Repository: knox Updated Branches: refs/heads/master 28a77b727 -> baa43294f
KNOX-1452 - Enable checkstyle no tabs in source file rule Signed-off-by: Kevin Risden <kris...@apache.org> Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/baa43294 Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/baa43294 Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/baa43294 Branch: refs/heads/master Commit: baa43294f5190064310b40546d643b9f022c7cb4 Parents: 28a77b7 Author: Kevin Risden <kris...@apache.org> Authored: Tue Sep 25 15:00:20 2018 -0400 Committer: Kevin Risden <kris...@apache.org> Committed: Tue Sep 25 15:10:58 2018 -0400 ---------------------------------------------------------------------- .../provider/impl/BaseZookeeperURLManager.java | 380 +++++++++---------- .../provider/impl/HBaseZookeeperURLManager.java | 242 ++++++------ .../provider/impl/KafkaZookeeperURLManager.java | 210 +++++----- .../provider/impl/SOLRZookeeperURLManager.java | 144 +++---- .../ha/provider/impl/StringResponseHandler.java | 32 +- .../impl/KafkaZookeeperURLManagerTest.java | 2 +- .../impl/SOLRZookeeperURLManagerTest.java | 7 +- ...adoopGroupProviderDeploymentContributor.java | 18 +- .../jwt/filter/SSOCookieFederationFilter.java | 2 +- .../gateway/shirorealm/UnixUserPrincipal.java | 30 +- .../org/apache/knox/gateway/GatewayServer.java | 2 +- .../gateway/config/impl/GatewayConfigImpl.java | 12 +- .../knox/gateway/deploy/DeploymentFactory.java | 6 +- .../security/impl/DefaultCryptoService.java | 6 +- .../src/test/resources/logging.properties | 4 +- .../service/knoxsso/KnoxSSOMessages.java | 2 +- .../service/knoxtoken/TokenServiceMessages.java | 2 +- .../security/impl/CMFMasterService.java | 6 +- .../security/impl/ConfigurableEncryptor.java | 46 +-- .../security/impl/X509CertificateUtil.java | 84 ++-- .../apache/knox/gateway/GatewayTestConfig.java | 2 +- src/checkstyle/checker.xml | 5 + 22 files changed, 624 insertions(+), 620 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/BaseZookeeperURLManager.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/BaseZookeeperURLManager.java b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/BaseZookeeperURLManager.java index 8262f8d..cfa09b5 100644 --- a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/BaseZookeeperURLManager.java +++ b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/BaseZookeeperURLManager.java @@ -53,195 +53,195 @@ import com.google.common.collect.Lists; * comma delimited list of the host and port number, i.e. host1:2181,host2:2181. */ public abstract class BaseZookeeperURLManager implements URLManager { - protected static final HaMessages LOG = MessagesFactory.get(HaMessages.class); - /** - * Host Ping Timeout - */ - private static final int TIMEOUT = 5000; - - private String zooKeeperEnsemble; - private String zooKeeperNamespace; - private ConcurrentLinkedQueue<String> urls = new ConcurrentLinkedQueue<String>(); - - // ------------------------------------------------------------------------------------- - // URLManager interface methods - // ------------------------------------------------------------------------------------- - - @Override - public boolean supportsConfig(HaServiceConfig config) { - if (!config.getServiceName().equalsIgnoreCase(getServiceName())) { - return false; - } - - String zookeeperEnsemble = config.getZookeeperEnsemble(); - return zookeeperEnsemble != null && (zookeeperEnsemble.trim().length() > 0); - } - - @Override - public void setConfig(HaServiceConfig config) { - zooKeeperEnsemble = config.getZookeeperEnsemble(); - zooKeeperNamespace = config.getZookeeperNamespace(); - setURLs(lookupURLs()); - } - - @Override - public synchronized String getActiveURL() { - // None available so refresh - if (urls.isEmpty()) { - setURLs(lookupURLs()); - } - - return this.urls.peek(); - } - - @Override - public synchronized void setActiveURL(String url) { - throw new UnsupportedOperationException(); - } - - @Override - public synchronized List<String> getURLs() { - return Lists.newArrayList(this.urls.iterator()); - } - - @Override - public synchronized void markFailed(String url) { - // Capture complete URL of active host - String topURL = getActiveURL(); - - // Refresh URLs from ZooKeeper - setURLs(lookupURLs()); - - // Show failed URL and new URL - LOG.markedFailedUrl(topURL, getActiveURL()); - } - - @Override - public synchronized void setURLs(List<String> urls) { - if ((urls != null) && (!(urls.isEmpty()))) { - this.urls.clear(); - this.urls.addAll(urls); - } - } - - // ------------------------------------------------------------------------------------- - // Abstract methods - // ------------------------------------------------------------------------------------- - - /** - * Look within Zookeeper under the /live_nodes branch for active hosts - * - * @return A List of URLs (never null) - */ - protected abstract List<String> lookupURLs(); - - /** - * @return The name of the Knox Topology Service to support - */ - protected abstract String getServiceName(); - - // ------------------------------------------------------------------------------------- - // Protected methods - // ------------------------------------------------------------------------------------- - - protected String getZookeeperEnsemble() { - return zooKeeperEnsemble; - } - - protected String getZookeeperNamespace() { - return zooKeeperNamespace; - } - - /** - * Validate access to hosts using simple light weight ping style REST call. - * - * @param hosts List of hosts to evaluate (required) - * @param suffix Text to append to host (required) - * @param acceptHeader Used for Accept header (optional) - * - * @return Hosts with successful access - */ - protected List<String> validateHosts(List<String> hosts, String suffix, String acceptHeader) { - List<String> result = new ArrayList<String>(); - - CloseableHttpClient client = buildHttpClient(); - - try { - for(String host: hosts) { - try { - HttpGet get = new HttpGet(host + suffix); - - if (acceptHeader != null) { - get.setHeader("Accept", acceptHeader); - } - - // Ping host - String response = client.execute(get, new StringResponseHandler()); - - if (response != null) { - result.add(host); - } - } catch (Exception ex) { - // ignore host - } - } - } catch (Exception e) { - // Ignore errors - } finally { - IOUtils.closeQuietly(client); - } - - return result; - } - - /** - * Construct an Apache HttpClient with suitable timeout and authentication. - * - * @return Apache HttpClient - */ - private CloseableHttpClient buildHttpClient() { - CloseableHttpClient client = null; - - // Construct a HttpClient with short term timeout - RequestConfig.Builder requestBuilder = RequestConfig.custom() - .setConnectTimeout(TIMEOUT) - .setSocketTimeout(TIMEOUT) - .setConnectionRequestTimeout(TIMEOUT); - - // If Kerberos is enabled, allow for challenge/response transparent to client - if (Boolean.getBoolean(GatewayConfig.HADOOP_KERBEROS_SECURED)) { - CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); - credentialsProvider.setCredentials(AuthScope.ANY, new NullCredentials()); - - Registry<AuthSchemeProvider> authSchemeRegistry = - RegistryBuilder.<AuthSchemeProvider>create() - .register(AuthSchemes.SPNEGO, new KnoxSpnegoAuthSchemeFactory(true)) - .build(); - - client = HttpClientBuilder.create() - .setDefaultRequestConfig(requestBuilder.build()) - .setDefaultAuthSchemeRegistry(authSchemeRegistry) - .setDefaultCredentialsProvider(credentialsProvider) - .build(); - } else { - client = HttpClientBuilder.create() - .setDefaultRequestConfig(requestBuilder.build()) - .build(); - } - - return client; - } - - private static class NullCredentials implements Credentials { - @Override - public Principal getUserPrincipal() { - return null; - } - - @Override - public String getPassword() { - return null; - } - } + protected static final HaMessages LOG = MessagesFactory.get(HaMessages.class); + /** + * Host Ping Timeout + */ + private static final int TIMEOUT = 5000; + + private String zooKeeperEnsemble; + private String zooKeeperNamespace; + private ConcurrentLinkedQueue<String> urls = new ConcurrentLinkedQueue<String>(); + + // ------------------------------------------------------------------------------------- + // URLManager interface methods + // ------------------------------------------------------------------------------------- + + @Override + public boolean supportsConfig(HaServiceConfig config) { + if (!config.getServiceName().equalsIgnoreCase(getServiceName())) { + return false; + } + + String zookeeperEnsemble = config.getZookeeperEnsemble(); + return zookeeperEnsemble != null && (zookeeperEnsemble.trim().length() > 0); + } + + @Override + public void setConfig(HaServiceConfig config) { + zooKeeperEnsemble = config.getZookeeperEnsemble(); + zooKeeperNamespace = config.getZookeeperNamespace(); + setURLs(lookupURLs()); + } + + @Override + public synchronized String getActiveURL() { + // None available so refresh + if (urls.isEmpty()) { + setURLs(lookupURLs()); + } + + return this.urls.peek(); + } + + @Override + public synchronized void setActiveURL(String url) { + throw new UnsupportedOperationException(); + } + + @Override + public synchronized List<String> getURLs() { + return Lists.newArrayList(this.urls.iterator()); + } + + @Override + public synchronized void markFailed(String url) { + // Capture complete URL of active host + String topURL = getActiveURL(); + + // Refresh URLs from ZooKeeper + setURLs(lookupURLs()); + + // Show failed URL and new URL + LOG.markedFailedUrl(topURL, getActiveURL()); + } + + @Override + public synchronized void setURLs(List<String> urls) { + if ((urls != null) && (!(urls.isEmpty()))) { + this.urls.clear(); + this.urls.addAll(urls); + } + } + + // ------------------------------------------------------------------------------------- + // Abstract methods + // ------------------------------------------------------------------------------------- + + /** + * Look within Zookeeper under the /live_nodes branch for active hosts + * + * @return A List of URLs (never null) + */ + protected abstract List<String> lookupURLs(); + + /** + * @return The name of the Knox Topology Service to support + */ + protected abstract String getServiceName(); + + // ------------------------------------------------------------------------------------- + // Protected methods + // ------------------------------------------------------------------------------------- + + protected String getZookeeperEnsemble() { + return zooKeeperEnsemble; + } + + protected String getZookeeperNamespace() { + return zooKeeperNamespace; + } + + /** + * Validate access to hosts using simple light weight ping style REST call. + * + * @param hosts List of hosts to evaluate (required) + * @param suffix Text to append to host (required) + * @param acceptHeader Used for Accept header (optional) + * + * @return Hosts with successful access + */ + protected List<String> validateHosts(List<String> hosts, String suffix, String acceptHeader) { + List<String> result = new ArrayList<String>(); + + CloseableHttpClient client = buildHttpClient(); + + try { + for(String host: hosts) { + try { + HttpGet get = new HttpGet(host + suffix); + + if (acceptHeader != null) { + get.setHeader("Accept", acceptHeader); + } + + // Ping host + String response = client.execute(get, new StringResponseHandler()); + + if (response != null) { + result.add(host); + } + } catch (Exception ex) { + // ignore host + } + } + } catch (Exception e) { + // Ignore errors + } finally { + IOUtils.closeQuietly(client); + } + + return result; + } + + /** + * Construct an Apache HttpClient with suitable timeout and authentication. + * + * @return Apache HttpClient + */ + private CloseableHttpClient buildHttpClient() { + CloseableHttpClient client = null; + + // Construct a HttpClient with short term timeout + RequestConfig.Builder requestBuilder = RequestConfig.custom() + .setConnectTimeout(TIMEOUT) + .setSocketTimeout(TIMEOUT) + .setConnectionRequestTimeout(TIMEOUT); + + // If Kerberos is enabled, allow for challenge/response transparent to client + if (Boolean.getBoolean(GatewayConfig.HADOOP_KERBEROS_SECURED)) { + CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); + credentialsProvider.setCredentials(AuthScope.ANY, new NullCredentials()); + + Registry<AuthSchemeProvider> authSchemeRegistry = + RegistryBuilder.<AuthSchemeProvider>create() + .register(AuthSchemes.SPNEGO, new KnoxSpnegoAuthSchemeFactory(true)) + .build(); + + client = HttpClientBuilder.create() + .setDefaultRequestConfig(requestBuilder.build()) + .setDefaultAuthSchemeRegistry(authSchemeRegistry) + .setDefaultCredentialsProvider(credentialsProvider) + .build(); + } else { + client = HttpClientBuilder.create() + .setDefaultRequestConfig(requestBuilder.build()) + .build(); + } + + return client; + } + + private static class NullCredentials implements Credentials { + @Override + public Principal getUserPrincipal() { + return null; + } + + @Override + public String getPassword() { + return null; + } + } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/HBaseZookeeperURLManager.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/HBaseZookeeperURLManager.java b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/HBaseZookeeperURLManager.java index e4ffc12..9781fce 100644 --- a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/HBaseZookeeperURLManager.java +++ b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/HBaseZookeeperURLManager.java @@ -39,129 +39,129 @@ import java.util.List; * i.e. host1:2181,host2:2181. */ public class HBaseZookeeperURLManager extends BaseZookeeperURLManager { - /** - * Default Port Number for HBase REST Server - */ - private static final int PORT_NUMBER = 8080; - - private static final String DEFAULT_ZOOKEEPER_NAMESPACE_SECURE = "/hbase-secure"; - - private static final String DEFAULT_ZOOKEEPER_NAMESPACE_UNSECURE = "/hbase-unsecure"; - - - // ------------------------------------------------------------------------------------- - // Abstract methods - // ------------------------------------------------------------------------------------- - - /** - * Look within Zookeeper under the /hbase-unsecure/rs branch for active HBase RegionServer hosts - * - * @return A List of URLs (never null) - */ - @Override - protected List<String> lookupURLs() { - // Retrieve list of potential hosts from ZooKeeper - List<String> hosts = retrieveHosts(); - - // Validate access to hosts using cheap ping style operation - List<String> validatedHosts = validateHosts(hosts,"/version/rest","text/xml"); - - // Randomize the hosts list for simple load balancing - if (!validatedHosts.isEmpty()) { - Collections.shuffle(validatedHosts); - } - - return validatedHosts; - } - - protected String getServiceName() { - return "WEBHBASE"; - }; - - @Override - protected String getZookeeperNamespace() { - return super.getZookeeperNamespace(); - } - - // ------------------------------------------------------------------------------------- - // Private methods - // ------------------------------------------------------------------------------------- - - /** - * @return Retrieve lists of hosts from ZooKeeper - */ - private List<String> retrieveHosts() - { - List<String> serverHosts = new ArrayList<>(); - - CuratorFramework zooKeeperClient = + /** + * Default Port Number for HBase REST Server + */ + private static final int PORT_NUMBER = 8080; + + private static final String DEFAULT_ZOOKEEPER_NAMESPACE_SECURE = "/hbase-secure"; + + private static final String DEFAULT_ZOOKEEPER_NAMESPACE_UNSECURE = "/hbase-unsecure"; + + + // ------------------------------------------------------------------------------------- + // Abstract methods + // ------------------------------------------------------------------------------------- + + /** + * Look within Zookeeper under the /hbase-unsecure/rs branch for active HBase RegionServer hosts + * + * @return A List of URLs (never null) + */ + @Override + protected List<String> lookupURLs() { + // Retrieve list of potential hosts from ZooKeeper + List<String> hosts = retrieveHosts(); + + // Validate access to hosts using cheap ping style operation + List<String> validatedHosts = validateHosts(hosts,"/version/rest","text/xml"); + + // Randomize the hosts list for simple load balancing + if (!validatedHosts.isEmpty()) { + Collections.shuffle(validatedHosts); + } + + return validatedHosts; + } + + protected String getServiceName() { + return "WEBHBASE"; + }; + + @Override + protected String getZookeeperNamespace() { + return super.getZookeeperNamespace(); + } + + // ------------------------------------------------------------------------------------- + // Private methods + // ------------------------------------------------------------------------------------- + + /** + * @return Retrieve lists of hosts from ZooKeeper + */ + private List<String> retrieveHosts() + { + List<String> serverHosts = new ArrayList<>(); + + CuratorFramework zooKeeperClient = CuratorFrameworkFactory.builder().connectString(getZookeeperEnsemble()) .retryPolicy(new ExponentialBackoffRetry(1000, 3)) .build(); - try { - zooKeeperClient.start(); - - List<String> serverNodes = null; - - String namespace = getZookeeperNamespace(); - if (namespace != null && !namespace.isEmpty()) { - if (!namespace.startsWith("/")) { - namespace = "/" + namespace; - } - serverNodes = zooKeeperClient.getChildren().forPath(namespace + "/rs"); - } else { - // If no namespace is explicitly specified, try the default secure namespace - try { - serverNodes = zooKeeperClient.getChildren().forPath(DEFAULT_ZOOKEEPER_NAMESPACE_SECURE + "/rs"); - } catch (Exception e) { - // Ignore -- znode may not exist - } - - if (serverNodes == null || serverNodes.isEmpty()) { - // Fall back to the default unsecure namespace if no secure nodes are found - serverNodes = zooKeeperClient.getChildren().forPath(DEFAULT_ZOOKEEPER_NAMESPACE_UNSECURE + "/rs"); - } - } - - if (serverNodes != null) { - for (String serverNode : serverNodes) { - String serverURL = constructURL(serverNode); - serverHosts.add(serverURL); - } - } - } catch (Exception e) { - LOG.failedToGetZookeeperUrls(e); - throw new RuntimeException(e); - } finally { - // Close the client connection with ZooKeeper - if (zooKeeperClient != null) { - zooKeeperClient.close(); - } - } - - return serverHosts; - } - - /** - * Given a String of the format "host,number,number" convert to a URL of the format - * "http://host:port";. - * - * @param serverInfo Server Info from Zookeeper (required) - * - * @return URL to HBASE - */ - private String constructURL(String serverInfo) { - String scheme = "http"; - - StringBuffer buffer = new StringBuffer(); - buffer.append(scheme); - buffer.append("://"); - // Strip off the host name - buffer.append(serverInfo.substring(0, serverInfo.indexOf(","))); - buffer.append(":"); - buffer.append(PORT_NUMBER); - - return buffer.toString(); - } + try { + zooKeeperClient.start(); + + List<String> serverNodes = null; + + String namespace = getZookeeperNamespace(); + if (namespace != null && !namespace.isEmpty()) { + if (!namespace.startsWith("/")) { + namespace = "/" + namespace; + } + serverNodes = zooKeeperClient.getChildren().forPath(namespace + "/rs"); + } else { + // If no namespace is explicitly specified, try the default secure namespace + try { + serverNodes = zooKeeperClient.getChildren().forPath(DEFAULT_ZOOKEEPER_NAMESPACE_SECURE + "/rs"); + } catch (Exception e) { + // Ignore -- znode may not exist + } + + if (serverNodes == null || serverNodes.isEmpty()) { + // Fall back to the default unsecure namespace if no secure nodes are found + serverNodes = zooKeeperClient.getChildren().forPath(DEFAULT_ZOOKEEPER_NAMESPACE_UNSECURE + "/rs"); + } + } + + if (serverNodes != null) { + for (String serverNode : serverNodes) { + String serverURL = constructURL(serverNode); + serverHosts.add(serverURL); + } + } + } catch (Exception e) { + LOG.failedToGetZookeeperUrls(e); + throw new RuntimeException(e); + } finally { + // Close the client connection with ZooKeeper + if (zooKeeperClient != null) { + zooKeeperClient.close(); + } + } + + return serverHosts; + } + + /** + * Given a String of the format "host,number,number" convert to a URL of the format + * "http://host:port";. + * + * @param serverInfo Server Info from Zookeeper (required) + * + * @return URL to HBASE + */ + private String constructURL(String serverInfo) { + String scheme = "http"; + + StringBuffer buffer = new StringBuffer(); + buffer.append(scheme); + buffer.append("://"); + // Strip off the host name + buffer.append(serverInfo.substring(0, serverInfo.indexOf(","))); + buffer.append(":"); + buffer.append(PORT_NUMBER); + + return buffer.toString(); + } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManager.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManager.java b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManager.java index 64d59a4..6d95a2a 100644 --- a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManager.java +++ b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManager.java @@ -44,109 +44,109 @@ import java.util.List; * i.e. host1:2181,host2:2181. */ public class KafkaZookeeperURLManager extends BaseZookeeperURLManager { - /** - * Default Port Number for Confluent Kafka REST Server - */ - private static final int PORT_NUMBER = 8082; - /** - * Base path for retrieval from Zookeeper - */ - private static final String BASE_PATH = "/brokers/ids"; - - // ------------------------------------------------------------------------------------- - // Abstract methods - // ------------------------------------------------------------------------------------- - - /** - * Look within Zookeeper under the /broker/ids branch for active Kafka hosts - * - * @return A List of URLs (never null) - */ - @Override - protected List<String> lookupURLs() { - // Retrieve list of potential hosts from ZooKeeper - List<String> hosts = retrieveHosts(); - - // Validate access to hosts using cheap ping style operation - List<String> validatedHosts = validateHosts(hosts,"/topics","application/vnd.kafka.v2+json"); - - // Randomize the hosts list for simple load balancing - if (!validatedHosts.isEmpty()) { - Collections.shuffle(validatedHosts); - } - - return validatedHosts; - } - - protected String getServiceName() { - return "KAFKA"; - }; - - // ------------------------------------------------------------------------------------- - // Private methods - // ------------------------------------------------------------------------------------- - - /** - * @return Retrieve lists of hosts from ZooKeeper - */ - private List<String> retrieveHosts() - { - List<String> serverHosts = new ArrayList<>(); - - CuratorFramework zooKeeperClient = CuratorFrameworkFactory.builder() - .connectString(getZookeeperEnsemble()) - .retryPolicy(new ExponentialBackoffRetry(1000, 3)) - .build(); - - try { - zooKeeperClient.start(); - - // Retrieve list of host URLs from ZooKeeper - List<String> brokers = zooKeeperClient.getChildren().forPath(BASE_PATH); - - for (String broker : brokers) { - String serverInfo = new String(zooKeeperClient.getData().forPath(BASE_PATH + "/" + broker), Charset.forName("UTF-8")); - - String serverURL = constructURL(serverInfo); - serverHosts.add(serverURL); - } - } catch (Exception e) { - LOG.failedToGetZookeeperUrls(e); - throw new RuntimeException(e); - } finally { - // Close the client connection with ZooKeeper - if (zooKeeperClient != null) { - zooKeeperClient.close(); - } - } - - return serverHosts; - } - - /** - * Given a String of the format "{"jmx_port":-1,"timestamp":"1505763958072","endpoints":["PLAINTEXT://host:6667"],"host":"host","version":3,"port":6667}" - * convert to a URL of the format "http://host:port";. - * - * @param serverInfo Server Info in JSON Format from Zookeeper (required) - * - * @return URL to Kafka - * @throws ParseException - */ - private String constructURL(String serverInfo) throws ParseException { - String scheme = "http"; - - StringBuffer buffer = new StringBuffer(); - - buffer.append(scheme); - buffer.append("://"); - - JSONParser parser = new JSONParser(JSONParser.DEFAULT_PERMISSIVE_MODE); - JSONObject obj = (JSONObject) parser.parse(serverInfo); - buffer.append(obj.get("host")); - - buffer.append(":"); - buffer.append(PORT_NUMBER); - - return buffer.toString(); - } + /** + * Default Port Number for Confluent Kafka REST Server + */ + private static final int PORT_NUMBER = 8082; + /** + * Base path for retrieval from Zookeeper + */ + private static final String BASE_PATH = "/brokers/ids"; + + // ------------------------------------------------------------------------------------- + // Abstract methods + // ------------------------------------------------------------------------------------- + + /** + * Look within Zookeeper under the /broker/ids branch for active Kafka hosts + * + * @return A List of URLs (never null) + */ + @Override + protected List<String> lookupURLs() { + // Retrieve list of potential hosts from ZooKeeper + List<String> hosts = retrieveHosts(); + + // Validate access to hosts using cheap ping style operation + List<String> validatedHosts = validateHosts(hosts,"/topics","application/vnd.kafka.v2+json"); + + // Randomize the hosts list for simple load balancing + if (!validatedHosts.isEmpty()) { + Collections.shuffle(validatedHosts); + } + + return validatedHosts; + } + + protected String getServiceName() { + return "KAFKA"; + }; + + // ------------------------------------------------------------------------------------- + // Private methods + // ------------------------------------------------------------------------------------- + + /** + * @return Retrieve lists of hosts from ZooKeeper + */ + private List<String> retrieveHosts() + { + List<String> serverHosts = new ArrayList<>(); + + CuratorFramework zooKeeperClient = CuratorFrameworkFactory.builder() + .connectString(getZookeeperEnsemble()) + .retryPolicy(new ExponentialBackoffRetry(1000, 3)) + .build(); + + try { + zooKeeperClient.start(); + + // Retrieve list of host URLs from ZooKeeper + List<String> brokers = zooKeeperClient.getChildren().forPath(BASE_PATH); + + for (String broker : brokers) { + String serverInfo = new String(zooKeeperClient.getData().forPath(BASE_PATH + "/" + broker), Charset.forName("UTF-8")); + + String serverURL = constructURL(serverInfo); + serverHosts.add(serverURL); + } + } catch (Exception e) { + LOG.failedToGetZookeeperUrls(e); + throw new RuntimeException(e); + } finally { + // Close the client connection with ZooKeeper + if (zooKeeperClient != null) { + zooKeeperClient.close(); + } + } + + return serverHosts; + } + + /** + * Given a String of the format "{"jmx_port":-1,"timestamp":"1505763958072","endpoints":["PLAINTEXT://host:6667"],"host":"host","version":3,"port":6667}" + * convert to a URL of the format "http://host:port";. + * + * @param serverInfo Server Info in JSON Format from Zookeeper (required) + * + * @return URL to Kafka + * @throws ParseException + */ + private String constructURL(String serverInfo) throws ParseException { + String scheme = "http"; + + StringBuffer buffer = new StringBuffer(); + + buffer.append(scheme); + buffer.append("://"); + + JSONParser parser = new JSONParser(JSONParser.DEFAULT_PERMISSIVE_MODE); + JSONObject obj = (JSONObject) parser.parse(serverInfo); + buffer.append(obj.get("host")); + + buffer.append(":"); + buffer.append(PORT_NUMBER); + + return buffer.toString(); + } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManager.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManager.java b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManager.java index af17af5..808f44e 100644 --- a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManager.java +++ b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManager.java @@ -36,83 +36,83 @@ import java.util.List; */ public class SOLRZookeeperURLManager extends BaseZookeeperURLManager { - // ------------------------------------------------------------------------------------- - // Abstract methods - // ------------------------------------------------------------------------------------- + // ------------------------------------------------------------------------------------- + // Abstract methods + // ------------------------------------------------------------------------------------- - /** - * Look within Zookeeper under the /live_nodes branch for active SOLR hosts - * - * @return A List of URLs (never null) - */ - @Override - protected List<String> lookupURLs() { - // Retrieve list of potential hosts from ZooKeeper - List<String> hosts = retrieveHosts(); - - // Randomize the hosts list for simple load balancing - if (!hosts.isEmpty()) { - Collections.shuffle(hosts); - } + /** + * Look within Zookeeper under the /live_nodes branch for active SOLR hosts + * + * @return A List of URLs (never null) + */ + @Override + protected List<String> lookupURLs() { + // Retrieve list of potential hosts from ZooKeeper + List<String> hosts = retrieveHosts(); - return hosts; - } + // Randomize the hosts list for simple load balancing + if (!hosts.isEmpty()) { + Collections.shuffle(hosts); + } - protected String getServiceName() { - return "SOLR"; - }; + return hosts; + } - // ------------------------------------------------------------------------------------- - // Private methods - // ------------------------------------------------------------------------------------- + protected String getServiceName() { + return "SOLR"; + }; - /** - * @return Retrieve lists of hosts from ZooKeeper - */ - private List<String> retrieveHosts() - { - List<String> serverHosts = new ArrayList<>(); - - CuratorFramework zooKeeperClient = CuratorFrameworkFactory.builder() - .connectString(getZookeeperEnsemble()) - .retryPolicy(new ExponentialBackoffRetry(1000, 3)) - .build(); - - try { - zooKeeperClient.start(); - List<String> serverNodes = zooKeeperClient.getChildren().forPath("/live_nodes"); - for (String serverNode : serverNodes) { - String serverURL = constructURL(serverNode); - serverHosts.add(serverURL); - } - } catch (Exception e) { - LOG.failedToGetZookeeperUrls(e); - throw new RuntimeException(e); - } finally { - // Close the client connection with ZooKeeper - if (zooKeeperClient != null) { - zooKeeperClient.close(); - } - } + // ------------------------------------------------------------------------------------- + // Private methods + // ------------------------------------------------------------------------------------- - return serverHosts; - } - - /** - * Given a String of the format "host:port_solr" convert to a URL of the format - * "http://host:port/solr";. - * - * @param serverInfo Server Info from Zookeeper (required) - * - * @return URL to SOLR - */ - private String constructURL(String serverInfo) { - String scheme = "http"; + /** + * @return Retrieve lists of hosts from ZooKeeper + */ + private List<String> retrieveHosts() + { + List<String> serverHosts = new ArrayList<>(); - StringBuffer buffer = new StringBuffer(); - buffer.append(scheme); - buffer.append("://"); - buffer.append(serverInfo.replace("_", "/")); - return buffer.toString(); - } + CuratorFramework zooKeeperClient = CuratorFrameworkFactory.builder() + .connectString(getZookeeperEnsemble()) + .retryPolicy(new ExponentialBackoffRetry(1000, 3)) + .build(); + + try { + zooKeeperClient.start(); + List<String> serverNodes = zooKeeperClient.getChildren().forPath("/live_nodes"); + for (String serverNode : serverNodes) { + String serverURL = constructURL(serverNode); + serverHosts.add(serverURL); + } + } catch (Exception e) { + LOG.failedToGetZookeeperUrls(e); + throw new RuntimeException(e); + } finally { + // Close the client connection with ZooKeeper + if (zooKeeperClient != null) { + zooKeeperClient.close(); + } + } + + return serverHosts; + } + + /** + * Given a String of the format "host:port_solr" convert to a URL of the format + * "http://host:port/solr";. + * + * @param serverInfo Server Info from Zookeeper (required) + * + * @return URL to SOLR + */ + private String constructURL(String serverInfo) { + String scheme = "http"; + + StringBuffer buffer = new StringBuffer(); + buffer.append(scheme); + buffer.append("://"); + buffer.append(serverInfo.replace("_", "/")); + return buffer.toString(); + } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/StringResponseHandler.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/StringResponseHandler.java b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/StringResponseHandler.java index d9121b6..59d2682 100644 --- a/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/StringResponseHandler.java +++ b/gateway-provider-ha/src/main/java/org/apache/knox/gateway/ha/provider/impl/StringResponseHandler.java @@ -30,20 +30,20 @@ import org.apache.http.util.EntityUtils; */ public class StringResponseHandler implements ResponseHandler<String> { - @Override - public String handleResponse(HttpResponse response) - throws ClientProtocolException, IOException - { - int status = response.getStatusLine().getStatusCode(); - - if (status >= 200 && status < 300) - { - HttpEntity entity = response.getEntity(); - return entity != null ?EntityUtils.toString(entity) : null; - } - else - { - throw new ClientProtocolException("Unexcepted response status: " + status); - } - } + @Override + public String handleResponse(HttpResponse response) + throws ClientProtocolException, IOException + { + int status = response.getStatusLine().getStatusCode(); + + if (status >= 200 && status < 300) + { + HttpEntity entity = response.getEntity(); + return entity != null ?EntityUtils.toString(entity) : null; + } + else + { + throw new ClientProtocolException("Unexcepted response status: " + status); + } + } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManagerTest.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManagerTest.java b/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManagerTest.java index 1c42ccc..a5a389b 100644 --- a/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManagerTest.java +++ b/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/KafkaZookeeperURLManagerTest.java @@ -58,7 +58,7 @@ public class KafkaZookeeperURLManagerTest { public void teardown() throws IOException { cluster.stop(); } - + @Test public void testHBaseZookeeperURLManagerLoading() { HaServiceConfig config = new DefaultHaServiceConfig("KAFKA"); http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManagerTest.java ---------------------------------------------------------------------- diff --git a/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManagerTest.java b/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManagerTest.java index ccbfae1..fe2ad5c 100644 --- a/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManagerTest.java +++ b/gateway-provider-ha/src/test/java/org/apache/knox/gateway/ha/provider/impl/SOLRZookeeperURLManagerTest.java @@ -87,10 +87,9 @@ public class SOLRZookeeperURLManagerTest { expected.add("http://host2:8983/solr";); expected.add("http://host3:8983/solr";); - for(String url : urls) - { - assertTrue(expected.contains(url)); - expected.remove(url); + for(String url : urls) { + assertTrue(expected.contains(url)); + expected.remove(url); } assertEquals(0,expected.size()); http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java ---------------------------------------------------------------------- diff --git a/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java b/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java index ed144ed..7118279 100644 --- a/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java +++ b/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java @@ -76,29 +76,29 @@ public class HadoopGroupProviderDeploymentContributor @Override public void contributeFilter( DeploymentContext context, Provider provider, Service service, ResourceDescriptor resource, List<FilterParamDescriptor> params ) { - Map<String, String> p = provider.getParams(); - String prefix = p.get("CENTRAL_GROUP_CONFIG_PREFIX"); - if (prefix != null && !prefix.isEmpty()) { - if (!prefix.endsWith(".")) { + Map<String, String> p = provider.getParams(); + String prefix = p.get("CENTRAL_GROUP_CONFIG_PREFIX"); + if (prefix != null && !prefix.isEmpty()) { + if (!prefix.endsWith(".")) { prefix += "."; - } + } Map<String, String> groupMappingParams = ((Configuration)context.getGatewayConfig()).getPropsWithPrefix(prefix); if (groupMappingParams != null) { - params = createParamList(resource, params, groupMappingParams); + params = createParamList(resource, params, groupMappingParams); } } - if (params == null || params.isEmpty()) { + if (params == null || params.isEmpty()) { params = buildFilterInitParms(provider, resource, params); - } + } resource.addFilter().name(getName()).role(getRole()).impl(getFilterClassname()).params(params); } @Override public List<FilterParamDescriptor> buildFilterInitParms(Provider provider, ResourceDescriptor resource, List<FilterParamDescriptor> params) { - // blindly add all the provider params as filter init params + // blindly add all the provider params as filter init params if (params == null) { params = new ArrayList<FilterParamDescriptor>(); } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java index a02a526..83c8747 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/SSOCookieFederationFilter.java @@ -177,7 +177,7 @@ private String gatewayPath; protected String constructLoginURL(HttpServletRequest request) { String delimiter = "?"; if (authenticationProviderUrl == null) { - authenticationProviderUrl = deriveDefaultAuthenticationProviderUrl(request); + authenticationProviderUrl = deriveDefaultAuthenticationProviderUrl(request); } if (authenticationProviderUrl.contains("?")) { delimiter = "&"; http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-provider-security-shiro/src/main/java/org/apache/knox/gateway/shirorealm/UnixUserPrincipal.java ---------------------------------------------------------------------- diff --git a/gateway-provider-security-shiro/src/main/java/org/apache/knox/gateway/shirorealm/UnixUserPrincipal.java b/gateway-provider-security-shiro/src/main/java/org/apache/knox/gateway/shirorealm/UnixUserPrincipal.java index 247cae6..df28422 100644 --- a/gateway-provider-security-shiro/src/main/java/org/apache/knox/gateway/shirorealm/UnixUserPrincipal.java +++ b/gateway-provider-security-shiro/src/main/java/org/apache/knox/gateway/shirorealm/UnixUserPrincipal.java @@ -23,24 +23,24 @@ import java.security.Principal; import org.jvnet.libpam.UnixUser; public class UnixUserPrincipal implements Principal { - private final UnixUser userName; + private final UnixUser userName; - public UnixUserPrincipal(UnixUser userName) { - this.userName = userName; - } + public UnixUserPrincipal(UnixUser userName) { + this.userName = userName; + } - @Override - public String getName() { - return userName.getUserName(); - } + @Override + public String getName() { + return userName.getUserName(); + } - public UnixUser getUnixUser() { - return userName; - } + public UnixUser getUnixUser() { + return userName; + } - @Override - public String toString() { - return String.valueOf(userName.getUserName()); - } + @Override + public String toString() { + return String.valueOf(userName.getUserName()); + } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java ---------------------------------------------------------------------- diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java index b3b9dcf..39c19b8 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayServer.java @@ -242,7 +242,7 @@ public class GatewayServer { } private static void setSystemProperty(String name, String value) { - System.setProperty(name, value); + System.setProperty(name, value); log.logSysProp(name, System.getProperty(name)); } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java ---------------------------------------------------------------------- diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java b/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java index 11ca218..d73ba00 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java @@ -943,32 +943,32 @@ public class GatewayConfigImpl extends Configuration implements GatewayConfig { @Override public String getAlgorithm() { - return getVar(CRYPTO_ALGORITHM, null); + return getVar(CRYPTO_ALGORITHM, null); } @Override public String getPBEAlgorithm() { - return getVar(CRYPTO_PBE_ALGORITHM, null); + return getVar(CRYPTO_PBE_ALGORITHM, null); } @Override public String getTransformation() { - return getVar(CRYPTO_TRANSFORMATION, null); + return getVar(CRYPTO_TRANSFORMATION, null); } @Override public String getSaltSize() { - return getVar(CRYPTO_SALTSIZE, null); + return getVar(CRYPTO_SALTSIZE, null); } @Override public String getIterationCount() { - return getVar(CRYPTO_ITERATION_COUNT, null); + return getVar(CRYPTO_ITERATION_COUNT, null); } @Override public String getKeyLength() { - return getVar(CRYPTO_KEY_LENGTH, null); + return getVar(CRYPTO_KEY_LENGTH, null); } @Override http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java ---------------------------------------------------------------------- diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java b/gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java index f12bb77..89a5a8b 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java @@ -786,9 +786,9 @@ public abstract class DeploymentFactory { !contributor.getName().equals(name)) { throw new DeploymentException( "Failed to contribute provider. Role: " + - role + " Name: " + name + ". Please check the topology for" + - " errors in name and role and that the provider is " + - "on the classpath."); + role + " Name: " + name + ". Please check the topology for" + + " errors in name and role and that the provider is " + + "on the classpath."); } } return contributor; http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultCryptoService.java ---------------------------------------------------------------------- diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultCryptoService.java b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultCryptoService.java index 584255e..516c8ff 100644 --- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultCryptoService.java +++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultCryptoService.java @@ -44,7 +44,7 @@ public class DefaultCryptoService implements CryptoService { private AliasService as = null; private KeystoreService ks = null; private HashMap<String,ConfigurableEncryptor> encryptorCache = - new HashMap<String,ConfigurableEncryptor>(); + new HashMap<String,ConfigurableEncryptor>(); private GatewayConfig config = null; public void setKeystoreService(KeystoreService ks) { @@ -59,7 +59,7 @@ public class DefaultCryptoService implements CryptoService { public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException { this.config = config; - if (as == null) { + if (as == null) { throw new ServiceLifecycleException("Alias service is not set"); } } @@ -197,7 +197,7 @@ public class DefaultCryptoService implements CryptoService { // We have seen via profiling that AESEncryptor instantiation is very expensive. private final ConfigurableEncryptor getEncryptor( final String clusterName, final char[] password ) { synchronized( encryptorCache ) { - ConfigurableEncryptor encryptor = encryptorCache.get( clusterName ); + ConfigurableEncryptor encryptor = encryptorCache.get( clusterName ); if( encryptor == null ) { encryptor = new ConfigurableEncryptor( String.valueOf( password ) ); encryptor.init(config); http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-server/src/test/resources/logging.properties ---------------------------------------------------------------------- diff --git a/gateway-server/src/test/resources/logging.properties b/gateway-server/src/test/resources/logging.properties index af9792c..de1aa3a 100644 --- a/gateway-server/src/test/resources/logging.properties +++ b/gateway-server/src/test/resources/logging.properties @@ -17,7 +17,7 @@ ########################################################################## ############################################################ -# Default Logging Configuration File +# Default Logging Configuration File # # You can use a different file by specifying a filename # with the java.util.logging.config.file system property. @@ -25,7 +25,7 @@ ############################################################ ############################################################ -# Global properties +# Global properties ############################################################ # "handlers" specifies a comma separated list of log Handler http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java ---------------------------------------------------------------------- diff --git a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java index 553f614..e15f483 100644 --- a/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java +++ b/gateway-service-knoxsso/src/main/java/org/apache/knox/gateway/service/knoxsso/KnoxSSOMessages.java @@ -61,6 +61,6 @@ public interface KnoxSSOMessages { void setMaxAge(String age); @Message( level = MessageLevel.ERROR, text = "The original URL: {0} for redirecting back after authentication is " + - "not valid according to the configured whitelist: {1}. See documentation for KnoxSSO Whitelisting.") + "not valid according to the configured whitelist: {1}. See documentation for KnoxSSO Whitelisting.") void whiteListMatchFail(String original, String whitelist); } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java ---------------------------------------------------------------------- diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java index 674f673..77c08a2 100644 --- a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java +++ b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceMessages.java @@ -61,6 +61,6 @@ public interface TokenServiceMessages { void setMaxAge(String age); @Message( level = MessageLevel.ERROR, text = "The original URL: {0} for redirecting back after authentication is " + - "not valid according to the configured whitelist: {1}. See documentation for KnoxSSO Whitelisting.") + "not valid according to the configured whitelist: {1}. See documentation for KnoxSSO Whitelisting.") void whiteListMatchFail(String original, String whitelist); } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/CMFMasterService.java ---------------------------------------------------------------------- diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/CMFMasterService.java b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/CMFMasterService.java index fa7736a..139f5a1 100644 --- a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/CMFMasterService.java +++ b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/CMFMasterService.java @@ -53,8 +53,8 @@ public class CMFMasterService { } public void setupMasterSecret(String securityDir, String filename, - boolean persisting, GatewayConfig config) - throws ServiceLifecycleException { + boolean persisting, GatewayConfig config) + throws ServiceLifecycleException { encryptor.init(config); setupMasterSecret(securityDir, filename, persisting); } @@ -73,7 +73,7 @@ public class CMFMasterService { } } else { - if (master == null) { + if (master == null) { displayWarning(persisting); promptUser(); } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/ConfigurableEncryptor.java ---------------------------------------------------------------------- diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/ConfigurableEncryptor.java b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/ConfigurableEncryptor.java index ed7feac..be14277 100644 --- a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/ConfigurableEncryptor.java +++ b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/ConfigurableEncryptor.java @@ -55,29 +55,29 @@ public class ConfigurableEncryptor { public void init(GatewayConfig config) { if (config != null) { String alg = config.getAlgorithm(); - if (alg != null) { - this.alg = alg; - } - String pbeAlg = config.getPBEAlgorithm(); - if (pbeAlg != null) { - this.pbeAlg = pbeAlg; - } - String transformation = config.getTransformation(); - if (transformation != null) { - this.transformation = transformation; - } - String saltSize = config.getSaltSize(); - if (saltSize != null) { - this.saltSize = Integer.parseInt(saltSize); - } - String iterationCount = config.getIterationCount(); - if (iterationCount != null) { - this.iterationCount = Integer.parseInt(iterationCount); - } - String keyLength = config.getKeyLength(); - if (keyLength != null) { - this.keyLength = Integer.parseInt(keyLength); - } + if (alg != null) { + this.alg = alg; + } + String pbeAlg = config.getPBEAlgorithm(); + if (pbeAlg != null) { + this.pbeAlg = pbeAlg; + } + String transformation = config.getTransformation(); + if (transformation != null) { + this.transformation = transformation; + } + String saltSize = config.getSaltSize(); + if (saltSize != null) { + this.saltSize = Integer.parseInt(saltSize); + } + String iterationCount = config.getIterationCount(); + if (iterationCount != null) { + this.iterationCount = Integer.parseInt(iterationCount); + } + String keyLength = config.getKeyLength(); + if (keyLength != null) { + this.keyLength = Integer.parseInt(keyLength); + } } } http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java ---------------------------------------------------------------------- diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java index b187b04..3669d43 100644 --- a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java +++ b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java @@ -55,7 +55,7 @@ public class X509CertificateUtil { * @param algorithm the signing algorithm, eg "SHA1withRSA" */ public static X509Certificate generateCertificate(String dn, KeyPair pair, - int days, String algorithm) throws GeneralSecurityException, IOException { + int days, String algorithm) throws GeneralSecurityException, IOException { PrivateKey privkey = pair.getPrivate(); Object x509CertImplObject = null; @@ -70,7 +70,7 @@ public class X509CertificateUtil { // CertificateValidity interval = new CertificateValidity(from, to); Class<?> certValidityClass = Class.forName(getX509CertifValidityModuleName()); Constructor<?> certValidityConstr = certValidityClass - .getConstructor(new Class[] { Date.class, Date.class }); + .getConstructor(new Class[] { Date.class, Date.class }); Object certValidityObject = certValidityConstr.newInstance(from, to); BigInteger sn = new BigInteger(64, new SecureRandom()); @@ -78,7 +78,7 @@ public class X509CertificateUtil { // X500Name owner = new X500Name(dn); Class<?> x500NameClass = Class.forName(getX509X500NameModuleName()); Constructor<?> x500NameConstr = x500NameClass - .getConstructor(new Class[] { String.class }); + .getConstructor(new Class[] { String.class }); Object x500NameObject = x500NameConstr.newInstance(dn); Method methodSET = certInfoObject.getClass().getMethod("set", String.class, Object.class); @@ -89,21 +89,21 @@ public class X509CertificateUtil { // info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn)); Class<?> certificateSerialNumberClass = Class.forName(getCertificateSerialNumberModuleName()); Constructor<?> certificateSerialNumberConstr = certificateSerialNumberClass - .getConstructor(new Class[] { BigInteger.class }); + .getConstructor(new Class[] { BigInteger.class }); Object certificateSerialNumberObject = certificateSerialNumberConstr - .newInstance(sn); + .newInstance(sn); methodSET.invoke(certInfoObject, getSetField(certInfoObject, "SERIAL_NUMBER"), - certificateSerialNumberObject); + certificateSerialNumberObject); // info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner)); try { Class<?> certificateSubjectNameClass = Class.forName(getCertificateSubjectNameModuleName()); Constructor<?> certificateSubjectNameConstr = certificateSubjectNameClass - .getConstructor(new Class[] { x500NameClass }); + .getConstructor(new Class[] { x500NameClass }); Object certificateSubjectNameObject = certificateSubjectNameConstr - .newInstance(x500NameObject); + .newInstance(x500NameObject); methodSET.invoke(certInfoObject, getSetField(certInfoObject, "SUBJECT"), - certificateSubjectNameObject); + certificateSubjectNameObject); } catch (InvocationTargetException ite) { methodSET.invoke(certInfoObject, getSetField(certInfoObject, "SUBJECT"), @@ -114,11 +114,11 @@ public class X509CertificateUtil { try { Class<?> certificateIssuerNameClass = Class.forName(getCertificateIssuerNameModuleName()); Constructor<?> certificateIssuerNameConstr = certificateIssuerNameClass - .getConstructor(new Class[] { x500NameClass }); + .getConstructor(new Class[] { x500NameClass }); Object certificateIssuerNameObject = certificateIssuerNameConstr - .newInstance(x500NameObject); + .newInstance(x500NameObject); methodSET.invoke(certInfoObject, getSetField(certInfoObject, "ISSUER"), - certificateIssuerNameObject); + certificateIssuerNameObject); } catch (InvocationTargetException ite) { methodSET.invoke(certInfoObject, getSetField(certInfoObject, "ISSUER"), @@ -128,59 +128,59 @@ public class X509CertificateUtil { // info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic())); Class<?> certificateX509KeyClass = Class.forName(getCertificateX509KeyModuleName()); Constructor<?> certificateX509KeyConstr = certificateX509KeyClass - .getConstructor(new Class[] { PublicKey.class }); + .getConstructor(new Class[] { PublicKey.class }); Object certificateX509KeyObject = certificateX509KeyConstr - .newInstance(pair.getPublic()); + .newInstance(pair.getPublic()); methodSET.invoke(certInfoObject, getSetField(certInfoObject, "KEY"), - certificateX509KeyObject); + certificateX509KeyObject); // info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); Class<?> certificateVersionClass = Class.forName(getCertificateVersionModuleName()); Constructor<?> certificateVersionConstr = certificateVersionClass - .getConstructor(new Class[] { int.class }); + .getConstructor(new Class[] { int.class }); Constructor<?> certificateVersionConstr0 = certificateVersionClass - .getConstructor(); + .getConstructor(); Object certInfoObject0 = certificateVersionConstr0.newInstance(); Field v3IntField = certInfoObject0.getClass() - .getDeclaredField("V3"); + .getDeclaredField("V3"); v3IntField.setAccessible(true); int fValue = (int) v3IntField.getInt(certInfoObject0); Object certificateVersionObject = certificateVersionConstr - .newInstance(fValue); + .newInstance(fValue); methodSET.invoke(certInfoObject, getSetField(certInfoObject, "VERSION"), - certificateVersionObject); + certificateVersionObject); // AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid); Class<?> algorithmIdClass = Class.forName(getAlgorithmIdModuleName()); Field md5WithRSAField = algorithmIdClass - .getDeclaredField("md5WithRSAEncryption_oid"); + .getDeclaredField("md5WithRSAEncryption_oid"); md5WithRSAField.setAccessible(true); Class<?> objectIdentifierClass = Class.forName(getObjectIdentifierModuleName()); Object md5WithRSAValue = md5WithRSAField.get(algorithmIdClass); Constructor<?> algorithmIdConstr = algorithmIdClass - .getConstructor(new Class[] { objectIdentifierClass }); + .getConstructor(new Class[] { objectIdentifierClass }); Object algorithmIdObject = algorithmIdConstr.newInstance(md5WithRSAValue); // info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo)); Class<?> certificateAlgorithmIdClass = Class.forName(getCertificateAlgorithmIdModuleName()); Constructor<?> certificateAlgorithmIdConstr = certificateAlgorithmIdClass - .getConstructor(new Class[] { algorithmIdClass }); + .getConstructor(new Class[] { algorithmIdClass }); Object certificateAlgorithmIdObject = certificateAlgorithmIdConstr - .newInstance(algorithmIdObject); + .newInstance(algorithmIdObject); methodSET.invoke(certInfoObject, getSetField(certInfoObject, "ALGORITHM_ID"), - certificateAlgorithmIdObject); + certificateAlgorithmIdObject); // Sign the cert to identify the algorithm that's used. // X509CertImpl cert = new X509CertImpl(info); Class<?> x509CertImplClass = Class.forName(getX509CertImplModuleName()); Constructor<?> x509CertImplConstr = x509CertImplClass - .getConstructor(new Class[] { certInfoClass }); + .getConstructor(new Class[] { certInfoClass }); x509CertImplObject = x509CertImplConstr.newInstance(certInfoObject); // cert.sign(privkey, algorithm); Method methoSIGN = x509CertImplObject.getClass().getMethod("sign", - PrivateKey.class, String.class); + PrivateKey.class, String.class); methoSIGN.invoke(x509CertImplObject, privkey, algorithm); // Update the algorith, and resign. @@ -192,8 +192,8 @@ public class X509CertificateUtil { String certAlgoIdAlgoValue = getSetField(certificateAlgorithmIdObject, "ALGORITHM"); // info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algo); methodSET.invoke(certInfoObject, certAlgoIdNameValue + "." - + certAlgoIdAlgoValue, - methoGET.invoke(x509CertImplObject, sig_alg)); + + certAlgoIdAlgoValue, + methoGET.invoke(x509CertImplObject, sig_alg)); // cert = new X509CertImpl(info); x509CertImplObject = x509CertImplConstr.newInstance(certInfoObject); @@ -207,66 +207,66 @@ public class X509CertificateUtil { private static String getX509CertInfoModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.X509CertInfo" - : "sun.security.x509.X509CertInfo"; + : "sun.security.x509.X509CertInfo"; } private static String getX509CertifValidityModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateValidity" - : "sun.security.x509.CertificateValidity"; + : "sun.security.x509.CertificateValidity"; } private static String getX509X500NameModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.X500Name" - : "sun.security.x509.X500Name"; + : "sun.security.x509.X500Name"; } private static String getCertificateSerialNumberModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateSerialNumber" - : "sun.security.x509.CertificateSerialNumber"; + : "sun.security.x509.CertificateSerialNumber"; } private static String getCertificateSubjectNameModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateSubjectName" - : "sun.security.x509.CertificateSubjectName"; + : "sun.security.x509.CertificateSubjectName"; } private static String getCertificateIssuerNameModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateIssuerName" - : "sun.security.x509.CertificateIssuerName"; + : "sun.security.x509.CertificateIssuerName"; } private static String getCertificateX509KeyModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateX509Key" - : "sun.security.x509.CertificateX509Key"; + : "sun.security.x509.CertificateX509Key"; } private static String getCertificateVersionModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateVersion" - : "sun.security.x509.CertificateVersion"; + : "sun.security.x509.CertificateVersion"; } private static String getAlgorithmIdModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.AlgorithmId" - : "sun.security.x509.AlgorithmId"; + : "sun.security.x509.AlgorithmId"; } private static String getObjectIdentifierModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.util.ObjectIdentifier" - : "sun.security.util.ObjectIdentifier"; + : "sun.security.util.ObjectIdentifier"; } private static String getCertificateAlgorithmIdModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.CertificateAlgorithmId" - : "sun.security.x509.CertificateAlgorithmId"; + : "sun.security.x509.CertificateAlgorithmId"; } private static String getX509CertImplModuleName() { return System.getProperty("java.vendor").contains("IBM") ? "com.ibm.security.x509.X509CertImpl" - : "sun.security.x509.X509CertImpl"; + : "sun.security.x509.X509CertImpl"; } private static String getSetField(Object obj, String setString) - throws Exception { + throws Exception { Field privateStringField = obj.getClass().getDeclaredField(setString); privateStringField.setAccessible(true); String fieldValue = (String) privateStringField.get(obj); http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/gateway-test-release-utils/src/main/java/org/apache/knox/gateway/GatewayTestConfig.java ---------------------------------------------------------------------- diff --git a/gateway-test-release-utils/src/main/java/org/apache/knox/gateway/GatewayTestConfig.java b/gateway-test-release-utils/src/main/java/org/apache/knox/gateway/GatewayTestConfig.java index 003e875..885e458 100644 --- a/gateway-test-release-utils/src/main/java/org/apache/knox/gateway/GatewayTestConfig.java +++ b/gateway-test-release-utils/src/main/java/org/apache/knox/gateway/GatewayTestConfig.java @@ -610,7 +610,7 @@ public class GatewayTestConfig extends Configuration implements GatewayConfig { @Override public boolean isGatewayServerHeaderEnabled() { - return false; + return false; } @Override http://git-wip-us.apache.org/repos/asf/knox/blob/baa43294/src/checkstyle/checker.xml ---------------------------------------------------------------------- diff --git a/src/checkstyle/checker.xml b/src/checkstyle/checker.xml index 8e87eb0..a25a2eb 100644 --- a/src/checkstyle/checker.xml +++ b/src/checkstyle/checker.xml @@ -33,6 +33,11 @@ limitations under the License. <module name="Checker"> <property name="localeLanguage" value="en"/> + <!-- Checks for whitespace (tree walker) --> + <!-- See http://checkstyle.sf.net/config_whitespace.html --> + <!-- No tabs allowed! --> + <module name="FileTabCharacter"/> + <module name="TreeWalker"> <property name="cacheFile" value="target/checkstyle-cachefile"/>
