 3e45bac36..ba572a23b 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java @@ -177,6 +177,7 @@ public class GatewayConfigImpl extends Configuration implements GatewayConfig { private static final String SSL_EXCLUDE_PROTOCOLS = "ssl.exclude.protocols"; private static final String SSL_INCLUDE_CIPHERS = "ssl.include.ciphers"; private static final String SSL_EXCLUDE_CIPHERS = "ssl.exclude.ciphers"; + private static final String SSL_RENEGOTIATION = "ssl.renegotiation"; // END BACKWARD COMPATIBLE BLOCK public static final String DEFAULT_HTTP_PORT = ""; @@ -602,6 +603,11 @@ public class GatewayConfigImpl extends Configuration implements GatewayConfig { return list; } + @Override + public boolean isSSLRenegotiationAllowed() { +return getBoolean(SSL_RENEGOTIATION, true); + } + @Override public boolean isClientAuthNeeded() { return Boolean.parseBoolean(get( CLIENT_AUTH_NEEDED, "false" )); diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java index 867e3df88..55f297ecf 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/JettySSLService.java @@ -224,6 +224,8 @@ public class JettySSLService implements SSLService { if (sslExcludeProtocols != null && !sslExcludeProtocols.isEmpty()) { sslContextFactory.setExcludeProtocols( sslExcludeProtocols.toArray(new String[0]) ); } + + sslContextFactory.setRenegotiationAllowed(config.isSSLRenegotiationAllowed()); return sslContextFactory; } diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/config/impl/GatewayConfigImplTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/config/impl/GatewayConfigImplTest.java index 5ec699b53..9fe737edd 100644 --- a/gateway-server/src/test/java/org/apache/knox/gateway/config/impl/GatewayConfigImplTest.java +++ b/gateway-server/src/test/java/org/apache/knox/gateway/config/impl/GatewayConfigImplTest.java @@ -167,6 +167,18 @@ public class GatewayConfigImplTest { assertThat( config.getExcludedSSLCiphers(), is(hasItems("ONE","TWO","THREE")) ); } + // KNOX-2772 + @Test + public void testisSSLRenegotiationAllowed() { +GatewayConfigImpl config = new GatewayConfigImpl(); +boolean isSSLRenegotiationAllowed = config.isSSLRenegotiationAllowed(); +assertThat( isSSLRenegotiationAllowed, is(true)); + +config.set("ssl.renegotiation", "false"); +isSSLRenegotiationAllowed = config.isSSLRenegotiationAllowed(); +assertThat( isSSLRenegotiationAllowed, is(false)); + } + @Test( timeout = TestUtils.SHORT_TIMEOUT ) public void testGlobalRulesServices() { GatewayConfigImpl config = new GatewayConfigImpl(); diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/JettySSLServiceTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/JettySSLServiceTest.java index eb667ea0d..51cdf0508 100644 --- a/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/JettySSLServiceTest.java +++ b/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/JettySSLServiceTest.java @@ -481,6 +481,7 @@ public class JettySSLServiceTest { expect(config.getIncludedSSLCiphers())
svn commit: r1894744 - in /knox/site: index.html issue-management.html licenses.html mailing-lists.html project-info.html team.html
Author: lmccay Date: Fri Nov 5 01:47:21 2021 New Revision: 1894744 URL: http://svn.apache.org/viewvc?rev=1894744=rev Log: update for release 1.6.0! Modified: knox/site/index.html knox/site/issue-management.html knox/site/licenses.html knox/site/mailing-lists.html knox/site/project-info.html knox/site/team.html Modified: knox/site/index.html URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1894744=1894743=1894744=diff == --- knox/site/index.html (original) +++ knox/site/index.html Fri Nov 5 01:47:21 2021 @@ -9,7 +9,7 @@ -Knox Gateway Announcing Apache Knox 1.5.0! +Knox Gateway Announcing Apache Knox 1.6.0! @@ -52,10 +52,10 @@ https://cwiki.apache.org/confluence/display/KNOX/News; class="externalLink" title="News">News License Documentation -User's Guide -KnoxShell User Guide -Developer's Guide -Quick Start +User's Guide +KnoxShell User Guide +Developer's Guide +Quick Start https://cwiki.apache.org/confluence/display/KNOX/Index; class="externalLink" title="Wiki">Wiki Releases https://cwiki.apache.org/confluence/display/KNOX/Apache+Knox+Releases; class="externalLink" title="Releases">Releases @@ -106,7 +106,7 @@ See the License for the specific languag limitations under the License. --> -Announcing Apache Knox 1.5.0! +Announcing Apache Knox 1.6.0! REST API and Application Gateway for the Apache Hadoop Ecosystem The Apache Knox Gateway is an Application Gateway for interacting with the REST APIs and UIs of Apache Hadoop deployments. Modified: knox/site/issue-management.html URL: http://svn.apache.org/viewvc/knox/site/issue-management.html?rev=1894744=1894743=1894744=diff == --- knox/site/issue-management.html (original) +++ knox/site/issue-management.html Fri Nov 5 01:47:21 2021 @@ -52,10 +52,10 @@ https://cwiki.apache.org/confluence/display/KNOX/News; class="externalLink" title="News">News License Documentation -User's Guide -KnoxShell User Guide -Developer's Guide -Quick Start +User's Guide +KnoxShell User Guide +Developer's Guide +Quick Start https://cwiki.apache.org/confluence/display/KNOX/Index; class="externalLink" title="Wiki">Wiki Releases https://cwiki.apache.org/confluence/display/KNOX/Apache+Knox+Releases; class="externalLink" title="Releases">Releases Modified: knox/site/licenses.html URL: http://svn.apache.org/viewvc/knox/site/licenses.html?rev=1894744=1894743=1894744=diff == --- knox/site/licenses.html (original) +++ knox/site/licenses.html Fri Nov 5 01:47:21 2021 @@ -52,10 +52,10 @@ https://cwiki.apache.org/confluence/display/KNOX/News; class="externalLink" title="News">News License Documentation -User's Guide -KnoxShell User Guide -Developer's Guide -Quick Start +User's Guide +KnoxShell User Guide +Developer's Guide +Quick Start https://cwiki.apache.org/confluence/display/KNOX/Index; class="externalLink" title="Wiki">Wiki Releases https://cwiki.apache.org/confluence/display/KNOX/Apache+Knox+Releases; class="externalLink" title="Releases">Releases Modified: knox/site/mailing-lists.html URL: http://svn.apache.org/viewvc/knox/site/mailing-lists.html?rev=1894744=1894743=1894744=diff == --- knox/site/mailing-lists.html (original) +++ knox/site/mailing-lists.html Fri Nov 5 01:47:21 2021 @@ -52,10 +52,10 @@ https://cwiki.apache.org/confluence/display/KNOX/News; class="externalLink" title="News">News License Documentation -User's Guide -KnoxShell User Guide -Developer's Guide -Quick Start +User's Guide +KnoxShell User Guide +Developer's Guide +Quick Start https://cwiki.apache.org/confluence/display/KNOX/Index; class="externalLink" title="Wiki">Wiki Releases https://cwiki.apache.org/confluence/display/KNOX/Apache+Knox+Releases; class="externalLink" title="Releases">Releases Modified: knox/site/project-info.html URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1894744=1894743=1894744=diff == --- knox/site/project-info.html (original) +++ knox/site/project-info.html Fri Nov 5 01:47:21 2021 @@ -52,10 +52,10 @@ https://cwiki.apache.org/confluence/display/KNO
svn commit: r1894743 - in /knox/trunk/src/site: markdown/index.md site.xml
Author: lmccay Date: Fri Nov 5 01:31:45 2021 New Revision: 1894743 URL: http://svn.apache.org/viewvc?rev=1894743=rev Log: Update site for 1.6.0 release Modified: knox/trunk/src/site/markdown/index.md knox/trunk/src/site/site.xml Modified: knox/trunk/src/site/markdown/index.md URL: http://svn.apache.org/viewvc/knox/trunk/src/site/markdown/index.md?rev=1894743=1894742=1894743=diff == --- knox/trunk/src/site/markdown/index.md (original) +++ knox/trunk/src/site/markdown/index.md Fri Nov 5 01:31:45 2021 @@ -14,7 +14,7 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY See the License for the specific language governing permissions and limitations under the License. --> -Announcing Apache Knox 1.5.0! +Announcing Apache Knox 1.6.0! REST API and Application Gateway for the Apache Hadoop Ecosystem Modified: knox/trunk/src/site/site.xml URL: http://svn.apache.org/viewvc/knox/trunk/src/site/site.xml?rev=1894743=1894742=1894743=diff == --- knox/trunk/src/site/site.xml (original) +++ knox/trunk/src/site/site.xml Fri Nov 5 01:31:45 2021 @@ -73,10 +73,10 @@ - - - - + + + + https://cwiki.apache.org/confluence/display/KNOX/Index"/>
svn commit: r1894732 - in /knox/site: ./ books/knox-0-12-0/ books/knox-0-13-0/ books/knox-0-14-0/ books/knox-1-0-0/ books/knox-1-1-0/ books/knox-1-2-0/ books/knox-1-3-0/ books/knox-1-4-0/ books/knox-1
Author: lmccay Date: Thu Nov 4 13:42:24 2021 New Revision: 1894732 URL: http://svn.apache.org/viewvc?rev=1894732=rev Log: test Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-2-0/deployment-overview.png knox/site/books/knox-1-2-0/deployment-provider.png knox/site/books/knox-1-2-0/deployment-service.png knox/site/books/knox-1-2-0/general_saml_flow.png knox/site/books/knox-1-2-0/runtime-overview.png knox/site/books/knox-1-2-0/runtime-request-processing.png knox/site/books/knox-1-3-0/deployment-overview.png knox/site/books/knox-1-3-0/deployment-provider.png knox/site/books/knox-1-3-0/deployment-service.png knox/site/books/knox-1-3-0/general_saml_flow.png knox/site/books/knox-1-3-0/runtime-overview.png knox/site/books/knox-1-3-0/runtime-request-processing.png knox/site/books/knox-1-4-0/deployment-overview.png knox/site/books/knox-1-4-0/deployment-provider.png knox/site/books/knox-1-4-0/deployment-service.png knox/site/books/knox-1-4-0/general_saml_flow.png knox/site/books/knox-1-4-0/runtime-overview.png knox/site/books/knox-1-4-0/runtime-request-processing.png knox/site/books/knox-1-5-0/deployment-overview.png knox/site/books/knox-1-5-0/deployment-provider.png knox/site/books/knox-1-5-0/deployment-service.png knox/site/books/knox-1-5-0/general_saml_flow.png knox/site/books/knox-1-5-0/runtime-overview.png knox/site/books/knox-1-5-0/runtime-request-processing.png knox/site/books/knox-1-6-0/deployment-overview.png knox/site/books/knox-1-6-0/deployment-provider.png knox/site/books/knox-1-6-0/deployment-service.png knox/site/books/knox-1-6-0/general_saml_flow.png knox/site/books/knox-1-6-0/runtime-overview.png knox/site/books/knox-1-6-0/runtime-request-processing.png knox/site/index.html knox/site/issue-management.html knox/site/licenses.html knox/site/mailing-lists.html knox/site/project-info.html knox/site/team.html Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1894732=1894731=1894732=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1894732=1894731=1894732=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1894732=1894731=1894732=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1894732=1894731=1894732=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1894732=1894731=1894732
[knox] branch master updated: [KNOX-2622] Support Deflate Encoding for the Inbound Response (#459)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 1ef048f [KNOX-2622] Support Deflate Encoding for the Inbound Response (#459) 1ef048f is described below commit 1ef048fa2d6ad6de566b1435880e3fe998839f59 Author: Zikun Xu AuthorDate: Mon Jun 21 19:02:44 2021 -0700 [KNOX-2622] Support Deflate Encoding for the Inbound Response (#459) --- .../filter/rewrite/impl/UrlRewriteResponse.java | 20 ++-- .../filter/rewrite/impl/UrlRewriteResponseTest.java | 19 +-- 2 files changed, 31 insertions(+), 8 deletions(-) diff --git a/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteResponse.java b/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteResponse.java index 73c0025..73f16ba 100644 --- a/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteResponse.java +++ b/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteResponse.java @@ -55,7 +55,9 @@ import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; +import java.util.zip.DeflaterOutputStream; import java.util.zip.GZIPOutputStream; +import java.util.zip.InflaterInputStream; import static org.apache.knox.gateway.filter.rewrite.impl.UrlRewriteUtil.getRewriteFilterConfig; import static org.apache.knox.gateway.filter.rewrite.impl.UrlRewriteUtil.pickFirstRuleWithEqualsIgnoreCasePathMatch; @@ -90,6 +92,7 @@ public class UrlRewriteResponse extends GatewayResponseWrapper implements Params private String xForwardedHostname; private String xForwardedPort; private String xForwardedScheme; + private String contentEncoding; public UrlRewriteResponse( FilterConfig config, HttpServletRequest request, HttpServletResponse response ) { super( response ); @@ -102,6 +105,7 @@ public class UrlRewriteResponse extends GatewayResponseWrapper implements Params this.bodyFilterName = config.getInitParameter( UrlRewriteServletFilter.RESPONSE_BODY_FILTER_PARAM ); this.headersFilterName = config.getInitParameter( UrlRewriteServletFilter.RESPONSE_HEADERS_FILTER_PARAM ); this.headersFilterConfig = getRewriteFilterConfig( rewriter.getConfig(), headersFilterName, UrlRewriteServletFilter.HEADERS_MIME_TYPE ); +this.contentEncoding = ""; } protected boolean ignoreHeader( String name ) { @@ -121,11 +125,18 @@ public class UrlRewriteResponse extends GatewayResponseWrapper implements Params return value; } + private void setContentEncoding(String name, String value) { +if ("Content-Encoding".equalsIgnoreCase(name)) { + contentEncoding = value; +} + } + // Ignore the Content-Length from the dispatch respond since the respond body may be rewritten. @Override public void setHeader( String name, String value ) { if( !ignoreHeader( name) ) { value = rewriteValue( value, pickFirstRuleWithEqualsIgnoreCasePathMatch( headersFilterConfig, name ) ); + setContentEncoding(name, value); super.setHeader( name, value ); } } @@ -136,6 +147,7 @@ public class UrlRewriteResponse extends GatewayResponseWrapper implements Params if( !ignoreHeader( name ) ) { String rule = pickFirstRuleWithEqualsIgnoreCasePathMatch( headersFilterConfig, name ); value = rewriteValue( value, rule ); + setContentEncoding(name, value); super.addHeader( name, value ); } } @@ -175,14 +187,18 @@ public class UrlRewriteResponse extends GatewayResponseWrapper implements Params inBuffer.reset(); final InputStream unFilteredStream; - if(isGzip) { + if(isGzip || "gzip".equalsIgnoreCase(contentEncoding)) { unFilteredStream = new GzipCompressorInputStream(inBuffer, true); +outStream = new GZIPOutputStream(output, STREAM_BUFFER_SIZE); + } else if ("deflate".equalsIgnoreCase(contentEncoding)) { +unFilteredStream = new InflaterInputStream(inBuffer); +outStream = new DeflaterOutputStream(output); } else { unFilteredStream = inBuffer; +outStream = output; } String charset = MimeTypes.getCharset( mimeType, StandardCharsets.UTF_8.name() ); inStream = filter.filter( unFilteredStream, charset, rewriter, this, UrlRewriter.Direction.OUT, filterContentConfig ); - outStream = (isGzip) ? new GZIPOutputStream(output, STREAM_BUFFER_SIZE) : output; } else { inStream = input; outStream = output; diff --git a/gateway-provider-rewrite/src/test/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteResponseTest.java b/gateway-provider-rewrite/src/test/java/org
[knox] branch master updated: Knox 2555 (#422)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 76cc9f5 Knox 2555 (#422) 76cc9f5 is described below commit 76cc9f5b5ee1f169399e51ba096842152defd1a9 Author: lmccay AuthorDate: Sat Mar 20 11:22:53 2021 -0400 Knox 2555 (#422) * KNOX-2555 - adjust some config --- .../src/main/resources/applications/tokengen/app/index.html | 12 +--- gateway-release/home/conf/topologies/homepage.xml| 6 +- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/gateway-applications/src/main/resources/applications/tokengen/app/index.html b/gateway-applications/src/main/resources/applications/tokengen/app/index.html index cd95c1d..57ce5de 100644 --- a/gateway-applications/src/main/resources/applications/tokengen/app/index.html +++ b/gateway-applications/src/main/resources/applications/tokengen/app/index.html @@ -63,13 +63,11 @@ --> Lifetime (days): - 1 - 2 - 3 - 4 - 5 - 6 - 7 + 1 days + 7 days + 30 days + 90 days + 120 days diff --git a/gateway-release/home/conf/topologies/homepage.xml b/gateway-release/home/conf/topologies/homepage.xml index 1b75640..4f18441 100644 --- a/gateway-release/home/conf/topologies/homepage.xml +++ b/gateway-release/home/conf/topologies/homepage.xml @@ -79,12 +79,16 @@ KNOXTOKEN knox.token.ttl - 60480 + 1036800 knox.token.target.url proxy-token/ + + knox.token.client.data + homepage_url=homepage/home/ + tokengen
[knox] branch master updated: KNOX-2539 - Enhance JWTProvider to accept token via HTTP Basic (#404)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new b395f0c KNOX-2539 - Enhance JWTProvider to accept token via HTTP Basic (#404) b395f0c is described below commit b395f0ca183bc8fe2b3da6717b3c9428d9f8f4d0 Author: lmccay AuthorDate: Sun Feb 28 17:54:14 2021 -0500 KNOX-2539 - Enhance JWTProvider to accept token via HTTP Basic (#404) * KNOX-2539 - Enhance JWTProvider to accept token via HTTP Basic --- .../federation/jwt/filter/JWTFederationFilter.java | 61 ++- .../JWTAsHTTPBasicCredsFederationFilterTest.java | 70 ++ 2 files changed, 115 insertions(+), 16 deletions(-) diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java index 4a7d425..3693b00 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/JWTFederationFilter.java @@ -31,17 +31,22 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.nio.charset.StandardCharsets; import java.text.ParseException; +import java.util.Base64; +import java.util.Locale; public class JWTFederationFilter extends AbstractJWTFilter { - public static final String KNOX_TOKEN_AUDIENCES = "knox.token.audiences"; - public static final String TOKEN_VERIFICATION_PEM = "knox.token.verification.pem"; - public static final String KNOX_TOKEN_QUERY_PARAM_NAME = "knox.token.query.param.name"; - public static final String TOKEN_PRINCIPAL_CLAIM = "knox.token.principal.claim"; - public static final String JWKS_URL = "knox.token.jwks.url"; - private static final String BEARER = "Bearer "; - private String paramName = "knoxtoken"; +public static final String KNOX_TOKEN_AUDIENCES = "knox.token.audiences"; +public static final String TOKEN_VERIFICATION_PEM = "knox.token.verification.pem"; +public static final String KNOX_TOKEN_QUERY_PARAM_NAME = "knox.token.query.param.name"; +public static final String TOKEN_PRINCIPAL_CLAIM = "knox.token.principal.claim"; +public static final String JWKS_URL = "knox.token.jwks.url"; +private static final String BEARER = "Bearer "; +private static final String BASIC = "Basic"; +private static final String TOKEN = "Token"; +private String paramName; @Override public void init( FilterConfig filterConfig ) throws ServletException { @@ -58,16 +63,19 @@ public class JWTFederationFilter extends AbstractJWTFilter { if (queryParamName != null) { paramName = queryParamName; } + // JWKSUrl String oidcjwksurl = filterConfig.getInitParameter(JWKS_URL); if (oidcjwksurl != null) { expectedJWKSUrl = oidcjwksurl; } + // expected claim String oidcPrincipalclaim = filterConfig.getInitParameter(TOKEN_PRINCIPAL_CLAIM); if (oidcPrincipalclaim != null) { expectedPrincipalClaim = oidcPrincipalclaim; } + // token verification pem String verificationPEM = filterConfig.getInitParameter(TOKEN_VERIFICATION_PEM); // setup the public key of the token issuer for verification @@ -104,15 +112,36 @@ public class JWTFederationFilter extends AbstractJWTFilter { } } - public String getWireToken(ServletRequest request) { -final String header = ((HttpServletRequest) request).getHeader("Authorization"); -if (header != null && header.startsWith(BEARER)) { - // what follows the bearer designator should be the JWT token being used to request or as an access token - return header.substring(BEARER.length()); -} else { - // check for query param - return request.getParameter(paramName); -} + public String getWireToken(final ServletRequest request) { + String token = null; + final String header = ((HttpServletRequest)request).getHeader("Authorization"); + if (header != null) { + if (header.startsWith(BEARER)) { + // what follows the bearer designator should be the JWT token being used +// to request or as an access token + token = header.substring(BEARER.length()); + } + else if (header.toLowerCase(Locale.ROOT).startsWith(BASIC.toLowerCase(Locale.ROOT))) { + // what follows
[knox] branch master updated: REVERT - KNOX-2283 - Upgrade curator to 5.1.0 and zookeeper to 3.6.2
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 26161f1 REVERT - KNOX-2283 - Upgrade curator to 5.1.0 and zookeeper to 3.6.2 26161f1 is described below commit 26161f173241d1eaa056657422f72892a340fde0 Author: lmccay AuthorDate: Sun Feb 28 13:55:00 2021 -0500 REVERT - KNOX-2283 - Upgrade curator to 5.1.0 and zookeeper to 3.6.2 --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 88a51dc..4eadaa5 100644 --- a/pom.xml +++ b/pom.xml @@ -183,7 +183,7 @@ 1.9 2.9.1 1.2.4 -5.1.0 +4.3.0 6.0.3 10.14.2.0 1.4.13 @@ -273,7 +273,7 @@ 3.3 2.3.0 0.10 -3.6.2 +3.5.7
[knox] branch master updated: Update CHANGES for both 1.4.0 and 1.5.0 releases
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 6976ece Update CHANGES for both 1.4.0 and 1.5.0 releases 6976ece is described below commit 6976ecec199c8fe13d0f69170f447fc839fc324a Author: lmccay AuthorDate: Sun Dec 6 16:26:54 2020 -0500 Update CHANGES for both 1.4.0 and 1.5.0 releases --- CHANGES | 503 1 file changed, 503 insertions(+) diff --git a/CHANGES b/CHANGES index 32a09f3..0c6efd2 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,507 @@ -- +Release Notes - Apache Knox - Version 1.5.0 +-- +** New Features + * [KNOX-843] - Load Balancing to Proxied Services for HA (disabled by default) (#380) + * [KNOX-2412] - Add Logout Link to Home Page for Select Authentication Providers and KNOXSESSION service (#372) + * [KNOX-2392] - Simple file-based TokenStateService implementation (#350) + * [KNOX-2386] - Added CM service discovery support for Apache Flink (#344) + * [KNOX-2385] - Flink Dashboard (History Server) Support (#343) + * [KNOX-2354] - An HBASEJARS service which can proxy HBase jars hosted by t… (#325) +** Improvements + * [KNOX-2469] - Fixing Knox keystore path directory creation for symlinks (#383) + * [KNOX-2468] - Improve ConfigurableDispatch set cookies (#385) + * [KNOX-2401] - Extend ClientCert Authentication Provider for CN as PrimaryPrincipal (#384) + * [KNOX-2462] - Make credential store type configurable (#381) + * [KNOX-2467] - Enable Jetty's X-Forwarded Header Support (#382) + * [KNOX-2461] - Move JWT token display utility to module shared by server and client modules (#379) + * [KNOX-2459] - KNOX-METADATA, KNOXSSOUT and KNOX-SESSION services do not need any URL or param to be added in the generated topology (#377) + * [KNOX-2453] - Fix Host header handling in websockets (#374) + * [KNOX-2437] - The request url does not have to be coded (#370) + * [KNOX-2408] - Improved AliasBasedTokenState service and house-keeping (#371) + * [KNOX-2402] - Adding Gateway performance testing (#365) + * [KNOX-2413] - Added JWT support in HadoopAuth provider (#367) + * [KNOX-2436] - Add new service for replacing resourceManager property during Oozie usage (#369) + * [KNOX-2435] - Fix NiFi and NiFi Registry UI links in Knox UI (#368) + * [KNOX-2434] - Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS (#366) + * [KNOX-2397] - knox failed to start with error "java.lang.NoSuchMethodError: org.eclipse.persistence.internal.oxm.mappings.Field.setNestedArray(Z)V" (#357) + * [KNOX-2410] - Handling the new 'RestartWaitingForStalenessSuccess' CM audit event (#364) + * [KNOX-2406] - Use dependency bom for dependency management (#363) + * [KNOX-2399] - Implemented ZookeeperTokenStateService (#361) + * [KNOX-2395] - Make Gateway Services Pluggable (#358) + * [KNOX-2343] - Enhanced API services' display on the Knox Home page (#355) + * [KNOX-2255] - Setting HTTP client connection/socket timeout to 5m for certain services as well as replayBufferSize to 65 bytes for RANGER and useTwoWaySsl to true for NIFI/NIFI-REGISTRY by default (#354) + * [KNOX-2344] - Rename gateway-cm-integration module and related resources (#353) + * [KNOX-2382] - Logging token identifier for easier error debugging (#352) + * [KNOX-2393] - Update the property name to 'sso.unauthenticated.path.list' to be in-line with other property names (#351) + * [KNOX-2393] - Add a configurable list of paths that SSOCookieProvider can ignore (#349) + * [KNOX-2390] - Let end-users configure SAML2 client configuration using Pac4J provider parameters (#348) + * [KNOX-2387] - SameSite fix for hadoop-jwt cookie (#347) + * [KNOX-2389] - AliasBasedTokenStateService stops processing persisted journal entries if one is malformed (#346) + * [KNOX-2377] - Address potential loss of token state (#345) + * [KNOX-2381] - racking UI of flink session is broken in YARNUIV2 (#340) + * [KNOX-2383] - Checking token expiration in cache should not depend on the validate flag (#341) + * [KNOX-2384] - Token Service should return expiration from token when renewal disabled (#342) + * [KNOX-2378] - AliasBasedTokenStateService log message is misleading (#339) + * [KNOX-2376] - Ensure all HBASEJARS IN rules are for /hbase/jars and not /hbase/maven (#338) + * [KNOX-2375] - Token state eviction should access the keystore file less frequently (#337) + * [KNOX-2371] - DefaultTopologyService may skip cluster config change processin
svn commit: r1884166 - in /knox: site/books/knox-1-5-0/knoxshell_user_guide.html trunk/books/1.5.0/knoxshell-guide/knoxshell_user_guide.md
Author: lmccay Date: Sun Dec 6 20:43:43 2020 New Revision: 1884166 URL: http://svn.apache.org/viewvc?rev=1884166=rev Log: Update for Release 1.5.0 Modified: knox/site/books/knox-1-5-0/knoxshell_user_guide.html knox/trunk/books/1.5.0/knoxshell-guide/knoxshell_user_guide.md Modified: knox/site/books/knox-1-5-0/knoxshell_user_guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-5-0/knoxshell_user_guide.html?rev=1884166=1884165=1884166=diff == --- knox/site/books/knox-1-5-0/knoxshell_user_guide.html (original) +++ knox/site/books/knox-1-5-0/knoxshell_user_guide.html Sun Dec 6 20:43:43 2020 @@ -17,8 +17,7 @@ -KnoxShell User Guide -Apache Knox version: 1.4.0 +Apache Knox - KnoxShell 1.5.x User Guide Introduction Representing and Working with Tabular Data Modified: knox/trunk/books/1.5.0/knoxshell-guide/knoxshell_user_guide.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.5.0/knoxshell-guide/knoxshell_user_guide.md?rev=1884166=1884165=1884166=diff == --- knox/trunk/books/1.5.0/knoxshell-guide/knoxshell_user_guide.md (original) +++ knox/trunk/books/1.5.0/knoxshell-guide/knoxshell_user_guide.md Sun Dec 6 20:43:43 2020 @@ -20,8 +20,8 @@ -# KnoxShell User Guide -Apache Knox version: 1.4.0 +# Apache Knox - KnoxShell 1.5.x User Guide # + * #[Introduction] * #[Representing and Working with Tabular Data]
svn commit: r1884165 - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/knox-1-3-
Author: lmccay Date: Sun Dec 6 20:38:29 2020 New Revision: 1884165 URL: http://svn.apache.org/viewvc?rev=1884165=rev Log: Update for Release 1.5.0 Removed: knox/site/books/knox-0-12-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-0-12-0/covid19-persistence.png knox/site/books/knox-0-12-0/covid19csv-1.png knox/site/books/knox-0-12-0/covid19nj-1.png knox/site/books/knox-0-12-0/covid19nj-aggregate-1.png knox/site/books/knox-0-12-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-0-12-0/covid19nj.png knox/site/books/knox-0-12-0/fs-mount-login-1.png knox/site/books/knox-0-12-0/knoxline-splash-2.png knox/site/books/knox-0-12-0/knoxshell-help.png knox/site/books/knox-0-13-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-0-13-0/covid19-persistence.png knox/site/books/knox-0-13-0/covid19csv-1.png knox/site/books/knox-0-13-0/covid19nj-1.png knox/site/books/knox-0-13-0/covid19nj-aggregate-1.png knox/site/books/knox-0-13-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-0-13-0/covid19nj.png knox/site/books/knox-0-13-0/fs-mount-login-1.png knox/site/books/knox-0-13-0/knoxline-splash-2.png knox/site/books/knox-0-13-0/knoxshell-help.png knox/site/books/knox-0-14-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-0-14-0/covid19-persistence.png knox/site/books/knox-0-14-0/covid19csv-1.png knox/site/books/knox-0-14-0/covid19nj-1.png knox/site/books/knox-0-14-0/covid19nj-aggregate-1.png knox/site/books/knox-0-14-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-0-14-0/covid19nj.png knox/site/books/knox-0-14-0/fs-mount-login-1.png knox/site/books/knox-0-14-0/knoxline-splash-2.png knox/site/books/knox-0-14-0/knoxshell-help.png knox/site/books/knox-1-0-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-1-0-0/covid19-persistence.png knox/site/books/knox-1-0-0/covid19csv-1.png knox/site/books/knox-1-0-0/covid19nj-1.png knox/site/books/knox-1-0-0/covid19nj-aggregate-1.png knox/site/books/knox-1-0-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-1-0-0/covid19nj.png knox/site/books/knox-1-0-0/fs-mount-login-1.png knox/site/books/knox-1-0-0/knoxline-splash-2.png knox/site/books/knox-1-0-0/knoxshell-help.png knox/site/books/knox-1-1-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-1-1-0/covid19-persistence.png knox/site/books/knox-1-1-0/covid19csv-1.png knox/site/books/knox-1-1-0/covid19nj-1.png knox/site/books/knox-1-1-0/covid19nj-aggregate-1.png knox/site/books/knox-1-1-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-1-1-0/covid19nj.png knox/site/books/knox-1-1-0/fs-mount-login-1.png knox/site/books/knox-1-1-0/knoxline-splash-2.png knox/site/books/knox-1-1-0/knoxshell-help.png knox/site/books/knox-1-2-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-1-2-0/covid19-persistence.png knox/site/books/knox-1-2-0/covid19csv-1.png knox/site/books/knox-1-2-0/covid19nj-1.png knox/site/books/knox-1-2-0/covid19nj-aggregate-1.png knox/site/books/knox-1-2-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-1-2-0/covid19nj.png knox/site/books/knox-1-2-0/fs-mount-login-1.png knox/site/books/knox-1-2-0/knoxline-splash-2.png knox/site/books/knox-1-2-0/knoxshell-help.png knox/site/books/knox-1-3-0/covid19-nj-agg-from-webhdfs-1.png knox/site/books/knox-1-3-0/covid19-persistence.png knox/site/books/knox-1-3-0/covid19csv-1.png knox/site/books/knox-1-3-0/covid19nj-1.png knox/site/books/knox-1-3-0/covid19nj-aggregate-1.png knox/site/books/knox-1-3-0/covid19nj-put-webhdfs-1.png knox/site/books/knox-1-3-0/covid19nj.png knox/site/books/knox-1-3-0/fs-mount-login-1.png knox/site/books/knox-1-3-0/knoxline-splash-2.png knox/site/books/knox-1-3-0/knoxshell-help.png Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site
[knox] annotated tag v1.5.0-release updated (7be81e7 -> a04d024)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.5.0-release in repository https://gitbox.apache.org/repos/asf/knox.git. *** WARNING: tag v1.5.0-release was modified! *** from 7be81e7 (commit) to a04d024 (tag) tagging 7be81e708531914a0fa67658fe7cf02381527019 (commit) replaces v1.5.0-branch by lmccay on Sat Dec 5 22:11:53 2020 -0500 - Log - Release of v1.5.0 --- No new revisions were added by this update. Summary of changes:
svn commit: r44857 - /dev/knox/knox-1.5.0/ /release/knox/1.5.0/
Author: lmccay Date: Sun Dec 6 03:13:24 2020 New Revision: 44857 Log: Releasing Apache Knox Gateway version 1.5.0. Added: release/knox/1.5.0/ - copied from r44856, dev/knox/knox-1.5.0/ Removed: dev/knox/knox-1.5.0/
svn commit: r44629 [3/3] - /dev/knox/knox-1.5.0/
Added: dev/knox/knox-1.5.0/knox-1.5.0-src.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.5.0/knox-1.5.0-src.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.5.0/knox-1.5.0-src.zip.asc == --- dev/knox/knox-1.5.0/knox-1.5.0-src.zip.asc (added) +++ dev/knox/knox-1.5.0/knox-1.5.0-src.zip.asc Sun Nov 22 19:49:43 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl+6wAEACgkQgvnDcVh8 +CJtkxA/+Kj945HI/GW1Wsfp6/O/dc48FHeiCieHW6eXF8uqXM7PrZ84ULcHB+x4T +qy1p8NfwSV9b049ObdHFVc3h9yxg/mL6DSeyiouD3i5u/Ewt7oZvh8Bj9a1snibA +OMRVF2l13L/umyJMFZyypLQkw5bUxm6U4VbcMbyVj5tiXD0fn5kC/E7XDY0QDQOp +KXGJOMeAbKvNEd/RPFAEBJPjQHDY0M/xVO/hauCyAOwO8812gquYB+/cS+bImdCF +Xfr+w5qSzYf5RhbxXbL1aymRzCWx8zravtwGSvG8u8QRCILKT0BqV2LIU66spmIP ++vTtclvE2DPkW1SVDkT6lOOR+LEtj/EBJxN8R/qlA5kJ/G9xfl6WkMCsYcIeFmPo +DQaOtqLHIpegmQbnf2oTYEAg0QGr91MayyXfVVt3NotawWGjRpsOPfn+x6yPFvjM +N4s1EKbwtd0+oh1RBxt4qsXmzGaCGwQjNPIAN0FdyfI759tio9ZzOLk9MUJCY9Et +FK3yUOkg2aOj41lXSdwGfKC0tiugyfPzE/IPK4jFGpQsWZXMl91RNKi3l4WXfYcN +wdzQ4JcZusUabwOgOfQOFtjqgr6Pd7XQRB6YmU63pFx0Sgb6d3MwluZbd4t6azvW +7c3A8IJEYc9npFheXWaAh+wKL0/5EH7dQloVv1f32k8o852ZNYM= +=Y15N +-END PGP SIGNATURE- Added: dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha256 == --- dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha256 (added) +++ dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha256 Sun Nov 22 19:49:43 2020 @@ -0,0 +1 @@ +c2845245165d33e40c9cb753c4432bca23ce585319b4f35f6498764daf8b9c4f Added: dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha512 == --- dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha512 (added) +++ dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha512 Sun Nov 22 19:49:43 2020 @@ -0,0 +1 @@ +422ae060d51474372913c64700cbbf34c23d17865aa45dcd52b2a236b1c9e826ead7598bb9a58100b1d4667b7e92fc551a3104d048d2c940af20df967b9638f6 Added: dev/knox/knox-1.5.0/knox-1.5.0.tar.gz == Binary file - no diff available. Propchange: dev/knox/knox-1.5.0/knox-1.5.0.tar.gz -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.asc == --- dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.asc (added) +++ dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.asc Sun Nov 22 19:49:43 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl+6wAIACgkQgvnDcVh8 +CJtqkA//Y7JD7kj8gLZ9HYbOhOE4f3ivfAd4X+8ygWYtuwGES5hc1ucAxV47OXQ0 +J6XmX+BxOVAoJ3FcZHPIsi5RXmN6Up6pNmg7sPe2nZkmvgZaaGb9lR0P2EBz6XT1 +ZbidAYY8ay92xGAZfU7cnRKG9IPgksBP6O2ZBaA+hi0Rvv4uL+5jgLQCkOzFWgtx +HMow6lBz6dCayQwwbCilQ0C4uJiXNE0BfSL5ieXp7Z1GoP4UcYXIgAWyK347pwP9 +KOtkbv1jWgqdqEz6wo2FAZqBefIL5K58KR008WFZATBKX6638l8ng7be38EpRHHr +0TgUOoft/CYWaGTuv/FRWxvAJhVhnnC8zy9xBRV1JwXlfpE23UiGZMMVSbgded+c +JSEsVYuOzfT9OMsPmm+14sGJtqOvd+DPIDaFXUcobJ8hqIPsUCeoL7aeYPdE6AmJ +cNqS/sFQsi0xhxaeXYc9O3USALwBEqs4SBxURIyntWrXg/4vT26BOkgCMwdzGtdK +7+TQzc+A3zK8ai7SCgcC6Lm0v805J853cKFr9laLxxzTq0do4EKoRcfzbD76F3fG +y+QFIH2V9SUoWnrwlYqd+IhQHNkpxmvjBXg5jdsBLL0URRTz1iJc17qPx4WNpAbB +tfyunqP9QV7aYxYGlhcLf4DU2BlYjvbw/iuKdXRjqZVv3PAN+Ic= +=aaJM +-END PGP SIGNATURE- Added: dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha256 == --- dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha256 (added) +++ dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha256 Sun Nov 22 19:49:43 2020 @@ -0,0 +1 @@ +43511a583bbd29f61b97fb0e2c23b25061f35ff11f0cfcca89da4911bb91d023 Added: dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha512 == --- dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha512 (added) +++ dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha512 Sun Nov 22 19:49:43 2020 @@ -0,0 +1 @@ +0e778c8f12fdb9d0e8b9fc5538b8a45d1c790561923d3588fc822bf589a2a32c6daa708b812eed4e9c82e3d750e86f533b771d58d8780800c38f6b01a5fe5a7e Added: dev/knox/knox-1.5.0/knox-1.5.0.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.5.0/knox-1.5.0.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.5.0/knox-1.5.0.zip.asc == --- dev/knox/knox-1.5.0/knox-1.5.0.zip.asc (added) +++ dev/knox/knox-1.5.0/knox-1.5.0.zip.asc Sun Nov 22 19:49:43 2020 @@ -0,0
svn commit: r44629 [2/3] - /dev/knox/knox-1.5.0/
Added: dev/knox/knox-1.5.0/CHANGES == --- dev/knox/knox-1.5.0/CHANGES (added) +++ dev/knox/knox-1.5.0/CHANGES Sun Nov 22 19:49:43 2020 @@ -0,0 +1,2013 @@ +-- +Release Notes - Apache Knox - Version 1.5.0 +-- +** New Features + * [KNOX-843] - Load Balancing to Proxied Services for HA (disabled by default) (#380) + * [KNOX-2412] - Add Logout Link to Home Page for Select Authentication Providers and KNOXSESSION service (#372) + * [KNOX-2392] - Simple file-based TokenStateService implementation (#350) + * [KNOX-2386] - Added CM service discovery support for Apache Flink (#344) + * [KNOX-2385] - Flink Dashboard (History Server) Support (#343) + * [KNOX-2354] - An HBASEJARS service which can proxy HBase jars hosted by t⦠(#325) +** Improvements + * [KNOX-2469] - Fixing Knox keystore path directory creation for symlinks (#383) + * [KNOX-2468] - Improve ConfigurableDispatch set cookies (#385) + * [KNOX-2401] - Extend ClientCert Authentication Provider for CN as PrimaryPrincipal (#384) + * [KNOX-2462] - Make credential store type configurable (#381) + * [KNOX-2467] - Enable Jetty's X-Forwarded Header Support (#382) + * [KNOX-2461] - Move JWT token display utility to module shared by server and client modules (#379) + * [KNOX-2459] - KNOX-METADATA, KNOXSSOUT and KNOX-SESSION services do not need any URL or param to be added in the generated topology (#377) + * [KNOX-2453] - Fix Host header handling in websockets (#374) + * [KNOX-2437] - The request url does not have to be coded (#370) + * [KNOX-2408] - Improved AliasBasedTokenState service and house-keeping (#371) + * [KNOX-2402] - Adding Gateway performance testing (#365) + * [KNOX-2413] - Added JWT support in HadoopAuth provider (#367) + * [KNOX-2436] - Add new service for replacing resourceManager property during Oozie usage (#369) + * [KNOX-2435] - Fix NiFi and NiFi Registry UI links in Knox UI (#368) + * [KNOX-2434] - Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS (#366) + * [KNOX-2397] - knox failed to start with error "java.lang.NoSuchMethodError: org.eclipse.persistence.internal.oxm.mappings.Field.setNestedArray(Z)V" (#357) + * [KNOX-2410] - Handling the new 'RestartWaitingForStalenessSuccess' CM audit event (#364) + * [KNOX-2406] - Use dependency bom for dependency management (#363) + * [KNOX-2399] - Implemented ZookeeperTokenStateService (#361) + * [KNOX-2395] - Make Gateway Services Pluggable (#358) + * [KNOX-2343] - Enhanced API services' display on the Knox Home page (#355) + * [KNOX-2255] - Setting HTTP client connection/socket timeout to 5m for certain services as well as replayBufferSize to 65 bytes for RANGER and useTwoWaySsl to true for NIFI/NIFI-REGISTRY by default (#354) + * [KNOX-2344] - Rename gateway-cm-integration module and related resources (#353) + * [KNOX-2382] - Logging token identifier for easier error debugging (#352) + * [KNOX-2393] - Update the property name to 'sso.unauthenticated.path.list' to be in-line with other property names (#351) + * [KNOX-2393] - Add a configurable list of paths that SSOCookieProvider can ignore (#349) + * [KNOX-2390] - Let end-users configure SAML2 client configuration using Pac4J provider parameters (#348) + * [KNOX-2387] - SameSite fix for hadoop-jwt cookie (#347) + * [KNOX-2389] - AliasBasedTokenStateService stops processing persisted journal entries if one is malformed (#346) + * [KNOX-2377] - Address potential loss of token state (#345) + * [KNOX-2381] - racking UI of flink session is broken in YARNUIV2 (#340) + * [KNOX-2383] - Checking token expiration in cache should not depend on the validate flag (#341) + * [KNOX-2384] - Token Service should return expiration from token when renewal disabled (#342) + * [KNOX-2378] - AliasBasedTokenStateService log message is misleading (#339) + * [KNOX-2376] - Ensure all HBASEJARS IN rules are for /hbase/jars and not /hbase/maven (#338) + * [KNOX-2375] - Token state eviction should access the keystore file less frequently (#337) + * [KNOX-2371] - DefaultTopologyService may skip cluster config change processing of valid descriptors (#336) + * [KNOX-2366] - Pinned topologies are expanded and general proxy information section is collapsed on HomePage by default (#335) + * [KNOX-2369] - Fix IllegalStateException in case of expired or invalid token (#334) + * [KNOX-2368] - CM Cluster Configuration Monitor Does Not Support Rolling Restart Events + * [KNOX-2367] - Fix rewrite rules for HDFS UI fonts and bootstrap.min.css.map (#332) + * [KNOX-2348] - Fix knoxcli when kerberos auth is
svn commit: r44629 [1/3] - /dev/knox/knox-1.5.0/
Author: lmccay Date: Sun Nov 22 19:49:43 2020 New Revision: 44629 Log: Staging Apache Knox Gateway version 1.5.0. Added: dev/knox/knox-1.5.0/ dev/knox/knox-1.5.0/CHANGES dev/knox/knox-1.5.0/knox-1.5.0-src.zip (with props) dev/knox/knox-1.5.0/knox-1.5.0-src.zip.asc dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha256 dev/knox/knox-1.5.0/knox-1.5.0-src.zip.sha512 dev/knox/knox-1.5.0/knox-1.5.0.tar.gz (with props) dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.asc dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha256 dev/knox/knox-1.5.0/knox-1.5.0.tar.gz.sha512 dev/knox/knox-1.5.0/knox-1.5.0.zip (with props) dev/knox/knox-1.5.0/knox-1.5.0.zip.asc dev/knox/knox-1.5.0/knox-1.5.0.zip.sha256 dev/knox/knox-1.5.0/knox-1.5.0.zip.sha512 dev/knox/knox-1.5.0/knoxshell-1.5.0.tar.gz (with props) dev/knox/knox-1.5.0/knoxshell-1.5.0.tar.gz.asc dev/knox/knox-1.5.0/knoxshell-1.5.0.tar.gz.sha256 dev/knox/knox-1.5.0/knoxshell-1.5.0.tar.gz.sha512 dev/knox/knox-1.5.0/knoxshell-1.5.0.zip (with props) dev/knox/knox-1.5.0/knoxshell-1.5.0.zip.asc dev/knox/knox-1.5.0/knoxshell-1.5.0.zip.sha256 dev/knox/knox-1.5.0/knoxshell-1.5.0.zip.sha512
[knox] annotated tag v1.5.0-rc1 updated (7be81e7 -> 84e53fb)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.5.0-rc1 in repository https://gitbox.apache.org/repos/asf/knox.git. *** WARNING: tag v1.5.0-rc1 was modified! *** from 7be81e7 (commit) to 84e53fb (tag) tagging 7be81e708531914a0fa67658fe7cf02381527019 (commit) replaces v1.5.0-branch by lmccay on Sun Nov 22 14:47:45 2020 -0500 - Log - v1.5.0-rc1 --- No new revisions were added by this update. Summary of changes:
[knox] branch v1.5.0 updated: Updating branch.
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch v1.5.0 in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/v1.5.0 by this push: new 7be81e7 Updating branch. 7be81e7 is described below commit 7be81e708531914a0fa67658fe7cf02381527019 Author: lmccay AuthorDate: Sun Nov 22 10:59:39 2020 -0500 Updating branch. --- CHANGES| 503 + build.xml | 2 +- gateway-adapter/pom.xml| 2 +- gateway-admin-ui/pom.xml | 2 +- gateway-applications/pom.xml | 2 +- gateway-demo-ldap-launcher/pom.xml | 2 +- gateway-demo-ldap/pom.xml | 2 +- gateway-discovery-ambari/pom.xml | 2 +- gateway-discovery-cm/pom.xml | 2 +- gateway-docker/pom.xml | 2 +- .../src/main/resources/docker-compose.yml | 4 +- gateway-i18n-logging-log4j/pom.xml | 2 +- gateway-i18n-logging-sl4j/pom.xml | 2 +- gateway-i18n/pom.xml | 2 +- gateway-performance-test/pom.xml | 2 +- gateway-provider-ha/pom.xml| 2 +- gateway-provider-identity-assertion-common/pom.xml | 2 +- gateway-provider-identity-assertion-concat/pom.xml | 2 +- .../pom.xml| 2 +- gateway-provider-identity-assertion-pseudo/pom.xml | 2 +- gateway-provider-identity-assertion-regex/pom.xml | 2 +- .../pom.xml| 2 +- gateway-provider-jersey/pom.xml| 2 +- gateway-provider-rewrite-common/pom.xml| 2 +- .../pom.xml| 2 +- .../pom.xml| 2 +- .../pom.xml| 2 +- gateway-provider-rewrite-step-encrypt-uri/pom.xml | 2 +- gateway-provider-rewrite-step-secure-query/pom.xml | 2 +- gateway-provider-rewrite/pom.xml | 2 +- gateway-provider-security-authc-anon/pom.xml | 2 +- gateway-provider-security-authz-acls/pom.xml | 2 +- gateway-provider-security-authz-composite/pom.xml | 2 +- gateway-provider-security-clientcert/pom.xml | 2 +- gateway-provider-security-hadoopauth/pom.xml | 2 +- gateway-provider-security-jwt/pom.xml | 2 +- gateway-provider-security-pac4j/pom.xml| 2 +- gateway-provider-security-preauth/pom.xml | 2 +- gateway-provider-security-shiro/pom.xml| 2 +- gateway-provider-security-webappsec/pom.xml| 2 +- gateway-release-common/pom.xml | 2 +- gateway-release/pom.xml| 2 +- gateway-server-launcher/pom.xml| 2 +- gateway-server-xforwarded-filter/pom.xml | 2 +- gateway-server/pom.xml | 2 +- gateway-service-admin/pom.xml | 2 +- gateway-service-as/pom.xml | 2 +- gateway-service-definitions/pom.xml| 2 +- gateway-service-hashicorp-vault/pom.xml| 2 +- gateway-service-hbase/pom.xml | 2 +- gateway-service-health/pom.xml | 2 +- gateway-service-hive/pom.xml | 2 +- gateway-service-impala/pom.xml | 2 +- gateway-service-jkg/pom.xml| 2 +- gateway-service-knoxsso/pom.xml| 2 +- gateway-service-knoxssout/pom.xml | 2 +- gateway-service-knoxtoken/pom.xml | 2 +- gateway-service-livy/pom.xml | 2 +- gateway-service-metadata/pom.xml | 2 +- gateway-service-nifi-registry/pom.xml | 2 +- gateway-service-nifi/pom.xml | 2 +- gateway-service-remoteconfig/pom.xml | 2 +- gateway-service-rm/pom.xml | 2 +- gateway-service-session/pom.xml| 2 +- gateway-service-storm/pom.xml | 2 +- gateway-service-test/pom.xml | 2 +- gateway-service-tgs/pom.xml| 2 +- gateway-service-vault/pom.xml | 2 +- gateway-service-webhdfs/pom.xml| 2 +- gateway-shell-launcher/pom.xml | 2 +- gateway-shell-release/pom.xml | 2 +- gateway-shell-samples/pom.xml | 2 +- gateway-shell/pom.xml | 2 +- gateway-spi/pom.xml| 2 +- gateway-test-release-utils
[knox] branch v1.5.0 created (now 94b445e)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to branch v1.5.0 in repository https://gitbox.apache.org/repos/asf/knox.git. at 94b445e KNOX-2469 - Fixing Knox keystore path directory creation for symlinks (#383) No new revisions were added by this update.
[knox] branch master updated: KNOX-2469 - Fixing Knox keystore path directory creation for symlinks (#383)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 94b445e KNOX-2469 - Fixing Knox keystore path directory creation for symlinks (#383) 94b445e is described below commit 94b445ea18585f0571e177fba72c1af7560943b1 Author: jameschen1519 <57380512+jameschen1...@users.noreply.github.com> AuthorDate: Sat Nov 21 10:22:15 2020 -0800 KNOX-2469 - Fixing Knox keystore path directory creation for symlinks (#383) * Fixing Knox symlink Co-authored-by: James Chen --- .../security/impl/DefaultKeystoreService.java | 10 +++-- .../security/impl/DefaultKeystoreServiceTest.java | 52 +- 2 files changed, 56 insertions(+), 6 deletions(-) diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java index e814bf9..2ed637a 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java @@ -513,12 +513,14 @@ public class DefaultKeystoreService implements KeystoreService { // Package private for unit test access // We need this to be synchronized to prevent multiple threads from using at once synchronized KeyStore createKeyStore(Path keystoreFilePath, String keystoreType, char[] password) throws KeystoreServiceException { -if (Files.notExists(keystoreFilePath)) { - // Ensure the parent directory exists... - try { +// Ensure the parent directory exists... +// This is symlink safe. +Path parentPath = keystoreFilePath.getParent(); +if (parentPath != null && !Files.isDirectory(parentPath)) { + try{ // This will attempt to create all missing directories. No failures will occur if the // directories already exist. -Files.createDirectories(keystoreFilePath.getParent()); +Files.createDirectories(parentPath); } catch (IOException e) { LOG.failedToCreateKeystore(keystoreFilePath.toString(), keystoreType, e); throw new KeystoreServiceException(e); diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreServiceTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreServiceTest.java index c6815b2..85841c3 100644 --- a/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreServiceTest.java +++ b/gateway-server/src/test/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreServiceTest.java @@ -287,7 +287,14 @@ public class DefaultKeystoreServiceTest { .andReturn(null) .atLeastOnce(); -replay(keystoreServiceAlt, masterService); +DefaultKeystoreService keystoreServiceSymlink = createMockBuilder(DefaultKeystoreService.class) +.addMockedMethod("getCredentialForCluster", String.class, String.class) +.createMock(); + expect(keystoreServiceSymlink.getCredentialForCluster(eq(AliasService.NO_CLUSTER_NAME), eq(GatewayConfig.DEFAULT_SIGNING_KEYSTORE_PASSWORD_ALIAS))) +.andReturn(null) +.atLeastOnce(); + +replay(keystoreServiceAlt, keystoreServiceSymlink, masterService); Path baseDir = testFolder.newFolder().toPath(); GatewayConfigImpl config = createGatewayConfig(baseDir); @@ -332,13 +339,54 @@ public class DefaultKeystoreServiceTest { testSigningKeystore(keystoreServiceAlt, customFile, customKeyAlias, masterPassword); +/* *** + * Test Symlink Parent + */ +String symlinkFileName = "symlink_signing.jks"; +Path symlinkSecurityDir = baseDir.resolve("security").resolve("symlink"); +Path symlinkTarget = baseDir.resolve("symlinkTarget"); +Path symlinkParentLink = symlinkSecurityDir.resolve("keystores"); + +try { +//Creating the real path to symlinkParentLink +Files.createDirectories(symlinkTarget.resolve("keystores")); +} catch (IOException e) { +fail("Unable to create symlink target directory."); +} + +try { +Files.createSymbolicLink(symlinkSecurityDir, symlinkTarget); +} catch (IOException e) { +fail("Unable to create symlink while instantiating keystores."); +} + +Path symlinkFile = symlinkParentLink.resolve(symlinkFileName); + +String symlinkKeyAlias = "symlink_alias"; + +config.set(SIGNING_KEYSTORE_NAME, symlinkFileName); +config.set(SIGNING_KEY_ALIAS, symlinkKeyAlias); +config.set(GatewayCon
[knox] branch master updated: KNOX-2401 - Extend ClientCert Authentication Provider for CN as PrimaryPrincipal (#384)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new ed77c70 KNOX-2401 - Extend ClientCert Authentication Provider for CN as PrimaryPrincipal (#384) ed77c70 is described below commit ed77c70a76f351744d7b62b1ef9cacd753ef0ae6 Author: lmccay AuthorDate: Sun Nov 15 18:56:11 2020 -0500 KNOX-2401 - Extend ClientCert Authentication Provider for CN as PrimaryPrincipal (#384) Change-Id: I416ae92a0f01f032e4d0ac9bb5e6bf03ce35267c --- gateway-provider-security-clientcert/pom.xml | 4 +++ .../clientcert/filter/ClientCertFilter.java| 36 -- .../clientcert/filter/ClientCertMessages.java | 28 + 3 files changed, 66 insertions(+), 2 deletions(-) diff --git a/gateway-provider-security-clientcert/pom.xml b/gateway-provider-security-clientcert/pom.xml index 6a32ed1..fe09c7c 100755 --- a/gateway-provider-security-clientcert/pom.xml +++ b/gateway-provider-security-clientcert/pom.xml @@ -31,6 +31,10 @@ org.apache.knox +gateway-i18n + + +org.apache.knox gateway-spi diff --git a/gateway-provider-security-clientcert/src/main/java/org/apache/knox/gateway/clientcert/filter/ClientCertFilter.java b/gateway-provider-security-clientcert/src/main/java/org/apache/knox/gateway/clientcert/filter/ClientCertFilter.java index a7f967a..95de828 100755 --- a/gateway-provider-security-clientcert/src/main/java/org/apache/knox/gateway/clientcert/filter/ClientCertFilter.java +++ b/gateway-provider-security-clientcert/src/main/java/org/apache/knox/gateway/clientcert/filter/ClientCertFilter.java @@ -25,7 +25,9 @@ import org.apache.knox.gateway.audit.api.Auditor; import org.apache.knox.gateway.audit.api.ResourceType; import org.apache.knox.gateway.audit.log4j.audit.AuditConstants; import org.apache.knox.gateway.filter.AbstractGatewayFilter; +import org.apache.knox.gateway.i18n.messages.MessagesFactory; import org.apache.knox.gateway.security.PrimaryPrincipal; +import org.apache.knox.gateway.util.X500PrincipalParser; import java.io.IOException; import java.security.PrivilegedActionException; @@ -33,6 +35,7 @@ import java.security.PrivilegedExceptionAction; import java.security.cert.X509Certificate; import javax.security.auth.Subject; +import javax.security.auth.x500.X500Principal; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; @@ -43,14 +46,25 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ClientCertFilter implements Filter { + private static ClientCertMessages log = MessagesFactory.get( ClientCertMessages.class ); + private static final String CLIENT_CERT_PRINCIPAL_ATTRIBUTE_NAME = "client.cert.principal.attribute.name"; private static AuditService auditService = AuditServiceFactory.getAuditService(); private static Auditor auditor = auditService.getAuditor( AuditConstants.DEFAULT_AUDITOR_NAME, AuditConstants.KNOX_SERVICE_NAME, AuditConstants.KNOX_COMPONENT_NAME ); + private String principalAttributeName; @Override public void init(FilterConfig filterConfig) { - +principalAttributeName = filterConfig.getInitParameter(CLIENT_CERT_PRINCIPAL_ATTRIBUTE_NAME); +if (principalAttributeName == null) { + principalAttributeName = "DN"; +} +else if (!"DN".equalsIgnoreCase(principalAttributeName) && +!"CN".equalsIgnoreCase(principalAttributeName)) { + log.unknownCertificateAttribute(principalAttributeName); + principalAttributeName = "DN"; +} } @Override @@ -58,7 +72,7 @@ public class ClientCertFilter implements Filter { HttpServletRequest httpRequest = (HttpServletRequest)request; X509Certificate cert = extractCertificate(httpRequest); if (cert != null) { - String principal = cert.getSubjectDN().getName(); + String principal = extractPrincipalFromCert(cert); Subject subject = new Subject(); subject.getPrincipals().add(new PrimaryPrincipal(principal)); @@ -71,6 +85,24 @@ public class ClientCertFilter implements Filter { } } + private String extractPrincipalFromCert(X509Certificate cert) { +String p = null; +if ("DN".equalsIgnoreCase(principalAttributeName)) { + p = cert.getSubjectDN().getName(); +} +else if ("CN".equalsIgnoreCase(principalAttributeName)) { + X500Principal x500Principal = cert.getSubjectX500Principal(); + X500PrincipalParser parser = new X500PrincipalParser(x500Principal); + p = parser.getCN(); +} +else { + log.unknownCertificateAttribute(principalAttributeName); + p = cert.getSu
[knox] branch master updated: KNOX-2467 - Enable Jetty's X-Forwarded Header Support (#382)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 11a9b6e KNOX-2467 - Enable Jetty's X-Forwarded Header Support (#382) 11a9b6e is described below commit 11a9b6e47465ddc5d374d2fcd444b915cb1bd32d Author: lmccay AuthorDate: Sun Nov 1 20:12:09 2020 -0500 KNOX-2467 - Enable Jetty's X-Forwarded Header Support (#382) * KNOX-2467 - Enable Jetty's X-Forwarded Header Support --- .../provider/federation/jwt/JWTMessages.java | 3 + .../jwt/filter/SSOCookieFederationFilter.java | 49 +++-- .../provider/federation/SSOCookieProviderTest.java | 82 -- .../org/apache/knox/gateway/GatewayServer.java | 4 ++ .../gateway/config/impl/GatewayConfigImpl.java | 6 ++ .../apache/knox/gateway/config/GatewayConfig.java | 7 ++ .../org/apache/knox/gateway/GatewayTestConfig.java | 4 ++ .../apache/knox/gateway/GatewayBasicFuncTest.java | 19 ++--- 8 files changed, 135 insertions(+), 39 deletions(-) diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/JWTMessages.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/JWTMessages.java index 72696c0..e5ce601 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/JWTMessages.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/JWTMessages.java @@ -58,4 +58,7 @@ public interface JWTMessages { @Message( level = MessageLevel.INFO, text = "Path {0} is configured as unauthenticated path, letting the request {1} through" ) void unauthenticatedPathBypass(String path, String uri); + + @Message( level = MessageLevel.WARN, text = "Unable to vderive authentication provider url: {0}" ) + void failedToDeriveAuthenticationProviderUrl(@StackTrace( level = MessageLevel.ERROR) Exception e); } diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java index db56f55..7cf2804 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java @@ -38,6 +38,8 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; import java.nio.charset.StandardCharsets; import java.text.ParseException; import java.util.HashSet; @@ -220,14 +222,18 @@ public class SSOCookieFederationFilter extends AbstractJWTFilter { * @return url to use as login url for redirect */ protected String constructLoginURL(HttpServletRequest request) { +String providerURL = null; String delimiter = "?"; if (authenticationProviderUrl == null) { - authenticationProviderUrl = deriveDefaultAuthenticationProviderUrl(request); + providerURL = deriveDefaultAuthenticationProviderUrl(request); } -if (authenticationProviderUrl.contains("?")) { +else { + providerURL = authenticationProviderUrl; +} +if (providerURL.contains("?")) { delimiter = "&"; } -return authenticationProviderUrl + delimiter +return providerURL + delimiter + ORIGINAL_URL_QUERY_PARAM + request.getRequestURL().append(getOriginalQueryString(request)); } @@ -239,31 +245,28 @@ public class SSOCookieFederationFilter extends AbstractJWTFilter { * @return url that is based on KnoxSSO endpoint */ public String deriveDefaultAuthenticationProviderUrl(HttpServletRequest request) { +String providerURL = null; String scheme; String host; int port; -if (!beingProxied(request)) { - scheme = request.getScheme(); - host = request.getServerName(); - port = request.getServerPort(); -} -else { - scheme = request.getHeader(X_FORWARDED_PROTO); - host = request.getHeader(X_FORWARDED_HOST); - port = Integer.parseInt(request.getHeader(X_FORWARDED_PORT)); -} -StringBuilder sb = new StringBuilder(scheme); -sb.append("://").append(host); -if (!host.contains(":")) { - sb.append(':').append(port); -} -sb.append('/').append(gatewayPath).append("/knoxsso/api/v1/websso"); +try { + URL url = new URL(request.getRequestURL().toString()); + schem
[knox] branch master updated: KNOX-2412 - Add Logout Link to Home Page for Select Authentication Pr… (#372)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 235bfd4 KNOX-2412 - Add Logout Link to Home Page for Select Authentication Pr… (#372) 235bfd4 is described below commit 235bfd4333a77871acccb127663faf22c82dad6e Author: lmccay AuthorDate: Sat Sep 5 20:21:26 2020 -0400 KNOX-2412 - Add Logout Link to Home Page for Select Authentication Pr… (#372) * KNOX-2412 - Add Logout Link to Home Page for Select Authentication Providers --- gateway-release/home/conf/gateway-site.xml | 7 ++ gateway-release/home/conf/topologies/homepage.xml | 6 ++ gateway-release/pom.xml| 2 +- .../gateway/config/impl/GatewayConfigImpl.java | 6 ++ .../gateway/service/knoxsso/WebSSOutResource.java | 2 +- .../KnoxSSOutServiceDeploymentContributor.java | 2 +- gateway-service-session/pom.xml| 74 ++ .../service/session/SessionInformation.java| 34 + .../session/SessionInformationMarshaller.java | 89 ++ .../gateway/service/session/SessionResource.java | 65 .../SessionServiceDeploymentContributor.java | 12 +-- .../service/session/SessionServiceMessages.java| 31 ++-- ...nox.gateway.deploy.ServiceDeploymentContributor | 18 + .../apache/knox/gateway/config/GatewayConfig.java | 5 ++ .../org/apache/knox/gateway/GatewayTestConfig.java | 5 ++ knox-homepage-ui/home/app/app.module.ts| 9 ++- knox-homepage-ui/home/app/homepage.service.ts | 34 + .../session.information.component.html | 35 + .../session.information.component.ts | 80 +++ .../app/sessionInformation/session.information.ts | 21 + knox-homepage-ui/home/index.html | 1 + pom.xml| 6 ++ 22 files changed, 493 insertions(+), 51 deletions(-) diff --git a/gateway-release/home/conf/gateway-site.xml b/gateway-release/home/conf/gateway-site.xml index 7ca8705..eea1879 100644 --- a/gateway-release/home/conf/gateway-site.xml +++ b/gateway-release/home/conf/gateway-site.xml @@ -89,6 +89,13 @@ limitations under the License. The interval (in seconds) for polling Ambari for cluster configuration changes. + + +knox.homepage.logout.enabled +true +Enable/disable logout from the Knox Homepage. + + gateway.knox.admin.groups diff --git a/gateway-release/home/conf/topologies/homepage.xml b/gateway-release/home/conf/topologies/homepage.xml index 97ed15a..edf463e 100644 --- a/gateway-release/home/conf/topologies/homepage.xml +++ b/gateway-release/home/conf/topologies/homepage.xml @@ -54,6 +54,12 @@ + KNOXSSOUT + + + KNOX-SESSION + + KNOX-METADATA diff --git a/gateway-release/pom.xml b/gateway-release/pom.xml index 4271b4c..73b6920 100644 --- a/gateway-release/pom.xml +++ b/gateway-release/pom.xml @@ -451,7 +451,7 @@ org.apache.knox -gateway-service-metadata +gateway-service-session diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java b/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java index 6fe3af2..5329320 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java @@ -261,6 +261,7 @@ public class GatewayConfigImpl extends Configuration implements GatewayConfig { private static final String KNOX_HOMEPAGE_PINNED_TOPOLOGIES = "knox.homepage.pinned.topologies"; private static final String KNOX_HOMEPAGE_HIDDEN_TOPOLOGIES = "knox.homepage.hidden.topologies"; private static final Set KNOX_HOMEPAGE_HIDDEN_TOPOLOGIES_DEFAULT = new HashSet<>(Arrays.asList("admin", "manager", "knoxsso", "metadata", "homepage")); + private static final String KNOX_HOMEPAGE_LOGOUT_ENABLED = "knox.homepage.logout.enabled"; public GatewayConfigImpl() { init(); @@ -1174,4 +1175,9 @@ public class GatewayConfigImpl extends Configuration implements GatewayConfig { return get(GATEWAY_SERVICE_PREFIX + service + "." + parameter, ""); } + @Override + public boolean homePageLogoutEnabled() { +return getBoolean(KNOX_HOMEPAGE_LOGOUT_ENABLED, false); + } + } diff --git a/gateway-service-knoxssout/src/main/java/org/apache/knox/gateway/service/knoxsso/WebSSOutResource.java b/gateway-service-knoxssout/src/main/java/org/apache/knox/gateway/ser
svn commit: r1877047 - in /knox/site: ./ books/knox-0-12-0/ books/knox-0-13-0/ books/knox-0-14-0/ books/knox-1-0-0/ books/knox-1-1-0/ books/knox-1-2-0/ books/knox-1-3-0/ books/knox-1-4-0/
Author: lmccay Date: Mon Apr 27 03:42:33 2020 New Revision: 1877047 URL: http://svn.apache.org/viewvc?rev=1877047=rev Log: Update for Knox 1.4.0 Release Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-2-0/deployment-overview.png knox/site/books/knox-1-2-0/deployment-provider.png knox/site/books/knox-1-2-0/deployment-service.png knox/site/books/knox-1-2-0/general_saml_flow.png knox/site/books/knox-1-2-0/runtime-overview.png knox/site/books/knox-1-2-0/runtime-request-processing.png knox/site/books/knox-1-3-0/deployment-overview.png knox/site/books/knox-1-3-0/deployment-provider.png knox/site/books/knox-1-3-0/deployment-service.png knox/site/books/knox-1-3-0/general_saml_flow.png knox/site/books/knox-1-3-0/runtime-overview.png knox/site/books/knox-1-3-0/runtime-request-processing.png knox/site/books/knox-1-4-0/deployment-overview.png knox/site/books/knox-1-4-0/deployment-provider.png knox/site/books/knox-1-4-0/deployment-service.png knox/site/books/knox-1-4-0/general_saml_flow.png knox/site/books/knox-1-4-0/runtime-overview.png knox/site/books/knox-1-4-0/runtime-request-processing.png knox/site/index.html knox/site/issue-management.html knox/site/licenses.html knox/site/mailing-lists.html knox/site/project-info.html knox/site/team.html Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1877047=1877046=1877047=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1877047=1877046=1877047=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1877047=1877046=1877047=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1877047=1877046=1877047=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1877047=1877046=1877047=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1877047=1877046=1877047=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-overview.png?rev=1877047=1877046=1877047=diff
svn commit: r1877046 - in /knox/trunk: build.xml src/site/markdown/index.md src/site/site.xml
Author: lmccay Date: Mon Apr 27 03:38:48 2020 New Revision: 1877046 URL: http://svn.apache.org/viewvc?rev=1877046=rev Log: Update for Knox 1.4.0 Release Modified: knox/trunk/build.xml knox/trunk/src/site/markdown/index.md knox/trunk/src/site/site.xml Modified: knox/trunk/build.xml URL: http://svn.apache.org/viewvc/knox/trunk/build.xml?rev=1877046=1877045=1877046=diff == --- knox/trunk/build.xml (original) +++ knox/trunk/build.xml Mon Apr 27 03:38:48 2020 @@ -255,10 +255,10 @@ - + - + Modified: knox/trunk/src/site/markdown/index.md URL: http://svn.apache.org/viewvc/knox/trunk/src/site/markdown/index.md?rev=1877046=1877045=1877046=diff == --- knox/trunk/src/site/markdown/index.md (original) +++ knox/trunk/src/site/markdown/index.md Mon Apr 27 03:38:48 2020 @@ -14,7 +14,7 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY See the License for the specific language governing permissions and limitations under the License. --> -Announcing Apache Knox 1.3.0! +Announcing Apache Knox 1.4.0! REST API and Application Gateway for the Apache Hadoop Ecosystem @@ -37,6 +37,7 @@ Authentication for REST API access as we * **Client Services** Client development can be done with scripting through DSL or using the Knox Shell classes directly as SDK. +The KnoxShell interactive scripting environment combines the interactive shell of groovy shell with the Knox Shell SDK classes for a interating with data from your deployed Hadoop cluster. Overview @@ -72,6 +73,7 @@ provides the enterprise with a solution The following Apache Hadoop ecosystem services have integrations with the Knox Gateway: Ambari +Cloudera Manager WebHDFS (HDFS) Yarn RM Stargate (Apache HBase) @@ -93,6 +95,7 @@ Apache Oozie UI Apache HBase UI Apache Spark UI Apache Ambari UI +Apache Impala Apache Ranger Admin Console Apache Zeppelin Apache NiFi Modified: knox/trunk/src/site/site.xml URL: http://svn.apache.org/viewvc/knox/trunk/src/site/site.xml?rev=1877046=1877045=1877046=diff == --- knox/trunk/src/site/site.xml (original) +++ knox/trunk/src/site/site.xml Mon Apr 27 03:38:48 2020 @@ -73,9 +73,10 @@ - - - + + + + https://cwiki.apache.org/confluence/display/KNOX/Index"/>
svn commit: r39121 - /dev/knox/knox-1.4.0/ /release/knox/1.4.0/
Author: lmccay Date: Sun Apr 26 19:48:58 2020 New Revision: 39121 Log: Releasing Apache Knox Gateway version 1.4.0. Added: release/knox/1.4.0/ - copied from r39120, dev/knox/knox-1.4.0/ Removed: dev/knox/knox-1.4.0/
[knox] annotated tag v1.4.0-release created (now dbd06bf)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.4.0-release in repository https://gitbox.apache.org/repos/asf/knox.git. at dbd06bf (tag) tagging 82d18f7c09c433aeee23888bfb49202b27100b44 (commit) replaces v1.4.0-rc2 by lmccay on Sun Apr 26 15:40:17 2020 -0400 - Log - Release of v1.4.0 --- No new revisions were added by this update.
svn commit: r39058 [1/3] - /dev/knox/knox-1.4.0/
Author: lmccay Date: Wed Apr 22 16:31:54 2020 New Revision: 39058 Log: Staging Apache Knox Gateway version 1.4.0. Added: dev/knox/knox-1.4.0/ dev/knox/knox-1.4.0/CHANGES dev/knox/knox-1.4.0/knox-1.4.0-src.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knox-1.4.0.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0.zip.asc dev/knox/knox-1.4.0/knox-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0.zip.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha512
svn commit: r39058 [3/3] - /dev/knox/knox-1.4.0/
Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0-src.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc Wed Apr 22 16:31:54 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl6gcF8ACgkQgvnDcVh8 +CJt/txAAhbJMVzzurPtELYmiroNudnVnNh9vBgtz1rxsUcMnwkg2Kc/vfldFIRvP +EFvZ3dzfrsK2+Eq21Ou61I+dqC7xqz2PZYd+Mz3tXQn7p461HbfgrWeoAxRsIo+3 +xSffta98Jce8l5AtovYLAJt4pSTtG4brrCb3yZwlYn744N8tGsDBmDUIDwN5WO+B +iEv8JhNSQZZMwBt2oHJXpCauSH2Vja6cMZh6docTnrLRuGpGC9JJBQw/oHvtZexM +KgMctM9PR06zqz9C5tNNoJIkKki+cWwkqUUyB28kdiQA1UZ4coJMGJLGwsYhGSYO +6yZIPpGV3N+i/gVM/i/TDZTnmjHzqf5HMCps4onmOp4WoL0yn6Z+1VLgjw+j3AmC +IdQLW2kGkn/sAC3wOIwzupt2goH+4fXs8boL6r2nlUAvpy7BbD4/cVRySDm3odw6 +p6IvMS1JGbnbc1AY1RC0EZinrl2vfgrzzOr3sxCtcXRiwx2AicsTicYlELNnOPQH +cc73Q+vizSsNUnnAgjkkEfrSOsdJ18P3nIz045wZ9PSKdT3vj4qsDdBZJVhY6J3J +zFW5haaeMt6C7dcPzTcOeLWjHRggZcqzyy1950rLYuoC3sek6x9NANUZgL11Oi3O +r8l7cryEuir0bHiTZAU6k/g0Oz6rywApN5m5wqrkbI9UUaGcqVs= +=0r+A +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 Wed Apr 22 16:31:54 2020 @@ -0,0 +1 @@ +e057d2fa6acd40199fa54b755720414bb62790a45f2cb0754d5dce58006a068a Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 Wed Apr 22 16:31:54 2020 @@ -0,0 +1 @@ +a85f0ec134c427d612236df71b159655c7ca45ee7d7b1f89f59da875cffa9425d328f8387937648815a2047159e3c77e1d264271ead92f275e2170c29eaa0dda Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc Wed Apr 22 16:31:54 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl6gcGAACgkQgvnDcVh8 +CJvU9xAAjYzBE2HbYl4/3sxBfr8WstMM0ioqRIsQ1qRyrujb+Xm8aUiRAzIcnKv9 +3lBhn7UlrFwSEimOnrEC7asxIbB64GWYHukKF8fLV57Uj8tqIKdsMdJVy51vqZiD +aEdKgTiDfuAr1CLuGYcqjsM7MSQyCMyJ4Jg2j/nClTc1RiZQUFcCRWNMvb4aKSYI +gLVFkd9hSvhheH9O2bTNp+/J2ODkHI6mvDyhWO899TFl0JGkLfooZP4gCaJ0Yud8 +2swoCmAowULLE1BjRdi0JAvC+QQ/0b8eoEeIXk13WFqeIVDGQXHvOpox+vKw8nRh +cV+SdKi4dHJntUWOr0EZz/lrx0KKn0FuQrlKhrsrgBrwsidOKfAOXizpeKDP5Aa0 +rMFoRgzHSeV2mXBdXvhx/jouCR9WQxKrRuxG/fio4nm5VPhLxNsFS+xOk8Q12jFm +6vIortKRtH2CYpVw2YXc7vc+tjKCRvHaFwMT+PNmmYPTECBGhWGY0rzOZTN2tjSL +muKnJSUO7dDIgQuPVSbISIW2EUKNsjq1DmMihpN7oNl5WX7LKc34x0FuVHwkziWD +GdXfRxE11Ed3EOWK/n8n/qGLzS7t4NWBL/XH38pIXWcdKDeDxnTmaj9TChrxU6iO +H5Z8bBXUSslCkkM/8+YC5PYRaUJvjWOzMMZHxSQ/gfpixGfN/pE= +=YZWt +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 Wed Apr 22 16:31:54 2020 @@ -0,0 +1 @@ +c2c535aeff4f01f8adda7ef0d25309d5b160eeb8b99605468156d3ff4a88e333 Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 Wed Apr 22 16:31:54 2020 @@ -0,0 +1 @@ +e72f10058ad03c47cfadff8a93fe92e21f5e3fadb6fd459b2d75d8b3b411de94274f3da6ba7c80983ebe87fd7702a8c892225d484c5c6494dced5f17d8f04bd3 Added: dev/knox/knox-1.4.0/knox-1.4.0.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.zip.asc Wed Apr 22 16:31:54 2020 @@ -0,0
svn commit: r39058 [2/3] - /dev/knox/knox-1.4.0/
+* [KNOX-1501] - Upgrade hadoop to 3.1.1 +* [KNOX-1511] - Enable forbiddenapis commons-io signatures +* [KNOX-1512] - Replace deprecated EasyMock new Capture() calls +* [KNOX-1516] - Upgrade Jetty to 9.4.12 +* [KNOX-1518] - Large HDFS file downloads are incomplete when content is gzipped +* [KNOX-1521] - Implement UrlRewriteRequestStream methods for performance +* [KNOX-1522] - Add HA support for HadoopAuthProvider +* [KNOX-1528] - Remove hadoop-common dependency from gateway-spi module +* [KNOX-1530] - Improve Gzip Compression Handling Performance +* [KNOX-1537] - Cleanup gateway-group no value errors +* [KNOX-1538] - Remove TODO Auto-generated +* [KNOX-1540] - Use StandardCharsets where possible +* [KNOX-1544] - KnoxTokenCredentialCollector should not call System.exit() +* [KNOX-1545] - KnoxTokenCredentialCollector should expose the type of the collected token +* [KNOX-1546] - Fix javadoc errors and warnings +* [KNOX-1547] - Add Ability to set the Truststore Location and Password to KnoxShell +* [KNOX-1553] - Update documentation to reference org.apache.knox instead of org.apache.hadoop.gateway +* [KNOX-1554] - Allow Knox site to be built with JDK 11 +* [KNOX-1555] - Update DOAP file +* [KNOX-1630] - Generate sha256 and sha512 checksums instead of md5 and sha1 + +** Bug +* [KNOX-720] - Knox DSL - Ensure that HTTP client is closed on shutdown +* [KNOX-1093] - KNOX Not Handling safemode state of one of the NameNode In HA state +* [KNOX-1098] - Livy proxyUser should be added when not present +* [KNOX-1152] - Guard Against Missing Subject in Identity Assertion (Rick Kellogg via Kevin Risden) +* [KNOX-1165] - Another unnamed CacheManager already exists in the same VM +* [KNOX-1207] - YARN V1 UI and MapReduce Job History UI - Rewrite rule bugs +* [KNOX-1218] - LDAP Group Lookup appears twice in User Guide TOC +* [KNOX-1221] - WebHDFS read/write performance limitations +* [KNOX-1222] - Discovery API requests fail against Docker Sandbox +* [KNOX-1247] - Knox Cloud Federation +* [KNOX-1337] - Cleanup AbstractGatewayDispatch +* [KNOX-1405] - Download page must link to KEYS and contain verification details +* [KNOX-1412] - Failure while executing a `curl` command using Content-Type: text/xml" "Content-Encoding: gzip" +* [KNOX-1415] - Upgrade Jetty to 9.2.25 +* [KNOX-1416] - Upgrade Spring Framework to 4.3.17 +* [KNOX-1417] - Upgrade Bouncy Castle Dependency from Pac4J +* [KNOX-1420] - Add app.css path for Zeppelin's style sheet (Prabhjyot Singh via Sandeep More) +* [KNOX-1422] - Whitelisting not working as expected for knoxauth redirects +* [KNOX-1424] - knox renaming "app" to "/gateway/ui_ns1/zeppelin/app" (Sameer Shaikh via Sandeep More) +* [KNOX-1429] - HadoopAuthFilter avoid logging sensitive values +* [KNOX-1430] - Potential output stream handle leak when copyLarge files in streamResponse (Guang Yang via lmccay) +* [KNOX-1433] - RMHaBaseDispatcher Class Cleanup - SafeModeException +* [KNOX-1434] - Visiting Knox Admin UI forces subsequent requests to other services redirect to HTTPS (Vipin Rathor via Sandeep More) +* [KNOX-1436] - AbstractHdfsHaDispatch failoverRequest - Improve Failover Logging +* [KNOX-1445] - Ensure that gateway-adapter module classes have @Deprecated annotation +* [KNOX-1459] - Remove testng assertions +* [KNOX-1505] - Knox should close CuratorFramework clients when finished +* [KNOX-1519] - Fix 404s in the documentation +* [KNOX-1520] - markbook refers to wrong parent-pom version +* [KNOX-1523] - XML parsing cleanup +* [KNOX-1526] - Upgrade Jetty to 9.2.26 +* [KNOX-1529] - gateway-shell-release doesn't include shaded jar +* [KNOX-1541] - Rename Hadoop class in KnoxShell to KnoxSession +* [KNOX-1556] - [Rewrite Rule] Apache Ambari Favicon and link to NOTICE.txt does not work when using Knox Gateway +* [KNOX-1557] - Knox service cannot be added to proxied Ambari (through Knox) because master password field is readonly +* [KNOX-1558] - KnoxToken service returns wrong content type and content length values +* [KNOX-1577] - Knox automatically derived dispatch whitelist doesn't seem to actually match the knox domain (Phil Zampino and Vipin Rathor via Kevin Risden) +* [KNOX-1596] - YARNUIV2 Remove policies from service.xml (Sunil Govindan via Kevin Risden) +* [KNOX-1602] - JsonFilterReader should handle strings, numbers, booleans, and null at root +* [KNOX-1612] - GatewayAdminTopologyFuncTest#testPutTopology ClassNotFoundException +* [KNOX-1616] - Fix portmapping with Jetty 9.4 +* [KNOX-1639] - java.lang.IllegalStateException: No org.apache.tomcat.InstanceManager set in ServletContext +* [KNOX-1645] - Improve JSESSIONID handling +* [KNOX-1651] - Cleanup IdentityAsserterMessages interfaces +
svn commit: r39057 - /dev/knox/knox-1.4.0/
Author: lmccay Date: Wed Apr 22 16:30:50 2020 New Revision: 39057 Log: Removing Apache Knox Gateway version 1.4.0 from staging. Removed: dev/knox/knox-1.4.0/
[knox] annotated tag v1.4.0-rc3 created (now a6aa5f5)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.4.0-rc3 in repository https://gitbox.apache.org/repos/asf/knox.git. at a6aa5f5 (tag) tagging 82d18f7c09c433aeee23888bfb49202b27100b44 (commit) replaces v1.4.0-rc2 by Larry McCay on Wed Apr 22 12:29:10 2020 -0400 - Log - v1.4.0-rc3 --- No new revisions were added by this update.
[knox] branch v1.4.0 updated: Update CHANGES for fixes on 1.4.0 RC 1 and 2 issues
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch v1.4.0 in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/v1.4.0 by this push: new 82d18f7 Update CHANGES for fixes on 1.4.0 RC 1 and 2 issues 82d18f7 is described below commit 82d18f7c09c433aeee23888bfb49202b27100b44 Author: lmccay AuthorDate: Wed Apr 22 11:01:11 2020 -0400 Update CHANGES for fixes on 1.4.0 RC 1 and 2 issues --- CHANGES | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 6687391..595bf7e 100644 --- a/CHANGES +++ b/CHANGES @@ -195,7 +195,7 @@ Release Notes - Apache Knox - Version 1.4.0 * [KNOX-2050] - Upgrade jackson to 2.10.0 * [KNOX-2015] - Allow end-users to exclude only certain directives of the SET-COOKIE HTTP header (#154) * [KNOX-2024] - Fix testNameMethod test -* [KNOX-1996]: Adding changes to remove extra / while generating backedn … (#142) +* [KNOX-1996] - Adding changes to remove extra / while generating backedn … (#142) * [KNOX-2048] - Upgrade pac4j to 3.8.2 * [KNOX-2047] - Upgrade dependency-check-maven to 5.2.2 * [KNOX-2046] - Upgrade hadoop to 3.2.1 @@ -385,6 +385,10 @@ Release Notes - Apache Knox - Version 1.4.0 * [KNOX-2200] - DefaultKeystoreService can lose entries under concurrent access (#243) * [KNOX-2002] - Fix KnoxShellTableTest build errors * [KNOX-1742] - Fix javadoc warning +* [KNOX-2350] - Handling event types w/o COMMAND and/or COMMAND_STATUS attributes when polling CM events (#318) (#319) +* [KNOX-2353] - Disabled CM descriptor monitoring and advanced service discovery changes monitoring by default (#320) +* [KNOX-2347] - Disable shellcheck for github actions (#317) +* [KNOX-2345] - KnoxShellTable must handle NULL cols -- Release Notes - Apache Knox - Version 1.3.0
[knox] annotated tag v1.5.0-branch created (now 9a15453)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.5.0-branch in repository https://gitbox.apache.org/repos/asf/knox.git. at 9a15453 (tag) tagging 3189fe7b9f02a0318f62662fa1eaf6369a0ee6e6 (commit) replaces v1.3.0-branch by lmccay on Sun Apr 19 16:40:00 2020 -0400 - Log - Branch point for v1.5.0 --- No new revisions were added by this update.
[knox] annotated tag v1.4.0-branch updated (e319a14 -> 98fe3d2)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.4.0-branch in repository https://gitbox.apache.org/repos/asf/knox.git. *** WARNING: tag v1.4.0-branch was modified! *** from e319a14 (tag) to 98fe3d2 (tag) tagging 3d0e3b5a6c05a1da9a4af3925307497b8b9a2d5a (commit) replaces v1.2.0-branch by root on Sat Jun 29 15:45:25 2019 -0400 - Log - Branch point for v1.4.0 --- omit 3189fe7 KNOX-2339 - Add Github Actions for CI (#311) omit 4127124 KNOX-2321. /LogLevel with knox not working for Hdfs web ui endpoints. (#314) omit 1834c67 KNOX-2341 - KnoxShell Custom Commands need Description and Usage Details (#313) omit 0e04e5c KNOX-2340 - Fix DefaultTokenStateServiceTest timeouts (#312) omit b5d97a1 KNOX-2338 - Upgrade apacheds.directory.server.version to 2.0.0.AM26 (#309) omit dc71011 Revert "KNOX-2335 - Upgrade java-support to 8.0.0" omit 7a8b459 KNOX-2332 - Upgrade spotbugs-maven-plugin to 4.0.0 omit 8f39d03 KNOX-2331 - Upgrade spotbugs to 4.0.1 omit 7f8a5a0 KNOX-2330 - Upgrade spring-core to 5.2.5.RELEASE omit 31df513 KNOX-2333 - Upgrade rest-assured to 4.3.0 omit 94ce397 KNOX-2322 - Upgrade nimbus-jose-jwt to 8.14.1 omit e3079b2 KNOX-2324 - Upgrade metrics to 4.1.6 omit d35f3de KNOX-2334 - Upgrade maven-dependency-plugin to 3.1.2 omit e6aaf40 KNOX-2335 - Upgrade java-support to 8.0.0 omit 0449ee6 KNOX-2336 - Upgrade httpclient to 4.5.12 omit b174138 KNOX-2323 - Upgrade groovy to 3.0.3 omit b146ae7 KNOX-2329 - Upgrade dependency-check-maven to 5.3.2 omit fe2dc0e KNOX-2327 - Upgrade commons-lang3 to 3.10 omit 060ba83 KNOX-2328 - Upgrade checkstyle to 8.31 omit 4dc04c5 KNOX-2326 - Upgrade bcprov-jdk15on to 1.65 omit f857f7c KNOX-2325 - Upgrade asm to 8.0.1 omit 7a93dd4 Minor javadoc fixes omit 8920651 KNOX-2304 - CM discovery cluster config monitor needs to be aware of … (#307) omit d3b556b KNOX-2320 - Upgrade xmlsec to 2.1.5 omit 92b2ac4 KNOX-2319 - Upgrade commons-compress to 1.20 omit 38b56bb KNOX-2315 - Fix zookeeper Kerberos Auth (#304) omit aaf1748 KNOX-2316 - Knox Token State Eviction Must Consider Maximum Token Lifetime (#306) omit 0026377 KNOX-2317 - Open UI services from Knox Home page on new tabs (#305) omit fd8e1bb KNOX-2262 - Accessing hbase logs through knox exposes hbase endpoint url instead of routing through knox omit 52ca823 KNOX-2314 - NPE from topology Service equals implementation when no URLs (#303) omit 46ccd34 KNOX-2310 - Add aggregate method to KnoxShellTable (#302) omit b225050 KNOX-2308 - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300) omit 9a7767a KNOX-2307 - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301) omit b93cc1c KNOX-2240 - KnoxShell Custom Command for WEBHDFS Use (#296) omit 3d17ede KNOX-2301 and KNOX-2302 (#297) omit 0ec8ce1 KNOX-2287 KnoxCLI convert topology to provider and descriptor (#292) omit ffa7f55 KNOX-2305 - Blacklist Maven 3.6.2 and move cloudera repository to child pom (#295) omit 840af4f KNOX-2300 - Livy and Solr handled as both API and UI services (#294) omit bef8b19 KNOX-2299 - Fixed Hive JDBC URL on Knox Home page (#293) omit 998e720 KNOX-2296 - Passing down the service URL field when building up a service model (#290) omit 49d08ba KNOX-2298 - ClouderaManager cluster config monitor should stop monitoring unreferenced clusters (#291) omit 36155bc KNOX-2295 - UI services improvement on Knox Home page (#289) omit 58d8479 KNOX-2289 - Passing GatewayServer.getGatewayServices() to SimpleDescriptorHandler.handle() as it needs it to provision encryption query string password (#288) omit 2e2230f KNOX-2286 Cleaner log messages about monitoring topologies/providers/descriptors (#287) omit 27a8113 KNOX-2285 - Change gateway.server.header.enabled default to false omit 6ca3a4e KNOX-2284 - Handling CM descriptors after Knox shared-provider/descriptor/topology monitors are started (#285) omit e2ea842 KNOX-2266 - Tokens Should Include a Unique Identifier (#284) omit f39d0c5 KNOX-2267 - Ambari/CM discovery - Needs to point to configured truststore omit 5c46e4c KNOX-2259 KNOX-2260 KNOX-2261 - Fixed Impala/Kudu/HBase UI context path in service metadata (#282) omit 926adc6 KNOX-2269 - The Knox Home page is available as a regular app via the homepage topology (#281) omit 86bd4fb KNOX-2282 - Upgrade curator to 4.3.0 omit 60989bb KNOX-2275 - Upgrade woodstox-core to 6.1.1 omit e02ff73 KNOX-2270 - Upgrade testcontainers to 1.13.0 omit 5890da3 KNOX-2277 - Upgrade spring-vault to 2.2.2.RELEASE om
svn commit: r39029 [2/3] - /dev/knox/knox-1.4.0/
erformance +* [KNOX-1522] - Add HA support for HadoopAuthProvider +* [KNOX-1528] - Remove hadoop-common dependency from gateway-spi module +* [KNOX-1530] - Improve Gzip Compression Handling Performance +* [KNOX-1537] - Cleanup gateway-group no value errors +* [KNOX-1538] - Remove TODO Auto-generated +* [KNOX-1540] - Use StandardCharsets where possible +* [KNOX-1544] - KnoxTokenCredentialCollector should not call System.exit() +* [KNOX-1545] - KnoxTokenCredentialCollector should expose the type of the collected token +* [KNOX-1546] - Fix javadoc errors and warnings +* [KNOX-1547] - Add Ability to set the Truststore Location and Password to KnoxShell +* [KNOX-1553] - Update documentation to reference org.apache.knox instead of org.apache.hadoop.gateway +* [KNOX-1554] - Allow Knox site to be built with JDK 11 +* [KNOX-1555] - Update DOAP file +* [KNOX-1630] - Generate sha256 and sha512 checksums instead of md5 and sha1 + +** Bug +* [KNOX-720] - Knox DSL - Ensure that HTTP client is closed on shutdown +* [KNOX-1093] - KNOX Not Handling safemode state of one of the NameNode In HA state +* [KNOX-1098] - Livy proxyUser should be added when not present +* [KNOX-1152] - Guard Against Missing Subject in Identity Assertion (Rick Kellogg via Kevin Risden) +* [KNOX-1165] - Another unnamed CacheManager already exists in the same VM +* [KNOX-1207] - YARN V1 UI and MapReduce Job History UI - Rewrite rule bugs +* [KNOX-1218] - LDAP Group Lookup appears twice in User Guide TOC +* [KNOX-1221] - WebHDFS read/write performance limitations +* [KNOX-1222] - Discovery API requests fail against Docker Sandbox +* [KNOX-1247] - Knox Cloud Federation +* [KNOX-1337] - Cleanup AbstractGatewayDispatch +* [KNOX-1405] - Download page must link to KEYS and contain verification details +* [KNOX-1412] - Failure while executing a `curl` command using Content-Type: text/xml" "Content-Encoding: gzip" +* [KNOX-1415] - Upgrade Jetty to 9.2.25 +* [KNOX-1416] - Upgrade Spring Framework to 4.3.17 +* [KNOX-1417] - Upgrade Bouncy Castle Dependency from Pac4J +* [KNOX-1420] - Add app.css path for Zeppelin's style sheet (Prabhjyot Singh via Sandeep More) +* [KNOX-1422] - Whitelisting not working as expected for knoxauth redirects +* [KNOX-1424] - knox renaming "app" to "/gateway/ui_ns1/zeppelin/app" (Sameer Shaikh via Sandeep More) +* [KNOX-1429] - HadoopAuthFilter avoid logging sensitive values +* [KNOX-1430] - Potential output stream handle leak when copyLarge files in streamResponse (Guang Yang via lmccay) +* [KNOX-1433] - RMHaBaseDispatcher Class Cleanup - SafeModeException +* [KNOX-1434] - Visiting Knox Admin UI forces subsequent requests to other services redirect to HTTPS (Vipin Rathor via Sandeep More) +* [KNOX-1436] - AbstractHdfsHaDispatch failoverRequest - Improve Failover Logging +* [KNOX-1445] - Ensure that gateway-adapter module classes have @Deprecated annotation +* [KNOX-1459] - Remove testng assertions +* [KNOX-1505] - Knox should close CuratorFramework clients when finished +* [KNOX-1519] - Fix 404s in the documentation +* [KNOX-1520] - markbook refers to wrong parent-pom version +* [KNOX-1523] - XML parsing cleanup +* [KNOX-1526] - Upgrade Jetty to 9.2.26 +* [KNOX-1529] - gateway-shell-release doesn't include shaded jar +* [KNOX-1541] - Rename Hadoop class in KnoxShell to KnoxSession +* [KNOX-1556] - [Rewrite Rule] Apache Ambari Favicon and link to NOTICE.txt does not work when using Knox Gateway +* [KNOX-1557] - Knox service cannot be added to proxied Ambari (through Knox) because master password field is readonly +* [KNOX-1558] - KnoxToken service returns wrong content type and content length values +* [KNOX-1577] - Knox automatically derived dispatch whitelist doesn't seem to actually match the knox domain (Phil Zampino and Vipin Rathor via Kevin Risden) +* [KNOX-1596] - YARNUIV2 Remove policies from service.xml (Sunil Govindan via Kevin Risden) +* [KNOX-1602] - JsonFilterReader should handle strings, numbers, booleans, and null at root +* [KNOX-1612] - GatewayAdminTopologyFuncTest#testPutTopology ClassNotFoundException +* [KNOX-1616] - Fix portmapping with Jetty 9.4 +* [KNOX-1639] - java.lang.IllegalStateException: No org.apache.tomcat.InstanceManager set in ServletContext +* [KNOX-1645] - Improve JSESSIONID handling +* [KNOX-1651] - Cleanup IdentityAsserterMessages interfaces + +** Sub-task +* [KNOX-1449] - Ensure all pom.xml files have same header +* [KNOX-1450] - Remove redundant configurations from pom.xml +* [KNOX-1451] - Setup base checkstyle plugin +* [KNOX-1452] - Enable checkstyle no tabs in source file rule +* [KNOX-1453] - Enable checkstyle no unused imports rule +* [KNOX-1454] - Enable checkstyle no wildcard
svn commit: r39029 [3/3] - /dev/knox/knox-1.4.0/
Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0-src.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc Sun Apr 19 20:13:31 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl6cr5cACgkQgvnDcVh8 +CJtD/w/9GuOz0i3GZVn/x7fzxqDNShazyVrUk0ZHNXdAziPF4uNinwSGCgGFKDn5 +e7OmH+xCrOivTi0MVONWPcIdw5NoKzd+PN/FgEFcJ9HA+/vih9Y4jy3go+van8iL +N5JbsBkbZCkI7FcK/zkHtK5LImdPD3xN16eipNmc9kmbLmUY8py/cLwtyMu0RGEl +u3PQA2OEu+hrzR01jCfU2gcwLVvIrl9v8WbPj2k9x6kuLVRax8uleMvGiIqQDGQl +UBc7cpdkpxJN06hDFYTt65NDuFvt+I1xwFA8jafMsHyJC4dlU4AieIcKFIjbA0Z7 +G3v1pHfVj9R7zqok2dr81Q7yMusHabet+xtECgU056G3KUoC8L+h3Z4Qs9qJhbRD +mGd6yiI+MqretJ/GNK855+xaHFT/9ftyMG3wZovSYqn+E3uVcJy/AimQdM6GJGKD +eJLHxlSeCnwP5ybf2w1dV9FESpam4sJJSnFbRIvTG62AmP6faZ1TCFCM9EH5MlKy +ScJcWOcCS+L9ni+3L6kZM0AFuj8jAbE9+GzdkHlh2ZjKAUN5IAlU2IQv0voBbGNy +juqfSuUEin6ERN7HR6A5QDZ7zn6Tajn/efJIjBtZ3GRgdnEv2uY69j1wYG2SAffN +RP5hJxhdGenWKJfs1S6wPu3+TEk6PP/7wQZDw6Jee7TBwuD569Y= +=Cc/c +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 Sun Apr 19 20:13:31 2020 @@ -0,0 +1 @@ +fb423f169218a1dd375742965a8a41ed27bbfafbd05bae2182e5d3852bd90550 Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 Sun Apr 19 20:13:31 2020 @@ -0,0 +1 @@ +81034b2efe02a6aa81eb2eeb30a77952f5c6ebd8b14c8c79a0c479c5755aac19fd69cdeb77f9ef34e9cc8e4985b4907f5973727924ee47af58e67d8a0025f4ad Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc Sun Apr 19 20:13:31 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl6cr5gACgkQgvnDcVh8 +CJuNWg/9EIsWQ10WNBGCofGn3sQwkt40Lgq/ma7xvTeuIYvuPnpJMWePEsSJ75ye +uYPES6DQMG5ovF2QnprGpJFe1MY9mhSN43b2pm70zlboYUJ2pzb1aIqK9gZwSNft +92wzLXD089X2szOoPAStpqqWcMmBv4mybpRELYyg8NQ0aPMAtS5XAVzYpuxL8wm9 +Jv9yeTy1T772gzKDd4yAdSKUpZgiubyzamCkFsbSZsBJX6Ir3PaQ7Vj7JFH9fes1 +HKlICKHC0cRuePXvy+sFEMKtkQgefAaszvYZfbQXXW0PxvRUdOcm9b50hgIuYi0s +gVaWrmUoLlT0RsJkrQv8ZtCV4AE30a6MUamAfz7CQ4PnpbGfUAnOsDgLHI1JS4QC +w2I6p2SXTyPSP2tjo5R5ZnMOGOo7YzsAq3wlRbsav8OlOpKYHcsscgCwvHrfmMor +am6KRzvrBHkPoXf/VNPqrNTdwOY1NsmBA9QAkJA4q0gQMkb/4z8Ol45hRZXE9Dbd +r+yhksamu98if7Kyd9ENtfoQtK3R+M6iMakjeURk6v4LBpT7eQgtRuuT1YsdLGOE +zx1YHPrnJR9jWukeRTzs9FVRq96FL3U+EbfgogM8OeA0faXENQs84gdQnjiCc8Fs +5oyfFFJwc3H2LKOaq5zK5q0Rafx7ktyhDUazr4sY0aVbQAdlohk= +=2Ao2 +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 Sun Apr 19 20:13:31 2020 @@ -0,0 +1 @@ +2965df9eebfc2c4513192a549eb45386e90485ad5f2108e48d00d6bb13da7ae1 Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 Sun Apr 19 20:13:31 2020 @@ -0,0 +1 @@ +84ee980cfba989ac1fa703a327a7b681065dac57520d6a2e838c34058d921b6b7231a5ca2fc97873da6ca92ec395992f72f414cbc6b1ea9e1954fc0b1f8e18eb Added: dev/knox/knox-1.4.0/knox-1.4.0.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.zip.asc Sun Apr 19 20:13:31 2020 @@ -0,0
svn commit: r39029 [1/3] - /dev/knox/knox-1.4.0/
Author: lmccay Date: Sun Apr 19 20:13:31 2020 New Revision: 39029 Log: Staging Apache Knox Gateway version 1.4.0. Added: dev/knox/knox-1.4.0/ dev/knox/knox-1.4.0/CHANGES dev/knox/knox-1.4.0/knox-1.4.0-src.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knox-1.4.0.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0.zip.asc dev/knox/knox-1.4.0/knox-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0.zip.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha512
svn commit: r39028 - /dev/knox/knox-1.4.0/
Author: lmccay Date: Sun Apr 19 20:12:47 2020 New Revision: 39028 Log: Removing Apache Knox Gateway version 1.4.0 from staging. Removed: dev/knox/knox-1.4.0/
[knox] annotated tag v1.4.0-rc2 created (now ad83f0e)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.4.0-rc2 in repository https://gitbox.apache.org/repos/asf/knox.git. at ad83f0e (tag) tagging c4e6a6cda5d38808918b700b602a0ad8ae5243f7 (commit) replaces v1.4.0-branch by Larry McCay on Sun Apr 19 16:09:20 2020 -0400 - Log - v1.4.0-rc2 --- No new revisions were added by this update.
[knox] branch v1.4.0 updated: KNOX-2345 - KnoxShellTable must handle NULL cols
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch v1.4.0 in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/v1.4.0 by this push: new 2069f95 KNOX-2345 - KnoxShellTable must handle NULL cols 2069f95 is described below commit 2069f9511d8ac2d3d5572db3ee24a46a436829f3 Author: lmccay AuthorDate: Sun Apr 19 13:46:08 2020 -0400 KNOX-2345 - KnoxShellTable must handle NULL cols --- .../knox/gateway/shell/table/KnoxShellTableRenderer.java | 7 ++- .../apache/knox/gateway/shell/table/KnoxShellTableTest.java | 12 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java index 38f5bd2..ff5b398 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java @@ -166,7 +166,12 @@ class KnoxShellTableRenderer { // cell value length for (List> row : tableToRender.rows) { for (int i = 0; i < row.size(); i++) { -cellValue = ensureEvenLength(row.get(i).toString()); +Object o = row.get(i); +if (o == null) { + o = "NULL"; + row.set(i, (String) o); +} +cellValue = ensureEvenLength(o.toString()); if (map.get(i) == null || cellValue.length() > map.get(i)) { map.put(i, cellValue.length()); } diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 6831e34..e44e6a1 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -115,6 +115,18 @@ public class KnoxShellTableTest { } @Test + public void testNullCellRendering() { +KnoxShellTable table = new KnoxShellTable(); + +table.header("Column A").header("Column B").header("Column C"); + +table.row().value(null).value("456").value("3"); +table.row().value("789").value("012").value("8"); + +table.toString(); + } + + @Test public void testTableSelect() { String expectedResult = "+++--+\n" + "| Column A | Column B | Column C |\n" + "+++--+\n"
[knox] branch master updated: KNOX-2345 - KnoxShellTable must handle NULL cols
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 03cd1f9 KNOX-2345 - KnoxShellTable must handle NULL cols 03cd1f9 is described below commit 03cd1f931cb3a701ba825c78026279cc9247abb6 Author: lmccay AuthorDate: Sun Apr 19 13:46:08 2020 -0400 KNOX-2345 - KnoxShellTable must handle NULL cols --- .../knox/gateway/shell/table/KnoxShellTableRenderer.java | 7 ++- .../apache/knox/gateway/shell/table/KnoxShellTableTest.java | 12 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java index 38f5bd2..ff5b398 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableRenderer.java @@ -166,7 +166,12 @@ class KnoxShellTableRenderer { // cell value length for (List> row : tableToRender.rows) { for (int i = 0; i < row.size(); i++) { -cellValue = ensureEvenLength(row.get(i).toString()); +Object o = row.get(i); +if (o == null) { + o = "NULL"; + row.set(i, (String) o); +} +cellValue = ensureEvenLength(o.toString()); if (map.get(i) == null || cellValue.length() > map.get(i)) { map.put(i, cellValue.length()); } diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 6831e34..e44e6a1 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -115,6 +115,18 @@ public class KnoxShellTableTest { } @Test + public void testNullCellRendering() { +KnoxShellTable table = new KnoxShellTable(); + +table.header("Column A").header("Column B").header("Column C"); + +table.row().value(null).value("456").value("3"); +table.row().value("789").value("012").value("8"); + +table.toString(); + } + + @Test public void testTableSelect() { String expectedResult = "+++--+\n" + "| Column A | Column B | Column C |\n" + "+++--+\n"
[knox] branch master updated: KNOX-2342 - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice - add testing
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new de2a115 KNOX-2342 - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice - add testing de2a115 is described below commit de2a115aa7179eeebe87efada365fcda2fe9084e Author: lmccay AuthorDate: Fri Apr 17 09:11:41 2020 -0400 KNOX-2342 - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice - add testing --- .../filter/CommonIdentityAssertionFilter.java | 6 ++--- .../filter/CommonIdentityAssertionFilterTest.java | 28 +- 2 files changed, 20 insertions(+), 14 deletions(-) diff --git a/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java b/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java index 7d66925..c3cea85 100644 --- a/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java +++ b/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java @@ -38,8 +38,8 @@ import java.security.AccessController; public class CommonIdentityAssertionFilter extends AbstractIdentityAssertionFilter { private IdentityAsserterMessages LOG = MessagesFactory.get(IdentityAsserterMessages.class); - private static final String GROUP_PRINCIPAL_MAPPING = "group.principal.mapping"; - private static final String PRINCIPAL_MAPPING = "principal.mapping"; + public static final String GROUP_PRINCIPAL_MAPPING = "group.principal.mapping"; + public static final String PRINCIPAL_MAPPING = "principal.mapping"; private SimplePrincipalMapper mapper = new SimplePrincipalMapper(); @Override @@ -94,7 +94,7 @@ public class CommonIdentityAssertionFilter extends AbstractIdentityAssertionFilt continueChainAsPrincipal(wrapper, response, chain, mappedPrincipalName, groups); } - private String[] combineGroupMappings(String[] mappedGroups, String[] groups) { + protected String[] combineGroupMappings(String[] mappedGroups, String[] groups) { if (mappedGroups != null && groups != null) { return ArrayUtils.addAll(mappedGroups, groups); } diff --git a/gateway-provider-identity-assertion-common/src/test/java/org/apache/knox/gateway/identityasserter/filter/CommonIdentityAssertionFilterTest.java b/gateway-provider-identity-assertion-common/src/test/java/org/apache/knox/gateway/identityasserter/filter/CommonIdentityAssertionFilterTest.java index 15f41c0..ffc9975 100644 --- a/gateway-provider-identity-assertion-common/src/test/java/org/apache/knox/gateway/identityasserter/filter/CommonIdentityAssertionFilterTest.java +++ b/gateway-provider-identity-assertion-common/src/test/java/org/apache/knox/gateway/identityasserter/filter/CommonIdentityAssertionFilterTest.java @@ -41,13 +41,8 @@ import java.util.Locale; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; -/** - * @author larry - * - */ public class CommonIdentityAssertionFilterTest { private String username; - private String[] mappedGroups; private Filter filter; @Before @@ -61,21 +56,35 @@ public class CommonIdentityAssertionFilterTest { @Override public String[] mapGroupPrincipals(String principalName, Subject subject) { -String[] groups = new String[2]; +String[] groups = new String[4]; int i = 0; for(GroupPrincipal p : subject.getPrincipals(GroupPrincipal.class)) { groups[i] = p.getName().toUpperCase(Locale.ROOT); i++; } -mappedGroups = groups; return groups; } + + @Override + protected String[] combineGroupMappings(String[] mappedGroups, String[] groups) { +String[] combined = super.combineGroupMappings(mappedGroups, groups); +assertEquals("LARRY", username); +assertTrue("Should be greater than 2", combined.length > 2); +assertTrue(combined[0], combined[0].equalsIgnoreCase("EVERYONE")); +assertTrue(combined[1].equalsIgnoreCase("USERS") || combined[1].equalsIgnoreCase("ADMIN")); +assertTrue(combined[2], combined[2].equalsIgnoreCase("USERS") || combined[2].equalsIgnoreCase("ADMIN")); +return combined; + } }; } @Test public void testSimpleFilter() throws ServletException, IOException { FilterConfig config = EasyMock.createNiceMock( FilterConfig.class ); + EasyMock.expect(config.getInitParameter
svn commit: r38990 [3/3] - /dev/knox/knox-1.4.0/
Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0-src.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc Thu Apr 16 14:10:38 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl6YZfQACgkQgvnDcVh8 +CJv6Yw/6A0qA31iNIVtwmafNWzYXfx7I3TgUarRXpgjCMpfhIwsuSJ3qs53Vs2Bc +QHJR+vRkO1X4UIExWIqjdQad7G5gQ1wYM57LvsdTetLAy5VuEKdV/ArtxvLGGqun +Wok5rEWRdziT2O1s0/HD/JLWxY95sOnW2RqekoVaLbA16oeatMLx6Rnw91VuOGu1 +AwI6iokYLFvwqOmqD71dljmfZdsDttC5QWZbc7j71pIhhb9FeyRKkjdIpcEOJUjw +ckcItgJaUqfbuFa7ypUHulatMcAaGASs9X+3FlS8mePSky6wJbD1dtS8ioxhAXlN +v13fTnlD/VqQ/FAyRricERGV8SHriITfvdjA4c2F+pKrraDt/xDqfTvhllHCCXSe +wIbTQTukfZSISVLaKR2E/UQ7uANl1mC2xJnKwrnOWatiUPJJG/j3uF8mB1Q8nG5v +e9es40XjqGfsCLSlcy62rpFP0HfLjJ3fksIvwwD8MuqlQ7JecvaokWSXDLovH0z8 +gYUYfg0CTfAr/EPoBMjuGox5BA9qPuFjY40zZS4sKPd9BwtnvhTeCeF5KJ0zea2f +/6iRgU3FoQWQIJfq5G5ei8KIiFKwkV83a7T54ECzNPJwwrFU/ltpBHeGpTF3qdhG +sO1v54rdO78G6hQ6s018wz2hoCULns6S6/mPyYIic9EFM9qzsbs= +=uxeT +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 Thu Apr 16 14:10:38 2020 @@ -0,0 +1 @@ +0cfd61575fcc6d8d27babdf3bd8be66b5d7c2bc5b75885c81ad4dfa23de1f877 Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 Thu Apr 16 14:10:38 2020 @@ -0,0 +1 @@ +25163fb7dbf7af1d81a73698edbc0449f51145626c99ac310ff39dcd2c943f295375c5f1eebde2dffcb28935449c394e4cf7733d3cf7122881848cb40caad551 Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc Thu Apr 16 14:10:38 2020 @@ -0,0 +1,16 @@ +-BEGIN PGP SIGNATURE- + +iQIzBAABCgAdFiEEy5UdyTg5H+IHaCu1gvnDcVh8CJsFAl6YZfUACgkQgvnDcVh8 +CJuvtxAAm43cXxU+fo0vfp0RJ/ruq5izEFmSZsVyZxYw7nZnLbOwlN9vwxh1STOo +/KicrbacVT2iXJlzxCVBZXkAdF1okBbLXsJPhegdTseFjnK3V4v8Ks5wx3S47W6I +K005HmoAQfa+ihilHGBtLHC9qeQyYTEE4EP3ckFYV0R1WLVjqcyfzfYHgYQNVDsW +sAlZxeHXLlPJtNcl//ECm5aGl/hnKrFEUiDRYlnmisqaoxFfPdpo+HGeoh91J7i8 +gWIkuWwbaoJOXI7VnBb/nSDR55nay+36ZBSazam9V1QHXMBxNbRbbeZHS0IFrDAj +9tdLai05Hsjr5Gm38JLitUmRva4MR1Iuv3sISQMKr3LOPi1UKnd65bxtpNAoayGS +in9u7Mpn0MsoOzenJLXDUoOT0OG5pxgdsxJLEmh/Zz+XB0TkcziaLgVt7+qDYp5D +bwvKgs9Amoz1VcZBshYtIT5OLO/vs5J2uTcrVrrb6qKMKLCAaejIf6fcbaUiAcTM +kmiBxXSZlehfCVZzOnlFZmXQ2xAu0THSEoJJBOjzHdChcoXawowBrisHBKSM9kYU +gfB4Ywg3L7I2ZOtVtVL1jEkx28SCr1LJ7SakM5eX07HOpnSR5R9/0lPgqKNvjXgL +k4j4h9QK/66K6Vr5khlArEhBBJAyn2yjuoFlyMRmH3sOk1fKmMk= +=VHWm +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 Thu Apr 16 14:10:38 2020 @@ -0,0 +1 @@ +98fd7c68551b3dba9a6db9c1c6252c3bdb48540845b27bf0af0ef570d57d2315 Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 Thu Apr 16 14:10:38 2020 @@ -0,0 +1 @@ +2579fdd296a9fb9c6137bc1afc160ba425450ca4ff7b44b3bc42f1fa1004539835a463c3a242448b16ade34d455cc3a553bc9c2ece0f70448fd0800cf6eee235 Added: dev/knox/knox-1.4.0/knox-1.4.0.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.zip.asc Thu Apr 16 14:10:38 2020 @@ -0,0
svn commit: r38990 [2/3] - /dev/knox/knox-1.4.0/
erformance +* [KNOX-1522] - Add HA support for HadoopAuthProvider +* [KNOX-1528] - Remove hadoop-common dependency from gateway-spi module +* [KNOX-1530] - Improve Gzip Compression Handling Performance +* [KNOX-1537] - Cleanup gateway-group no value errors +* [KNOX-1538] - Remove TODO Auto-generated +* [KNOX-1540] - Use StandardCharsets where possible +* [KNOX-1544] - KnoxTokenCredentialCollector should not call System.exit() +* [KNOX-1545] - KnoxTokenCredentialCollector should expose the type of the collected token +* [KNOX-1546] - Fix javadoc errors and warnings +* [KNOX-1547] - Add Ability to set the Truststore Location and Password to KnoxShell +* [KNOX-1553] - Update documentation to reference org.apache.knox instead of org.apache.hadoop.gateway +* [KNOX-1554] - Allow Knox site to be built with JDK 11 +* [KNOX-1555] - Update DOAP file +* [KNOX-1630] - Generate sha256 and sha512 checksums instead of md5 and sha1 + +** Bug +* [KNOX-720] - Knox DSL - Ensure that HTTP client is closed on shutdown +* [KNOX-1093] - KNOX Not Handling safemode state of one of the NameNode In HA state +* [KNOX-1098] - Livy proxyUser should be added when not present +* [KNOX-1152] - Guard Against Missing Subject in Identity Assertion (Rick Kellogg via Kevin Risden) +* [KNOX-1165] - Another unnamed CacheManager already exists in the same VM +* [KNOX-1207] - YARN V1 UI and MapReduce Job History UI - Rewrite rule bugs +* [KNOX-1218] - LDAP Group Lookup appears twice in User Guide TOC +* [KNOX-1221] - WebHDFS read/write performance limitations +* [KNOX-1222] - Discovery API requests fail against Docker Sandbox +* [KNOX-1247] - Knox Cloud Federation +* [KNOX-1337] - Cleanup AbstractGatewayDispatch +* [KNOX-1405] - Download page must link to KEYS and contain verification details +* [KNOX-1412] - Failure while executing a `curl` command using Content-Type: text/xml" "Content-Encoding: gzip" +* [KNOX-1415] - Upgrade Jetty to 9.2.25 +* [KNOX-1416] - Upgrade Spring Framework to 4.3.17 +* [KNOX-1417] - Upgrade Bouncy Castle Dependency from Pac4J +* [KNOX-1420] - Add app.css path for Zeppelin's style sheet (Prabhjyot Singh via Sandeep More) +* [KNOX-1422] - Whitelisting not working as expected for knoxauth redirects +* [KNOX-1424] - knox renaming "app" to "/gateway/ui_ns1/zeppelin/app" (Sameer Shaikh via Sandeep More) +* [KNOX-1429] - HadoopAuthFilter avoid logging sensitive values +* [KNOX-1430] - Potential output stream handle leak when copyLarge files in streamResponse (Guang Yang via lmccay) +* [KNOX-1433] - RMHaBaseDispatcher Class Cleanup - SafeModeException +* [KNOX-1434] - Visiting Knox Admin UI forces subsequent requests to other services redirect to HTTPS (Vipin Rathor via Sandeep More) +* [KNOX-1436] - AbstractHdfsHaDispatch failoverRequest - Improve Failover Logging +* [KNOX-1445] - Ensure that gateway-adapter module classes have @Deprecated annotation +* [KNOX-1459] - Remove testng assertions +* [KNOX-1505] - Knox should close CuratorFramework clients when finished +* [KNOX-1519] - Fix 404s in the documentation +* [KNOX-1520] - markbook refers to wrong parent-pom version +* [KNOX-1523] - XML parsing cleanup +* [KNOX-1526] - Upgrade Jetty to 9.2.26 +* [KNOX-1529] - gateway-shell-release doesn't include shaded jar +* [KNOX-1541] - Rename Hadoop class in KnoxShell to KnoxSession +* [KNOX-1556] - [Rewrite Rule] Apache Ambari Favicon and link to NOTICE.txt does not work when using Knox Gateway +* [KNOX-1557] - Knox service cannot be added to proxied Ambari (through Knox) because master password field is readonly +* [KNOX-1558] - KnoxToken service returns wrong content type and content length values +* [KNOX-1577] - Knox automatically derived dispatch whitelist doesn't seem to actually match the knox domain (Phil Zampino and Vipin Rathor via Kevin Risden) +* [KNOX-1596] - YARNUIV2 Remove policies from service.xml (Sunil Govindan via Kevin Risden) +* [KNOX-1602] - JsonFilterReader should handle strings, numbers, booleans, and null at root +* [KNOX-1612] - GatewayAdminTopologyFuncTest#testPutTopology ClassNotFoundException +* [KNOX-1616] - Fix portmapping with Jetty 9.4 +* [KNOX-1639] - java.lang.IllegalStateException: No org.apache.tomcat.InstanceManager set in ServletContext +* [KNOX-1645] - Improve JSESSIONID handling +* [KNOX-1651] - Cleanup IdentityAsserterMessages interfaces + +** Sub-task +* [KNOX-1449] - Ensure all pom.xml files have same header +* [KNOX-1450] - Remove redundant configurations from pom.xml +* [KNOX-1451] - Setup base checkstyle plugin +* [KNOX-1452] - Enable checkstyle no tabs in source file rule +* [KNOX-1453] - Enable checkstyle no unused imports rule +* [KNOX-1454] - Enable checkstyle no wildcard
svn commit: r38990 [1/3] - /dev/knox/knox-1.4.0/
Author: lmccay Date: Thu Apr 16 14:10:38 2020 New Revision: 38990 Log: Staging Apache Knox Gateway version 1.4.0. Added: dev/knox/knox-1.4.0/ dev/knox/knox-1.4.0/CHANGES dev/knox/knox-1.4.0/knox-1.4.0-src.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knox-1.4.0.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0.zip.asc dev/knox/knox-1.4.0/knox-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0.zip.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha512
svn commit: r38988 - /dev/knox/knox-1.4.0/
Author: lmccay Date: Thu Apr 16 14:09:48 2020 New Revision: 38988 Log: Removing Apache Knox Gateway version 1.4.0 from staging. Removed: dev/knox/knox-1.4.0/
[knox] branch master updated: KNOX-2342 - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 7aa020e KNOX-2342 - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice 7aa020e is described below commit 7aa020eb59c5d6fd178d17ed82e550556e9e9d32 Author: lmccay AuthorDate: Wed Apr 15 16:34:50 2020 -0400 KNOX-2342 - CommonIdentityAssertionFilter calling mapGroupPrincipals Twice --- .../identityasserter/common/filter/CommonIdentityAssertionFilter.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java b/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java index f16fa50..7d66925 100644 --- a/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java +++ b/gateway-provider-identity-assertion-common/src/main/java/org/apache/knox/gateway/identityasserter/common/filter/CommonIdentityAssertionFilter.java @@ -84,7 +84,7 @@ public class CommonIdentityAssertionFilter extends AbstractIdentityAssertionFilt String mappedPrincipalName = mapUserPrincipalBase(principalName); mappedPrincipalName = mapUserPrincipal(mappedPrincipalName); -String[] mappedGroups = mapGroupPrincipals(mappedPrincipalName, subject); +String[] mappedGroups = mapGroupPrincipalsBase(mappedPrincipalName, subject); String[] groups = mapGroupPrincipals(mappedPrincipalName, subject); groups = combineGroupMappings(mappedGroups, groups);
[knox] branch master updated: Update pom versions to 1.5.0-SNAPSHOT
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 10d8e3c Update pom versions to 1.5.0-SNAPSHOT 10d8e3c is described below commit 10d8e3ce4d0a70e54afdbda98e3fb2a08a29726f Author: lmccay AuthorDate: Wed Apr 15 15:52:21 2020 -0400 Update pom versions to 1.5.0-SNAPSHOT --- build.xml | 2 +- gateway-adapter/pom.xml | 2 +- gateway-admin-ui/pom.xml | 2 +- gateway-applications/pom.xml | 2 +- gateway-cm-integration/pom.xml| 2 +- gateway-demo-ldap-launcher/pom.xml| 2 +- gateway-demo-ldap/pom.xml | 2 +- gateway-discovery-ambari/pom.xml | 2 +- gateway-discovery-cm/pom.xml | 2 +- gateway-docker/pom.xml| 2 +- gateway-docker/src/main/resources/docker-compose.yml | 4 ++-- gateway-i18n-logging-log4j/pom.xml| 2 +- gateway-i18n-logging-sl4j/pom.xml | 2 +- gateway-i18n/pom.xml | 2 +- gateway-provider-ha/pom.xml | 2 +- gateway-provider-identity-assertion-common/pom.xml| 2 +- gateway-provider-identity-assertion-concat/pom.xml| 2 +- gateway-provider-identity-assertion-hadoop-groups/pom.xml | 2 +- gateway-provider-identity-assertion-pseudo/pom.xml| 2 +- gateway-provider-identity-assertion-regex/pom.xml | 2 +- gateway-provider-identity-assertion-switchcase/pom.xml| 2 +- gateway-provider-jersey/pom.xml | 2 +- gateway-provider-rewrite-common/pom.xml | 2 +- gateway-provider-rewrite-func-hostmap-static/pom.xml | 2 +- gateway-provider-rewrite-func-inbound-query-param/pom.xml | 2 +- gateway-provider-rewrite-func-service-registry/pom.xml| 2 +- gateway-provider-rewrite-step-encrypt-uri/pom.xml | 2 +- gateway-provider-rewrite-step-secure-query/pom.xml| 2 +- gateway-provider-rewrite/pom.xml | 2 +- gateway-provider-security-authc-anon/pom.xml | 2 +- gateway-provider-security-authz-acls/pom.xml | 2 +- gateway-provider-security-authz-composite/pom.xml | 2 +- gateway-provider-security-clientcert/pom.xml | 2 +- gateway-provider-security-hadoopauth/pom.xml | 2 +- gateway-provider-security-jwt/pom.xml | 2 +- gateway-provider-security-pac4j/pom.xml | 2 +- gateway-provider-security-preauth/pom.xml | 2 +- gateway-provider-security-shiro/pom.xml | 2 +- gateway-provider-security-webappsec/pom.xml | 2 +- gateway-release-common/pom.xml| 2 +- gateway-release/pom.xml | 2 +- gateway-server-launcher/pom.xml | 2 +- gateway-server-xforwarded-filter/pom.xml | 2 +- gateway-server/pom.xml| 2 +- gateway-service-admin/pom.xml | 2 +- gateway-service-as/pom.xml| 2 +- gateway-service-definitions/pom.xml | 2 +- gateway-service-hashicorp-vault/pom.xml | 2 +- gateway-service-hbase/pom.xml | 2 +- gateway-service-health/pom.xml| 2 +- gateway-service-hive/pom.xml | 2 +- gateway-service-impala/pom.xml| 2 +- gateway-service-jkg/pom.xml | 2 +- gateway-service-knoxsso/pom.xml | 2 +- gateway-service-knoxssout/pom.xml | 2 +- gateway-service-knoxtoken/pom.xml | 2 +- gateway-service-livy/pom.xml | 2 +- gateway-service-metadata/pom.xml | 2 +- gateway-service-nifi-registry/pom.xml | 2 +- gateway-service-nifi/pom.xml | 2 +- gateway-service-remoteconfig/pom.xml | 2 +- gateway-service-rm/pom.xml| 2 +- gateway-service-storm/pom.xml | 2 +- gateway-service-test/pom.xml | 2 +- gateway-service-tgs/pom.xml | 2 +- gateway-service-vault/pom.xml | 2 +- gateway-service-webhdfs/pom.xml | 2 +- gateway-shell-launcher/pom.xml| 2 +- gateway-shell-release/pom.xml
svn commit: r38958 [2/3] - /dev/knox/knox-1.4.0/
erformance +* [KNOX-1522] - Add HA support for HadoopAuthProvider +* [KNOX-1528] - Remove hadoop-common dependency from gateway-spi module +* [KNOX-1530] - Improve Gzip Compression Handling Performance +* [KNOX-1537] - Cleanup gateway-group no value errors +* [KNOX-1538] - Remove TODO Auto-generated +* [KNOX-1540] - Use StandardCharsets where possible +* [KNOX-1544] - KnoxTokenCredentialCollector should not call System.exit() +* [KNOX-1545] - KnoxTokenCredentialCollector should expose the type of the collected token +* [KNOX-1546] - Fix javadoc errors and warnings +* [KNOX-1547] - Add Ability to set the Truststore Location and Password to KnoxShell +* [KNOX-1553] - Update documentation to reference org.apache.knox instead of org.apache.hadoop.gateway +* [KNOX-1554] - Allow Knox site to be built with JDK 11 +* [KNOX-1555] - Update DOAP file +* [KNOX-1630] - Generate sha256 and sha512 checksums instead of md5 and sha1 + +** Bug +* [KNOX-720] - Knox DSL - Ensure that HTTP client is closed on shutdown +* [KNOX-1093] - KNOX Not Handling safemode state of one of the NameNode In HA state +* [KNOX-1098] - Livy proxyUser should be added when not present +* [KNOX-1152] - Guard Against Missing Subject in Identity Assertion (Rick Kellogg via Kevin Risden) +* [KNOX-1165] - Another unnamed CacheManager already exists in the same VM +* [KNOX-1207] - YARN V1 UI and MapReduce Job History UI - Rewrite rule bugs +* [KNOX-1218] - LDAP Group Lookup appears twice in User Guide TOC +* [KNOX-1221] - WebHDFS read/write performance limitations +* [KNOX-1222] - Discovery API requests fail against Docker Sandbox +* [KNOX-1247] - Knox Cloud Federation +* [KNOX-1337] - Cleanup AbstractGatewayDispatch +* [KNOX-1405] - Download page must link to KEYS and contain verification details +* [KNOX-1412] - Failure while executing a `curl` command using Content-Type: text/xml" "Content-Encoding: gzip" +* [KNOX-1415] - Upgrade Jetty to 9.2.25 +* [KNOX-1416] - Upgrade Spring Framework to 4.3.17 +* [KNOX-1417] - Upgrade Bouncy Castle Dependency from Pac4J +* [KNOX-1420] - Add app.css path for Zeppelin's style sheet (Prabhjyot Singh via Sandeep More) +* [KNOX-1422] - Whitelisting not working as expected for knoxauth redirects +* [KNOX-1424] - knox renaming "app" to "/gateway/ui_ns1/zeppelin/app" (Sameer Shaikh via Sandeep More) +* [KNOX-1429] - HadoopAuthFilter avoid logging sensitive values +* [KNOX-1430] - Potential output stream handle leak when copyLarge files in streamResponse (Guang Yang via lmccay) +* [KNOX-1433] - RMHaBaseDispatcher Class Cleanup - SafeModeException +* [KNOX-1434] - Visiting Knox Admin UI forces subsequent requests to other services redirect to HTTPS (Vipin Rathor via Sandeep More) +* [KNOX-1436] - AbstractHdfsHaDispatch failoverRequest - Improve Failover Logging +* [KNOX-1445] - Ensure that gateway-adapter module classes have @Deprecated annotation +* [KNOX-1459] - Remove testng assertions +* [KNOX-1505] - Knox should close CuratorFramework clients when finished +* [KNOX-1519] - Fix 404s in the documentation +* [KNOX-1520] - markbook refers to wrong parent-pom version +* [KNOX-1523] - XML parsing cleanup +* [KNOX-1526] - Upgrade Jetty to 9.2.26 +* [KNOX-1529] - gateway-shell-release doesn't include shaded jar +* [KNOX-1541] - Rename Hadoop class in KnoxShell to KnoxSession +* [KNOX-1556] - [Rewrite Rule] Apache Ambari Favicon and link to NOTICE.txt does not work when using Knox Gateway +* [KNOX-1557] - Knox service cannot be added to proxied Ambari (through Knox) because master password field is readonly +* [KNOX-1558] - KnoxToken service returns wrong content type and content length values +* [KNOX-1577] - Knox automatically derived dispatch whitelist doesn't seem to actually match the knox domain (Phil Zampino and Vipin Rathor via Kevin Risden) +* [KNOX-1596] - YARNUIV2 Remove policies from service.xml (Sunil Govindan via Kevin Risden) +* [KNOX-1602] - JsonFilterReader should handle strings, numbers, booleans, and null at root +* [KNOX-1612] - GatewayAdminTopologyFuncTest#testPutTopology ClassNotFoundException +* [KNOX-1616] - Fix portmapping with Jetty 9.4 +* [KNOX-1639] - java.lang.IllegalStateException: No org.apache.tomcat.InstanceManager set in ServletContext +* [KNOX-1645] - Improve JSESSIONID handling +* [KNOX-1651] - Cleanup IdentityAsserterMessages interfaces + +** Sub-task +* [KNOX-1449] - Ensure all pom.xml files have same header +* [KNOX-1450] - Remove redundant configurations from pom.xml +* [KNOX-1451] - Setup base checkstyle plugin +* [KNOX-1452] - Enable checkstyle no tabs in source file rule +* [KNOX-1453] - Enable checkstyle no unused imports rule +* [KNOX-1454] - Enable checkstyle no wildcard
svn commit: r38958 [1/3] - /dev/knox/knox-1.4.0/
Author: lmccay Date: Wed Apr 15 00:45:16 2020 New Revision: 38958 Log: Staging Apache Knox Gateway version 1.4.0. Added: dev/knox/knox-1.4.0/ dev/knox/knox-1.4.0/CHANGES dev/knox/knox-1.4.0/knox-1.4.0-src.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knox-1.4.0.zip (with props) dev/knox/knox-1.4.0/knox-1.4.0.zip.asc dev/knox/knox-1.4.0/knox-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knox-1.4.0.zip.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.tar.gz.sha512 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip (with props) dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.asc dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha256 dev/knox/knox-1.4.0/knoxshell-1.4.0.zip.sha512
svn commit: r38958 [3/3] - /dev/knox/knox-1.4.0/
Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0-src.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.asc Wed Apr 15 00:45:16 2020 @@ -0,0 +1,14 @@ +-BEGIN PGP SIGNATURE- + +iQGzBAABCgAdFiEEeuxg1uknkszgjN7eNwSi9GprUt8FAl6WVwwACgkQNwSi9Gpr +Ut8kUwwA2a4be9RslGVlw4fSTMUuljTShFvrweNIuxJKtnkhSZph3OHdyV5LJ4YM +ee6T9EJ+oTFYC5WZ2uzKVHHjXhkjjGtFunvrCN4VRynPDW3gykhP8b/ajS6Kyo0c +haAZveEeaz5OKw+ttdkGSHGbw/v5kNjJz9rd5Ru07QNA3qx2smdpkBuQWnxOU1s1 +2DmrJlrrrfQ4xyxY5TS5Od5UMSzxcQoR7wijG7d4JpnStmYqrSJBnJycaKzX3mEc +GoSIum/L/klD4DUtn5pHiOooKfxx7VBsjlaObIAibKQs06kt5/8CnwUoFM93vSvT +PTmSjWbM+dZwOcUB+LmQlH5AjYAjSeZ2n4ouoHgBr4Z68ZXUUJkCq51AA95tJlSr +AIa1xaK/f6QJHy/YhcrRN1lOjFeLjSOr6t3KOMbFp2yDoNDPhP9U1314zsuZwTru +uLGo5jTYQsgs9qTPzOhcoFOcTpyFk6iz9+ITVSmuj1B9tctuYeOWDNRRi0VmLHiw +uwMfQ3VC +=X96B +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha256 Wed Apr 15 00:45:16 2020 @@ -0,0 +1 @@ +0cfd61575fcc6d8d27babdf3bd8be66b5d7c2bc5b75885c81ad4dfa23de1f877 Added: dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0-src.zip.sha512 Wed Apr 15 00:45:16 2020 @@ -0,0 +1 @@ +25163fb7dbf7af1d81a73698edbc0449f51145626c99ac310ff39dcd2c943f295375c5f1eebde2dffcb28935449c394e4cf7733d3cf7122881848cb40caad551 Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.asc Wed Apr 15 00:45:16 2020 @@ -0,0 +1,14 @@ +-BEGIN PGP SIGNATURE- + +iQGzBAABCgAdFiEEeuxg1uknkszgjN7eNwSi9GprUt8FAl6WVw0ACgkQNwSi9Gpr +Ut+HTAwAkp6mcgncdGTdu1nqGZdPrhqj4N8CB+cvTno36Ql+7GQIKUrRkT6XsTBB +BCBDZ6ZhYE5JPrb3ah5e2zBw9FUuazgnuc+IbaGdUnRN2CqQRf3la30Ndar9pJUb +snI5P6Ti3Ylfg/LR6zaw80zxRROQTVJg8HtxTGmD8CJ7Eiy4NL/2DZ/WHv22SX1g +YCOUQgwi1gwpVjOhupLD2bg+myswxAkVEv8TliYYXBxuvOae3oo0RzOVzIXxyzOX +GvbKshgNqhfZI62GqY8/7QSK0MZNZ8SNQ/K2sobLLMtvnDHnCz9oaXFdLAoCnlEt +E205w8Zi2gTcfaGtCvevhqXx/K+EMRdkWAm6fuGQ7dePZeNX/91dhagM2df/+icr +9S2+z7GD8/uDQGhvmjLnhWz77FYCGt4k0NKGFYLEcA7Ws8UbxLCBXGdzUZHAH9od +PVC7BXFWuOgpa4mLJceOABmil2Bzf6Ih/CBKdhvy6t1DTX3SI1jIp2tRv29sNSmP +dY6QIyCk +=glqN +-END PGP SIGNATURE- Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha256 Wed Apr 15 00:45:16 2020 @@ -0,0 +1 @@ +98fd7c68551b3dba9a6db9c1c6252c3bdb48540845b27bf0af0ef570d57d2315 Added: dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 == --- dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.tar.gz.sha512 Wed Apr 15 00:45:16 2020 @@ -0,0 +1 @@ +2579fdd296a9fb9c6137bc1afc160ba425450ca4ff7b44b3bc42f1fa1004539835a463c3a242448b16ade34d455cc3a553bc9c2ece0f70448fd0800cf6eee235 Added: dev/knox/knox-1.4.0/knox-1.4.0.zip == Binary file - no diff available. Propchange: dev/knox/knox-1.4.0/knox-1.4.0.zip -- svn:mime-type = application/octet-stream Added: dev/knox/knox-1.4.0/knox-1.4.0.zip.asc == --- dev/knox/knox-1.4.0/knox-1.4.0.zip.asc (added) +++ dev/knox/knox-1.4.0/knox-1.4.0.zip.asc Wed Apr 15 00:45:16 2020 @@ -0,0 +1,14 @@ +-BEGIN PGP SIGNATURE- + +iQGzBAABCgAdFiEEeuxg1uknkszgjN7eNwSi9GprUt8FAl6WVwwACgkQNwSi9Gpr +Ut9UFQv/ZTLeqkIOjEC3Ed4rBwmtEZ6rrme/onVdINEPZFDnyhbbRgEGPbycnBQ7 +MJXN8oQkuCBY8FmjE8ycsokxTLKDBpnycb7H6oz5fZB6bzXUQANdXQ39DTIwFnIS +zI0srcqPrDkHEbTYVYiZAJSL2CB0lYNhumYxs/R7XnABxX02pHT9f9TXIhMSgOop
[knox] annotated tag v1.4.0-rc1 created (now 61cc71c)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.4.0-rc1 in repository https://gitbox.apache.org/repos/asf/knox.git. at 61cc71c (tag) tagging c4e6a6cda5d38808918b700b602a0ad8ae5243f7 (commit) replaces v1.4.0-branch by lmccay on Tue Apr 14 20:39:35 2020 -0400 - Log - v1.4.0-rc1 --- No new revisions were added by this update.
[knox] branch v1.4.0 updated: Updated CHANGES and NOTICE files
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch v1.4.0 in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/v1.4.0 by this push: new c4e6a6c Updated CHANGES and NOTICE files c4e6a6c is described below commit c4e6a6cda5d38808918b700b602a0ad8ae5243f7 Author: lmccay AuthorDate: Tue Apr 14 18:13:47 2020 -0400 Updated CHANGES and NOTICE files --- CHANGES | 388 NOTICE | 2 +- 2 files changed, 389 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 32a09f3..6687391 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,392 @@ -- +Release Notes - Apache Knox - Version 1.4.0 +-- +** New Feature +* [KNOX-2153] - CM discovery - Monitor Cloudera Manager (#239) +* [KNOX-2002] - Add a KnoxShellTable to Represent and Render Output in Tabular Format +* [KNOX-2224] - KnoxLine and KnoxShell DataSource and Select Command Alignment (#255) +* [KNOX-2341] - KnoxShell Custom Commands need Description and Usage Details (#313) +* [KNOX-2310] - Add aggregate method to KnoxShellTable (#302) +* [KNOX-2308] - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300) +* [KNOX-2307] - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301) +* [KNOX-2240] - KnoxShell Custom Command for WEBHDFS Use (#296) +* [KNOX-2299] - Fixed Hive JDBC URL on Knox Home page (#293) +* [KNOX-2296] - Passing down the service URL field when building up a service model (#290) +* [KNOX-2298] - ClouderaManager cluster config monitor should stop monitoring unreferenced clusters (#291) +* [KNOX-2295] - UI services improvement on Knox Home page (#289) +* [KNOX-2269] - The Knox Home page is available as a regular app via the homepage topology (#281) +* [KNOX-2066] - Composite Authz Provider +* [KNOX-2067] - KnoxToken service support for renewal and revocation +* [KNOX-2024] - KnoxShellTable - Case Insensitive Operations with Col Names (#160) +* [KNOX-2018] - KnoxShellTable Filtering needs greaterThan and lessThan, equals Methods (#158) +* [KNOX-2027] - Need a reverse order sort on a table based on a column. (#159) +* [KNOX-2060] - Extend KnoxShellTable statistics methods to work with columns of Strings (#168) +* [KNOX-2057] - Unique ID is set when creating a new instance of KnoxShellTable instead of setting it in the builder/filter (#165) +* [KNOX-2063] - KnoxShellTable javadoc failures (#167) +* [KNOX-2052] - KnoxShellTable mean, median, and mode methods (#163) +* [KNOX-2023] - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON without data (in this case only the call history will be serialized) (#162) +* [KNOX-2022] - KnoxShellTable contains Comparables instead of Strings +* [KNOX-2022] - Splitting up KnoxShellTable and do minor cleanup +* [KNOX-1740] - Add Trusted Proxy Support to Knox (#106) +* [KNOX-2056] - Adding Service Definitions management into Admin UI (#169) +* [KNOX-2053] - New REST API to create/read/update/delete service definitions (#164) +* [KNOX-2226] - Add home page to Knox (#263) +* [KNOX-1742] - add knoxline to knoxshell usage rendering +* [KNOX-1410] - Knox Shell support for remote Alias management (#210) +* [KNOX-2210] - Gateway-level configuration for server-managed Knox token state (#259) +** Improvement +* [KNOX-2339] - Add Github Actions for CI (#311) +* [KNOX-2321]. /LogLevel with knox not working for Hdfs web ui endpoints. (#314) +* [KNOX-2340] - Fix DefaultTokenStateServiceTest timeouts (#312) +* [KNOX-2338] - Upgrade apacheds.directory.server.version to 2.0.0.AM26 (#309) +* [KNOX-2332] - Upgrade spotbugs-maven-plugin to 4.0.0 +* [KNOX-2331] - Upgrade spotbugs to 4.0.1 +* [KNOX-2330] - Upgrade spring-core to 5.2.5.RELEASE +* [KNOX-2333] - Upgrade rest-assured to 4.3.0 +* [KNOX-2322] - Upgrade nimbus-jose-jwt to 8.14.1 +* [KNOX-2324] - Upgrade metrics to 4.1.6 +* [KNOX-2334] - Upgrade maven-dependency-plugin to 3.1.2 +* [KNOX-2335] - Upgrade java-support to 8.0.0 +* [KNOX-2336] - Upgrade httpclient to 4.5.12 +* [KNOX-2323] - Upgrade groovy to 3.0.3 +* [KNOX-2329] - Upgrade dependency-check-maven to 5.3.2 +* [KNOX-2327] - Upgrade commons-lang3 to 3.10 +* [KNOX-2328] - Upgrade checkstyle to 8.31 +* [KNOX-2326] - Upgrade bcprov-jdk15on to 1.65 +* [KNOX-2325] - Upgrade asm to 8.0.1 +* [KNOX-2304] - CM discovery cluster config monitor needs to be aware of … (#307) +* [KNOX-2320] - Upgrade xmlsec to 2.1.5
[knox] branch v1.4.0 updated: change version numbers for 1.4.0 release
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch v1.4.0 in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/v1.4.0 by this push: new ce03abc change version numbers for 1.4.0 release ce03abc is described below commit ce03abce585391765e32c594f2d6fc751bf947cc Author: lmccay AuthorDate: Tue Apr 14 15:12:50 2020 -0400 change version numbers for 1.4.0 release --- build.xml | 2 +- gateway-adapter/pom.xml | 2 +- gateway-admin-ui/pom.xml | 2 +- gateway-applications/pom.xml | 2 +- gateway-cm-integration/pom.xml| 2 +- gateway-demo-ldap-launcher/pom.xml| 2 +- gateway-demo-ldap/pom.xml | 2 +- gateway-discovery-ambari/pom.xml | 2 +- gateway-discovery-cm/pom.xml | 2 +- gateway-docker/pom.xml| 2 +- gateway-docker/src/main/resources/docker-compose.yml | 4 ++-- gateway-i18n-logging-log4j/pom.xml| 2 +- gateway-i18n-logging-sl4j/pom.xml | 2 +- gateway-i18n/pom.xml | 2 +- gateway-provider-ha/pom.xml | 2 +- gateway-provider-identity-assertion-common/pom.xml| 2 +- gateway-provider-identity-assertion-concat/pom.xml| 2 +- gateway-provider-identity-assertion-hadoop-groups/pom.xml | 2 +- gateway-provider-identity-assertion-pseudo/pom.xml| 2 +- gateway-provider-identity-assertion-regex/pom.xml | 2 +- gateway-provider-identity-assertion-switchcase/pom.xml| 2 +- gateway-provider-jersey/pom.xml | 2 +- gateway-provider-rewrite-common/pom.xml | 2 +- gateway-provider-rewrite-func-hostmap-static/pom.xml | 2 +- gateway-provider-rewrite-func-inbound-query-param/pom.xml | 2 +- gateway-provider-rewrite-func-service-registry/pom.xml| 2 +- gateway-provider-rewrite-step-encrypt-uri/pom.xml | 2 +- gateway-provider-rewrite-step-secure-query/pom.xml| 2 +- gateway-provider-rewrite/pom.xml | 2 +- gateway-provider-security-authc-anon/pom.xml | 2 +- gateway-provider-security-authz-acls/pom.xml | 2 +- gateway-provider-security-authz-composite/pom.xml | 2 +- gateway-provider-security-clientcert/pom.xml | 2 +- gateway-provider-security-hadoopauth/pom.xml | 2 +- gateway-provider-security-jwt/pom.xml | 2 +- gateway-provider-security-pac4j/pom.xml | 2 +- gateway-provider-security-preauth/pom.xml | 2 +- gateway-provider-security-shiro/pom.xml | 2 +- gateway-provider-security-webappsec/pom.xml | 2 +- gateway-release-common/pom.xml| 2 +- gateway-release/pom.xml | 2 +- gateway-server-launcher/pom.xml | 2 +- gateway-server-xforwarded-filter/pom.xml | 2 +- gateway-server/pom.xml| 2 +- gateway-service-admin/pom.xml | 2 +- gateway-service-as/pom.xml| 2 +- gateway-service-definitions/pom.xml | 2 +- gateway-service-hashicorp-vault/pom.xml | 2 +- gateway-service-hbase/pom.xml | 2 +- gateway-service-health/pom.xml| 2 +- gateway-service-hive/pom.xml | 2 +- gateway-service-impala/pom.xml| 2 +- gateway-service-jkg/pom.xml | 2 +- gateway-service-knoxsso/pom.xml | 2 +- gateway-service-knoxssout/pom.xml | 2 +- gateway-service-knoxtoken/pom.xml | 2 +- gateway-service-livy/pom.xml | 2 +- gateway-service-metadata/pom.xml | 2 +- gateway-service-nifi-registry/pom.xml | 2 +- gateway-service-nifi/pom.xml | 2 +- gateway-service-remoteconfig/pom.xml | 2 +- gateway-service-rm/pom.xml| 2 +- gateway-service-storm/pom.xml | 2 +- gateway-service-test/pom.xml | 2 +- gateway-service-tgs/pom.xml | 2 +- gateway-service-vault/pom.xml | 2 +- gateway-service-webhdfs/pom.xml | 2 +- gateway-shell-launcher/pom.xml| 2 +- gateway-shell-release
[knox] branch v1.4.0 created (now 3189fe7)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to branch v1.4.0 in repository https://gitbox.apache.org/repos/asf/knox.git. at 3189fe7 KNOX-2339 - Add Github Actions for CI (#311) No new revisions were added by this update.
[knox] annotated tag v1.4.0-branch updated (98fe3d2 -> e319a14)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to annotated tag v1.4.0-branch in repository https://gitbox.apache.org/repos/asf/knox.git. *** WARNING: tag v1.4.0-branch was modified! *** from 98fe3d2 (tag) to e319a14 (tag) tagging 3189fe7b9f02a0318f62662fa1eaf6369a0ee6e6 (commit) replaces v1.3.0-branch by lmccay on Tue Apr 14 14:50:03 2020 -0400 - Log - Branch point for v1.4.0 --- from 3d0e3b5 KNOX-1912 - X509CertificateUtil should set CN and SAN add abde1c1 Updating for 1.4.0-SNAPSHOT add 0ac46f3 KNOX-1911 - Support ClouderaManager Service Discovery in Admin UI add 24d3bf3 KNOX-1915 - X509CertificateUtil SAN should contain fully qualified hostname add 2a12710 KNOX-1740 - Add Trusted Proxy Support to Knox (#106) add 51e4363 KNOX-1916 - Provide default configuration for Hue in topology (#109) add da11a65 KNOX-1917 - DefaultKeystoreService should use a shared read lock (#110) add 082cb1e KNOX-1918 - Atlas API - prevent global HDFS rules from triggering (#111) add 027ac74 KNOX-1885 - Upgrade jetty to 9.4.19.v20190610 add a76f64b Cleanup Javadoc warnings add 77f0c51 Exclude jdk.tools from hadoop-annotations add e90beea KNOX-1919 - Taking gateway.path into consideration when processing redirectToUrl provider param with the OOTB knoxsso.xml sample (#113) add a1d86ae KNOX-1816 - Added shellcheck validation to our build optionally and fixed issues shellcheck already found (#114) add a4587b6 KNOX-1922 - Processing a DNSName only if the hostname starts with a letter (#115) add 471cf78 KNOX-1923 - Upgrade nodejs to latest LTS v10.16.0 (#117) add 61b8d35 KNOX-1924 - Upgrade org.abstractj.libpam4j 1.9.1 to org.kohsuke.libpam4j 1.11 (#116) add 30446bf KNOX-1925 - KnoxPamRealm code cleanup add 40485c5 KNOX-1744 - Add rewrite rules to fix executor stdout/stderr links in Spark History Server UI (#120) add 512147f KNOX-1933 - Add rewrite rules to fix Yarn RM application and logs URL (#119) add ae44c17 KNOX-1593 - YARN v2 UI - Application - View logs for running application add 34723fd KNOX-1928 - CM discovery - Multiple of same url are added to descriptor add b10a852 KNOX-1927 - CM discovery - ZEPPELINUI / ZEPPELINWS urls are not discovered add f199443 KNOX-1588 - YARN v2 UI - Make sure that Spark and MR Job history links are handled add 17dfaa6 Updated CHANGES for v1.3.0 (post release) add 1b3e3df KNOX-1940 - Upgrade commons-text to 1.7 add c38cf6c KNOX-1943 - Upgrade dependency-check-maven to 5.2.0 add 6e8e47f KNOX-1941 - Upgrade joda-time to 2.10.3 add 5fa3e03 KNOX-1936 - Upgrade log4j2 to 2.12.0 add 9fa268e KNOX-1937 - Upgrade testcontainers to 1.11.4 add 13580cf KNOX-1942 - Upgrade spotbugs-maven-plugin to 3.1.12.1 add dcfdae0 KNOX-1944 - Upgrade protobuf-java to 3.9.0 add e561254 KNOX-1945 - Upgrade spring-vault to 2.1.3.RELEASE add 4944351 KNOX-1938 - Upgrade nimbus-jose-jwt to 7.5.1 add 3be8d5d KNOX-1949 - CM discovery - Improve efficiency of discovery add 3a9dbea KNOX-1950 - YARN v2 UI - Tools - Yarn Daemon Logs - /logs/stacks link broken add 6b080d8 KNOX-1939 - Upgrade jackson-databind to 2.9.9.1 add 8a2e6ae KNOX-1948 - If no rules are defined don't rewrite (#121) add 359f220 KNOX-1929 - CM discovery - HIVE URLs not discovered when HIVE_ON_TEZ is deployed add d398c63 KNOX-1955 - Admin UI should handle gateway.path change (#123) add 8624167 KNOX-1956 - Improve AdminUI development by using angular proxy conf (#122) add d2ae683 KNOX-1590 - YARN v2 UI - Application - ApplicationMaster link is broken add 34d3937 Fix javadoc warnings add 4261051 KNOX-1958 - YARN v2 UI - internal links of History and ApplicationMaster Pages. add 096e717 KNOX-1930 - CM discovery - JOBTRACKER URLs not discovered add c7328c9 KNOX-1959 - HadoopAuthCookieStore should not read krb5 login config each time add 232c422 KNOX-1963 - Ranger API service should proxy xusers/users and and xusers/groups add eb6d3c5 KNOX-1964 - YARN v1 UI - ContainerLogs link broken for Running Jobs add 0619f0e KNOX-1966 - Upgrade jackson-databind to 2.9.9.2 add 55adc6a KNOX-1694 - Prevent port mapped topologies from being exposed to gateway port (#126) add 379b162 KNOX-1968 - YARN UI V2 proxied via Knox does not rewrite Spark stderr/stdout links add 880ced1 Fix javadoc warnings add 970527a KNOX-1967 - Add a service definition for Impala Hiveserver2 (#127) add 4fde386 KNOX-1969 - Upgrade jackson-databind to 2.9.9.3 add 81fe6fc KNOX-1986 - Do not attempt to rewrite empty payload (#129) add 51d25c5 KNOX-1988 - In Spark
svn commit: r1876435 - /knox/site/books/knox-1-4-0/
Author: lmccay Date: Mon Apr 13 00:18:34 2020 New Revision: 1876435 URL: http://svn.apache.org/viewvc?rev=1876435=rev Log: add the docs for KnoxShell User Guide part2 Added: knox/site/books/knox-1-4-0/covid19-nj-agg-from-webhdfs-1.png (with props) knox/site/books/knox-1-4-0/covid19-persistence.png (with props) knox/site/books/knox-1-4-0/covid19csv-1.png (with props) knox/site/books/knox-1-4-0/covid19nj-1.png (with props) knox/site/books/knox-1-4-0/covid19nj-aggregate-1.png (with props) knox/site/books/knox-1-4-0/covid19nj-put-webhdfs-1.png (with props) knox/site/books/knox-1-4-0/covid19nj.png (with props) knox/site/books/knox-1-4-0/fs-mount-login-1.png (with props) knox/site/books/knox-1-4-0/knoxline-splash-2.png (with props) knox/site/books/knox-1-4-0/knoxshell-help.png (with props) knox/site/books/knox-1-4-0/knoxshell_user_guide.html Added: knox/site/books/knox-1-4-0/covid19-nj-agg-from-webhdfs-1.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19-nj-agg-from-webhdfs-1.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19-nj-agg-from-webhdfs-1.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/covid19-persistence.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19-persistence.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19-persistence.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/covid19csv-1.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19csv-1.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19csv-1.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/covid19nj-1.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19nj-1.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19nj-1.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/covid19nj-aggregate-1.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19nj-aggregate-1.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19nj-aggregate-1.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/covid19nj-put-webhdfs-1.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19nj-put-webhdfs-1.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19nj-put-webhdfs-1.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/covid19nj.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/covid19nj.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/covid19nj.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/fs-mount-login-1.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/fs-mount-login-1.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/fs-mount-login-1.png -- svn:mime-type = application/octet-stream Added: knox/site/books/knox-1-4-0/knoxline-splash-2.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-4-0/knoxline-splash-2.png?rev=1876435=auto == Binary file - no diff available. Propchange: knox/site/books/knox-1-4-0/knoxline-splash-2.png -- svn:mime
svn commit: r1876434 - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/knox-1-3-
Author: lmccay Date: Mon Apr 13 00:15:04 2020 New Revision: 1876434 URL: http://svn.apache.org/viewvc?rev=1876434=rev Log: add docs for KnoxShell User Guide Added: knox/trunk/books/1.4.0/knoxshell-guide/ knox/trunk/books/1.4.0/knoxshell-guide/knoxshell_user_guide.md knox/trunk/books/static/covid19-nj-agg-from-webhdfs-1.png (with props) knox/trunk/books/static/covid19-persistence.png (with props) knox/trunk/books/static/covid19csv-1.png (with props) knox/trunk/books/static/covid19nj-1.png (with props) knox/trunk/books/static/covid19nj-aggregate-1.png (with props) knox/trunk/books/static/covid19nj-put-webhdfs-1.png (with props) knox/trunk/books/static/covid19nj.png (with props) knox/trunk/books/static/fs-mount-login-1.png (with props) knox/trunk/books/static/knoxline-splash-2.png (with props) knox/trunk/books/static/knoxshell-help.png (with props) Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-2-0/deployment-overview.png knox/site/books/knox-1-2-0/deployment-provider.png knox/site/books/knox-1-2-0/deployment-service.png knox/site/books/knox-1-2-0/general_saml_flow.png knox/site/books/knox-1-2-0/runtime-overview.png knox/site/books/knox-1-2-0/runtime-request-processing.png knox/site/books/knox-1-3-0/deployment-overview.png knox/site/books/knox-1-3-0/deployment-provider.png knox/site/books/knox-1-3-0/deployment-service.png knox/site/books/knox-1-3-0/general_saml_flow.png knox/site/books/knox-1-3-0/runtime-overview.png knox/site/books/knox-1-3-0/runtime-request-processing.png knox/site/books/knox-1-4-0/deployment-overview.png knox/site/books/knox-1-4-0/deployment-provider.png knox/site/books/knox-1-4-0/deployment-service.png knox/site/books/knox-1-4-0/general_saml_flow.png knox/site/books/knox-1-4-0/runtime-overview.png knox/site/books/knox-1-4-0/runtime-request-processing.png knox/site/index.html knox/site/issue-management.html knox/site/licenses.html knox/site/mailing-lists.html knox/site/project-info.html knox/site/team.html knox/trunk/build.xml Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1876434=1876433=1876434=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1876434=1876433=1876434=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1876434=1876433=1876434=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1876434=1876433=1876434=diff == Binary files - no diff available. Modified
[knox] branch master updated: KNOX-2341 - KnoxShell Custom Commands need Description and Usage Details (#313)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 1834c67 KNOX-2341 - KnoxShell Custom Commands need Description and Usage Details (#313) 1834c67 is described below commit 1834c67ccdcac118dc2a925072f3f6e6203621a4 Author: lmccay AuthorDate: Sun Apr 12 17:57:16 2020 -0400 KNOX-2341 - KnoxShell Custom Commands need Description and Usage Details (#313) --- .../shell/commands/AbstractKnoxShellCommand.java | 26 ++ .../shell/commands/AbstractSQLCommandSupport.java | 5 + .../knox/gateway/shell/commands/CSVCommand.java| 4 +++- .../gateway/shell/commands/DataSourceCommand.java | 4 +++- .../knox/gateway/shell/commands/SelectCommand.java | 4 +++- .../gateway/shell/commands/WebHDFSCommand.java | 25 ++--- 6 files changed, 52 insertions(+), 16 deletions(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractKnoxShellCommand.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractKnoxShellCommand.java index a24edad..e670035 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractKnoxShellCommand.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractKnoxShellCommand.java @@ -27,11 +27,37 @@ import org.codehaus.groovy.tools.shell.Groovysh; public abstract class AbstractKnoxShellCommand extends CommandSupport { static final String KNOXSQLHISTORY = "__knoxsqlhistory"; protected static final String KNOXDATASOURCES = "__knoxdatasources"; + private String description; + private String usage; + private String help; public AbstractKnoxShellCommand(Groovysh shell, String name, String shortcut) { super(shell, name, shortcut); } + public AbstractKnoxShellCommand(Groovysh shell, String name, String shortcut, + String desc, String usage, String help) { +super(shell, name, shortcut); +this.description = desc; +this.usage = usage; +this.help = help; + } + + @Override + public String getDescription() { + return description; + } + + @Override + public String getUsage() { +return usage; + } + + @Override + public String getHelp() { +return help; + } + protected String getBindingVariableNameForResultingTable(List args) { String variableName = null; boolean nextOne = false; diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractSQLCommandSupport.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractSQLCommandSupport.java index d39699f..47bed8a 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractSQLCommandSupport.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/AbstractSQLCommandSupport.java @@ -40,6 +40,11 @@ public abstract class AbstractSQLCommandSupport extends AbstractKnoxShellCommand super(shell, name, shortcut); } + public AbstractSQLCommandSupport(Groovysh shell, String name, String shortcut, String desc, String usage, + String help) { +super(shell, name, shortcut, desc, usage, help); + } + @SuppressWarnings("unchecked") protected Connection getConnectionFromSession(KnoxDataSource ds) { HashMap connections = diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/CSVCommand.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/CSVCommand.java index b8c3619..162d440 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/CSVCommand.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/CSVCommand.java @@ -24,11 +24,13 @@ import org.apache.knox.gateway.shell.table.KnoxShellTable; import org.codehaus.groovy.tools.shell.Groovysh; public class CSVCommand extends AbstractKnoxShellCommand { + private static final String USAGE = ":csv [withHeaders] file-url||$variable-name [assign resulting-variable-name]"; + private static final String DESC = "Build table from CSV file located at provided URL or KnoxShell $variable-name"; private boolean withHeaders; private String url; public CSVCommand(Groovysh shell) { -super(shell, ":CSV", ":csv"); +super(shell, ":CSV", ":csv", DESC, USAGE, DESC); } @SuppressWarnings("unchecked") diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/DataSourceCommand.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/DataSourceCommand.java index 4758df6..d063ac4 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/commands/DataSourceCommand.java +++ b/gateway-shell/s
[knox] branch master updated: KNOX-2304 - CM discovery cluster config monitor needs to be aware of … (#307)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 8920651 KNOX-2304 - CM discovery cluster config monitor needs to be aware of … (#307) 8920651 is described below commit 89206511aad7cacb91c7fa032490816e7cdd18ba Author: lmccay AuthorDate: Wed Apr 8 14:38:46 2020 -0400 KNOX-2304 - CM discovery cluster config monitor needs to be aware of … (#307) * KNOX-2304 - CM discovery cluster config monitor needs to be aware of all relevant CM event types Change-Id: Ic26ad36fcb110e01d30d636f14d5b383de01ff17 * KNOX-2304 - address review comments Change-Id: I5c2009f505b31c5c69ee7672ed37d21e1a7c48bb --- .../cm/monitor/PollingConfigurationAnalyzer.java | 100 ++--- .../monitor/PollingConfigurationAnalyzerTest.java | 37 +++- 2 files changed, 101 insertions(+), 36 deletions(-) diff --git a/gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/monitor/PollingConfigurationAnalyzer.java b/gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/monitor/PollingConfigurationAnalyzer.java index b9f163b..380962a 100644 --- a/gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/monitor/PollingConfigurationAnalyzer.java +++ b/gateway-discovery-cm/src/main/java/org/apache/knox/gateway/topology/discovery/cm/monitor/PollingConfigurationAnalyzer.java @@ -60,17 +60,27 @@ import static org.apache.knox.gateway.topology.discovery.ClusterConfigurationMon @SuppressWarnings("PMD.DoNotUseThreads") public class PollingConfigurationAnalyzer implements Runnable { - // The format of the filter employed when restart events are queried from ClouderaManager - private static final String RESTART_EVENTS_QUERY_FORMAT = + private static final String COMMAND = "COMMAND"; + + private static final String COMMAND_STATUS = "COMMAND_STATUS"; + + private static final String STARTED_STATUS = "STARTED"; + + private static final String SUCCEEDED_STATUS = "SUCCEEDED"; + + private static final String RESTART_COMMAND = "Restart"; + + private static final String START_COMMAND = "Start"; + + // The format of the filter employed when start events are queried from ClouderaManager + private static final String EVENTS_QUERY_FORMAT = "category==" + ApiEventCategory.AUDIT_EVENT.getValue() + -";attributes.command==Restart" + -";attributes.command_status==SUCCEEDED" + ";attributes.cluster==\"%s\"%s"; - // The format of the timestamp element of the restart events query filter + // The format of the timestamp element of the start events query filter private static final String EVENTS_QUERY_TIMESTAMP_FORMAT = ";timeOccurred=gt=%s"; - // The default amount of time before "now" to check for restart events the first time + // The default amount of time before "now" to check for start events the first time private static final long DEFAULT_EVENT_QUERY_DEFAULT_TIMESTAMP_OFFSET = (60 * 60 * 1000); // one hour private static final int DEFAULT_POLLING_INTERVAL = 60; @@ -100,10 +110,10 @@ public class PollingConfigurationAnalyzer implements Runnable { // Cache of ClouderaManager API clients, keyed by discovery address private final Map clients = new ConcurrentHashMap<>(); - // Timestamp records of the most recent restart event query per discovery address + // Timestamp records of the most recent start event query per discovery address private Map eventQueryTimestamps = new ConcurrentHashMap<>(); - // The amount of time before "now" to will check for restart events the first time + // The amount of time before "now" to will check for start events the first time private long eventQueryDefaultTimestampOffset = DEFAULT_EVENT_QUERY_DEFAULT_TIMESTAMP_OFFSET; private boolean isActive; @@ -163,34 +173,34 @@ public class PollingConfigurationAnalyzer implements Runnable { continue; } - // Configuration changes don't mean anything without corresponding service restarts. Therefore, monitor - // restart events, and check the configuration only of the restarted service(s) to identify changes + // Configuration changes don't mean anything without corresponding service start/restarts. Therefore, monitor + // start events, and check the configuration only of the restarted service(s) to identify changes // that should trigger re-discovery. - List restartEvents = getRestartE
[knox] branch master updated: KNOX-2310 - Add aggregate method to KnoxShellTable (#302)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 46ccd34 KNOX-2310 - Add aggregate method to KnoxShellTable (#302) 46ccd34 is described below commit 46ccd34da21c045c0727d217c281ae0c427dbe1f Author: lmccay AuthorDate: Thu Mar 26 22:30:45 2020 -0400 KNOX-2310 - Add aggregate method to KnoxShellTable (#302) * KNOX-2310 - Add aggregate method to KnoxShellTable Change-Id: I60eeeaf0f8d9b2419fd95944b4f394a021a7f308 * KNOX-2310 - Add aggregate method to KnoxShellTable Change-Id: If44ab0a517f8189d130f34483859187cecda3df9 --- .../knox/gateway/shell/table/KnoxShellTable.java | 4 ++ .../shell/table/KnoxShellTableAggregator.java | 74 ++ .../gateway/shell/table/KnoxShellTableTest.java| 30 + 3 files changed, 108 insertions(+) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java index e630118..06acd16 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java @@ -357,6 +357,10 @@ public class KnoxShellTable { return new KnoxShellTableFilter(this); } + public KnoxShellTableAggregator aggregate() { +return new KnoxShellTableAggregator(this); + } + public KnoxShellTable select(String cols) { KnoxShellTable table = new KnoxShellTable(); List>> columns = new ArrayList<>(); diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableAggregator.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableAggregator.java new file mode 100644 index 000..9173628 --- /dev/null +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTableAggregator.java @@ -0,0 +1,74 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.knox.gateway.shell.table; + +public class KnoxShellTableAggregator { + private KnoxShellTable tableToAggregate; + private String[] cols; + + public KnoxShellTableAggregator(KnoxShellTable table) { +tableToAggregate = table; + } + + public KnoxShellTableAggregator columns(String cols) { +this.cols = cols.split("\\s*,\\s*"); +return this; + } + + public KnoxShellTable functions(String funcs) { +String[] functions = funcs.split("\\s*,\\s*"); + +KnoxShellTable table = new KnoxShellTable(); +table.header(""); +for (String col : cols) { + table.header(col); +} + +for (String func : functions) { + table.row(); + table.value(func); + for (String col : cols) { +table.value(executeFunction(col, func)); + } +} +return table; + } + + private Double executeFunction(String col, String func) { +Double value = 0.0d; +if ("min".equalsIgnoreCase(func)) { + value = tableToAggregate.min(col); +} +else if ("max".equalsIgnoreCase(func)) { + value = tableToAggregate.max(col); +} +else if ("mean".equalsIgnoreCase(func)) { + value = tableToAggregate.mean(col); +} +else if ("mode".equalsIgnoreCase(func)) { + value = tableToAggregate.mode(col); +} +else if ("median".equalsIgnoreCase(func)) { + value = tableToAggregate.median(col); +} +else if ("sum".equalsIgnoreCase(func)) { + value = tableToAggregate.sum(col); +} +return value; + } +} diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 676bef6..6831e34 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/Kno
[knox] branch master updated: KNOX-2308 - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new b225050 KNOX-2308 - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300) b225050 is described below commit b22505022b17388c099e419185409a35455f1827 Author: lmccay AuthorDate: Thu Mar 26 10:57:56 2020 -0400 KNOX-2308 - Add sortNumeric to KnoxShellTable for Cols that are numeric but values are String (#300) Change-Id: I773e5ee9805347de36d5e4921a026f91b35c54b7 --- .../apache/knox/gateway/shell/table/KnoxShellTable.java | 16 +++- .../knox/gateway/shell/table/KnoxShellTableTest.java | 14 ++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java index 4c5368a..e630118 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java @@ -379,11 +379,25 @@ public class KnoxShellTable { return sort(colName, SortOrder.ASCENDING); } + public KnoxShellTable sortNumeric(String colName) { +double[] col = toDoubleArray(colName); +ArrayList> column = new ArrayList<>(); +for(double v : col) { + column.add(v); + } +return sort(column, SortOrder.ASCENDING); + } + public KnoxShellTable sort(String colName, SortOrder order) { +List> col = values(colName); +return sort(col, order); + } + + public KnoxShellTable sort(List> col, + SortOrder order) { KnoxShellTable table = new KnoxShellTable(); Comparable value; -List> col = values(colName); List index = new ArrayList<>(); for (int i = 0; i < col.size(); i++) { value = col.get(i); diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 5644924..676bef6 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -284,6 +284,20 @@ public class KnoxShellTableTest { } @Test + public void testSortStringValuesNumerically() throws IOException { +KnoxShellTable table = new KnoxShellTable(); + +table.header("Column A").header("Column B").header("Column C"); + +table.row().value("2").value("012").value("8"); +table.row().value("10").value("456").value("3"); + +KnoxShellTable table2 = table.sortNumeric("Column A"); +assertEquals(table2.getRows().get(0).get(0), "2"); +assertEquals(table2.getRows().get(1).get(0), "10"); + } + + @Test @SuppressWarnings({ "rawtypes", "unchecked" }) public void testCells() throws IOException { KnoxShellTable table = new KnoxShellTable();
[knox] branch master updated: KNOX-2307 - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 9a7767a KNOX-2307 - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301) 9a7767a is described below commit 9a7767a5e5dbe588e48087c24338b5ae98ff90f4 Author: lmccay AuthorDate: Wed Mar 25 20:24:36 2020 -0400 KNOX-2307 - CSVKnoxShellTableBuilder must support quoted strings and embedded commas (#301) Change-Id: I82e096d204accc0ba6a334b18d6287eb67adf74c --- .../shell/table/CSVKnoxShellTableBuilder.java | 6 +++-- .../gateway/shell/table/KnoxShellTableTest.java| 27 ++ 2 files changed, 31 insertions(+), 2 deletions(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java index d3ceedc..b7c23aa 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java @@ -51,7 +51,8 @@ public class CSVKnoxShellTableBuilder extends KnoxShellTableBuilder { } public KnoxShellTable string(String csvString) throws IOException { -try (InputStream is = new ByteArrayInputStream(csvString.getBytes(StandardCharsets.UTF_8)); Reader stringStreamReader = new InputStreamReader(is, StandardCharsets.UTF_8); +try (InputStream is = new ByteArrayInputStream(csvString.getBytes(StandardCharsets.UTF_8)); +Reader stringStreamReader = new InputStreamReader(is, StandardCharsets.UTF_8); BufferedReader csvReader = new BufferedReader(stringStreamReader);) { buildTableFromCSVReader(csvReader); } @@ -69,7 +70,8 @@ public class CSVKnoxShellTableBuilder extends KnoxShellTableBuilder { if (!addingHeaders) { this.table.row(); } - String[] data = row.split(",", -1); + // handle comma's within quoted string values for single col + String[] data = row.split(",(?=([^\"]*\"[^\"]*\")*[^\"]*$)", -1); for (String value : data) { if (addingHeaders) { diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index ac2f802..5644924 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -191,6 +191,33 @@ public class KnoxShellTableTest { } @Test + public void testCSVQuotedEmbeddedCommaStringToTable() throws IOException { +KnoxShellTable table = new KnoxShellTable(); +table.title("From URL"); + +table.header("\"Column A, Column A1\"").header("Column B").header("Column C"); +table.row().value("123").value("456").value("3"); +table.row().value("789").value("012").value("8"); + +String csv = table.toCSV(); +try { + // write file to /tmp to read back in + FileUtils.writeStringToFile(new File("/tmp/testtable.csv"), csv, StandardCharsets.UTF_8); + + KnoxShellTable urlTable = KnoxShellTable.builder().csv() + .withHeaders() + .url("file:///tmp/testtable.csv"); + urlTable.title("From URL"); + assertEquals(urlTable.toString(), table.toString()); + +} catch (IOException e) { + e.printStackTrace(); +} + +assertEquals(table.headers.get(0), "\"Column A, Column A1\""); + } + + @Test public void testCSVStringToTable() throws IOException { String initialString = "colA, colB, colC\nvalue1, value2. value3\nvalue4, value5, value6";
[knox] branch master updated: KNOX-2240 - KnoxShell Custom Command for WEBHDFS Use (#296)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new b93cc1c KNOX-2240 - KnoxShell Custom Command for WEBHDFS Use (#296) b93cc1c is described below commit b93cc1c68afa0e773027bfa2745f1d37f376bca1 Author: lmccay AuthorDate: Wed Mar 25 01:08:37 2020 -0400 KNOX-2240 - KnoxShell Custom Command for WEBHDFS Use (#296) * KNOX-2240 - KnoxShell Custom Command for WEBHDFS Use Change-Id: I817969b5131dd08e5a7a174c73aacb13e9027e4a * Prompt to overwrite on put Change-Id: I110037204fcd1cd556d0336321e309cd8e8dff08 * improve csv builder Change-Id: I5b86694ea374ed2f78dfc049402f40e7de1fa508 * default to-path in an :fs put command to home directory and same filename as source Change-Id: I8e75b8aadd81625a1c4aff05851f1557496f4ef9 * fix class clast issue Change-Id: Ifb14d1ca93ca3702a06ff744b7e79f524ea0b5d8 * KNOX-2240 - address review comments Change-Id: Ibb4e4c3c3590aafb22d618b602de96e2cb4eb9f0 * KNOX-2240 - fix PMD failure Change-Id: I1d47c0aa60f6c409fb59b16c8b9e3f57070be8ca --- .../org/apache/knox/gateway/shell/KnoxSession.java | 38 ++ .../java/org/apache/knox/gateway/shell/Shell.java | 2 + .../shell/commands/AbstractKnoxShellCommand.java | 9 + .../shell/commands/AbstractSQLCommandSupport.java | 8 - .../knox/gateway/shell/commands/CSVCommand.java| 18 +- .../gateway/shell/commands/WebHDFSCommand.java | 426 + .../org/apache/knox/gateway/shell/hdfs/Ls.java | 2 +- .../org/apache/knox/gateway/shell/hdfs/Mkdir.java | 2 +- .../org/apache/knox/gateway/shell/hdfs/Put.java| 2 +- .../org/apache/knox/gateway/shell/hdfs/Rm.java | 2 +- .../shell/table/CSVKnoxShellTableBuilder.java | 50 ++- .../knox/gateway/shell/table/KnoxShellTable.java | 10 +- .../shell/table/KnoxShellTableFileUtils.java | 47 +++ .../shell/table/KnoxShellTableJSONSerializer.java | 23 +- .../shell/table/KnoxShellTableRenderer.java| 16 +- .../gateway/shell/table/KnoxShellTableTest.java| 8 + .../org/apache/knox/gateway/util/JsonUtils.java| 15 + .../apache/knox/gateway/util/JsonUtilsTest.java| 45 ++- 18 files changed, 666 insertions(+), 57 deletions(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java index 563dcd8..a3d691d 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSession.java @@ -141,6 +141,7 @@ public class KnoxSession implements Closeable { private static final String KNOXSQLHISTORIES_JSON = "knoxsqlhistories.json"; private static final String KNOXDATASOURCES_JSON = "knoxdatasources.json"; + private static final String KNOXMOUNTPOINTS_JSON = "knoxmountpoints.json"; public Map getHeaders() { return headers; @@ -607,6 +608,16 @@ public class KnoxSession implements Closeable { * @param map to persist */ public static void persistDataSourcesToKnoxShell(String fileName, Map map) { +persistMapToKnoxShell(fileName, map); + } + + /** + * Persist provided Map to a file within the {user.home}/.knoxshell directory + * @param type of the value in the map + * @param fileName of persisted file + * @param map to persist + */ + public static void persistMapToKnoxShell(String fileName, Map map) { String s = JsonUtils.renderAsJsonString(map); String home = System.getProperty("user.home"); try { @@ -641,6 +652,10 @@ public class KnoxSession implements Closeable { persistDataSourcesToKnoxShell(KNOXDATASOURCES_JSON, datasources); } + public static void persistMountPoints(Map mounts) { +persistMapToKnoxShell(KNOXMOUNTPOINTS_JSON, mounts); + } + /** * Load and return a map of datasource names to sql commands * from the {user.home}/.knoxshell/knoxsqlhistories.json file. @@ -661,6 +676,20 @@ public class KnoxSession implements Closeable { return sqlHistories; } + public static Map loadMountPoints() throws IOException { +Map mounts = new HashMap<>(); +String home = System.getProperty("user.home"); + +File mountFile = new File( +home + File.separator + +".knoxshell" + File.separator + KNOXMOUNTPOINTS_JSON); +if (mountFile.exists()) { + String json = readFileToString(mountFile); + mounts = getMapFromJsonString(json); +} +return mounts; + } + private static String readFileToString(File file) throws IOException { String content = null; @@ -705,6 +734,15 @@ public class KnoxSession im
[knox] branch master updated: KNOX-2227 - Strip Leading and Trailing Whitespace from Headers in KnoxShellTable (#258)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new fad5763 KNOX-2227 - Strip Leading and Trailing Whitespace from Headers in KnoxShellTable (#258) fad5763 is described below commit fad576388df3297e79a611d407e7a700b0d27b9c Author: lmccay AuthorDate: Sat Feb 8 15:56:09 2020 -0500 KNOX-2227 - Strip Leading and Trailing Whitespace from Headers in KnoxShellTable (#258) * KNOX-1742 - add to knoxshell usage rendering * KNOX-2188 - Handling discovery details via advanced configuration (#240) * KNOX-2190 - Processing advanced service discovery configuration on topology level (#242) * KNOX-1742 - Fix javadoc warning * KNOX-2196 - Upgrade caffeine to 2.8.1 Signed-off-by: Kevin Risden * KNOX-2197 - Upgrade dependency-check-maven to 5.3.0 Signed-off-by: Kevin Risden * KNOX-2198 - Upgrade groovy to 2.5.9 Signed-off-by: Kevin Risden * KNOX-2192 - Upgrade httpclient to 4.5.11 Signed-off-by: Kevin Risden * KNOX-2195 - Upgrade jetty to 9.4.26.v20200117 Signed-off-by: Kevin Risden * KNOX-2193 - Upgrade rest-assured to 4.2.0 Signed-off-by: Kevin Risden * KNOX-2199 - Upgrade spring-core to 5.2.3.RELEASE Signed-off-by: Kevin Risden * KNOX-2194 - Upgrade spring-vault to 2.2.1.RELEASE Signed-off-by: Kevin Risden * KNOX-2191 - Upgrade testcontainers to 1.12.5 Signed-off-by: Kevin Risden * KNOX-2200 - DefaultKeystoreService can lose entries under concurrent access (#243) Signed-off-by: Kevin Risden * KNOX-2202 - Knox should use UTF-8 as default encoding instead of ISO-8859-1 (#244) Signed-off-by: Kevin Risden * KNOX-2204 - KnoxLine NPE list datasources when directories don't exist (#246) * KNOX-1742 - add to knoxshell usage rendering * KNOX-2204 - KnoxLine NPE list datasources when directories don't exist * KNOX-2203 - Upgrade admin-ui npm dependencies (#245) Signed-off-by: Kevin Risden * KNOX-2208 - AclsAuthorizationFilter should log access at DEBUG level (#247) Signed-off-by: Kevin Risden * KNOX-2153 - CM discovery - Monitor Cloudera Manager (#239) * KNOX-2206 - Log exclusion of a discovered service due to configuration issues (#248) * KNOX-2209 - Improve logging for Knox token handling (#250) * KNOX-2217 - Upgrade apache pom to 23 Signed-off-by: Kevin Risden * KNOX-2219 - Upgrade checkstyle to 8.29 Signed-off-by: Kevin Risden * KNOX-2218 - Upgrade easymock to 4.2 Signed-off-by: Kevin Risden * KNOX-2220 - Upgrade nimbus-jose-jwt to 8.5 Signed-off-by: Kevin Risden * KNOX-2213 - Service Discovery Support for CM UI, API (#249) * KNOX-2215 - Token service should return a 403 response when the renewer is not white-listed (#251) * KNOX-2224 - KnoxLine and KnoxShell DataSource and Select Command Alignment (#255) * KNOX-1742 - add to knoxshell usage rendering * KNOX-2204 - KnoxLine NPE list datasources when directories don't exist * KNOX-2224 - KnoxLine and KnoxShell DataSource and Select Command Alignment Change-Id: I55aef2dd7617baf10c5f9eb7706f61436aa3ad7d * KNOX-2227 - Strip Leading and Trailing Whitespace from Headers in KnoxShellTable Change-Id: I7778becab1ffe779350dbdd15472d308fa165f5f * KNOX-2227 - switch to trim() for java 8 Change-Id: I9b8ba618c13de6bff0edb5c7d318cd28c251fa20 Co-authored-by: Sandor Molnar Co-authored-by: Kevin Risden Co-authored-by: Phil Zampino Co-authored-by: Sandeep Moré --- .../java/org/apache/knox/gateway/shell/table/KnoxShellTable.java | 2 +- .../org/apache/knox/gateway/shell/table/KnoxShellTableTest.java | 8 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java index daaea31..15d403c 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/KnoxShellTable.java @@ -65,7 +65,7 @@ public class KnoxShellTable { } public KnoxShellTable header(String header) { -headers.add(header); +headers.add(header.trim()); return this; } diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 3d8c571..cde34f9 100644
[knox] branch master updated (d2ee4dc -> 4c79ca3)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/knox.git. from d2ee4dc KNOX-2215 - Token service should return a 403 response when the renewer is not white-listed (#251) add 4c79ca3 KNOX-2224 - KnoxLine and KnoxShell DataSource and Select Command Alignment (#255) No new revisions were added by this update. Summary of changes: .../java/org/apache/knox/gateway/shell/Shell.java | 12 + .../shell/commands/AbstractSQLCommandSupport.java | 26 +++ .../gateway/shell/commands/DataSourceCommand.java | 34 +- .../gateway/shell/commands/KnoxLoginDialog.java| 2 +- .../knox/gateway/shell/commands/SelectCommand.java | 52 -- .../apache/knox/gateway/shell/jdbc/KnoxLine.java | 18 +--- 6 files changed, 111 insertions(+), 33 deletions(-)
[knox] branch master updated: KNOX-2204 - KnoxLine NPE list datasources when directories don't exist (#246)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 294cd1b KNOX-2204 - KnoxLine NPE list datasources when directories don't exist (#246) 294cd1b is described below commit 294cd1b14a0392b76897320ea8289e06c9a9bc77 Author: lmccay AuthorDate: Wed Jan 29 00:36:07 2020 -0500 KNOX-2204 - KnoxLine NPE list datasources when directories don't exist (#246) * KNOX-1742 - add to knoxshell usage rendering * KNOX-2204 - KnoxLine NPE list datasources when directories don't exist --- .../src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java index 0afb9d9..433c889 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java @@ -132,7 +132,12 @@ public class KnoxLine { private void listDataSources() { Map sources = getDataSources(); -sources.forEach((name, ds)->System.out.println("Name : " + name + " : " + ds.getConnectStr())); +if (sources != null) { + sources.forEach((name, ds)->System.out.println("Name : " + name + " : " + ds.getConnectStr())); +} +else { + System.out.println("No datasources configured. Use :ds add {ds-name} {connectStr} {driver} {authnType: none|basic}"); +} } private Map getDataSources() {
[knox] branch master updated: KNOX-1742 - add knoxline to knoxshell usage rendering
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 89ae00a KNOX-1742 - add knoxline to knoxshell usage rendering 89ae00a is described below commit 89ae00a9ee35eeef4a22ae1f4348ab1bb54d511a Author: lmccay AuthorDate: Tue Jan 21 18:37:38 2020 -0500 KNOX-1742 - add knoxline to knoxshell usage rendering --- gateway-shell-release/home/bin/knoxshell.sh | 4 +++- .../src/main/java/org/apache/knox/gateway/shell/KnoxSh.java | 9 +++-- .../main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java | 8 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/gateway-shell-release/home/bin/knoxshell.sh b/gateway-shell-release/home/bin/knoxshell.sh index 6f8a8fe..b31681c 100755 --- a/gateway-shell-release/home/bin/knoxshell.sh +++ b/gateway-shell-release/home/bin/knoxshell.sh @@ -94,8 +94,10 @@ function printHelp { echo "interactive shell where groovy-based DSL and groovy code may be entered and executed in realtime." echo "" echo "knoxshell usage: " - echo " knoxshell.sh [[buildTrustStore |init |list|destroy|help] | []]" + echo " knoxshell.sh [[knoxline|buildTrustStore |init |list|destroy|help] | []]" echo " --" + echo " knoxline - provides a simple SQL/JDBC client" + echo "example: knoxshell.sh knoxline" echo " buildTrustStore - downloads the given gateway server's public certificate and builds a trust store to be used by KnoxShell" echo "example: knoxshell.sh buildTrustStore https://localhost:8443/; echo " init - requests a session from the knox token service at the url" diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSh.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSh.java index da767d1..205b800 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSh.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxSh.java @@ -66,7 +66,8 @@ public class KnoxSh { " [" + KnoxBuildTrustStore.USAGE + "]\n" + " [" + KnoxInit.USAGE + "]\n" + " [" + KnoxDestroy.USAGE + "]\n" + - " [" + KnoxList.USAGE + "]\n"; + " [" + KnoxList.USAGE + "]\n" + + " [" + KnoxLineCommand.USAGE + "]\n"; /** allows stdout to be captured if necessary */ PrintStream out = System.out; @@ -148,7 +149,8 @@ public class KnoxSh { out.println( USAGE_PREFIX + "\n" + COMMANDS ); if ( command != null ) { out.println(command.getUsage()); -} else { +} +else { char[] chars = new char[79]; Arrays.fill( chars, '=' ); String div = new String( chars ); @@ -163,6 +165,9 @@ public class KnoxSh { out.println(KnoxList.USAGE + "\n\n" + KnoxList.DESC); out.println(); out.println( div ); + out.println(KnoxLineCommand.USAGE + "\n\n" + KnoxLineCommand.DESC); + out.println(); + out.println( div ); } } diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java index bf8ef94..0afb9d9 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java @@ -32,10 +32,10 @@ import org.apache.knox.gateway.shell.KnoxSession; import org.apache.knox.gateway.shell.table.KnoxShellTable; public class KnoxLine { - String user; - String pass; - KnoxDataSource datasource; - Connection conn; + private String user; + private String pass; + private KnoxDataSource datasource; + private Connection conn; @SuppressWarnings("PMD.DoNotUseThreads") // we need to define a Thread to be able to register a shutdown hook public void execute(String[] args)
[knox] branch master updated (69b08af -> 36ee8ab)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/knox.git. from 69b08af KNOX-2186 - Advanced service discovery configuration handling (#238) add 36ee8ab KNOX-1742 - Simple SQL Client in KnoxShell for access to JDBC sources (#241) No new revisions were added by this update. Summary of changes: .../main/resources/build-tools/spotbugs-filter.xml | 5 + .../org/apache/knox/gateway/shell/KnoxSession.java | 25 ++- .../java/org/apache/knox/gateway/shell/KnoxSh.java | 21 +++ .../java/org/apache/knox/gateway/shell/Shell.java | 2 +- .../shell/commands/AbstractSQLCommandSupport.java | 4 +- .../gateway/shell/commands/DataSourceCommand.java | 17 +- .../apache/knox/gateway/shell/jdbc/KnoxLine.java | 209 + 7 files changed, 272 insertions(+), 11 deletions(-) create mode 100644 gateway-shell/src/main/java/org/apache/knox/gateway/shell/jdbc/KnoxLine.java
[knox] branch master updated: KNOX-2128 - Custom DataSource and SQL Commands for KnoxShell and KnoxShellTable (#231)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 7e9a79d KNOX-2128 - Custom DataSource and SQL Commands for KnoxShell and KnoxShellTable (#231) 7e9a79d is described below commit 7e9a79dd85de235841ada1e7bee986d9a8c9631a Author: lmccay AuthorDate: Thu Jan 16 11:27:48 2020 -0500 KNOX-2128 - Custom DataSource and SQL Commands for KnoxShell and KnoxShellTable (#231) * initial commit * Jackson annotations * fix select command * KNOX-2128 - Custom DataSource and SQL Commands for KnoxShell and KnoxShellTable * fix knoxshell.sh to use APP_JAR for shellcheck error * address review comments * fixed FileLock use * fix indentation in knoxshell.sh * address redundant swing workaround code * address review comments * address review comments and persistence when dirs don't exist --- .../main/resources/build-tools/spotbugs-filter.xml | 15 ++ gateway-shell-release/home/bin/knoxshell.sh| 2 +- .../home/conf/knoxshell-log4j.properties | 2 +- .../apache/knox/gateway/shell/KnoxDataSource.java | 73 .../org/apache/knox/gateway/shell/KnoxSession.java | 132 +++ .../java/org/apache/knox/gateway/shell/Shell.java | 8 + .../shell/commands/AbstractKnoxShellCommand.java | 46 + .../shell/commands/AbstractSQLCommandSupport.java | 185 + .../knox/gateway/shell/commands/CSVCommand.java| 66 .../gateway/shell/commands/DataSourceCommand.java | 108 .../gateway/shell/commands/KnoxLoginDialog.java| 111 + .../knox/gateway/shell/commands/LoginCommand.java | 58 +++ .../knox/gateway/shell/commands/SelectCommand.java | 178 .../knox/gateway/shell/commands/SwingUtils.java| 51 ++ .../apache/knox/gateway/shell/jdbc/JDBCUtils.java | 38 + .../shell/table/JDBCKnoxShellTableBuilder.java | 23 +-- .../knox/gateway/shell/table/KnoxShellTable.java | 2 +- .../gateway/shell/table/KnoxShellTableTest.java| 2 +- 18 files changed, 1082 insertions(+), 18 deletions(-) diff --git a/build-tools/src/main/resources/build-tools/spotbugs-filter.xml b/build-tools/src/main/resources/build-tools/spotbugs-filter.xml index 239fb57..37f4e4f 100644 --- a/build-tools/src/main/resources/build-tools/spotbugs-filter.xml +++ b/build-tools/src/main/resources/build-tools/spotbugs-filter.xml @@ -52,6 +52,21 @@ limitations under the License. + + + + + + + + + + + + + + + diff --git a/gateway-shell-release/home/bin/knoxshell.sh b/gateway-shell-release/home/bin/knoxshell.sh index 52f7a98..6f8a8fe 100755 --- a/gateway-shell-release/home/bin/knoxshell.sh +++ b/gateway-shell-release/home/bin/knoxshell.sh @@ -81,7 +81,7 @@ function main { checkJava buildAppJavaOpts - $JAVA "${APP_JAVA_OPTS[@]}" -javaagent:"$APP_BIN_DIR"/../lib/aspectjweaver.jar -jar "$APP_JAR" "$@" || exit 1 + $JAVA "${APP_JAVA_OPTS[@]}" -Dlog4j.configuration=conf/knoxshell-log4j.properties -javaagent:"$APP_BIN_DIR"/../lib/aspectjweaver.jar -cp "$APP_JAR":lib/* org.apache.knox.gateway.shell.Shell "$@" || exit 1 return 0 } diff --git a/gateway-shell-release/home/conf/knoxshell-log4j.properties b/gateway-shell-release/home/conf/knoxshell-log4j.properties index c7e1312..cac3d99 100644 --- a/gateway-shell-release/home/conf/knoxshell-log4j.properties +++ b/gateway-shell-release/home/conf/knoxshell-log4j.properties @@ -14,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -app.log.dir=${launcher.dir}/../logs +app.log.dir=logs app.log.file=${launcher.name}.log log4j.rootLogger=ERROR, drfa diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxDataSource.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxDataSource.java new file mode 100644 index 000..b5db74f --- /dev/null +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxDataSource.java @@ -0,0 +1,73 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed
[knox] branch master updated: KNOX-2132 - JDBCKnoxShellTableBuilder should have optional username and password fields
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new bd24b53 KNOX-2132 - JDBCKnoxShellTableBuilder should have optional username and password fields bd24b53 is described below commit bd24b537b722b98b7dec7ec00b5af7d795ae196b Author: lmccay AuthorDate: Sat Dec 7 13:50:33 2019 -0500 KNOX-2132 - JDBCKnoxShellTableBuilder should have optional username and password fields --- .../shell/table/JDBCKnoxShellTableBuilder.java | 49 -- .../gateway/shell/table/KnoxShellTableTest.java| 17 2 files changed, 62 insertions(+), 4 deletions(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JDBCKnoxShellTableBuilder.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JDBCKnoxShellTableBuilder.java index 63be4a1..a2e5d7f 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JDBCKnoxShellTableBuilder.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JDBCKnoxShellTableBuilder.java @@ -32,6 +32,26 @@ public class JDBCKnoxShellTableBuilder extends KnoxShellTableBuilder { private String driver; private Connection conn; private boolean tableManagedConnection = true; + private String username; + private String pass; + + public JDBCKnoxShellTableBuilder username(String username) { +this.username = username; +return this; + } + + public String username() { +return username; + } + + public JDBCKnoxShellTableBuilder pwd(String pass) { +this.pass = pass; +return this; + } + + public String password() { +return pass; + } JDBCKnoxShellTableBuilder(KnoxShellTable table) { super(table); @@ -76,7 +96,7 @@ public class JDBCKnoxShellTableBuilder extends KnoxShellTableBuilder { } public KnoxShellTable sql(String sql) throws IOException, SQLException { -conn = conn == null ? DriverManager.getConnection(connectionUrl) : conn; +conn = conn == null ? createConnection() : conn; try (Statement statement = conn.createStatement(); ResultSet resultSet = statement.executeQuery(sql);) { processResultSet(resultSet); } finally { @@ -87,19 +107,40 @@ public class JDBCKnoxShellTableBuilder extends KnoxShellTableBuilder { return this.table; } + public Connection createConnection() throws SQLException { +Connection con = null; +if (username != null && pass != null) { + con = DriverManager.getConnection(connectionUrl, username, pass); +} +else { + con = DriverManager.getConnection(connectionUrl); +} +return con; + } + // added this as a private method so that KnoxShellTableHistoryAspect will not // intercept this call private void processResultSet(ResultSet resultSet) throws SQLException { final ResultSetMetaData metadata = resultSet.getMetaData(); final int colCount = metadata.getColumnCount(); -this.table.title(metadata.getTableName(1)); +try { + table.title(metadata.getTableName(1)); +} +catch (SQLException e) { + // nop. Apache HiveDriver doesn't support this. +} for (int i = 1; i < colCount + 1; i++) { this.table.header(metadata.getColumnName(i)); } while (resultSet.next()) { - this.table.row(); + table.row(); for (int i = 1; i < colCount + 1; i++) { -this.table.value(resultSet.getObject(metadata.getColumnName(i), Comparable.class)); +try { + table.value(resultSet.getObject(metadata.getColumnName(i), Comparable.class)); +} +catch (SQLException e) { + table.value(resultSet.getString(metadata.getColumnName(i))); +} } } } diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 2e2cd2d..84d1723 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -384,6 +384,23 @@ public class KnoxShellTableTest { } @Test + public void testJDBCBuilderUsernamePassword() throws Exception { +// Since testing statics isn't really doable with EasyMock we +// are limited to what we can test here. We will just ensure that +// the expected username/password are set when needed in the sql call. +KnoxShellTable table = new KnoxShellTable(); +JDBCKnoxShellTableBuilder builder = new JDBCKnoxShellTableBuilder(table) { + @Override + public KnoxShellTable sql(String sql) { +assertNotNull(username()); +assertNotNull(password()); +return table; + } +}; +builder.username("joe")
[knox] branch master updated: KNOX-2025 - KnoxShellTable - Join Builder on Method should accept Col Names (#172)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 8bc8991 KNOX-2025 - KnoxShellTable - Join Builder on Method should accept Col Names (#172) 8bc8991 is described below commit 8bc8991a83fe959a815e1fcbc801e1cc5576578e Author: Larry McCay IV <46705753+lmcc...@users.noreply.github.com> AuthorDate: Sat Nov 2 13:34:39 2019 -0400 KNOX-2025 - KnoxShellTable - Join Builder on Method should accept Col Names (#172) --- .../knox/gateway/shell/table/JoinKnoxShellTableBuilder.java| 6 ++ .../apache/knox/gateway/shell/table/KnoxShellTableTest.java| 10 -- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JoinKnoxShellTableBuilder.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JoinKnoxShellTableBuilder.java index 3f070e8..68e44ac 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JoinKnoxShellTableBuilder.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/JoinKnoxShellTableBuilder.java @@ -52,6 +52,12 @@ public class JoinKnoxShellTableBuilder extends KnoxShellTableBuilder { return on(leftIndex, rightIndex); } + public KnoxShellTable on(String columnName, String columnName2) { + final int leftIndex = left.headers.indexOf(columnName); + final int rightIndex = right.headers.indexOf(columnName2); + return on(leftIndex, rightIndex); +} + public KnoxShellTable on(int leftIndex, int rightIndex) { if (title != null) { this.table.title(title); diff --git a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java index 5a7b282..64fcd4d 100644 --- a/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java +++ b/gateway-shell/src/test/java/org/apache/knox/gateway/shell/table/KnoxShellTableTest.java @@ -278,14 +278,20 @@ public class KnoxShellTableTest { assertEquals(joined.cell(0, 0).value, "123"); String json = joined.toJSON(); +KnoxShellTable joined2 = KnoxShellTable.builder().join().title("Joined Table").left(table).right(table2).on("Column A", "Column D"); + +assertEquals(joined2.getRows().size(), 1); +assertEquals(joined2.getTitle(), "Joined Table"); +assertEquals(joined2.cell(0, 0).value, "123"); + KnoxShellTable zombie = KnoxShellTable.builder().json().fromJson(json); zombie.title("Zombie Table"); assertEquals(zombie.getRows().size(), 1); assertEquals(zombie.getTitle(), "Zombie Table"); assertEquals(zombie.cell(0, 0).value, "123"); -KnoxShellTable joined2 = KnoxShellTable.builder().join().title("Joined Table 2").left(table).right(table2).on(1, 3); -assertEquals(1, joined2.getRows().size()); +KnoxShellTable joined3 = KnoxShellTable.builder().join().title("Joined Table 3").left(table).right(table2).on(1, 3); +assertEquals(1, joined3.getRows().size()); } @Test
[knox] branch master updated: KNOX-2068 - Let end-users add a new service definition from scratch (#173)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new d99f1e5 KNOX-2068 - Let end-users add a new service definition from scratch (#173) d99f1e5 is described below commit d99f1e50e07ce2910efdf8d681b17ad86623115e Author: Sandor Molnar AuthorDate: Sat Nov 2 18:34:14 2019 +0100 KNOX-2068 - Let end-users add a new service definition from scratch (#173) --- gateway-admin-ui/admin-ui/app/app.module.ts| 2 + .../admin-ui/app/resource/resource.component.html | 6 ++ .../new-service-definition.component.css | 5 ++ .../new-service-definition.component.html | 27 +++ .../new-service-definition.component.ts| 82 ++ .../servicedefinition-detail.component.ts | 17 +++-- .../servicedefinition.service.ts | 23 +- .../assets/new-service-definition-template.xml | 8 +++ gateway-admin-ui/package-lock.json | 19 + gateway-admin-ui/package.json | 1 + pom.xml| 1 + 11 files changed, 180 insertions(+), 11 deletions(-) diff --git a/gateway-admin-ui/admin-ui/app/app.module.ts b/gateway-admin-ui/admin-ui/app/app.module.ts index c33cf20..5af7431 100644 --- a/gateway-admin-ui/admin-ui/app/app.module.ts +++ b/gateway-admin-ui/admin-ui/app/app.module.ts @@ -26,6 +26,7 @@ import {AppComponent} from './app.component'; import {TopologyService} from './topology.service'; import {ServiceDefinitionService} from './service-definition/servicedefinition.service'; import {ServiceDefinitionDetailComponent} from './service-definition/servicedefinition-detail.component'; +import {NewServiceDefinitionComponent} from './service-definition/new-service-definition.component'; import {GatewayVersionService} from './gateway-version.service'; import {GatewayVersionComponent} from './gateway-version.component'; import {TopologyComponent} from './topology.component'; @@ -61,6 +62,7 @@ import {ProviderConfigWizardComponent} from './provider-config-wizard/provider-c TopologyComponent, TopologyDetailComponent, ServiceDefinitionDetailComponent, +NewServiceDefinitionComponent, GatewayVersionComponent, XmlPipe, JsonPrettyPipe, diff --git a/gateway-admin-ui/admin-ui/app/resource/resource.component.html b/gateway-admin-ui/admin-ui/app/resource/resource.component.html index c586ce2..4845e60 100644 --- a/gateway-admin-ui/admin-ui/app/resource/resource.component.html +++ b/gateway-admin-ui/admin-ui/app/resource/resource.component.html @@ -18,6 +18,11 @@ (click)="newDescriptorModal.open()" title="Create New Descriptor" data-toggle="tooltip"> + Timestamp @@ -44,5 +49,6 @@ + diff --git a/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.css b/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.css new file mode 100644 index 000..0cc494a --- /dev/null +++ b/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.css @@ -0,0 +1,5 @@ +td { +border-collapse: collapse; +padding: 8px; +vertical-align: top; +} \ No newline at end of file diff --git a/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.html b/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.html new file mode 100644 index 000..96b9205 --- /dev/null +++ b/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.html @@ -0,0 +1,27 @@ +http://www.w3.org/1999/html;> + +Create a New Service Definition + + + + +At a minimum you must modify the service's name and role attributes! + + + + + + + + + +Cancel +Ok + + diff --git a/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.ts b/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.ts new file mode 100644 index 000..669d302 --- /dev/null +++ b/gateway-admin-ui/admin-ui/app/service-definition/new-service-definition.component.ts @@ -0,0 +1,82 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0
[knox] branch master updated: KNOX-2056 - Adding Service Definitions management into Admin UI (#169)
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 1bdbdee KNOX-2056 - Adding Service Definitions management into Admin UI (#169) 1bdbdee is described below commit 1bdbdee67be13cc3b83605350536ffc246fb722e Author: Sandor Molnar AuthorDate: Tue Oct 29 15:02:59 2019 +0100 KNOX-2056 - Adding Service Definitions management into Admin UI (#169) * KNOX-2056 - Adding Service Definitions management into Admin UI * KNOX-2056 - TopologyResource should not overwrite any topology stored in TopologyService --- gateway-admin-ui/admin-ui/app/app.component.ts | 4 +- gateway-admin-ui/admin-ui/app/app.module.ts| 8 +- .../resource-detail/resource-detail.component.html | 7 +- .../admin-ui/app/resource/resource.component.html | 11 +- .../admin-ui/app/resource/resource.component.ts| 28 +++- .../admin-ui/app/resource/resource.service.ts | 43 -- gateway-admin-ui/admin-ui/app/resource/resource.ts | 1 + .../app/resourcetypes/resourcetypes.service.ts | 2 +- .../rewrite.rule.ts} | 8 +- .../rewrite.rules.ts} | 9 +- .../resource.ts => service-definition/service.ts} | 8 +- .../servicedefinition-detail.component.ts | 144 + .../servicedefinition.service.ts | 142 .../servicedefinition.ts} | 11 +- gateway-admin-ui/package-lock.json | 16 ++- gateway-admin-ui/package.json | 2 + .../org/apache/knox/gateway/GatewayMessages.java | 9 ++ .../impl/DefaultServiceDefinitionRegistry.java | 6 +- .../ServiceDefinitionCollectionMarshaller.java | 36 -- .../service/admin/ServiceDefinitionsResource.java | 59 ++--- .../gateway/service/admin/TopologiesResource.java | 16 ++- 21 files changed, 494 insertions(+), 76 deletions(-) diff --git a/gateway-admin-ui/admin-ui/app/app.component.ts b/gateway-admin-ui/admin-ui/app/app.component.ts index 195c7e4..63fd7e7 100644 --- a/gateway-admin-ui/admin-ui/app/app.component.ts +++ b/gateway-admin-ui/admin-ui/app/app.component.ts @@ -16,6 +16,7 @@ */ import {Component} from '@angular/core'; import {TopologyService} from './topology.service'; +import {ServiceDefinitionService} from './service-definition/servicedefinition.service'; import {ResourceTypesService} from './resourcetypes/resourcetypes.service'; @Component({ @@ -35,11 +36,12 @@ import {ResourceTypesService} from './resourcetypes/resourcetypes.service'; `, -providers: [TopologyService, ResourceTypesService] +providers: [TopologyService, ServiceDefinitionService, ResourceTypesService] }) export class AppComponent { constructor(private topologyService: TopologyService, +private serviceDefinitionService: ServiceDefinitionService, private resourcetypesService: ResourceTypesService) { } } diff --git a/gateway-admin-ui/admin-ui/app/app.module.ts b/gateway-admin-ui/admin-ui/app/app.module.ts index 2521e9f..c33cf20 100644 --- a/gateway-admin-ui/admin-ui/app/app.module.ts +++ b/gateway-admin-ui/admin-ui/app/app.module.ts @@ -15,6 +15,7 @@ * limitations under the License. */ import {NgModule} from '@angular/core'; +import {DataTableModule} from 'angular2-datatable'; import {BrowserModule} from '@angular/platform-browser'; import {HttpClientModule, HttpClientXsrfModule} from '@angular/common/http'; import {FormsModule} from '@angular/forms'; @@ -23,6 +24,8 @@ import {APP_BASE_HREF} from '@angular/common'; import {AppComponent} from './app.component'; import {TopologyService} from './topology.service'; +import {ServiceDefinitionService} from './service-definition/servicedefinition.service'; +import {ServiceDefinitionDetailComponent} from './service-definition/servicedefinition-detail.component'; import {GatewayVersionService} from './gateway-version.service'; import {GatewayVersionComponent} from './gateway-version.component'; import {TopologyComponent} from './topology.component'; @@ -51,11 +54,13 @@ import {ProviderConfigWizardComponent} from './provider-config-wizard/provider-c FormsModule, CustomFormsModule, BsModalModule, -AceEditorModule +AceEditorModule, +DataTableModule ], declarations: [AppComponent, TopologyComponent, TopologyDetailComponent, +ServiceDefinitionDetailComponent, GatewayVersionComponent, XmlPipe, JsonPrettyPipe, @@ -70,6 +75,7 @@ import {ProviderConfigWizardComponent} from './provider-config-wizard/provider-c ProviderConfigWizardComponent ], providers: [TopologyServ
svn commit: r1868894 - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/knox-1-3-
Author: lmccay Date: Fri Oct 25 01:46:33 2019 New Revision: 1868894 URL: http://svn.apache.org/viewvc?rev=1868894=rev Log: Updated for KNOX-2066 - CompositeAuthz Provider Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-2-0/deployment-overview.png knox/site/books/knox-1-2-0/deployment-provider.png knox/site/books/knox-1-2-0/deployment-service.png knox/site/books/knox-1-2-0/general_saml_flow.png knox/site/books/knox-1-2-0/runtime-overview.png knox/site/books/knox-1-2-0/runtime-request-processing.png knox/site/books/knox-1-3-0/deployment-overview.png knox/site/books/knox-1-3-0/deployment-provider.png knox/site/books/knox-1-3-0/deployment-service.png knox/site/books/knox-1-3-0/general_saml_flow.png knox/site/books/knox-1-3-0/runtime-overview.png knox/site/books/knox-1-3-0/runtime-request-processing.png knox/site/books/knox-1-4-0/deployment-overview.png knox/site/books/knox-1-4-0/deployment-provider.png knox/site/books/knox-1-4-0/deployment-service.png knox/site/books/knox-1-4-0/general_saml_flow.png knox/site/books/knox-1-4-0/runtime-overview.png knox/site/books/knox-1-4-0/runtime-request-processing.png knox/site/books/knox-1-4-0/user-guide.html knox/site/index.html knox/site/issue-management.html knox/site/licenses.html knox/site/mailing-lists.html knox/site/project-info.html knox/site/team.html knox/trunk/books/1.4.0/config_authz.md Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1868894=1868893=1868894=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1868894=1868893=1868894=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1868894=1868893=1868894=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1868894=1868893=1868894=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1868894=1868893=1868894=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1868894=1868893=1868894=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox
[knox] branch master updated: KNOX-2066 - pom clean up
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 245b916 KNOX-2066 - pom clean up 245b916 is described below commit 245b9166b81d1f299072b40f7e789bf77ce883b3 Author: lmccay AuthorDate: Thu Oct 24 17:50:52 2019 -0400 KNOX-2066 - pom clean up --- gateway-provider-security-authz-composite/pom.xml | 24 --- 1 file changed, 24 deletions(-) diff --git a/gateway-provider-security-authz-composite/pom.xml b/gateway-provider-security-authz-composite/pom.xml index fd1f962..c1c408c 100644 --- a/gateway-provider-security-authz-composite/pom.xml +++ b/gateway-provider-security-authz-composite/pom.xml @@ -30,35 +30,11 @@ org.apache.knox -gateway-i18n - - -org.apache.knox gateway-server org.apache.knox gateway-spi - -org.apache.knox -gateway-util-common - - - -commons-io -commons-io - - - -javax.servlet -javax.servlet-api - - - -org.apache.knox -gateway-test-utils -test -
[knox] branch master updated: KNOX-2066 - Composite Authz Provider
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new f3eddab KNOX-2066 - Composite Authz Provider new 15a85c0 Merge branch 'master' into KNOX-2066 f3eddab is described below commit f3eddab9b854f1774ecf89ac39ec03566e296113 Author: lmccay AuthorDate: Thu Oct 24 16:35:04 2019 -0400 KNOX-2066 - Composite Authz Provider --- gateway-provider-security-authz-composite/pom.xml | 64 .../impl/CompositeAuthzDeploymentContributor.java | 89 ++ ...ox.gateway.deploy.ProviderDeploymentContributor | 18 + .../deploy/impl/CompositeAuthzProviderTest.java| 67 gateway-release/pom.xml| 4 + pom.xml| 6 ++ 6 files changed, 248 insertions(+) diff --git a/gateway-provider-security-authz-composite/pom.xml b/gateway-provider-security-authz-composite/pom.xml new file mode 100644 index 000..fd1f962 --- /dev/null +++ b/gateway-provider-security-authz-composite/pom.xml @@ -0,0 +1,64 @@ + + +http://maven.apache.org/POM/4.0.0; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd;> +4.0.0 + +org.apache.knox +gateway +1.4.0-SNAPSHOT + +gateway-provider-security-authz-composite +gateway-provider-security-authz-composite +Provides authorization support through the use of multiple providers. + + + +org.apache.knox +gateway-i18n + + +org.apache.knox +gateway-server + + +org.apache.knox +gateway-spi + + +org.apache.knox +gateway-util-common + + + +commons-io +commons-io + + + +javax.servlet +javax.servlet-api + + + +org.apache.knox +gateway-test-utils +test + + + diff --git a/gateway-provider-security-authz-composite/src/main/java/org/apache/knox/gateway/deploy/impl/CompositeAuthzDeploymentContributor.java b/gateway-provider-security-authz-composite/src/main/java/org/apache/knox/gateway/deploy/impl/CompositeAuthzDeploymentContributor.java new file mode 100644 index 000..5e7562c --- /dev/null +++ b/gateway-provider-security-authz-composite/src/main/java/org/apache/knox/gateway/deploy/impl/CompositeAuthzDeploymentContributor.java @@ -0,0 +1,89 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.knox.gateway.deploy.impl; + +import org.apache.knox.gateway.deploy.DeploymentContext; +import org.apache.knox.gateway.deploy.DeploymentFactory; +import org.apache.knox.gateway.deploy.ProviderDeploymentContributorBase; +import org.apache.knox.gateway.descriptor.FilterParamDescriptor; +import org.apache.knox.gateway.descriptor.ResourceDescriptor; +import org.apache.knox.gateway.topology.Provider; +import org.apache.knox.gateway.topology.Service; + +import java.util.ArrayList; +import java.util.List; +import java.util.Locale; +import java.util.Map; +import java.util.Map.Entry; + +public class CompositeAuthzDeploymentContributor extends ProviderDeploymentContributorBase { + @Override + public String getRole() { +return "authorization"; + } + + @Override + public String getName() { +return "CompositeAuthz"; + } + + @Override + public void initializeContribution(DeploymentContext context) { +super.initializeContribution(context); + } + + @Override + public void contributeProvider( DeploymentContext context, Provider provider ) { + } + + @Override + public void contributeFilter( DeploymentContext context, Provider provider, Service service, + ResourceDescriptor resource, List params ) { + +if (params == null) { + params = new ArrayList<>(); +} + +Map provi
[knox] branch master updated: KNOX-2023 - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON w
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new b5c6486 KNOX-2023 - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON without data (in this case only the call history will be serialized) (#162) b5c6486 is described below commit b5c6486db72030d269f75974bd282b3eec55549d Author: Sandor Molnar AuthorDate: Wed Oct 9 01:37:37 2019 +0200 KNOX-2023 - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON without data (in this case only the call history will be serialized) (#162) * KNOX-2023 - Recording KnoxShellTable builder/filter chain and providing rollback/replay capabilities using the call history as well as allowing end-users to export JSON without data (in this case only the call history will be serialized) * KNOX-2023 - Minor change on separating the BufferedeReader form InputStreamReader within the try block * KNOX-2023 - Enhanced type check --- gateway-shell-release/home/bin/knoxshell.sh| 2 +- gateway-shell-release/src/assembly.xml | 7 + gateway-shell/pom.xml | 12 ++ .../shell/table/CSVKnoxShellTableBuilder.java | 18 +-- .../shell/table/JDBCKnoxShellTableBuilder.java | 41 +++--- .../shell/table/JSONKnoxShellTableBuilder.java | 12 +- .../shell/table/JoinKnoxShellTableBuilder.java | 11 +- .../knox/gateway/shell/table/KnoxShellTable.java | 65 - .../gateway/shell/table/KnoxShellTableBuilder.java | 14 +- .../gateway/shell/table/KnoxShellTableCall.java| 91 .../shell/table/KnoxShellTableCallHistory.java | 152 + .../gateway/shell/table/KnoxShellTableFilter.java | 52 --- .../shell/table/KnoxShellTableHistoryAspect.java | 85 .../shell/table/KnoxShellTableJSONSerializer.java | 63 + .../shell/table/KnoxShellTableRowDeserializer.java | 98 - gateway-shell/src/main/resources/META-INF/aop.xml | 27 .../shell/table/KnoxShellTableCallHistoryTest.java | 134 ++ .../gateway/shell/table/KnoxShellTableTest.java| 27 +++- .../knoxShellTableCallHistoryWithFiltering.json| 39 ++ .../knoxShellTableLocationsWithZipLessThan14.csv | 15 ++ gateway-util-common/pom.xml| 7 +- .../org/apache/knox/gateway/util/JsonUtils.java| 13 ++ .../util/NoClassNameMultiLineToStringStyle.java| 39 +++--- pom.xml| 11 ++ 24 files changed, 943 insertions(+), 92 deletions(-) diff --git a/gateway-shell-release/home/bin/knoxshell.sh b/gateway-shell-release/home/bin/knoxshell.sh index ad205b5..8355ab1 100755 --- a/gateway-shell-release/home/bin/knoxshell.sh +++ b/gateway-shell-release/home/bin/knoxshell.sh @@ -94,7 +94,7 @@ function main { ;; *) buildAppJavaOpts - $JAVA "${APP_JAVA_OPTS[@]}" -jar "$APP_JAR" "$@" || exit 1 + $JAVA "${APP_JAVA_OPTS[@]}" -javaagent:"$APP_BIN_DIR"/../lib/aspectjweaver.jar -jar "$APP_JAR" "$@" || exit 1 ;; esac diff --git a/gateway-shell-release/src/assembly.xml b/gateway-shell-release/src/assembly.xml index 181f770..0e15ff2 100644 --- a/gateway-shell-release/src/assembly.xml +++ b/gateway-shell-release/src/assembly.xml @@ -86,5 +86,12 @@ org.apache.knox:hadoop-examples + +lib +aspectjweaver.jar + +org.aspectj:aspectjweaver + + \ No newline at end of file diff --git a/gateway-shell/pom.xml b/gateway-shell/pom.xml index 139355b..61e61d4 100644 --- a/gateway-shell/pom.xml +++ b/gateway-shell/pom.xml @@ -118,5 +118,17 @@ com.fasterxml.jackson.core jackson-databind + +com.fasterxml.jackson.core +jackson-annotations + + +org.aspectj +aspectjrt + + +org.aspectj +aspectjweaver + diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java index db5a9e7..cc39265 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/table/CSVKnoxShellTableBuilder.java @@ -20,6 +20,7 @@ package org.ap
[knox] branch master updated: KNOX-2016 - KnoxShellTable SQL Builder, Col Select, Sort
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 6422b54 KNOX-2016 - KnoxShellTable SQL Builder, Col Select, Sort 6422b54 is described below commit 6422b540f38627a9bc3982ef99e09a9d3fce4327 Author: lmccay AuthorDate: Wed Sep 18 20:04:14 2019 -0400 KNOX-2016 - KnoxShellTable SQL Builder, Col Select, Sort --- .../apache/knox/gateway/shell/KnoxShellTable.java | 199 - .../knox/gateway/shell/KnoxShellTableTest.java | 141 ++- 2 files changed, 322 insertions(+), 18 deletions(-) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java index 6c5e1b1..dfbbf09 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java @@ -24,7 +24,14 @@ import java.io.InputStreamReader; import java.net.URL; import java.net.URLConnection; import java.nio.charset.StandardCharsets; +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.ResultSet; +import java.sql.ResultSetMetaData; +import java.sql.SQLException; +import java.sql.Statement; import java.util.ArrayList; +import java.util.Collections; import java.util.HashMap; import java.util.Iterator; import java.util.List; @@ -90,6 +97,13 @@ public class KnoxShellTable { return col; } + public List values(String colName) { +int colIndex = headers.indexOf(colName); +ArrayList col = new ArrayList(); +rows.forEach(row -> col.add(row.get(colIndex))); +return col; + } + public KnoxShellTable apply(KnoxShellTableCell cell) { if (!headers.isEmpty()) { headers.set(cell.colIndex, cell.header); @@ -265,6 +279,13 @@ public class KnoxShellTable { } public static class KnoxShellTableBuilder { +protected String title; + +public KnoxShellTableBuilder title(String title) { + this.title = title; + return this; +} + public CSVKnoxShellTableBuilder csv() { return new CSVKnoxShellTableBuilder(); } @@ -276,9 +297,13 @@ public class KnoxShellTable { public JoinKnoxShellTableBuilder join() { return new JoinKnoxShellTableBuilder(); } + +public JDBCKnoxShellTableBuilder jdbc() { + return new JDBCKnoxShellTableBuilder(); +} } - public static class JoinKnoxShellTableBuilder { + public static class JoinKnoxShellTableBuilder extends KnoxShellTableBuilder { private KnoxShellTable left; private KnoxShellTable right; private int leftIndex = -1; @@ -287,6 +312,12 @@ public class KnoxShellTable { public JoinKnoxShellTableBuilder() { } +@Override +public JoinKnoxShellTableBuilder title(String title) { + this.title = title; + return this; +} + public JoinKnoxShellTableBuilder left(KnoxShellTable left) { this.left = left; return this; @@ -299,6 +330,9 @@ public class KnoxShellTable { public KnoxShellTable on(int leftIndex, int rightIndex) { KnoxShellTable joined = new KnoxShellTable(); + if (title != null) { +joined.title(title); + } this.leftIndex = leftIndex; this.rightIndex = rightIndex; @@ -307,7 +341,7 @@ public class KnoxShellTable { for (List row : left.rows) { joined.rows.add(new ArrayList(row)); } - List col = right.values(leftIndex); + List col = right.values(rightIndex); ArrayList row; String leftKey; int matchedIndex; @@ -330,9 +364,15 @@ public class KnoxShellTable { } } - public static class JSONKnoxShellTableBuilder { + public static class JSONKnoxShellTableBuilder extends KnoxShellTableBuilder { boolean withHeaders; +@Override +public JSONKnoxShellTableBuilder title(String title) { + this.title = title; + return this; +} + public JSONKnoxShellTableBuilder withHeaders() { withHeaders = true; return this; @@ -349,24 +389,29 @@ public class KnoxShellTable { return table; } -public static KnoxShellTable getKnoxShellTableFromJsonString(String json) { +public KnoxShellTable getKnoxShellTableFromJsonString(String json) throws IOException { KnoxShellTable table = null; JsonFactory factory = new JsonFactory(); ObjectMapper mapper = new ObjectMapper(factory); TypeReference typeRef = new TypeReference() {}; - try { -table = mapper.readValue(json, typeRef); - } catch (IOException e) { -//LOG.failedToGetMapFromJsonString( json, e ); + table = mapper.readValue(json, typeRef); + if (title != null) { +table.title(title); } return ta
[knox] branch master updated: KNOX-2005 - Improvements to KnoxShellTable
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 074a035 KNOX-2005 - Improvements to KnoxShellTable 074a035 is described below commit 074a0354b815968a162790f09189ff47ca04e169 Author: lmccay AuthorDate: Tue Sep 3 22:53:34 2019 -0400 KNOX-2005 - Improvements to KnoxShellTable --- gateway-shell/pom.xml | 9 +- .../apache/knox/gateway/shell/KnoxShellTable.java | 334 - .../java/org/apache/knox/gateway/shell/Shell.java | 3 +- .../knox/gateway/shell/KnoxShellTableTest.java | 119 +++- .../gateway/i18n/GatewayUtilCommonMessages.java| 2 + .../org/apache/knox/gateway/util/JsonUtils.java| 27 ++ 6 files changed, 487 insertions(+), 7 deletions(-) diff --git a/gateway-shell/pom.xml b/gateway-shell/pom.xml index 7f5f09d..139355b 100644 --- a/gateway-shell/pom.xml +++ b/gateway-shell/pom.xml @@ -110,6 +110,13 @@ de.thetaphi forbiddenapis + +com.fasterxml.jackson.core +jackson-core + + +com.fasterxml.jackson.core +jackson-databind + - diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java index 9905c42..6c5e1b1 100644 --- a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java @@ -17,11 +17,27 @@ */ package org.apache.knox.gateway.shell; +import java.io.BufferedReader; +import java.io.File; +import java.io.IOException; +import java.io.InputStreamReader; +import java.net.URL; +import java.net.URLConnection; +import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Locale; import java.util.Map; +import java.util.regex.Pattern; + +import org.apache.commons.io.FileUtils; +import org.apache.knox.gateway.util.JsonUtils; + +import com.fasterxml.jackson.core.JsonFactory; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; /** * Simple table representation and text based rendering of a table via toString(). @@ -36,6 +52,12 @@ public class KnoxShellTable { private List headers = new ArrayList(); private List> rows = new ArrayList>(); + private String title; + + public KnoxShellTable title(String title) { +this.title = title; +return this; + } public KnoxShellTable header(String header) { headers.add(header); @@ -58,16 +80,106 @@ public class KnoxShellTable { return this; } + public KnoxShellTableCell cell(int colIndex, int rowIndex) { +return new KnoxShellTableCell(colIndex, rowIndex); + } + + public List values(int colIndex) { +ArrayList col = new ArrayList(); +rows.forEach(row -> col.add(row.get(colIndex))); +return col; + } + + public KnoxShellTable apply(KnoxShellTableCell cell) { +if (!headers.isEmpty()) { + headers.set(cell.colIndex, cell.header); +} +if (!rows.isEmpty()) { + rows.get(cell.rowIndex).set(cell.colIndex, cell.value); +} +return this; + } + + public class KnoxShellTableCell { +private int colIndex; +private int rowIndex; +private String header; +private String value; + +KnoxShellTableCell(int colIndex, int rowIndex) { + this.colIndex = colIndex; + this.rowIndex = rowIndex; + if (!headers.isEmpty()) { +this.header = headers.get(colIndex); + } + if (!rows.isEmpty()) { +this.value = rows.get(rowIndex).get(colIndex); + } +} + +KnoxShellTableCell(String name, int rowIndex) { + this.rowIndex = rowIndex; + if (!headers.isEmpty()) { +this.header = name; +this.colIndex = headers.indexOf(name); + } + if (!rows.isEmpty()) { +this.value = rows.get(rowIndex).get(colIndex); + } +} + +public KnoxShellTableCell value(String value) { + this.value = value; + return this; +} + +public KnoxShellTableCell header(String name) { + this.header = name; + return this; +} + +public String value() { + return this.value; +} + +public String header() { + return this.header; +} + } + + public List getHeaders() { +if (headers.isEmpty()) { + return null; +} +return headers; + } + + public List> getRows() { +return rows; + } + + public String getTitle() { +return title; + } + @Override public String toString() { -if (!headers.isEmpty() && headers.size() != rows.get(0).size()) { - throw new IllegalSt
[knox] branch master updated: KNOX-2002 - Add a KnoxShellTable to Represent and Render Output in Tabular Format
This is an automated email from the ASF dual-hosted git repository. lmccay pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git The following commit(s) were added to refs/heads/master by this push: new 5d3acde KNOX-2002 - Add a KnoxShellTable to Represent and Render Output in Tabular Format 5d3acde is described below commit 5d3acde92d6d82da15f32bf128b63f6d82dd Author: lmccay AuthorDate: Thu Aug 29 22:42:43 2019 -0400 KNOX-2002 - Add a KnoxShellTable to Represent and Render Output in Tabular Format --- .../apache/knox/gateway/shell/KnoxShellTable.java | 151 + .../knox/gateway/shell/KnoxShellTableTest.java | 108 +++ 2 files changed, 259 insertions(+) diff --git a/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java new file mode 100644 index 000..9905c42 --- /dev/null +++ b/gateway-shell/src/main/java/org/apache/knox/gateway/shell/KnoxShellTable.java @@ -0,0 +1,151 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.knox.gateway.shell; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Locale; +import java.util.Map; + +/** +* Simple table representation and text based rendering of a table via toString(). +* Headers are optional but when used must have the same count as columns +* within the rows. +*/ +public class KnoxShellTable { + private static int CELL_PAD_SIZE = 2; + private static char CELL_CORNER_CHAR = '+'; + private static char CELL_WALL_CHAR = '|'; + private static char CELL_DASH_CHAR = '-'; + + private List headers = new ArrayList(); + private List> rows = new ArrayList>(); + + public KnoxShellTable header(String header) { +headers.add(header); +return this; + } + + public KnoxShellTable row() { +List row = new ArrayList(); +rows.add(row); +return this; + } + + public KnoxShellTable value(String value) { +int index = rows.size() - 1; +if (index == -1) { + index = 0; +} +List row = rows.get(index); +row.add(value); +return this; + } + + @Override + public String toString() { +if (!headers.isEmpty() && headers.size() != rows.get(0).size()) { + throw new IllegalStateException("Number of columns within rows and headers must be the same."); +} +StringBuilder sb = new StringBuilder(); +Map widthMap = getWidthMap(); + +int colCount = rows.get(0).size(); +if (!headers.isEmpty()) { + createBorder(sb, colCount, widthMap); + newLine(sb, 1); + + sb.append(CELL_WALL_CHAR); + for (int i = 0; i < colCount; i++) { +sb.append(centerString(widthMap.get(i) + 4, headers.get(i))).append(CELL_WALL_CHAR); + } + newLine(sb, 1); +} +createBorder(sb, colCount, widthMap); + +for (List row : rows) { + newLine(sb, 1); + sb.append(CELL_WALL_CHAR); + for (int i = 0; i < row.size(); i++) { +sb.append(centerString(widthMap.get(i) + 4, row.get(i))).append(CELL_WALL_CHAR); + } +} + +newLine(sb, 1); +createBorder(sb, colCount, widthMap); +newLine(sb, 1); + +return sb.toString(); + } + + private void newLine(StringBuilder sb, int count) { +for (int i = 0; i < count; i++) { + sb.append('\n'); +} + } + + private String centerString(int width, String s) { +s = ensureEvenLength(s); +return String.format(Locale.ROOT, "%-" + width + "s", String.format(Locale.ROOT, "%" + (s.length() + (width - s.length()) / 2) + "s", s)); + } + + private String ensureEvenLength(String s) { +if (s.length() % 2 != 0) { + s = s + " "; +} +return s; + } + + private void createBorder(StringBuilder sb, int headerCount, Map widthMap) { +for (int i = 0; i < headerCount; i++) { + if (i == 0) { +sb.append(CELL_CORNER_CHAR); + } + + for (int j = 0; j < widthMap.get(i) + CELL_PAD_SIZE * 2; j++) { +sb.append(CELL_DASH_CHAR); + } + sb.appen
svn commit: r1863761 - in /knox/site/books: knox-0-12-0/ knox-0-13-0/ knox-0-14-0/ knox-1-0-0/ knox-1-1-0/ knox-1-2-0/ knox-1-3-0/ knox-1-4-0/
Author: lmccay Date: Thu Jul 25 20:05:03 2019 New Revision: 1863761 URL: http://svn.apache.org/viewvc?rev=1863761=rev Log: Add buildTrustStore docs to the 1.4.0 book Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-2-0/deployment-overview.png knox/site/books/knox-1-2-0/deployment-provider.png knox/site/books/knox-1-2-0/deployment-service.png knox/site/books/knox-1-2-0/general_saml_flow.png knox/site/books/knox-1-2-0/runtime-overview.png knox/site/books/knox-1-2-0/runtime-request-processing.png knox/site/books/knox-1-3-0/deployment-overview.png knox/site/books/knox-1-3-0/deployment-provider.png knox/site/books/knox-1-3-0/deployment-service.png knox/site/books/knox-1-3-0/general_saml_flow.png knox/site/books/knox-1-3-0/runtime-overview.png knox/site/books/knox-1-3-0/runtime-request-processing.png knox/site/books/knox-1-4-0/deployment-overview.png knox/site/books/knox-1-4-0/deployment-provider.png knox/site/books/knox-1-4-0/deployment-service.png knox/site/books/knox-1-4-0/general_saml_flow.png knox/site/books/knox-1-4-0/runtime-overview.png knox/site/books/knox-1-4-0/runtime-request-processing.png Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-overview.png?rev=1863761=1863760=1863761=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-provider.png URL: http
svn commit: r1863759 - in /knox: site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/knox-1-3-0/ sit
Author: lmccay Date: Thu Jul 25 19:06:44 2019 New Revision: 1863759 URL: http://svn.apache.org/viewvc?rev=1863759=rev Log: added KnoxSh buildTrustStore command docs Modified: knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-2-0/deployment-overview.png knox/site/books/knox-1-2-0/deployment-provider.png knox/site/books/knox-1-2-0/deployment-service.png knox/site/books/knox-1-2-0/general_saml_flow.png knox/site/books/knox-1-2-0/runtime-overview.png knox/site/books/knox-1-2-0/runtime-request-processing.png knox/site/books/knox-1-3-0/deployment-overview.png knox/site/books/knox-1-3-0/deployment-provider.png knox/site/books/knox-1-3-0/deployment-service.png knox/site/books/knox-1-3-0/general_saml_flow.png knox/site/books/knox-1-3-0/runtime-overview.png knox/site/books/knox-1-3-0/runtime-request-processing.png knox/site/books/knox-1-3-0/user-guide.html knox/site/books/knox-1-4-0/deployment-overview.png knox/site/books/knox-1-4-0/deployment-provider.png knox/site/books/knox-1-4-0/deployment-service.png knox/site/books/knox-1-4-0/general_saml_flow.png knox/site/books/knox-1-4-0/runtime-overview.png knox/site/books/knox-1-4-0/runtime-request-processing.png knox/trunk/books/1.3.0/book_client-details.md Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1863759=1863758=1863759=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1863759=1863758=1863759=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1863759=1863758=1863759=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1863759=1863758=1863759=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1863759=1863758=1863759=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1863759=1863758=1863759=diff == Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-overview.png?rev=1863759=1863758=1863759=diff == Binary files
svn commit: r1863668 [9/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Added: knox/trunk/books/1.4.0/service_service_test.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/service_service_test.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/service_service_test.md (added) +++ knox/trunk/books/1.4.0/service_service_test.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,228 @@ + + + +### Service Test API + +The gateway supports a Service Test API that can be used to test Knox's ability to connect to each of the different Hadoop services via a simple HTTP GET request. To be able to access this API, one must add the following lines into the topology for which you wish to run the service test. + + + SERVICE-TEST + + +After adding the above to a topology, you can make a cURL request with the following structure + +curl -i -k "https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/service-test?username=guest=guest-password; + +An alternate method of providing credentials: + +curl -i -k -u guest:guest-password https://{gateway-hostname}:{gateway-port}/gateway/{topology-name}/service-test + +Below is an example response. The gateway is also capable of returning XML if specified in the request's "Accept" HTTP header. + +{ +"serviceTestWrapper": { + "Tests": { + "ServiceTest": [ + { +"serviceName": "WEBHDFS", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/webhdfs/v1/?op=LISTSTATUS;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHCAT", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/status;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHCAT", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHCAT", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hive;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHCAT", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/templeton/v1/version/hadoop;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "OOZIE", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/build-version;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "OOZIE", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/v1/admin/status;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "OOZIE", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/oozie/versions;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHBASE", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHBASE", +"requestURL": "http://{gateway-host}:{gateway-port}/gateway/{topology-name}/hbase/version/cluster;, +"responseContent": "Content-Length:0,Content-Type: application/json;charset=utf-8", +"httpCode": 200, +"message": "Request sucessful." + }, + { +"serviceName": "WEBHBASE", +"requestURL":
svn commit: r1863668 [7/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Added: knox/trunk/books/1.4.0/dev-guide/knox_monitoring_api.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/dev-guide/knox_monitoring_api.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/dev-guide/knox_monitoring_api.md (added) +++ knox/trunk/books/1.4.0/dev-guide/knox_monitoring_api.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,366 @@ +Health Monitoring REST API +=== + +Knox provides REST-ful API for monitoring the core service. It primarily exposes the health of the Knox service that includes service status (up/down) as well as other health metrics. This is a work-in-progress feature, which started with an extensible framework to support basic functionalities. In particular, it currently supports the API to A) *ping* the service and B) time-based statistics related to all API calls. + + Health Monitoring Setup +The basic setup includes two major steps A) add configurations to enable the metrics collection and reporting B) write a topology file and upload it into *topologies* directory. + +# Service Configurations +At first, we need to make sure the gateway configurations to gather and report to JMX are turned on in *gateway-site.xml*. The following two configurations into *gateway-site.xml* will serve the purpose. + +``` + + gateway.metrics.enabled + true + Boolean flag indicates whether to enable the metrics collection + + + gateway.jmx.metrics.reporting.enabled + true + Boolean flag indicates whether to enable the metrics reporting using JMX + + +``` + +# health.xml Topology +In order to enable health monitoring REST service, you need to add a new topology file (i.e. *health.xml*). The following is an example that is configured to test the basic functionalities of Knox service. It is highly recommended using more restricted authentication mechanism. + +``` + + + + + +authentication +ShiroProvider +true + + +sessionTimeout +30 + + +main.ldapRealm +org.apache.knox.gateway.shirorealm.KnoxLdapRealm + + +main.ldapContextFactory + org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory + + +main.ldapRealm.contextFactory +$ldapContextFactory + + +main.ldapRealm.userDnTemplate +uid={0},ou=people,dc=hadoop,dc=apache,dc=org + + +main.ldapRealm.contextFactory.url +ldap://localhost:33389 + + + main.ldapRealm.contextFactory.authenticationMechanism +simple + + +urls./** +authcBasic + + + + +authorization +AclsAuthz +false + +knox.acl +admin;*;* + + + + +identity-assertion +Default +false + + + +hostmap +static +true + localhostsandbox,sandbox.hortonworks.com + + + + + +HEALTH + + + +``` + +Just as with any Knox service, the gateway providers protect the health monitoring REST service defined above it. In this case, the ShiroProvider is taking care of HTTP Basic Auth using LDAP. Once the user authenticates with LDAP, the request processing continues to the *Health* service that will perform the necessary actions. + +The authenticate/federation provider can be swapped out to fit your deployment environment. + +After creating the file health.xml with above contents, you need to copy the file to *KNOX_HOME/conf/topologies* directory. If Knox/gateway service is not running, you can start it using "*bin/gateway.sh start*". Otherwise the service would automatically pick this new '*health*' service. When gateway service registers the new service, it displays the following log messages in *log/gateway.log*. + +``` +2017-08-22 03:44:25,045 INFO knox.gateway (GatewayServer.java:handleCreateDeployment(677)) - Deploying topology health to /home/joe/knox/knox-0.12.0/bin/../data/deployments/health.topo.15e080a91c0 +2017-08-22 03:44:25,045 INFO knox.gateway (GatewayServer.java:internalDeactivateTopology(596)) - Deactivating topology health +2017-08-22 03:44:25,119 INFO knox.gateway (DefaultGatewayServices.java:initializeContribution(197)) - Creating credential store for the cluster: health +2017-08-22 03:44:25,142 INFO knox.gateway (GatewayServer.java:internalActivateTopology(566)) - Activating topology health +2017-08-22 03:44:25,142 INFO knox.gateway (GatewayServer.java:internalActivateArchive(576)) - Activating topology health
svn commit: r1863668 [8/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Added: knox/trunk/books/1.4.0/service_avatica.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/service_avatica.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/service_avatica.md (added) +++ knox/trunk/books/1.4.0/service_avatica.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,100 @@ + + +### Avatica ### + +Knox provides gateway functionality for access to all Apache Avatica-based servers. +The gateway can be used to provide authentication and encryption for clients to +servers like the Apache Phoenix Query Server. + + Gateway configuration + +The Gateway can be configured for Avatica by modifying the topology XML file +and providing a new service XML file. + +In the topology XML file, add the following with the correct hostname: + + + AVATICA + http://avatica:8765 + + +Your installation likely already contains the following service files. Ensure +that they are present in your installation. In `services/avatica/1.9.0/rewrite.xml`: + + + + + + + + + + +And in `services/avatica/1.9.0/service.xml`: + + + + + + + + + + + + + + + + + + + JDBC Drivers + +In most cases, users only need to modify the hostname of the Avatica server to +instead be the Knox Gateway. To enable authentication, some of the Avatica +property need to be added to the Properties object used when constructing the +`Connection` or to the JDBC URL directly. + +The JDBC URL can be modified like: + + jdbc:avatica:remote:url=https://knox_gateway.domain:8443/gateway/sandbox/avatica;avatica_user=username;avatica_password=password;authentication=BASIC + +Or, using the `Properties` class: + +Properties props = new Properties(); +props.setProperty("avatica_user", "username"); +props.setProperty("avatica_password", "password"); +props.setProperty("authentication", "BASIC"); +DriverManager.getConnection(url, props); + +Additionally, when the TLS certificate of the Knox Gateway is not trusted by your JVM installation, +it will be necessary for you to pass in a custom truststore and truststore password to perform the +necessary TLS handshake. This can be realized with the `truststore` and `truststore_password` properties +using the same approaches as above. + +Via the JDBC URL: + + jdbc:avatica:remote:url=https://...;authentication=BASIC;truststore=/tmp/knox_truststore.jks;truststore_password=very_secret + +Using Java code: + +... +props.setProperty("truststore", "/tmp/knox_truststore.jks"); +props.setProperty("truststore_password", "very_secret"); +DriverManager.getConnection(url, props); Added: knox/trunk/books/1.4.0/service_config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/service_config.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/service_config.md (added) +++ knox/trunk/books/1.4.0/service_config.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,41 @@ + + +### Common Service Config ### + +It is possible to override a few of the global configuration settings provided in gateway-site.xml at the service level. +These overrides are specified as name/value pairs within the \ elements of a particular service. +The overridden settings apply only to that service. + +The following table shows the common configuration settings available at the service level via service level parameters. +Individual services may support additional service level parameters. + +Property | Description | Default +-|-|- +httpclient.maxConnections| The maximum number of connections that a single httpclient will maintain to a single host:port. | 32 +httpclient.connectionTimeout | The amount of time to wait when attempting a connection. The natural unit is milliseconds, but a 's' or 'm' suffix may be used for seconds or minutes respectively. The default timeout is system dependent. | 20s +httpclient.socketTimeout | The amount of time to wait for data on a socket before aborting the connection. The natural unit is milliseconds, but a 's' or 'm' suffix may be used for seconds or minutes respectively. The default timeout is system dependent but is likely to be indefinite. | 20s + +The example below demonstrates how these service level parameters are used. + + + HIVE + + httpclient.socketTimeout + 180s + + Added: knox/trunk/books/1.4.0/service_default_ha.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/service_default_ha.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/service_default_ha.md (added) +++
svn commit: r1863668 [4/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
SSL between Apache HTTP Server and Knox instances; +* SSLCertificateFile and SSLCertificateKeyFile have to point to certificate data of Apache HTTP Server. User will use this certificate for communications with Apache HTTP Server; +* SSLProxyCACertificateFile has to point to Knox certificates. + +## Start/stop Apache HTTP Server ## + +APACHE_HOME/bin/apachectl -k start +APACHE_HOME/bin/apachectl -k stop + +## Verify ## + +Use Knox samples. Added: knox/trunk/books/1.4.0/config_hadoop_auth_provider.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/config_hadoop_auth_provider.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/config_hadoop_auth_provider.md (added) +++ knox/trunk/books/1.4.0/config_hadoop_auth_provider.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,98 @@ + + +### HadoopAuth Authentication Provider ### +The HadoopAuth authentication provider for Knox integrates the use of the Apache Hadoop module for SPNEGO and delegation token based authentication. This introduces the same authentication pattern used across much of the Hadoop ecosystem to Apache Knox and allows clients to using the strong authentication and SSO capabilities of Kerberos. + + Configuration +# Overview # +As with all providers in the Knox gateway, the HadoopAuth provider is configured through provider parameters. The configuration parameters are the same parameters used within Apache Hadoop for the same capabilities. In this section, we provide an example configuration and description of each of the parameters. We do encourage the reader to refer to the Hadoop documentation for this as well. (see http://hadoop.apache.org/docs/current/hadoop-auth/Configuration.html) + +One of the interesting things to note about this configuration is the use of the `config.prefix` parameter. In Hadoop there may be multiple components with their own specific configuration values for these parameters and since they may get mixed into the same Configuration object - there needs to be a way to identify the component specific values. The `config.prefix` parameter is used for this and is prepended to each of the configuration parameters for this provider. Below, you see an example configuration where the value for config.prefix happens to be `hadoop.auth.config`. You will also notice that this same value is prepended to the name of the rest of the configuration parameters. + + + authentication + HadoopAuth + true + +config.prefix +hadoop.auth.config + + +hadoop.auth.config.signature.secret +knox-signature-secret + + +hadoop.auth.config.type +kerberos + + +hadoop.auth.config.simple.anonymous.allowed +false + + +hadoop.auth.config.token.validity +1800 + + +hadoop.auth.config.cookie.domain +novalocal + + +hadoop.auth.config.cookie.path +gateway/default + + +hadoop.auth.config.kerberos.principal + HTTP/lmccay-knoxft-24m-r6-sec-160422-1327-2.novalo...@example.com + + +hadoop.auth.config.kerberos.keytab +/etc/security/keytabs/spnego.service.keytab + + +hadoop.auth.config.kerberos.name.rules +DEFAULT + + + + + Descriptions +The following tables describes the configuration parameters for the HadoopAuth provider: + +## Config + +Name | Description | Default +-|---| +config.prefix| If specified, all other configuration parameter names must start with the prefix. | none +signature.secret|This is the secret used to sign the delegation token in the hadoop.auth cookie. This same secret needs to be used across all instances of the Knox gateway in a given cluster. Otherwise, the delegation token will fail validation and authentication will be repeated each request. | A simple random number +type | This parameter needs to be set to `kerberos` | none, would throw exception +simple.anonymous.allowed | This should always be false for a secure deployment. | true +token.validity | The validity -in seconds- of the generated authentication token. This is also used for the rollover interval when `signer.secret.provider` is set to random or ZooKeeper. | 36000 seconds +cookie.domain| Domain to use for the HTTP cookie that stores the authentication token | null +cookie.path | Path to use for the HTTP cookie that stores the authentication token | null +kerberos.principal | The web-application Kerberos principal name. The Kerberos principal name must start with HTTP/ For example: `HTTP/localhost@LOCALHOST` | null +kerberos.keytab | The path to the keytab file containing the credentials for the kerberos principal. For
svn commit: r1863668 [3/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Added: knox/trunk/books/1.4.0/book_ui_service_details.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/book_ui_service_details.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/book_ui_service_details.md (added) +++ knox/trunk/books/1.4.0/book_ui_service_details.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,479 @@ + + +## UI Service Details ## + +In the sections that follow, the integrations for proxying various UIs currently available out of the box with the +gateway will be described. These sections will include examples that demonstrate how to access each of these services +via the gateway. + +These are the current Hadoop services with built-in support for their UIs. + +* #[Name Node UI] +* #[Job History UI] +* #[Oozie UI] +* #[HBase UI] +* #[Yarn UI] +* #[Spark UI] +* #[Ambari UI] +* #[Ranger Admin Console] +* #[Atlas UI] +* #[Zeppelin UI] +* #[Nifi UI] + +### Assumptions + +This section assumes an environment setup similar to the one in the REST services section #[Service Details] + +### Name Node UI ### + +The Name Node UI is available on the same host and port combination that WebHDFS is available on. As mentioned in the +WebHDFS REST service configuration section, the values for the host and port can be obtained from the following +properties in hdfs-site.xml + + +dfs.namenode.http-address +sandbox.hortonworks.com:50070 + + +dfs.https.namenode.https-address +sandbox.hortonworks.com:50470 + + +The values above need to be reflected in each topology descriptor file deployed to the gateway. +The gateway by default includes a sample topology descriptor file `{GATEWAY_HOME}/deployments/sandbox.xml`. +The values in this sample are configured to work with an installed Sandbox VM. + + +HDFSUI +http://sandbox.hortonworks.com:50070 + + +In addition to the service configuration for HDFSUI, the REST service configuration for WEBHDFS is also required. + + +NAMENODE +hdfs://sandbox.hortonworks.com:8020 + + +WEBHDFS +http://sandbox.hortonworks.com:50070/webhdfs + + +By default the gateway is configured to use the HTTP endpoint for WebHDFS in the Sandbox. +This could alternatively be configured to use the HTTPS endpoint by providing the correct address. + + Name Node UI URL Mapping + +For Name Node UI URLs, the mapping of Knox Gateway accessible HDFS UI URLs to direct HDFS UI URLs is: + +| --- | - | +| Gateway | `https://{gateway-host}:{gateway-port}/{gateway-path}/{cluster-name}/hdfs` | +| Cluster | `http://{webhdfs-host}:50070/` | + +For example to browse the file system using the NameNode UI the URL in a web browser would be: + +http://sandbox.hortonworks.com:50070/explorer.html# + +And using the gateway to access the same page the URL would be (where the gateway host:port is 'localhost:8443') + +https://localhost:8443/gateway/sandbox/hdfs/explorer.html# + + +### Job History UI ### + +The Job History UI service can be configured in a topology by adding the following snippet. The values in this sample +are configured to work with an installed Sandbox VM. + + +JOBHISTORYUI +http://sandbox.hortonworks.com:19888 + + +The values for the host and port can be obtained from the following property in mapred-site.xml + + +mapreduce.jobhistory.webapp.address +sandbox.hortonworks.com:19888 + + + + + Job History UI URL Mapping + +For Job History UI URLs, the mapping of Knox Gateway accessible Job History UI URLs to direct Job History UI URLs is: + +| --- | - | +| Gateway | `https://{gateway-host}:{gateway-port}/{gateway-path}/{cluster-name}/jobhistory` | +| Cluster | `http://{jobhistory-host}:19888/jobhistory` | + + +### Oozie UI ### + +The Oozie UI service can be configured in a topology by adding the following snippet. The values in this sample +are configured to work with an installed Sandbox VM. + + +OOZIEUI +http://sandbox.hortonworks.com:11000/oozie + + +The value for the URL can be obtained from the following property in oozie-site.xml + + +oozie.base.url +http://sandbox.hortonworks.com:11000/oozie + + + + + Oozie UI URL Mapping + +For Oozie UI URLs, the mapping of Knox Gateway accessible Oozie UI URLs to direct Oozie UI URLs is: + +| --- | - | +| Gateway | `https://{gateway-host}:{gateway-port}/{gateway-path}/{cluster-name}/oozie/` | +| Cluster | `http://{oozie-host}:11000/oozie/` | + + +### HBase UI ###
svn commit: r1863668 [1/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Author: lmccay Date: Tue Jul 23 21:27:15 2019 New Revision: 1863668 URL: http://svn.apache.org/viewvc?rev=1863668=rev Log: Update for 1.3.0 Release Added: knox/trunk/books/1.4.0/ knox/trunk/books/1.4.0/admin_api.md knox/trunk/books/1.4.0/admin_ui.md knox/trunk/books/1.4.0/book.md knox/trunk/books/1.4.0/book_client-details.md knox/trunk/books/1.4.0/book_gateway-details.md knox/trunk/books/1.4.0/book_getting-started.md knox/trunk/books/1.4.0/book_knox-samples.md knox/trunk/books/1.4.0/book_limitations.md knox/trunk/books/1.4.0/book_service-details.md knox/trunk/books/1.4.0/book_topology_port_mapping.md knox/trunk/books/1.4.0/book_troubleshooting.md knox/trunk/books/1.4.0/book_ui_service_details.md knox/trunk/books/1.4.0/config.md knox/trunk/books/1.4.0/config_advanced_ldap.md knox/trunk/books/1.4.0/config_audit.md knox/trunk/books/1.4.0/config_authn.md knox/trunk/books/1.4.0/config_authz.md knox/trunk/books/1.4.0/config_ha.md knox/trunk/books/1.4.0/config_hadoop_auth_provider.md knox/trunk/books/1.4.0/config_id_assertion.md knox/trunk/books/1.4.0/config_kerberos.md knox/trunk/books/1.4.0/config_knox_sso.md knox/trunk/books/1.4.0/config_knox_token.md knox/trunk/books/1.4.0/config_ldap_authc_cache.md knox/trunk/books/1.4.0/config_ldap_group_lookup.md knox/trunk/books/1.4.0/config_metrics.md knox/trunk/books/1.4.0/config_mutual_authentication_ssl.md knox/trunk/books/1.4.0/config_pac4j_provider.md knox/trunk/books/1.4.0/config_pam_authn.md knox/trunk/books/1.4.0/config_preauth_sso_provider.md knox/trunk/books/1.4.0/config_sandbox.md knox/trunk/books/1.4.0/config_sso_cookie_provider.md knox/trunk/books/1.4.0/config_tls_client_certificate_authentication_provider.md knox/trunk/books/1.4.0/config_webappsec_provider.md knox/trunk/books/1.4.0/dev-guide/ knox/trunk/books/1.4.0/dev-guide/admin-ui.md knox/trunk/books/1.4.0/dev-guide/book.md knox/trunk/books/1.4.0/dev-guide/deployment-overview.puml knox/trunk/books/1.4.0/dev-guide/deployment-provider-simple.puml knox/trunk/books/1.4.0/dev-guide/deployment-provider.puml knox/trunk/books/1.4.0/dev-guide/deployment-service-simple.puml knox/trunk/books/1.4.0/dev-guide/deployment-service.puml knox/trunk/books/1.4.0/dev-guide/general_saml_flow.puml knox/trunk/books/1.4.0/dev-guide/knox_monitoring_api.md knox/trunk/books/1.4.0/dev-guide/knoxsso_integration.md knox/trunk/books/1.4.0/dev-guide/runtime-overview.puml knox/trunk/books/1.4.0/dev-guide/runtime-request-processing.puml knox/trunk/books/1.4.0/img/ knox/trunk/books/1.4.0/img/adminui/ knox/trunk/books/1.4.0/img/adminui/image1.png (with props) knox/trunk/books/1.4.0/img/adminui/image10.png (with props) knox/trunk/books/1.4.0/img/adminui/image11.png (with props) knox/trunk/books/1.4.0/img/adminui/image12.png (with props) knox/trunk/books/1.4.0/img/adminui/image13.png (with props) knox/trunk/books/1.4.0/img/adminui/image14.png (with props) knox/trunk/books/1.4.0/img/adminui/image15.png (with props) knox/trunk/books/1.4.0/img/adminui/image16.png (with props) knox/trunk/books/1.4.0/img/adminui/image17.png (with props) knox/trunk/books/1.4.0/img/adminui/image18.png (with props) knox/trunk/books/1.4.0/img/adminui/image19.png (with props) knox/trunk/books/1.4.0/img/adminui/image2.png (with props) knox/trunk/books/1.4.0/img/adminui/image20.png (with props) knox/trunk/books/1.4.0/img/adminui/image21.png (with props) knox/trunk/books/1.4.0/img/adminui/image3.png (with props) knox/trunk/books/1.4.0/img/adminui/image4.png (with props) knox/trunk/books/1.4.0/img/adminui/image5.png (with props) knox/trunk/books/1.4.0/img/adminui/image6.png (with props) knox/trunk/books/1.4.0/img/adminui/image7.png (with props) knox/trunk/books/1.4.0/img/adminui/image8.png (with props) knox/trunk/books/1.4.0/img/adminui/image9.png (with props) knox/trunk/books/1.4.0/img/adminui/plus-icon.png (with props) knox/trunk/books/1.4.0/img/adminui/x-icon.png (with props) knox/trunk/books/1.4.0/knox_cli.md knox/trunk/books/1.4.0/likeised knox/trunk/books/1.4.0/quick_start.md knox/trunk/books/1.4.0/service_avatica.md knox/trunk/books/1.4.0/service_config.md knox/trunk/books/1.4.0/service_default_ha.md knox/trunk/books/1.4.0/service_elasticsearch.md knox/trunk/books/1.4.0/service_hbase.md knox/trunk/books/1.4.0/service_hive.md knox/trunk/books/1.4.0/service_kafka.md knox/trunk/books/1.4.0/service_livy.md knox/trunk/books/1.4.0/service_oozie.md knox/trunk/books/1.4.0/service_service_test.md knox/trunk/books/1.4.0/service_solr.md knox/trunk/books/1.4.0/service_ssl_certificate_trust.md knox/trunk/books/1.4.0/service_storm.md knox/trunk/books/1.4.0/service_webhcat.md
svn commit: r1863668 [2/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Added: knox/trunk/books/1.4.0/book_client-details.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/book_client-details.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/book_client-details.md (added) +++ knox/trunk/books/1.4.0/book_client-details.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,692 @@ + + +## Client Details ## +The KnoxShell release artifact provides a small footprint client environment that removes all unnecessary server dependencies, configuration, binary scripts, etc. It is comprised a couple different things that empower different sorts of users. + +* A set of SDK type classes for providing access to Hadoop resources over HTTP +* A Groovy based DSL for scripting access to Hadoop resources based on the underlying SDK classes +* A KnoxShell Token based Sessions to provide a CLI SSO session for executing multiple scripts + +The following sections provide an overview and quickstart for the KnoxShell. + +### Client Quickstart ### +The following installation and setup instructions should get you started with using the KnoxShell very quickly. + +1. Download a knoxshell-x.x.x.zip or tar file and unzip it in your preferred location `{GATEWAY_CLIENT_HOME}` + +home:knoxshell-0.12.0 larry$ ls -l +total 296 +-rw-r--r--@ 1 larry staff 71714 Mar 14 14:06 LICENSE +-rw-r--r--@ 1 larry staff164 Mar 14 14:06 NOTICE +-rw-r--r--@ 1 larry staff 71714 Mar 15 20:04 README +drwxr-xr-x@ 12 larry staff408 Mar 15 21:24 bin +drwxr--r--@ 3 larry staff102 Mar 14 14:06 conf +drwxr-xr-x+ 3 larry staff102 Mar 15 12:41 logs +drwxr-xr-x@ 18 larry staff612 Mar 14 14:18 samples + +|Directory| Description | +|-|-| +|bin |contains the main knoxshell jar and related shell scripts| +|conf |only contains log4j config| +|logs |contains the knoxshell.log file| +|samples |has numerous examples to help you get started| + +2. cd `{GATEWAY_CLIENT_HOME}` +3. Get/setup truststore for the target Knox instance or fronting load balancer +- if you have access to the server you may use the command `knoxcli.sh export-cert --type JKS` +- copy the resulting `gateway-client-identity.jks` to your user home directory +4. Execute the an example script from the `{GATEWAY_CLIENT_HOME}/samples` directory - for instance: +- `bin/knoxshell.sh samples/ExampleWebHdfsLs.groovy` + +home:knoxshell-0.12.0 larry$ bin/knoxshell.sh samples/ExampleWebHdfsLs.groovy +Enter username: guest +Enter password: +[app-logs, apps, mapred, mr-history, tmp, user] + +At this point, you should have seen something similar to the above output - probably with different directories listed. You should get the idea from the above. Take a look at the sample that we ran above: + +import groovy.json.JsonSlurper +import org.apache.knox.gateway.shell.Hadoop +import org.apache.knox.gateway.shell.hdfs.Hdfs + +import org.apache.knox.gateway.shell.Credentials + +gateway = "https://localhost:8443/gateway/sandbox; + +credentials = new Credentials() +credentials.add("ClearInput", "Enter username: ", "user") +.add("HiddenInput", "Enter pas" + "sword: ", "pass") +credentials.collect() + +username = credentials.get("user").string() +pass = credentials.get("pass").string() + +session = Hadoop.login( gateway, username, pass ) + +text = Hdfs.ls( session ).dir( "/" ).now().string +json = (new JsonSlurper()).parseText( text ) +println json.FileStatuses.FileStatus.pathSuffix +session.shutdown() + +Some things to note about this sample: + +1. The gateway URL is hardcoded +- Alternatives would be passing it as an argument to the script, using an environment variable or prompting for it with a ClearInput credential collector +2. Credential collectors are used to gather credentials or other input from various sources. In this sample the HiddenInput and ClearInput collectors prompt the user for the input with the provided prompt text and the values are acquired by a subsequent get call with the provided name value. +3. The Hadoop.login method establishes a login session of sorts which will need to be provided to the various API classes as an argument. +4. The response text is easily retrieved as a string and can be parsed by the JsonSlurper or whatever you like + +### Client Token Sessions ### +Building on the Quickstart above we will drill into some of the token session details here and walk through another sample. + +Unlike the quickstart, token sessions require the server to be configured in specific ways to allow the use of token sessions/federation. + + Server Setup +1. KnoxToken service should be added to your `sandbox.xml` topology - see the [KnoxToken
svn commit: r1863668 [5/9] - in /knox: site/ site/books/knox-0-12-0/ site/books/knox-0-13-0/ site/books/knox-0-14-0/ site/books/knox-1-0-0/ site/books/knox-1-1-0/ site/books/knox-1-2-0/ site/books/kno
Added: knox/trunk/books/1.4.0/config_knox_token.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/config_knox_token.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/config_knox_token.md (added) +++ knox/trunk/books/1.4.0/config_knox_token.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,51 @@ +## KnoxToken Configuration + +### Introduction +--- + +The Knox Token Service enables the ability for clients to acquire the same JWT token that is used for KnoxSSO with WebSSO flows for UIs to be used for accessing REST APIs. By acquiring the token and setting it as a Bearer token on a request, a client is able to access REST APIs that are protected with the JWTProvider federation provider. + +This section describes the overall setup requirements and options for KnoxToken service. + +### KnoxToken service +The Knox Token Service configuration can be configured in any topology and be tailored to issue tokens to authenticated users and constrain the usage of the tokens in a number of ways. + + + KNOXTOKEN + + knox.token.ttl + 3600 + + + knox.token.audiences + tokenbased + + + knox.token.target.url + https://localhost:8443/gateway/tokenbased + + + + KnoxToken Configuration Parameters + +Parameter| Description | Default + | |--- +knox.token.ttl| This indicates the lifespan of the token. Once it expires a new token must be acquired from KnoxToken service. This is in milliseconds. The 3600 in the topology above gives you 10 hrs. | 3 That is 30 seconds. +knox.token.audiences | This is a comma separated list of audiences to add to the JWT token. This is used to ensure that a token received by a participating application knows that the token was intended for use with that application. It is optional. In the event that an endpoint has expected audiences and they are not present the token must be rejected. In the event where the token has audiences and the endpoint has none expected then the token is accepted.| empty +knox.token.target.url | This is an optional configuration parameter to indicate the intended endpoint for which the token may be used. The KnoxShell token credential collector can pull this URL from a knoxtokencache file to be used in scripts. This eliminates the need to prompt for or hardcode endpoints in your scripts. | n/a + +Adding the KnoxToken configuration shown above to a topology that is protected with the ShrioProvider is a very simple and effective way to expose an endpoint from which a Knox token can be requested. Once it is acquired it may be used to access resources at intended endpoints until it expires. + +The following curl command can be used to acquire a token from the Knox Token service as configured in the sandbox topology: + +curl -ivku guest:guest-password https://localhost:8443/gateway/sandbox/knoxtoken/api/v1/token + +Resulting in a JSON response that contains the token, the expiration and the optional target endpoint: + + `{"access_token":"eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJndWVzdCIsImF1ZCI6InRva2VuYmFzZWQiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNDg5OTQyMTg4fQ.bcqSK7zMnABEM_HVsm3oWNDrQ_ei7PcMI4AtZEERY9LaPo9dzugOg3PA5JH2BRF-lXM3tuEYuZPaZVf8PenzjtBbuQsCg9VVImuu2r1YNVJlcTQ7OV-eW50L6OTI0uZfyrFwX6C7jVhf7d7YR1NNxs4eVbXpS1TZ5fDIRSfU3MU","target_url":"https://localhost:8443/gateway/tokenbased","token_type":"Bearer ","expires_in":1489942188233}` + +The following curl example shows how to add a bearer token to an Authorization header: + +curl -ivk -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJndWVzdCIsImF1ZCI6InRva2VuYmFzZWQiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNDg5OTQyMTg4fQ.bcqSK7zMnABEM_HVsm3oWNDrQ_ei7PcMI4AtZEERY9LaPo9dzugOg3PA5JH2BRF-lXM3tuEYuZPaZVf8PenzjtBbuQsCg9VVImuu2r1YNVJlcTQ7OV-eW50L6OTI0uZfyrFwX6C7jVhf7d7YR1NNxs4eVbXpS1TZ5fDIRSfU3MU" https://localhost:8443/gateway/tokenbased/webhdfs/v1/tmp?op=LISTSTATUS + +See documentation in Client Details for KnoxShell init, list and destroy for commands that leverage this token service for CLI sessions. \ No newline at end of file Added: knox/trunk/books/1.4.0/config_ldap_authc_cache.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.4.0/config_ldap_authc_cache.md?rev=1863668=auto == --- knox/trunk/books/1.4.0/config_ldap_authc_cache.md (added) +++ knox/trunk/books/1.4.0/config_ldap_authc_cache.md Tue Jul 23 21:27:15 2019 @@ -0,0 +1,211 @@ + + +### LDAP Authentication Caching ### + +Knox can be configured to cache LDAP authentication information. Knox leverages Shiro's built in +caching mechanisms and has been tested with Shiro's EhCache cache manager implementation. + +The following provider snippet