You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@storm.apache.org by "Steve Miller (JIRA)" <ji...@apache.org> on 2017/09/15 13:45:00 UTC
[jira] [Updated] (STORM-2739) Storm UI fails to bind to ui.host
when using https
[ https://issues.apache.org/jira/browse/STORM-2739?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Steve Miller updated STORM-2739:
--------------------------------
Description:
When using https with the Storm UI, it ignores the value of ui.host, and binds to 0.0.0.0.
Starting with this config:
{code}
storm.local.dir: "/opt/storm"
storm.zookeeper.servers:
- "bigstorm.porcupineracing.com"
nimbus.seeds: ["bigstorm.porcupineracing.com"]
nimbus.childopts: "-Xmx1024m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
ui.childopts: "-Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
supervisor.childopts: "-Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
storm.thrift.transport: "org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin"
java.security.auth.login.config: "/keytabs/jaas.conf"
storm.zookeeper.superACL: "sasl:storm@PORCUPINERACING.COM"
ui.host: 127.0.0.1
nimbus.authorizer: "org.apache.storm.security.auth.authorizer.SimpleACLAuthorizer"
nimbus.admins:
- "storm/bigstorm.porcupineracing.com@PORCUPINERACING.COM"
- "storm@PORCUPINERACING.COM"
- "storm"
nimbus.supervisor.users:
- "storm/bigstorm.porcupineracing.com@PORCUPINERACING.COM"
- "storm@PORCUPINERACING.COM"
- "storm"
nimbus.users:
- "steven.miller"
- "steven.miller@PORCUPINERACING.COM"
{code}
I can start the UI and verify using lsof that it's only listening on localhost:
{code}
[root@bigstorm bin]# ps axuww | grep ui.core
root 5080 0.1 5.6 2850232 217688 pts/1 Sl Sep14 1:31 java -server -Ddaemon.name=ui -Dstorm.options= -Dstorm.home=/opt/apache-storm-1.1.1 -Dstorm.log.dir=/opt/apache-storm-1.1.1/logs -Djava.library.path=/usr/local/lib:/opt/local/lib:/usr/lib -Dstorm.conf.file= -cp /opt/apache-storm-1.1.1/lib/asm-5.0.3.jar:/opt/apache-storm-1.1.1/lib/clojure-1.7.0.jar:/opt/apache-storm-1.1.1/lib/disruptor-3.3.2.jar:/opt/apache-storm-1.1.1/lib/kryo-3.0.3.jar:/opt/apache-storm-1.1.1/lib/log4j-api-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-core-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-over-slf4j-1.6.6.jar:/opt/apache-storm-1.1.1/lib/log4j-slf4j-impl-2.8.2.jar:/opt/apache-storm-1.1.1/lib/minlog-1.3.0.jar:/opt/apache-storm-1.1.1/lib/objenesis-2.1.jar:/opt/apache-storm-1.1.1/lib/reflectasm-1.10.1.jar:/opt/apache-storm-1.1.1/lib/ring-cors-0.1.5.jar:/opt/apache-storm-1.1.1/lib/servlet-api-2.5.jar:/opt/apache-storm-1.1.1/lib/slf4j-api-1.7.21.jar:/opt/apache-storm-1.1.1/lib/storm-core-1.1.1.jar:/opt/apache-storm-1.1.1/lib/storm-rename-hack-1.1.1.jar:/opt/apache-storm-1.1.1:/opt/apache-storm-default/conf -Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf -Dlogfile.name=ui.log -DLog4jContextSelector=org.apache.logging.log4j.core.async.AsyncLoggerContextSelector -Dlog4j.configurationFile=/opt/apache-storm-1.1.1/log4j2/cluster.xml org.apache.storm.ui.core
root 19913 0.0 0.0 112648 972 pts/1 R+ 09:26 0:00 grep --color=auto ui.core
[root@bigstorm bin]# lsof -p 5080 -P | grep LISTEN
java 5080 root 27u IPv6 597116 0t0 TCP localhost:8080 (LISTEN)
{code}
Now if I add the https config:
{code}
ui.https.host: "localhost"
ui.https.port: 8443
ui.https.keystore.type: "jks"
ui.https.keystore.path: "/keytabs/keystore.jks"
ui.https.keystore.password: "sooper-sekrit"
ui.https.key.password: "sooper-sekrit"
{code}
and I restart the UI, I can see that it's listening on *:8443:
{code}
[root@bigstorm bin]# ps axuww | grep ui.core
root 19921 17.2 5.4 2849188 210896 pts/1 Sl 09:26 0:04 java -server -Ddaemon.name=ui -Dstorm.options= -Dstorm.home=/opt/apache-storm-1.1.1 -Dstorm.log.dir=/opt/apache-storm-1.1.1/logs -Djava.library.path=/usr/local/lib:/opt/local/lib:/usr/lib -Dstorm.conf.file= -cp /opt/apache-storm-1.1.1/lib/asm-5.0.3.jar:/opt/apache-storm-1.1.1/lib/clojure-1.7.0.jar:/opt/apache-storm-1.1.1/lib/disruptor-3.3.2.jar:/opt/apache-storm-1.1.1/lib/kryo-3.0.3.jar:/opt/apache-storm-1.1.1/lib/log4j-api-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-core-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-over-slf4j-1.6.6.jar:/opt/apache-storm-1.1.1/lib/log4j-slf4j-impl-2.8.2.jar:/opt/apache-storm-1.1.1/lib/minlog-1.3.0.jar:/opt/apache-storm-1.1.1/lib/objenesis-2.1.jar:/opt/apache-storm-1.1.1/lib/reflectasm-1.10.1.jar:/opt/apache-storm-1.1.1/lib/ring-cors-0.1.5.jar:/opt/apache-storm-1.1.1/lib/servlet-api-2.5.jar:/opt/apache-storm-1.1.1/lib/slf4j-api-1.7.21.jar:/opt/apache-storm-1.1.1/lib/storm-core-1.1.1.jar:/opt/apache-storm-1.1.1/lib/storm-rename-hack-1.1.1.jar:/opt/apache-storm-1.1.1:/opt/apache-storm-default/conf -Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf -Dlogfile.name=ui.log -DLog4jContextSelector=org.apache.logging.log4j.core.async.AsyncLoggerContextSelector -Dlog4j.configurationFile=/opt/apache-storm-1.1.1/log4j2/cluster.xml org.apache.storm.ui.core
root 20018 0.0 0.0 112648 968 pts/1 R+ 09:27 0:00 grep --color=auto ui.core
[root@bigstorm bin]# lsof -p 19921 -P | grep LISTEN
java 19921 root 38u IPv6 677914 0t0 TCP *:8443 (LISTEN)
{code}
I have a situation in which I'm trying to limit access to the UI on a per-user basis. The UI seems, as far as I can tell, only to support limiting access to users with valid Kerberos tickets (which is everyone here :) ), so I was trying to put a proxy in front of the UI and run it just on localhost, and rely on the proxy to do the authentication.
This bug means that if I was to do that, I'd have to run the UI without https, which means that people's credentials would be bouncing around in the clear (again, as far as I can tell; I tcpdumped that and I could see, say, storm@PORCUPINERACING.COM in the base64 decode of the Authorization: HTTP header, at least, which I figure was a bad sign).
I looked at the code and didn't see anything obvious but since I don't know Clojure or Netty it was probably staring me in the face. :) . But if you could fix this that'd be awesome, and it'd let me secure this in a way that I'd find much more reassuring. Thanks!
was:
When using https with the Storm UI, it ignores the value of ui.host, and binds to 0.0.0.0.
Starting with this config:
{code:yaml}
storm.local.dir: "/opt/storm"
storm.zookeeper.servers:
- "bigstorm.porcupineracing.com"
nimbus.seeds: ["bigstorm.porcupineracing.com"]
nimbus.childopts: "-Xmx1024m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
ui.childopts: "-Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
supervisor.childopts: "-Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
storm.thrift.transport: "org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin"
java.security.auth.login.config: "/keytabs/jaas.conf"
storm.zookeeper.superACL: "sasl:storm@PORCUPINERACING.COM"
ui.host: 127.0.0.1
nimbus.authorizer: "org.apache.storm.security.auth.authorizer.SimpleACLAuthorizer"
nimbus.admins:
- "storm/bigstorm.porcupineracing.com@PORCUPINERACING.COM"
- "storm@PORCUPINERACING.COM"
- "storm"
nimbus.supervisor.users:
- "storm/bigstorm.porcupineracing.com@PORCUPINERACING.COM"
- "storm@PORCUPINERACING.COM"
- "storm"
nimbus.users:
- "steven.miller"
- "steven.miller@PORCUPINERACING.COM"
{code}
I can start the UI and verify using lsof that it's only listening on localhost:
{code}
[root@bigstorm bin]# ps axuww | grep ui.core
root 5080 0.1 5.6 2850232 217688 pts/1 Sl Sep14 1:31 java -server -Ddaemon.name=ui -Dstorm.options= -Dstorm.home=/opt/apache-storm-1.1.1 -Dstorm.log.dir=/opt/apache-storm-1.1.1/logs -Djava.library.path=/usr/local/lib:/opt/local/lib:/usr/lib -Dstorm.conf.file= -cp /opt/apache-storm-1.1.1/lib/asm-5.0.3.jar:/opt/apache-storm-1.1.1/lib/clojure-1.7.0.jar:/opt/apache-storm-1.1.1/lib/disruptor-3.3.2.jar:/opt/apache-storm-1.1.1/lib/kryo-3.0.3.jar:/opt/apache-storm-1.1.1/lib/log4j-api-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-core-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-over-slf4j-1.6.6.jar:/opt/apache-storm-1.1.1/lib/log4j-slf4j-impl-2.8.2.jar:/opt/apache-storm-1.1.1/lib/minlog-1.3.0.jar:/opt/apache-storm-1.1.1/lib/objenesis-2.1.jar:/opt/apache-storm-1.1.1/lib/reflectasm-1.10.1.jar:/opt/apache-storm-1.1.1/lib/ring-cors-0.1.5.jar:/opt/apache-storm-1.1.1/lib/servlet-api-2.5.jar:/opt/apache-storm-1.1.1/lib/slf4j-api-1.7.21.jar:/opt/apache-storm-1.1.1/lib/storm-core-1.1.1.jar:/opt/apache-storm-1.1.1/lib/storm-rename-hack-1.1.1.jar:/opt/apache-storm-1.1.1:/opt/apache-storm-default/conf -Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf -Dlogfile.name=ui.log -DLog4jContextSelector=org.apache.logging.log4j.core.async.AsyncLoggerContextSelector -Dlog4j.configurationFile=/opt/apache-storm-1.1.1/log4j2/cluster.xml org.apache.storm.ui.core
root 19913 0.0 0.0 112648 972 pts/1 R+ 09:26 0:00 grep --color=auto ui.core
[root@bigstorm bin]# lsof -p 5080 -P | grep LISTEN
java 5080 root 27u IPv6 597116 0t0 TCP localhost:8080 (LISTEN)
{code}
Now if I add the https config:
{code}
ui.https.host: "localhost"
ui.https.port: 8443
ui.https.keystore.type: "jks"
ui.https.keystore.path: "/keytabs/keystore.jks"
ui.https.keystore.password: "sooper-sekrit"
ui.https.key.password: "sooper-sekrit"
{code}
and I restart the UI, I can see that it's listening on *:8443:
{code}
[root@bigstorm bin]# ps axuww | grep ui.core
root 19921 17.2 5.4 2849188 210896 pts/1 Sl 09:26 0:04 java -server -Ddaemon.name=ui -Dstorm.options= -Dstorm.home=/opt/apache-storm-1.1.1 -Dstorm.log.dir=/opt/apache-storm-1.1.1/logs -Djava.library.path=/usr/local/lib:/opt/local/lib:/usr/lib -Dstorm.conf.file= -cp /opt/apache-storm-1.1.1/lib/asm-5.0.3.jar:/opt/apache-storm-1.1.1/lib/clojure-1.7.0.jar:/opt/apache-storm-1.1.1/lib/disruptor-3.3.2.jar:/opt/apache-storm-1.1.1/lib/kryo-3.0.3.jar:/opt/apache-storm-1.1.1/lib/log4j-api-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-core-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-over-slf4j-1.6.6.jar:/opt/apache-storm-1.1.1/lib/log4j-slf4j-impl-2.8.2.jar:/opt/apache-storm-1.1.1/lib/minlog-1.3.0.jar:/opt/apache-storm-1.1.1/lib/objenesis-2.1.jar:/opt/apache-storm-1.1.1/lib/reflectasm-1.10.1.jar:/opt/apache-storm-1.1.1/lib/ring-cors-0.1.5.jar:/opt/apache-storm-1.1.1/lib/servlet-api-2.5.jar:/opt/apache-storm-1.1.1/lib/slf4j-api-1.7.21.jar:/opt/apache-storm-1.1.1/lib/storm-core-1.1.1.jar:/opt/apache-storm-1.1.1/lib/storm-rename-hack-1.1.1.jar:/opt/apache-storm-1.1.1:/opt/apache-storm-default/conf -Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf -Dlogfile.name=ui.log -DLog4jContextSelector=org.apache.logging.log4j.core.async.AsyncLoggerContextSelector -Dlog4j.configurationFile=/opt/apache-storm-1.1.1/log4j2/cluster.xml org.apache.storm.ui.core
root 20018 0.0 0.0 112648 968 pts/1 R+ 09:27 0:00 grep --color=auto ui.core
[root@bigstorm bin]# lsof -p 19921 -P | grep LISTEN
java 19921 root 38u IPv6 677914 0t0 TCP *:8443 (LISTEN)
{code}
I have a situation in which I'm trying to limit access to the UI on a per-user basis. The UI seems, as far as I can tell, only to support limiting access to users with valid Kerberos tickets (which is everyone here :) ), so I was trying to put a proxy in front of the UI and run it just on localhost, and rely on the proxy to do the authentication.
This bug means that if I was to do that, I'd have to run the UI without https, which means that people's credentials would be bouncing around in the clear (again, as far as I can tell; I tcpdumped that and I could see, say, storm@PORCUPINERACING.COM in the base64 decode of the Authorization: HTTP header, at least, which I figure was a bad sign).
I looked at the code and didn't see anything obvious but since I don't know Clojure or Netty it was probably staring me in the face. :) . But if you could fix this that'd be awesome, and it'd let me secure this in a way that I'd find much more reassuring. Thanks!
> Storm UI fails to bind to ui.host when using https
> --------------------------------------------------
>
> Key: STORM-2739
> URL: https://issues.apache.org/jira/browse/STORM-2739
> Project: Apache Storm
> Issue Type: Bug
> Components: storm-ui
> Affects Versions: 1.1.1
> Environment: all
> Reporter: Steve Miller
>
> When using https with the Storm UI, it ignores the value of ui.host, and binds to 0.0.0.0.
> Starting with this config:
> {code}
> storm.local.dir: "/opt/storm"
> storm.zookeeper.servers:
> - "bigstorm.porcupineracing.com"
> nimbus.seeds: ["bigstorm.porcupineracing.com"]
> nimbus.childopts: "-Xmx1024m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
> ui.childopts: "-Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
> supervisor.childopts: "-Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf"
> storm.thrift.transport: "org.apache.storm.security.auth.kerberos.KerberosSaslTransportPlugin"
> java.security.auth.login.config: "/keytabs/jaas.conf"
> storm.zookeeper.superACL: "sasl:storm@PORCUPINERACING.COM"
> ui.host: 127.0.0.1
> nimbus.authorizer: "org.apache.storm.security.auth.authorizer.SimpleACLAuthorizer"
> nimbus.admins:
> - "storm/bigstorm.porcupineracing.com@PORCUPINERACING.COM"
> - "storm@PORCUPINERACING.COM"
> - "storm"
> nimbus.supervisor.users:
> - "storm/bigstorm.porcupineracing.com@PORCUPINERACING.COM"
> - "storm@PORCUPINERACING.COM"
> - "storm"
> nimbus.users:
> - "steven.miller"
> - "steven.miller@PORCUPINERACING.COM"
> {code}
> I can start the UI and verify using lsof that it's only listening on localhost:
> {code}
> [root@bigstorm bin]# ps axuww | grep ui.core
> root 5080 0.1 5.6 2850232 217688 pts/1 Sl Sep14 1:31 java -server -Ddaemon.name=ui -Dstorm.options= -Dstorm.home=/opt/apache-storm-1.1.1 -Dstorm.log.dir=/opt/apache-storm-1.1.1/logs -Djava.library.path=/usr/local/lib:/opt/local/lib:/usr/lib -Dstorm.conf.file= -cp /opt/apache-storm-1.1.1/lib/asm-5.0.3.jar:/opt/apache-storm-1.1.1/lib/clojure-1.7.0.jar:/opt/apache-storm-1.1.1/lib/disruptor-3.3.2.jar:/opt/apache-storm-1.1.1/lib/kryo-3.0.3.jar:/opt/apache-storm-1.1.1/lib/log4j-api-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-core-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-over-slf4j-1.6.6.jar:/opt/apache-storm-1.1.1/lib/log4j-slf4j-impl-2.8.2.jar:/opt/apache-storm-1.1.1/lib/minlog-1.3.0.jar:/opt/apache-storm-1.1.1/lib/objenesis-2.1.jar:/opt/apache-storm-1.1.1/lib/reflectasm-1.10.1.jar:/opt/apache-storm-1.1.1/lib/ring-cors-0.1.5.jar:/opt/apache-storm-1.1.1/lib/servlet-api-2.5.jar:/opt/apache-storm-1.1.1/lib/slf4j-api-1.7.21.jar:/opt/apache-storm-1.1.1/lib/storm-core-1.1.1.jar:/opt/apache-storm-1.1.1/lib/storm-rename-hack-1.1.1.jar:/opt/apache-storm-1.1.1:/opt/apache-storm-default/conf -Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf -Dlogfile.name=ui.log -DLog4jContextSelector=org.apache.logging.log4j.core.async.AsyncLoggerContextSelector -Dlog4j.configurationFile=/opt/apache-storm-1.1.1/log4j2/cluster.xml org.apache.storm.ui.core
> root 19913 0.0 0.0 112648 972 pts/1 R+ 09:26 0:00 grep --color=auto ui.core
> [root@bigstorm bin]# lsof -p 5080 -P | grep LISTEN
> java 5080 root 27u IPv6 597116 0t0 TCP localhost:8080 (LISTEN)
> {code}
> Now if I add the https config:
> {code}
> ui.https.host: "localhost"
> ui.https.port: 8443
> ui.https.keystore.type: "jks"
> ui.https.keystore.path: "/keytabs/keystore.jks"
> ui.https.keystore.password: "sooper-sekrit"
> ui.https.key.password: "sooper-sekrit"
> {code}
> and I restart the UI, I can see that it's listening on *:8443:
> {code}
> [root@bigstorm bin]# ps axuww | grep ui.core
> root 19921 17.2 5.4 2849188 210896 pts/1 Sl 09:26 0:04 java -server -Ddaemon.name=ui -Dstorm.options= -Dstorm.home=/opt/apache-storm-1.1.1 -Dstorm.log.dir=/opt/apache-storm-1.1.1/logs -Djava.library.path=/usr/local/lib:/opt/local/lib:/usr/lib -Dstorm.conf.file= -cp /opt/apache-storm-1.1.1/lib/asm-5.0.3.jar:/opt/apache-storm-1.1.1/lib/clojure-1.7.0.jar:/opt/apache-storm-1.1.1/lib/disruptor-3.3.2.jar:/opt/apache-storm-1.1.1/lib/kryo-3.0.3.jar:/opt/apache-storm-1.1.1/lib/log4j-api-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-core-2.8.2.jar:/opt/apache-storm-1.1.1/lib/log4j-over-slf4j-1.6.6.jar:/opt/apache-storm-1.1.1/lib/log4j-slf4j-impl-2.8.2.jar:/opt/apache-storm-1.1.1/lib/minlog-1.3.0.jar:/opt/apache-storm-1.1.1/lib/objenesis-2.1.jar:/opt/apache-storm-1.1.1/lib/reflectasm-1.10.1.jar:/opt/apache-storm-1.1.1/lib/ring-cors-0.1.5.jar:/opt/apache-storm-1.1.1/lib/servlet-api-2.5.jar:/opt/apache-storm-1.1.1/lib/slf4j-api-1.7.21.jar:/opt/apache-storm-1.1.1/lib/storm-core-1.1.1.jar:/opt/apache-storm-1.1.1/lib/storm-rename-hack-1.1.1.jar:/opt/apache-storm-1.1.1:/opt/apache-storm-default/conf -Xmx768m -Djava.security.auth.login.config=/keytabs/jaas.conf -Djava.security.krb5.conf=/etc/krb5.conf -Dlogfile.name=ui.log -DLog4jContextSelector=org.apache.logging.log4j.core.async.AsyncLoggerContextSelector -Dlog4j.configurationFile=/opt/apache-storm-1.1.1/log4j2/cluster.xml org.apache.storm.ui.core
> root 20018 0.0 0.0 112648 968 pts/1 R+ 09:27 0:00 grep --color=auto ui.core
> [root@bigstorm bin]# lsof -p 19921 -P | grep LISTEN
> java 19921 root 38u IPv6 677914 0t0 TCP *:8443 (LISTEN)
> {code}
> I have a situation in which I'm trying to limit access to the UI on a per-user basis. The UI seems, as far as I can tell, only to support limiting access to users with valid Kerberos tickets (which is everyone here :) ), so I was trying to put a proxy in front of the UI and run it just on localhost, and rely on the proxy to do the authentication.
> This bug means that if I was to do that, I'd have to run the UI without https, which means that people's credentials would be bouncing around in the clear (again, as far as I can tell; I tcpdumped that and I could see, say, storm@PORCUPINERACING.COM in the base64 decode of the Authorization: HTTP header, at least, which I figure was a bad sign).
> I looked at the code and didn't see anything obvious but since I don't know Clojure or Netty it was probably staring me in the face. :) . But if you could fix this that'd be awesome, and it'd let me secure this in a way that I'd find much more reassuring. Thanks!
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)