You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Angelo K. Huang (Created) (JIRA)" <ji...@apache.org> on 2011/11/30 00:47:40 UTC
[jira] [Created] (OOZIE-624) client side improvement of
authentication for user defined options
client side improvement of authentication for user defined options
------------------------------------------------------------------
Key: OOZIE-624
URL: https://issues.apache.org/jira/browse/OOZIE-624
Project: Oozie
Issue Type: Improvement
Reporter: Angelo K. Huang
Assignee: Angelo K. Huang
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13226738#comment-13226738 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/
-----------------------------------------------------------
(Updated 2012-03-10 03:34:46.138588)
Review request for oozie.
Summary
-------
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
This addresses bug OOZIE-624.
https://issues.apache.org/jira/browse/OOZIE-624
Diffs (updated)
-----
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
/trunk/core/pom.xml 1298705
/trunk/core/src/main/conf/oozie-site.xml 1298705
/trunk/core/src/main/java/org/apache/oozie/BundleActionBean.java 1298705
/trunk/core/src/main/java/org/apache/oozie/BundleJobBean.java 1298705
/trunk/core/src/main/java/org/apache/oozie/BundleJobInfo.java 1298705
/trunk/core/src/main/java/org/apache/oozie/service/JPAService.java 1298705
/trunk/core/src/main/java/org/apache/oozie/servlet/JsonRestServlet.java 1298705
/trunk/core/src/main/resources/oozie-default.xml 1298705
/trunk/distro/src/main/bin/addtowar.sh 1298705
/trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
/trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
/trunk/docs/src/site/twiki/index.twiki 1298705
Diff: https://reviews.apache.org/r/3069/diff
Testing
-------
Thanks,
Angelo K.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13164990#comment-13164990 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/#review3732
-----------------------------------------------------------
Looks good
Few questions/comments/recommendations
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment8389>
why you want to print the tokens ?
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment8393>
Typo .. instantiated .
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment8396>
change the header to reflect the newly added authentication
as well add the new exception you are currently throwing .. [IllegalArgumentException]
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment8394>
this piece of code needs to be simplified ...
a switch statement may be more suitable here
return (authType ==AuthType.KERBEROS) ? new KerberosAuthenticator() : new PseudoAuthenticator();
you already checked for the type while getting the type of authType ..
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment8395>
catching a generic exception is not always good programming practice..
it is better to spill out the type of exceptions you may need to catch
/trunk/core/src/main/conf/oozie-site.xml
<https://reviews.apache.org/r/3069/#comment8388>
extra tab
- Mohamed
On 2011-12-08 02:52:04, Angelo K. Huang wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3069/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-12-08 02:52:04)
bq.
bq.
bq. Review request for oozie.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
bq.
bq. A proposal is :
bq.
bq. -auth simple
bq. -auth kerberos
bq. -auth <auth_name>
bq.
bq.
bq. This addresses bug OOZIE-624.
bq. https://issues.apache.org/jira/browse/OOZIE-624
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1209346
bq. /trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1209346
bq. /trunk/core/src/main/conf/oozie-site.xml 1209346
bq. /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1209346
bq.
bq. Diff: https://reviews.apache.org/r/3069/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Angelo K.
bq.
bq.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "Alejandro Abdelnur (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13203925#comment-13203925 ]
Alejandro Abdelnur commented on OOZIE-624:
------------------------------------------
Is this JIRA still an issue?
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13171247#comment-13171247 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/#review3954
-----------------------------------------------------------
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment8934>
we are adding a mechanism to allow custom authentications, still the logic here is pretty much wired.
How about the following:
Having a protected method
Map<String,Class<? extends Authenticator>> getAuthenticators() { ... }
The Apache implementation would have the following entries:
null -> KerberosAuthenticator
simple -> PseudoAuthenticator
kerberos -> KerberosAuthenticator
then the logic is quite simple:
Authenticator authClass = getAuthenticators().get(authOptionValue);
if (authClass == null) {
throw INVALID AUTH MECHANISM
}
Authenticator auth = authClass.newInstance();
.newInstance();
if
- Alejandro
On 2011-12-10 01:24:41, Angelo K. Huang wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3069/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-12-10 01:24:41)
bq.
bq.
bq. Review request for oozie.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
bq.
bq. A proposal is :
bq.
bq. -auth simple
bq. -auth kerberos
bq. -auth <auth_name>
bq.
bq.
bq. This addresses bug OOZIE-624.
bq. https://issues.apache.org/jira/browse/OOZIE-624
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1209346
bq. /trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1209346
bq. /trunk/core/src/main/conf/oozie-site.xml 1209346
bq. /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1209346
bq.
bq. Diff: https://reviews.apache.org/r/3069/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Angelo K.
bq.
bq.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13164952#comment-13164952 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/
-----------------------------------------------------------
Review request for oozie.
Summary
-------
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
This addresses bug OOZIE-624.
https://issues.apache.org/jira/browse/OOZIE-624
Diffs
-----
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1209346
/trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1209346
/trunk/core/src/main/conf/oozie-site.xml 1209346
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1209346
Diff: https://reviews.apache.org/r/3069/diff
Testing
-------
Thanks,
Angelo K.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13229740#comment-13229740 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/#review5971
-----------------------------------------------------------
Ship it!
after comment regarding the core POM
/trunk/core/pom.xml
<https://reviews.apache.org/r/3069/#comment12945>
this exclusion is not needed
- Alejandro
On 2012-03-13 00:36:47, Angelo K. Huang wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3069/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-03-13 00:36:47)
bq.
bq.
bq. Review request for oozie.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
bq.
bq. A proposal is :
bq.
bq. -auth simple
bq. -auth kerberos
bq. -auth <auth_name>
bq.
bq.
bq. This addresses bug OOZIE-624.
bq. https://issues.apache.org/jira/browse/OOZIE-624
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
bq. /trunk/core/pom.xml 1298705
bq. /trunk/core/src/main/conf/oozie-site.xml 1298705
bq. /trunk/core/src/main/resources/oozie-default.xml 1298705
bq. /trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
bq. /trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
bq. /trunk/docs/src/site/twiki/index.twiki 1298705
bq.
bq. Diff: https://reviews.apache.org/r/3069/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Angelo K.
bq.
bq.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13228092#comment-13228092 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/
-----------------------------------------------------------
(Updated 2012-03-13 00:36:47.818940)
Review request for oozie.
Summary (updated)
-------
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
This addresses bug OOZIE-624.
https://issues.apache.org/jira/browse/OOZIE-624
Diffs
-----
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
/trunk/core/pom.xml 1298705
/trunk/core/src/main/conf/oozie-site.xml 1298705
/trunk/core/src/main/resources/oozie-default.xml 1298705
/trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
/trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
/trunk/docs/src/site/twiki/index.twiki 1298705
Diff: https://reviews.apache.org/r/3069/diff
Testing
-------
Thanks,
Angelo K.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13228091#comment-13228091 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/
-----------------------------------------------------------
(Updated 2012-03-13 00:36:34.344486)
Review request for oozie.
Summary
-------
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
This addresses bug OOZIE-624.
https://issues.apache.org/jira/browse/OOZIE-624
Diffs (updated)
-----
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
/trunk/core/pom.xml 1298705
/trunk/core/src/main/conf/oozie-site.xml 1298705
/trunk/core/src/main/resources/oozie-default.xml 1298705
/trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
/trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
/trunk/docs/src/site/twiki/index.twiki 1298705
Diff: https://reviews.apache.org/r/3069/diff
Testing
-------
Thanks,
Angelo K.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13228087#comment-13228087 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
bq. On 2012-03-12 23:15:42, Alejandro Abdelnur wrote:
bq. > Why not pass as -auth the authenticator class (as it is can be done via ENV var as well)? By doing this you wouldn't have to subclass AuthOozieClient to add a new authentication. You'd just add the JAR with it and at oozie script (if you want to make things easier for users) resolve the class based on a an alias -auth foo becomes -auth my.foo.bar
Currently, Yahoo users are using -auth foo to specify the auth mechanism. So, at least, this '-auth foo' has to be supported.
bq. On 2012-03-12 23:15:42, Alejandro Abdelnur wrote:
bq. > /trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki, line 91
bq. > <https://reviews.apache.org/r/3069/diff/3/?file=91043#file91043line91>
bq. >
bq. > why this method is needed in the docs?
Because I have to do this so server can get cookie.
HttpURLConnection conn = super.createConnection(url, method);
String t = conn.getRequestProperty("Cookie");
if (t != null) {
if (t.indexOf("\"") > -1) {
t = t.replaceAll("\"", "");
}
conn.setRequestProperty("Cookie", t);
}
return conn;
Also, the singleton config object at each authenticator can be set here. Say, I have this singleton config object at FooAuthenticator.
public class FooAuthenticator implements Authenticator
public static class FooAuthenticatorConf {
private static final FooAuthenticatorConf instance = new FooAuthenticatorConf();
private final Map<String, String> map = new HashMap<String, String>();
private FooAuthenticatorConf() {
}
public static FooAuthenticatorConf getInstance() {
return instance;
}
public void put(String key, String value) {
map.put(key, value);
}
public String get(String key) {
return map.get(key);
}
public void clear() {
map.clear();
}
}
}
It can be set in overrided createConnection().
bq. On 2012-03-12 23:15:42, Alejandro Abdelnur wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java, line 76
bq. > <https://reviews.apache.org/r/3069/diff/3/?file=91036#file91036line76>
bq. >
bq. > not to break backwards compatibility, create a new constructor with the new signature
fixed.
bq. On 2012-03-12 23:15:42, Alejandro Abdelnur wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java, line 182
bq. > <https://reviews.apache.org/r/3069/diff/3/?file=91035#file91035line182>
bq. >
bq. > *user_defined* does not apply to this code (but, I assume, to a custom subclass). this message (at this class) should be 'simple|kerberos' only.
fixed.
- Angelo K.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/#review5863
-----------------------------------------------------------
On 2012-03-10 03:37:03, Angelo K. Huang wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3069/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-03-10 03:37:03)
bq.
bq.
bq. Review request for oozie.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
bq.
bq. A proposal is :
bq.
bq. -auth simple
bq. -auth kerberos
bq. -auth <auth_name>
bq.
bq.
bq. This addresses bug OOZIE-624.
bq. https://issues.apache.org/jira/browse/OOZIE-624
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
bq. /trunk/core/pom.xml 1298705
bq. /trunk/core/src/main/conf/oozie-site.xml 1298705
bq. /trunk/core/src/main/resources/oozie-default.xml 1298705
bq. /trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
bq. /trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
bq. /trunk/docs/src/site/twiki/index.twiki 1298705
bq.
bq. Diff: https://reviews.apache.org/r/3069/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Angelo K.
bq.
bq.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13166733#comment-13166733 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/
-----------------------------------------------------------
(Updated 2011-12-10 01:24:41.130731)
Review request for oozie.
Summary (updated)
-------
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
This addresses bug OOZIE-624.
https://issues.apache.org/jira/browse/OOZIE-624
Diffs
-----
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1209346
/trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1209346
/trunk/core/src/main/conf/oozie-site.xml 1209346
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1209346
Diff: https://reviews.apache.org/r/3069/diff
Testing
-------
Thanks,
Angelo K.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13228034#comment-13228034 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/#review5863
-----------------------------------------------------------
Why not pass as -auth the authenticator class (as it is can be done via ENV var as well)? By doing this you wouldn't have to subclass AuthOozieClient to add a new authentication. You'd just add the JAR with it and at oozie script (if you want to make things easier for users) resolve the class based on a an alias -auth foo becomes -auth my.foo.bar
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java
<https://reviews.apache.org/r/3069/#comment12775>
*user_defined* does not apply to this code (but, I assume, to a custom subclass). this message (at this class) should be 'simple|kerberos' only.
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java
<https://reviews.apache.org/r/3069/#comment12769>
not to break backwards compatibility, create a new constructor with the new signature
/trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki
<https://reviews.apache.org/r/3069/#comment12776>
why this method is needed in the docs?
- Alejandro
On 2012-03-10 03:37:03, Angelo K. Huang wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3069/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-03-10 03:37:03)
bq.
bq.
bq. Review request for oozie.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
bq.
bq. A proposal is :
bq.
bq. -auth simple
bq. -auth kerberos
bq. -auth <auth_name>
bq.
bq.
bq. This addresses bug OOZIE-624.
bq. https://issues.apache.org/jira/browse/OOZIE-624
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
bq. /trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
bq. /trunk/core/pom.xml 1298705
bq. /trunk/core/src/main/conf/oozie-site.xml 1298705
bq. /trunk/core/src/main/resources/oozie-default.xml 1298705
bq. /trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
bq. /trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
bq. /trunk/docs/src/site/twiki/index.twiki 1298705
bq.
bq. Diff: https://reviews.apache.org/r/3069/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Angelo K.
bq.
bq.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13226739#comment-13226739 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/
-----------------------------------------------------------
(Updated 2012-03-10 03:37:03.685514)
Review request for oozie.
Summary
-------
This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
A proposal is :
-auth simple
-auth kerberos
-auth <auth_name>
This addresses bug OOZIE-624.
https://issues.apache.org/jira/browse/OOZIE-624
Diffs (updated)
-----
/trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/OozieClient.java 1298705
/trunk/client/src/main/java/org/apache/oozie/client/XOozieClient.java 1298705
/trunk/core/pom.xml 1298705
/trunk/core/src/main/conf/oozie-site.xml 1298705
/trunk/core/src/main/resources/oozie-default.xml 1298705
/trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1298705
/trunk/docs/src/site/twiki/ENG_Custom_Authentication.twiki PRE-CREATION
/trunk/docs/src/site/twiki/index.twiki 1298705
Diff: https://reviews.apache.org/r/3069/diff
Testing
-------
Thanks,
Angelo K.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (OOZIE-624) client side improvement of
authentication for user defined options
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/OOZIE-624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13166634#comment-13166634 ]
jiraposter@reviews.apache.org commented on OOZIE-624:
-----------------------------------------------------
bq. On 2011-12-08 04:49:00, Mohamed Battisha wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java, line 200
bq. > <https://reviews.apache.org/r/3069/diff/1/?file=63126#file63126line200>
bq. >
bq. > change the header to reflect the newly added authentication
bq. >
bq. > as well add the new exception you are currently throwing .. [IllegalArgumentException]
Header is changed.
The exception 'IllegalArgumentException' is convert to OozieClientException, so there is no need to write it explicitly.
bq. On 2011-12-08 04:49:00, Mohamed Battisha wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java, line 199
bq. > <https://reviews.apache.org/r/3069/diff/1/?file=63126#file63126line199>
bq. >
bq. > Typo .. instantiated .
fixed.
bq. On 2011-12-08 04:49:00, Mohamed Battisha wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java, line 98
bq. > <https://reviews.apache.org/r/3069/diff/1/?file=63126#file63126line98>
bq. >
bq. > why you want to print the tokens ?
bq. >
removed.
bq. On 2011-12-08 04:49:00, Mohamed Battisha wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java, line 220
bq. > <https://reviews.apache.org/r/3069/diff/1/?file=63126#file63126line220>
bq. >
bq. > this piece of code needs to be simplified ...
bq. > a switch statement may be more suitable here
bq. >
bq. > return (authType ==AuthType.KERBEROS) ? new KerberosAuthenticator() : new PseudoAuthenticator();
bq. >
bq. >
bq. > you already checked for the type while getting the type of authType ..
fixed.
bq. On 2011-12-08 04:49:00, Mohamed Battisha wrote:
bq. > /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java, line 231
bq. > <https://reviews.apache.org/r/3069/diff/1/?file=63126#file63126line231>
bq. >
bq. > catching a generic exception is not always good programming practice..
bq. > it is better to spill out the type of exceptions you may need to catch
fixed.
- Angelo K.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3069/#review3732
-----------------------------------------------------------
On 2011-12-08 02:52:04, Angelo K. Huang wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3069/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-12-08 02:52:04)
bq.
bq.
bq. Review request for oozie.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
bq.
bq. A proposal is :
bq.
bq. -auth simple
bq. -auth kerberos
bq. -auth <auth_name>
bq.
bq.
bq. This addresses bug OOZIE-624.
bq. https://issues.apache.org/jira/browse/OOZIE-624
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/client/src/main/java/org/apache/oozie/cli/OozieCLI.java 1209346
bq. /trunk/docs/src/site/twiki/DG_CommandLineTool.twiki 1209346
bq. /trunk/core/src/main/conf/oozie-site.xml 1209346
bq. /trunk/client/src/main/java/org/apache/oozie/client/AuthOozieClient.java 1209346
bq.
bq. Diff: https://reviews.apache.org/r/3069/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Angelo K.
bq.
bq.
> client side improvement of authentication for user defined options
> ------------------------------------------------------------------
>
> Key: OOZIE-624
> URL: https://issues.apache.org/jira/browse/OOZIE-624
> Project: Oozie
> Issue Type: Improvement
> Reporter: Angelo K. Huang
> Assignee: Angelo K. Huang
> Labels: authentication, hadoop, oozie
> Original Estimate: 168h
> Remaining Estimate: 168h
>
> This improvement is mainly to add client parameter options to handle user specified authentication option. In Oozie-77, client authentication uses fall-back strategy to handle authentication, such as kerberos -> simple. User should allow to give parameter or property to specify which authentication to use.
> A proposal is :
> -auth simple
> -auth kerberos
> -auth <auth_name>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira