Re: [VOTE] Release Apache Knox 0.7.0
+1 (binding) Here is what I’ve done: * Verified the signatures * Cleanly built from source and executed the tests * Tested WebHdfs, WebHCat, Oozie, HBase, Hive Found some minor annoyances in the Groovy samples but we will address those in the planned 0.8. On 12/17/15, 2:02 PM, "Kevin Minder"wrote: >A candidate for the Apache Knox 0.7.0 release is available at: >https://dist.apache.org/repos/dist/dev/knox/knox-0.7.0/ > >The release candidate is a zip archive of the sources (knox-0.7.0-src.zip) in: >https://git-wip-us.apache.org/repos/asf/knox.git >Branch v0.7.0 (git checkout -b v0.7.0) > >The SHA1 checksum of the archive (knox-0.7.0-src.zip) is >f1be8cd2d0b546ca8652fb7d2a5431bd217a0e11. >The KEYS file for signature validation is available at: >https://dist.apache.org/repos/dist/release/knox/KEYS > >Please vote on releasing this package as Knox 0.7.0. >The vote is open for the next 72 hours and passes if a majority of at >least three +1 Knox PMC votes are cast. > >[ ] +1 Release this package as Knox 0.6.0 >[ ] -1 Do not release this package because...
Re: [VOTE] Release Apache Knox 0.7.0
+1 (binding) * verified signatures * pulled the 0.7.0 source branch, built and ran tests * tested basic functionality of WebHDFS, WebHCAT, HBase, Yarn (ResourceManager), Storm * tested basic HA functionality with between two Hbase instances. * tested UI services for HDFS, YARN and Hbase (there are some filed JIRAs for the UI services). On 12/21/15, 2:50 PM, "larry mccay"wrote: >+1 (binding) > >* verified signatures >* pulled sources, build and ran tests >* tested KnoxSSO with Shiro authentication provider with SSOCookieProvider >* tested CORS support from an external web application with and without >KnoxSSO >* tested various configurations of KnoxSSO whitelisting for redirect >management >* webhdfs list, get and put from groovy, curl and nodejs client >* webhcat job, queue from groovy and nodejs client >* hive create and populate and query table from LOCAL sample.log file from >groovy sample > >Will file JIRAs to update docs with appropriate jar versions for Hive >sample and to update the sample with better comments and instructions. >The doc changes can be made for 0.7.0 but any changes to the samples or >supporting classes are fine in a follow up release. > > >On Mon, Dec 21, 2015 at 2:35 PM, Kevin Minder > >wrote: > >> +1 (binding) >> >> Here is what I¹ve done: >> * Verified the signatures >> * Cleanly built from source and executed the tests >> * Tested WebHdfs, WebHCat, Oozie, HBase, Hive >> >> Found some minor annoyances in the Groovy samples but we will address >> those in the planned 0.8. >> >> >> On 12/17/15, 2:02 PM, "Kevin Minder" >>wrote: >> >> >A candidate for the Apache Knox 0.7.0 release is available at: >> >https://dist.apache.org/repos/dist/dev/knox/knox-0.7.0/ >> > >> >The release candidate is a zip archive of the sources >> (knox-0.7.0-src.zip) in: >> >https://git-wip-us.apache.org/repos/asf/knox.git >> >Branch v0.7.0 (git checkout -b v0.7.0) >> > >> >The SHA1 checksum of the archive (knox-0.7.0-src.zip) is >> f1be8cd2d0b546ca8652fb7d2a5431bd217a0e11. >> >The KEYS file for signature validation is available at: >> https://dist.apache.org/repos/dist/release/knox/KEYS >> > >> >Please vote on releasing this package as Knox 0.7.0. >> >The vote is open for the next 72 hours and passes if a majority of at >> >least three +1 Knox PMC votes are cast. >> > >> >[ ] +1 Release this package as Knox 0.6.0 >> >[ ] -1 Do not release this package because... >>
[jira] [Updated] (KNOX-641) Support CAS / OAuth / OpenID C / SAML protocols using pac4j
[ https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Larry McCay updated KNOX-641: - Fix Version/s: (was: 0.7.0) 0.8.0 > Support CAS / OAuth / OpenID C / SAML protocols using pac4j > --- > > Key: KNOX-641 > URL: https://issues.apache.org/jira/browse/KNOX-641 > Project: Apache Knox > Issue Type: New Feature >Reporter: Jérôme Leleu >Assignee: Jérôme Leleu > Fix For: 0.8.0 > > Attachments: KNOX-641.patch > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Updated] (KNOX-641) Support CAS / OAuth / OpenID C / SAML protocols using pac4j
[ https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jérôme Leleu updated KNOX-641: -- Attachment: knox641.patch2 Second patch > Support CAS / OAuth / OpenID C / SAML protocols using pac4j > --- > > Key: KNOX-641 > URL: https://issues.apache.org/jira/browse/KNOX-641 > Project: Apache Knox > Issue Type: New Feature >Reporter: Jérôme Leleu >Assignee: Jérôme Leleu > Fix For: 0.8.0 > > Attachments: KNOX-641.patch, knox641.patch2 > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-641) Support CAS / OAuth / OpenID C / SAML protocols using pac4j
[ https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15067667#comment-15067667 ] Jérôme Leleu commented on KNOX-641: --- Yes, you get it right: the `testBasicAuth` provider only has pac4j cookies, no specific session: it has nothing to do with a SAML IdP or a CAS server. Removing pac4j session would not invalidate the KnoxSSO session, nor the SAML / CAS / OpenID Connect session. I will update the pull request once more. > Support CAS / OAuth / OpenID C / SAML protocols using pac4j > --- > > Key: KNOX-641 > URL: https://issues.apache.org/jira/browse/KNOX-641 > Project: Apache Knox > Issue Type: New Feature >Reporter: Jérôme Leleu >Assignee: Jérôme Leleu > Fix For: 0.8.0 > > Attachments: KNOX-641.patch > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (KNOX-641) Support CAS / OAuth / OpenID C / SAML protocols using pac4j
[ https://issues.apache.org/jira/browse/KNOX-641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15066385#comment-15066385 ] Larry McCay commented on KNOX-641: -- If my understanding is correct then for testBasicAuth there is no separate identity provider cookies because it is only a feature of the pac4j provider. Therefore, removing the pac4j session would only invalidate the testBasicAuth session - real SAML sessions would still be active, a new pac4j session would be created on the next request resulting in a new Knox session cookie. Without forcing a new authentication for the enduser. That is, unless someone snuck in a testBasicAuth somehow as well. If that is accurate then I am +1 on the approach. > Support CAS / OAuth / OpenID C / SAML protocols using pac4j > --- > > Key: KNOX-641 > URL: https://issues.apache.org/jira/browse/KNOX-641 > Project: Apache Knox > Issue Type: New Feature >Reporter: Jérôme Leleu >Assignee: Jérôme Leleu > Fix For: 0.7.0 > > Attachments: KNOX-641.patch > > -- This message was sent by Atlassian JIRA (v6.3.4#6332)