You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by mo...@apache.org on 2017/11/02 18:48:25 UTC
[21/25] knox git commit: KNOX-998 - Merge from master
KNOX-998 - Merge from master
Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/46109ad8
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/46109ad8
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/46109ad8
Branch: refs/heads/KNOX-998-Package_Restructuring
Commit: 46109ad8563ea2286ca7e4756410e7753b2fd9cb
Parents: c754cc0
Author: Sandeep More <mo...@apache.org>
Authored: Thu Nov 2 10:37:58 2017 -0400
Committer: Sandeep More <mo...@apache.org>
Committed: Thu Nov 2 10:37:58 2017 -0400
----------------------------------------------------------------------
.../security/ldap/BaseDirectoryService.java | 0
.../ldap/BaseDirectoryServiceFactory.java | 0
.../ldap/SimpleDirectoryServiceFactory.java | 0
.../ambari/AmbariServiceDiscoveryMessages.java | 2 +-
.../webappsec/filter/StrictTranportFilter.java | 137 ----------
.../webappsec/deploy/WebAppSecContributor.java | 2 +-
.../webappsec/filter/StrictTranportFilter.java | 137 ++++++++++
.../webappsec/StrictTranportFilterTest.java | 164 ------------
.../webappsec/StrictTranportFilterTest.java | 164 ++++++++++++
.../org/apache/knox/gateway/GatewayFilter.java | 2 +-
.../impl/DefaultTokenAuthorityServiceTest.java | 254 -------------------
.../apache/knox/gateway/GatewayFilterTest.java | 2 +-
.../impl/DefaultTokenAuthorityServiceTest.java | 254 +++++++++++++++++++
.../topology/DefaultTopologyServiceTest.java | 20 +-
.../simple/SimpleDescriptorHandlerTest.java | 2 +-
.../topology/file/provider-config-one.xml | 74 ------
.../topology/file/simple-descriptor-five.json | 14 -
.../topology/file/simple-descriptor-six.json | 18 --
.../topology/file/ambari-cluster-policy.xml | 4 +-
.../topology/file/provider-config-one.xml | 74 ++++++
.../topology/file/simple-descriptor-five.json | 14 +
.../topology/file/simple-descriptor-six.json | 18 ++
.../service/admin/HrefListingMarshaller.java | 75 ------
.../service/admin/HrefListingMarshaller.java | 75 ++++++
.../service/admin/TopologiesResource.java | 2 +-
.../services/ambariui/2.2.1/service.xml | 2 +-
26 files changed, 755 insertions(+), 755 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/BaseDirectoryService.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/BaseDirectoryService.java b/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/BaseDirectoryService.java
deleted file mode 100644
index e69de29..0000000
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/BaseDirectoryServiceFactory.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/BaseDirectoryServiceFactory.java b/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/BaseDirectoryServiceFactory.java
deleted file mode 100644
index e69de29..0000000
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/SimpleDirectoryServiceFactory.java
----------------------------------------------------------------------
diff --git a/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/SimpleDirectoryServiceFactory.java b/gateway-demo-ldap/src/main/java/org/apache/knox/gateway/security/ldap/SimpleDirectoryServiceFactory.java
deleted file mode 100644
index e69de29..0000000
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscoveryMessages.java
----------------------------------------------------------------------
diff --git a/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscoveryMessages.java b/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscoveryMessages.java
index d91edef..2bdc94b 100644
--- a/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscoveryMessages.java
+++ b/gateway-discovery-ambari/src/main/java/org/apache/knox/gateway/topology/discovery/ambari/AmbariServiceDiscoveryMessages.java
@@ -21,7 +21,7 @@ import org.apache.knox.gateway.i18n.messages.MessageLevel;
import org.apache.knox.gateway.i18n.messages.Messages;
import org.apache.knox.gateway.i18n.messages.StackTrace;
-@Messages(logger="org.apache.hadoop.gateway.topology.discovery.ambari")
+@Messages(logger="org.apache.knox.gateway.topology.discovery.ambari")
public interface AmbariServiceDiscoveryMessages {
@Message(level = MessageLevel.ERROR,
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/filter/StrictTranportFilter.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/filter/StrictTranportFilter.java b/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/filter/StrictTranportFilter.java
deleted file mode 100644
index 28ac18a..0000000
--- a/gateway-provider-security-webappsec/src/main/java/org/apache/hadoop/gateway/webappsec/filter/StrictTranportFilter.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.webappsec.filter;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpServletResponseWrapper;
-
-/**
- * This filter protects proxied webapps from protocol downgrade attacks
- * and cookie hijacking.
- */
-public class StrictTranportFilter implements Filter {
- private static final String STRICT_TRANSPORT = "Strict-Transport-Security";
- private static final String CUSTOM_HEADER_PARAM = "strict.transport";
-
- private String option = "max-age=31536000";
-
- /* (non-Javadoc)
- * @see javax.servlet.Filter#destroy()
- */
- @Override
- public void destroy() {
- }
-
- /* (non-Javadoc)
- * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
- */
- @Override
- public void doFilter(ServletRequest req, ServletResponse res,
- FilterChain chain) throws IOException, ServletException {
- ((HttpServletResponse) res).setHeader(STRICT_TRANSPORT, option);
- chain.doFilter(req, new StrictTranportResponseWrapper((HttpServletResponse) res));
- }
-
- /* (non-Javadoc)
- * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
- */
- @Override
- public void init(FilterConfig config) throws ServletException {
- String customOption = config.getInitParameter(CUSTOM_HEADER_PARAM);
- if (customOption != null) {
- option = customOption;
- }
- }
-
- public class StrictTranportResponseWrapper extends HttpServletResponseWrapper {
- @Override
- public void addHeader(String name, String value) {
- // don't allow additional values to be added to
- // the configured options value in topology
- if (!name.equals(STRICT_TRANSPORT)) {
- super.addHeader(name, value);
- }
- }
-
- @Override
- public void setHeader(String name, String value) {
- // don't allow overwriting of configured value
- if (!name.equals(STRICT_TRANSPORT)) {
- super.setHeader(name, value);
- }
- }
-
- /**
- * construct a wrapper for this request
- *
- * @param request
- */
- public StrictTranportResponseWrapper(HttpServletResponse response) {
- super(response);
- }
-
- @Override
- public String getHeader(String name) {
- String headerValue = null;
- if (name.equals(STRICT_TRANSPORT)) {
- headerValue = option;
- }
- else {
- headerValue = super.getHeader(name);
- }
- return headerValue;
- }
-
- /**
- * get the Header names
- */
- @Override
- public Collection<String> getHeaderNames() {
- List<String> names = (List<String>) super.getHeaderNames();
- if (names == null) {
- names = new ArrayList<String>();
- }
- names.add(STRICT_TRANSPORT);
- return names;
- }
-
- @Override
- public Collection<String> getHeaders(String name) {
- List<String> values = (List<String>) super.getHeaders(name);
- if (name.equals(STRICT_TRANSPORT)) {
- if (values == null) {
- values = new ArrayList<String>();
- }
- values.add(option);
- }
- return values;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/deploy/WebAppSecContributor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/deploy/WebAppSecContributor.java b/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/deploy/WebAppSecContributor.java
index 17fb8c2..71a5af9 100644
--- a/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/deploy/WebAppSecContributor.java
+++ b/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/deploy/WebAppSecContributor.java
@@ -43,7 +43,7 @@ public class WebAppSecContributor extends
private static final String XFRAME_OPTIONS_FILTER_CLASSNAME = "org.apache.knox.gateway.webappsec.filter.XFrameOptionsFilter";
private static final String XFRAME_OPTIONS_ENABLED = "xframe.options.enabled";
private static final String STRICT_TRANSPORT_SUFFIX = "_STRICTTRANSPORT";
- private static final String STRICT_TRANSPORT_FILTER_CLASSNAME = "org.apache.hadoop.gateway.webappsec.filter.StrictTranportFilter";
+ private static final String STRICT_TRANSPORT_FILTER_CLASSNAME = "org.apache.knox.gateway.webappsec.filter.StrictTranportFilter";
private static final String STRICT_TRANSPORT_ENABLED = "strict.transport.enabled";
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/filter/StrictTranportFilter.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/filter/StrictTranportFilter.java b/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/filter/StrictTranportFilter.java
new file mode 100644
index 0000000..0856297
--- /dev/null
+++ b/gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/filter/StrictTranportFilter.java
@@ -0,0 +1,137 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.webappsec.filter;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+
+/**
+ * This filter protects proxied webapps from protocol downgrade attacks
+ * and cookie hijacking.
+ */
+public class StrictTranportFilter implements Filter {
+ private static final String STRICT_TRANSPORT = "Strict-Transport-Security";
+ private static final String CUSTOM_HEADER_PARAM = "strict.transport";
+
+ private String option = "max-age=31536000";
+
+ /* (non-Javadoc)
+ * @see javax.servlet.Filter#destroy()
+ */
+ @Override
+ public void destroy() {
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
+ */
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse res,
+ FilterChain chain) throws IOException, ServletException {
+ ((HttpServletResponse) res).setHeader(STRICT_TRANSPORT, option);
+ chain.doFilter(req, new StrictTranportResponseWrapper((HttpServletResponse) res));
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
+ */
+ @Override
+ public void init(FilterConfig config) throws ServletException {
+ String customOption = config.getInitParameter(CUSTOM_HEADER_PARAM);
+ if (customOption != null) {
+ option = customOption;
+ }
+ }
+
+ public class StrictTranportResponseWrapper extends HttpServletResponseWrapper {
+ @Override
+ public void addHeader(String name, String value) {
+ // don't allow additional values to be added to
+ // the configured options value in topology
+ if (!name.equals(STRICT_TRANSPORT)) {
+ super.addHeader(name, value);
+ }
+ }
+
+ @Override
+ public void setHeader(String name, String value) {
+ // don't allow overwriting of configured value
+ if (!name.equals(STRICT_TRANSPORT)) {
+ super.setHeader(name, value);
+ }
+ }
+
+ /**
+ * construct a wrapper for this request
+ *
+ * @param request
+ */
+ public StrictTranportResponseWrapper(HttpServletResponse response) {
+ super(response);
+ }
+
+ @Override
+ public String getHeader(String name) {
+ String headerValue = null;
+ if (name.equals(STRICT_TRANSPORT)) {
+ headerValue = option;
+ }
+ else {
+ headerValue = super.getHeader(name);
+ }
+ return headerValue;
+ }
+
+ /**
+ * get the Header names
+ */
+ @Override
+ public Collection<String> getHeaderNames() {
+ List<String> names = (List<String>) super.getHeaderNames();
+ if (names == null) {
+ names = new ArrayList<String>();
+ }
+ names.add(STRICT_TRANSPORT);
+ return names;
+ }
+
+ @Override
+ public Collection<String> getHeaders(String name) {
+ List<String> values = (List<String>) super.getHeaders(name);
+ if (name.equals(STRICT_TRANSPORT)) {
+ if (values == null) {
+ values = new ArrayList<String>();
+ }
+ values.add(option);
+ }
+ return values;
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-provider-security-webappsec/src/test/java/org/apache/hadoop/gateway/webappsec/StrictTranportFilterTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-webappsec/src/test/java/org/apache/hadoop/gateway/webappsec/StrictTranportFilterTest.java b/gateway-provider-security-webappsec/src/test/java/org/apache/hadoop/gateway/webappsec/StrictTranportFilterTest.java
deleted file mode 100644
index 0c63d7f..0000000
--- a/gateway-provider-security-webappsec/src/test/java/org/apache/hadoop/gateway/webappsec/StrictTranportFilterTest.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.webappsec;
-
-import static org.junit.Assert.fail;
-
-import java.io.IOException;
-import java.util.Collection;
-import java.util.Enumeration;
-import java.util.Properties;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.hadoop.gateway.webappsec.filter.StrictTranportFilter;
-import org.easymock.EasyMock;
-import org.junit.Assert;
-import org.junit.Test;
-
-/**
- *
- */
-public class StrictTranportFilterTest {
- /**
- *
- */
- private static final String STRICT_TRANSPORT = "Strict-Transport-Security";
- String options = null;
- Collection<String> headerNames = null;
- Collection<String> headers = null;
-
- @Test
- public void testDefaultOptionsValue() throws Exception {
- try {
- StrictTranportFilter filter = new StrictTranportFilter();
- Properties props = new Properties();
- props.put("strict.transport.enabled", "true");
- filter.init(new TestFilterConfig(props));
-
- HttpServletRequest request = EasyMock.createNiceMock(
- HttpServletRequest.class);
- HttpServletResponse response = EasyMock.createNiceMock(
- HttpServletResponse.class);
- EasyMock.replay(request);
- EasyMock.replay(response);
-
- TestFilterChain chain = new TestFilterChain();
- filter.doFilter(request, response, chain);
- Assert.assertTrue("doFilterCalled should not be false.",
- chain.doFilterCalled );
- Assert.assertTrue("Options value incorrect should be max-age=31536000 but is: "
- + options, "max-age=31536000".equals(options));
-
- Assert.assertTrue("Strict-Transport-Security count not equal to 1.", headers.size() == 1);
- } catch (ServletException se) {
- fail("Should NOT have thrown a ServletException.");
- }
- }
-
- @Test
- public void testConfiguredOptionsValue() throws Exception {
- try {
- StrictTranportFilter filter = new StrictTranportFilter();
- Properties props = new Properties();
- props.put("strict.transport.enabled", "true");
- props.put("strict.transport", "max-age=31536010; includeSubDomains");
- filter.init(new TestFilterConfig(props));
-
- HttpServletRequest request = EasyMock.createNiceMock(
- HttpServletRequest.class);
- HttpServletResponse response = EasyMock.createNiceMock(
- HttpServletResponse.class);
- EasyMock.replay(request);
- EasyMock.replay(response);
-
- TestFilterChain chain = new TestFilterChain();
- filter.doFilter(request, response, chain);
- Assert.assertTrue("doFilterCalled should not be false.",
- chain.doFilterCalled );
- Assert.assertTrue("Options value incorrect should be max-age=31536010; includeSubDomains but is: "
- + options, "max-age=31536010; includeSubDomains".equals(options));
-
- Assert.assertTrue("Strict-Transport-Security count not equal to 1.", headers.size() == 1);
- } catch (ServletException se) {
- fail("Should NOT have thrown a ServletException.");
- }
- }
-
- class TestFilterConfig implements FilterConfig {
- Properties props = null;
-
- public TestFilterConfig(Properties props) {
- this.props = props;
- }
-
- @Override
- public String getFilterName() {
- return null;
- }
-
- /* (non-Javadoc)
- * @see javax.servlet.FilterConfig#getServletContext()
- */
- @Override
- public ServletContext getServletContext() {
- return null;
- }
-
- /* (non-Javadoc)
- * @see javax.servlet.FilterConfig#getInitParameter(java.lang.String)
- */
- @Override
- public String getInitParameter(String name) {
- return props.getProperty(name, null);
- }
-
- /* (non-Javadoc)
- * @see javax.servlet.FilterConfig#getInitParameterNames()
- */
- @Override
- public Enumeration<String> getInitParameterNames() {
- return null;
- }
-
- }
-
- class TestFilterChain implements FilterChain {
- boolean doFilterCalled = false;
-
- /* (non-Javadoc)
- * @see javax.servlet.FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
- */
- @Override
- public void doFilter(ServletRequest request, ServletResponse response)
- throws IOException, ServletException {
- doFilterCalled = true;
- options = ((HttpServletResponse)response).getHeader(STRICT_TRANSPORT);
- headerNames = ((HttpServletResponse)response).getHeaderNames();
- headers = ((HttpServletResponse)response).getHeaders(STRICT_TRANSPORT);
- }
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-provider-security-webappsec/src/test/java/org/apache/knox/gateway/webappsec/StrictTranportFilterTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-webappsec/src/test/java/org/apache/knox/gateway/webappsec/StrictTranportFilterTest.java b/gateway-provider-security-webappsec/src/test/java/org/apache/knox/gateway/webappsec/StrictTranportFilterTest.java
new file mode 100644
index 0000000..fa0b5b6
--- /dev/null
+++ b/gateway-provider-security-webappsec/src/test/java/org/apache/knox/gateway/webappsec/StrictTranportFilterTest.java
@@ -0,0 +1,164 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.webappsec;
+
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.Properties;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.knox.gateway.webappsec.filter.StrictTranportFilter;
+import org.easymock.EasyMock;
+import org.junit.Assert;
+import org.junit.Test;
+
+/**
+ *
+ */
+public class StrictTranportFilterTest {
+ /**
+ *
+ */
+ private static final String STRICT_TRANSPORT = "Strict-Transport-Security";
+ String options = null;
+ Collection<String> headerNames = null;
+ Collection<String> headers = null;
+
+ @Test
+ public void testDefaultOptionsValue() throws Exception {
+ try {
+ StrictTranportFilter filter = new StrictTranportFilter();
+ Properties props = new Properties();
+ props.put("strict.transport.enabled", "true");
+ filter.init(new TestFilterConfig(props));
+
+ HttpServletRequest request = EasyMock.createNiceMock(
+ HttpServletRequest.class);
+ HttpServletResponse response = EasyMock.createNiceMock(
+ HttpServletResponse.class);
+ EasyMock.replay(request);
+ EasyMock.replay(response);
+
+ TestFilterChain chain = new TestFilterChain();
+ filter.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.",
+ chain.doFilterCalled );
+ Assert.assertTrue("Options value incorrect should be max-age=31536000 but is: "
+ + options, "max-age=31536000".equals(options));
+
+ Assert.assertTrue("Strict-Transport-Security count not equal to 1.", headers.size() == 1);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ @Test
+ public void testConfiguredOptionsValue() throws Exception {
+ try {
+ StrictTranportFilter filter = new StrictTranportFilter();
+ Properties props = new Properties();
+ props.put("strict.transport.enabled", "true");
+ props.put("strict.transport", "max-age=31536010; includeSubDomains");
+ filter.init(new TestFilterConfig(props));
+
+ HttpServletRequest request = EasyMock.createNiceMock(
+ HttpServletRequest.class);
+ HttpServletResponse response = EasyMock.createNiceMock(
+ HttpServletResponse.class);
+ EasyMock.replay(request);
+ EasyMock.replay(response);
+
+ TestFilterChain chain = new TestFilterChain();
+ filter.doFilter(request, response, chain);
+ Assert.assertTrue("doFilterCalled should not be false.",
+ chain.doFilterCalled );
+ Assert.assertTrue("Options value incorrect should be max-age=31536010; includeSubDomains but is: "
+ + options, "max-age=31536010; includeSubDomains".equals(options));
+
+ Assert.assertTrue("Strict-Transport-Security count not equal to 1.", headers.size() == 1);
+ } catch (ServletException se) {
+ fail("Should NOT have thrown a ServletException.");
+ }
+ }
+
+ class TestFilterConfig implements FilterConfig {
+ Properties props = null;
+
+ public TestFilterConfig(Properties props) {
+ this.props = props;
+ }
+
+ @Override
+ public String getFilterName() {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterConfig#getServletContext()
+ */
+ @Override
+ public ServletContext getServletContext() {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterConfig#getInitParameter(java.lang.String)
+ */
+ @Override
+ public String getInitParameter(String name) {
+ return props.getProperty(name, null);
+ }
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterConfig#getInitParameterNames()
+ */
+ @Override
+ public Enumeration<String> getInitParameterNames() {
+ return null;
+ }
+
+ }
+
+ class TestFilterChain implements FilterChain {
+ boolean doFilterCalled = false;
+
+ /* (non-Javadoc)
+ * @see javax.servlet.FilterChain#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
+ */
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response)
+ throws IOException, ServletException {
+ doFilterCalled = true;
+ options = ((HttpServletResponse)response).getHeader(STRICT_TRANSPORT);
+ headerNames = ((HttpServletResponse)response).getHeaderNames();
+ headers = ((HttpServletResponse)response).getHeaders(STRICT_TRANSPORT);
+ }
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/main/java/org/apache/knox/gateway/GatewayFilter.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayFilter.java b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayFilter.java
index 8dd29bf..25d4f75 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/GatewayFilter.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/GatewayFilter.java
@@ -127,7 +127,7 @@ public class GatewayFilter implements Filter {
// if there was no match then look for a default service for the topology
if (match == null) {
- Topology topology = (Topology) servletRequest.getServletContext().getAttribute("org.apache.hadoop.gateway.topology");
+ Topology topology = (Topology) servletRequest.getServletContext().getAttribute("org.apache.knox.gateway.topology");
if (topology != null) {
String defaultServicePath = topology.getDefaultServicePath();
if (defaultServicePath != null) {
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/java/org/apache/hadoop/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/hadoop/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java b/gateway-server/src/test/java/org/apache/hadoop/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
deleted file mode 100644
index da55422..0000000
--- a/gateway-server/src/test/java/org/apache/hadoop/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
+++ /dev/null
@@ -1,254 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.knox.gateway.services.token.impl;
-
-import java.io.File;
-import java.security.Principal;
-import java.util.HashMap;
-
-import org.apache.knox.gateway.config.GatewayConfig;
-import org.apache.knox.gateway.services.security.AliasService;
-import org.apache.knox.gateway.services.security.KeystoreService;
-import org.apache.knox.gateway.services.security.MasterService;
-import org.apache.knox.gateway.services.security.impl.DefaultKeystoreService;
-import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
-import org.apache.knox.gateway.services.security.token.impl.JWT;
-import org.apache.knox.gateway.services.security.token.TokenServiceException;
-
-import org.easymock.EasyMock;
-import org.junit.Test;
-
-/**
- * Some unit tests for the DefaultTokenAuthorityService.
- */
-public class DefaultTokenAuthorityServiceTest extends org.junit.Assert {
-
- @Test
- public void testTokenCreation() throws Exception {
-
- Principal principal = EasyMock.createNiceMock(Principal.class);
- EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
-
- GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
- String basedir = System.getProperty("basedir");
- if (basedir == null) {
- basedir = new File(".").getCanonicalPath();
- }
-
- EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
- EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
- EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
-
- MasterService ms = EasyMock.createNiceMock(MasterService.class);
- EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
-
- AliasService as = EasyMock.createNiceMock(AliasService.class);
- EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
-
- EasyMock.replay(principal, config, ms, as);
-
- KeystoreService ks = new DefaultKeystoreService();
- ((DefaultKeystoreService)ks).setMasterService(ms);
-
- ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
-
- JWTokenAuthority ta = new DefaultTokenAuthorityService();
- ((DefaultTokenAuthorityService)ta).setAliasService(as);
- ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
-
- ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
-
- JWT token = ta.issueToken(principal, "RS256");
- assertEquals("KNOXSSO", token.getIssuer());
- assertEquals("john.doe@example.com", token.getSubject());
-
- assertTrue(ta.verifyToken(token));
- }
-
- @Test
- public void testTokenCreationAudience() throws Exception {
-
- Principal principal = EasyMock.createNiceMock(Principal.class);
- EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
-
- GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
- String basedir = System.getProperty("basedir");
- if (basedir == null) {
- basedir = new File(".").getCanonicalPath();
- }
-
- EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
- EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
- EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
-
- MasterService ms = EasyMock.createNiceMock(MasterService.class);
- EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
-
- AliasService as = EasyMock.createNiceMock(AliasService.class);
- EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
-
- EasyMock.replay(principal, config, ms, as);
-
- KeystoreService ks = new DefaultKeystoreService();
- ((DefaultKeystoreService)ks).setMasterService(ms);
-
- ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
-
- JWTokenAuthority ta = new DefaultTokenAuthorityService();
- ((DefaultTokenAuthorityService)ta).setAliasService(as);
- ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
-
- ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
-
- JWT token = ta.issueToken(principal, "https://login.example.com", "RS256");
- assertEquals("KNOXSSO", token.getIssuer());
- assertEquals("john.doe@example.com", token.getSubject());
- assertEquals("https://login.example.com", token.getAudience());
-
- assertTrue(ta.verifyToken(token));
- }
-
- @Test
- public void testTokenCreationNullAudience() throws Exception {
-
- Principal principal = EasyMock.createNiceMock(Principal.class);
- EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
-
- GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
- String basedir = System.getProperty("basedir");
- if (basedir == null) {
- basedir = new File(".").getCanonicalPath();
- }
-
- EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
- EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
- EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
-
- MasterService ms = EasyMock.createNiceMock(MasterService.class);
- EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
-
- AliasService as = EasyMock.createNiceMock(AliasService.class);
- EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
-
- EasyMock.replay(principal, config, ms, as);
-
- KeystoreService ks = new DefaultKeystoreService();
- ((DefaultKeystoreService)ks).setMasterService(ms);
-
- ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
-
- JWTokenAuthority ta = new DefaultTokenAuthorityService();
- ((DefaultTokenAuthorityService)ta).setAliasService(as);
- ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
-
- ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
-
- JWT token = ta.issueToken(principal, null, "RS256");
- assertEquals("KNOXSSO", token.getIssuer());
- assertEquals("john.doe@example.com", token.getSubject());
-
- assertTrue(ta.verifyToken(token));
- }
-
- @Test
- public void testTokenCreationSignatureAlgorithm() throws Exception {
-
- Principal principal = EasyMock.createNiceMock(Principal.class);
- EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
-
- GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
- String basedir = System.getProperty("basedir");
- if (basedir == null) {
- basedir = new File(".").getCanonicalPath();
- }
-
- EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
- EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
- EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
-
- MasterService ms = EasyMock.createNiceMock(MasterService.class);
- EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
-
- AliasService as = EasyMock.createNiceMock(AliasService.class);
- EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
-
- EasyMock.replay(principal, config, ms, as);
-
- KeystoreService ks = new DefaultKeystoreService();
- ((DefaultKeystoreService)ks).setMasterService(ms);
-
- ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
-
- JWTokenAuthority ta = new DefaultTokenAuthorityService();
- ((DefaultTokenAuthorityService)ta).setAliasService(as);
- ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
-
- ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
-
- JWT token = ta.issueToken(principal, "RS512");
- assertEquals("KNOXSSO", token.getIssuer());
- assertEquals("john.doe@example.com", token.getSubject());
- assertTrue(token.getHeader().contains("RS512"));
-
- assertTrue(ta.verifyToken(token));
- }
-
- @Test
- public void testTokenCreationBadSignatureAlgorithm() throws Exception {
-
- Principal principal = EasyMock.createNiceMock(Principal.class);
- EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
-
- GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
- String basedir = System.getProperty("basedir");
- if (basedir == null) {
- basedir = new File(".").getCanonicalPath();
- }
-
- EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
- EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
- EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
-
- MasterService ms = EasyMock.createNiceMock(MasterService.class);
- EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
-
- AliasService as = EasyMock.createNiceMock(AliasService.class);
- EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
-
- EasyMock.replay(principal, config, ms, as);
-
- KeystoreService ks = new DefaultKeystoreService();
- ((DefaultKeystoreService)ks).setMasterService(ms);
-
- ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
-
- JWTokenAuthority ta = new DefaultTokenAuthorityService();
- ((DefaultTokenAuthorityService)ta).setAliasService(as);
- ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
-
- ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
-
- try {
- ta.issueToken(principal, "none");
- fail("Failure expected on a bad signature algorithm");
- } catch (TokenServiceException ex) {
- // expected
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/java/org/apache/knox/gateway/GatewayFilterTest.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/GatewayFilterTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/GatewayFilterTest.java
index ac22400..2fe1f1a 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/GatewayFilterTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/GatewayFilterTest.java
@@ -196,7 +196,7 @@ public class GatewayFilterTest {
"Custom-Forwarded-For").anyTimes();
EasyMock.expect( request.getRequestURL() ).andReturn( new StringBuffer("http://host:8443/gateway/sandbox/test-path/test-resource/") ).anyTimes();
- EasyMock.expect( context.getAttribute( "org.apache.hadoop.gateway.topology" ) ).andReturn( topology ).anyTimes();
+ EasyMock.expect( context.getAttribute( "org.apache.knox.gateway.topology" ) ).andReturn( topology ).anyTimes();
EasyMock.replay( request );
EasyMock.replay( context );
EasyMock.replay( topology );
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
new file mode 100644
index 0000000..da55422
--- /dev/null
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/services/token/impl/DefaultTokenAuthorityServiceTest.java
@@ -0,0 +1,254 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.knox.gateway.services.token.impl;
+
+import java.io.File;
+import java.security.Principal;
+import java.util.HashMap;
+
+import org.apache.knox.gateway.config.GatewayConfig;
+import org.apache.knox.gateway.services.security.AliasService;
+import org.apache.knox.gateway.services.security.KeystoreService;
+import org.apache.knox.gateway.services.security.MasterService;
+import org.apache.knox.gateway.services.security.impl.DefaultKeystoreService;
+import org.apache.knox.gateway.services.security.token.JWTokenAuthority;
+import org.apache.knox.gateway.services.security.token.impl.JWT;
+import org.apache.knox.gateway.services.security.token.TokenServiceException;
+
+import org.easymock.EasyMock;
+import org.junit.Test;
+
+/**
+ * Some unit tests for the DefaultTokenAuthorityService.
+ */
+public class DefaultTokenAuthorityServiceTest extends org.junit.Assert {
+
+ @Test
+ public void testTokenCreation() throws Exception {
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
+
+ GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
+ EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
+ EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
+
+ MasterService ms = EasyMock.createNiceMock(MasterService.class);
+ EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
+
+ AliasService as = EasyMock.createNiceMock(AliasService.class);
+ EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
+
+ EasyMock.replay(principal, config, ms, as);
+
+ KeystoreService ks = new DefaultKeystoreService();
+ ((DefaultKeystoreService)ks).setMasterService(ms);
+
+ ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
+
+ JWTokenAuthority ta = new DefaultTokenAuthorityService();
+ ((DefaultTokenAuthorityService)ta).setAliasService(as);
+ ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
+
+ ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
+
+ JWT token = ta.issueToken(principal, "RS256");
+ assertEquals("KNOXSSO", token.getIssuer());
+ assertEquals("john.doe@example.com", token.getSubject());
+
+ assertTrue(ta.verifyToken(token));
+ }
+
+ @Test
+ public void testTokenCreationAudience() throws Exception {
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
+
+ GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
+ EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
+ EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
+
+ MasterService ms = EasyMock.createNiceMock(MasterService.class);
+ EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
+
+ AliasService as = EasyMock.createNiceMock(AliasService.class);
+ EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
+
+ EasyMock.replay(principal, config, ms, as);
+
+ KeystoreService ks = new DefaultKeystoreService();
+ ((DefaultKeystoreService)ks).setMasterService(ms);
+
+ ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
+
+ JWTokenAuthority ta = new DefaultTokenAuthorityService();
+ ((DefaultTokenAuthorityService)ta).setAliasService(as);
+ ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
+
+ ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
+
+ JWT token = ta.issueToken(principal, "https://login.example.com", "RS256");
+ assertEquals("KNOXSSO", token.getIssuer());
+ assertEquals("john.doe@example.com", token.getSubject());
+ assertEquals("https://login.example.com", token.getAudience());
+
+ assertTrue(ta.verifyToken(token));
+ }
+
+ @Test
+ public void testTokenCreationNullAudience() throws Exception {
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
+
+ GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
+ EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
+ EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
+
+ MasterService ms = EasyMock.createNiceMock(MasterService.class);
+ EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
+
+ AliasService as = EasyMock.createNiceMock(AliasService.class);
+ EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
+
+ EasyMock.replay(principal, config, ms, as);
+
+ KeystoreService ks = new DefaultKeystoreService();
+ ((DefaultKeystoreService)ks).setMasterService(ms);
+
+ ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
+
+ JWTokenAuthority ta = new DefaultTokenAuthorityService();
+ ((DefaultTokenAuthorityService)ta).setAliasService(as);
+ ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
+
+ ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
+
+ JWT token = ta.issueToken(principal, null, "RS256");
+ assertEquals("KNOXSSO", token.getIssuer());
+ assertEquals("john.doe@example.com", token.getSubject());
+
+ assertTrue(ta.verifyToken(token));
+ }
+
+ @Test
+ public void testTokenCreationSignatureAlgorithm() throws Exception {
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
+
+ GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
+ EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
+ EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
+
+ MasterService ms = EasyMock.createNiceMock(MasterService.class);
+ EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
+
+ AliasService as = EasyMock.createNiceMock(AliasService.class);
+ EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
+
+ EasyMock.replay(principal, config, ms, as);
+
+ KeystoreService ks = new DefaultKeystoreService();
+ ((DefaultKeystoreService)ks).setMasterService(ms);
+
+ ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
+
+ JWTokenAuthority ta = new DefaultTokenAuthorityService();
+ ((DefaultTokenAuthorityService)ta).setAliasService(as);
+ ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
+
+ ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
+
+ JWT token = ta.issueToken(principal, "RS512");
+ assertEquals("KNOXSSO", token.getIssuer());
+ assertEquals("john.doe@example.com", token.getSubject());
+ assertTrue(token.getHeader().contains("RS512"));
+
+ assertTrue(ta.verifyToken(token));
+ }
+
+ @Test
+ public void testTokenCreationBadSignatureAlgorithm() throws Exception {
+
+ Principal principal = EasyMock.createNiceMock(Principal.class);
+ EasyMock.expect(principal.getName()).andReturn("john.doe@example.com");
+
+ GatewayConfig config = EasyMock.createNiceMock(GatewayConfig.class);
+ String basedir = System.getProperty("basedir");
+ if (basedir == null) {
+ basedir = new File(".").getCanonicalPath();
+ }
+
+ EasyMock.expect(config.getGatewaySecurityDir()).andReturn(basedir + "/target/test-classes");
+ EasyMock.expect(config.getSigningKeystoreName()).andReturn("server-keystore.jks");
+ EasyMock.expect(config.getSigningKeyAlias()).andReturn("server").anyTimes();
+
+ MasterService ms = EasyMock.createNiceMock(MasterService.class);
+ EasyMock.expect(ms.getMasterSecret()).andReturn("horton".toCharArray());
+
+ AliasService as = EasyMock.createNiceMock(AliasService.class);
+ EasyMock.expect(as.getGatewayIdentityPassphrase()).andReturn("horton".toCharArray());
+
+ EasyMock.replay(principal, config, ms, as);
+
+ KeystoreService ks = new DefaultKeystoreService();
+ ((DefaultKeystoreService)ks).setMasterService(ms);
+
+ ((DefaultKeystoreService)ks).init(config, new HashMap<String, String>());
+
+ JWTokenAuthority ta = new DefaultTokenAuthorityService();
+ ((DefaultTokenAuthorityService)ta).setAliasService(as);
+ ((DefaultTokenAuthorityService)ta).setKeystoreService(ks);
+
+ ((DefaultTokenAuthorityService)ta).init(config, new HashMap<String, String>());
+
+ try {
+ ta.issueToken(principal, "none");
+ fail("Failure expected on a bad signature algorithm");
+ } catch (TokenServiceException ex) {
+ // expected
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/java/org/apache/knox/gateway/services/topology/DefaultTopologyServiceTest.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/services/topology/DefaultTopologyServiceTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/services/topology/DefaultTopologyServiceTest.java
index 95d6f9d..e70d096 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/services/topology/DefaultTopologyServiceTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/services/topology/DefaultTopologyServiceTest.java
@@ -25,17 +25,13 @@ import org.apache.commons.io.monitor.FileAlterationMonitor;
import org.apache.commons.io.monitor.FileAlterationObserver;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.services.topology.impl.DefaultTopologyService;
-import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.services.security.AliasService;
-import org.apache.knox.gateway.services.topology.impl.DefaultTopologyService;
-import org.apache.knox.gateway.topology.*;
import org.apache.hadoop.test.TestUtils;
import org.apache.knox.gateway.topology.Param;
import org.apache.knox.gateway.topology.Provider;
import org.apache.knox.gateway.topology.Topology;
import org.apache.knox.gateway.topology.TopologyEvent;
import org.apache.knox.gateway.topology.TopologyListener;
-import org.apache.knox.gateway.services.security.AliasService;
import org.easymock.EasyMock;
import org.junit.After;
import org.junit.Before;
@@ -192,7 +188,7 @@ public class DefaultTopologyServiceTest {
* Test the lifecycle relationship between simple descriptors and topology files.
*
* N.B. This test depends on the DummyServiceDiscovery extension being configured:
- * org.apache.hadoop.gateway.topology.discovery.test.extension.DummyServiceDiscovery
+ * org.apache.knox.gateway.topology.discovery.test.extension.DummyServiceDiscovery
*/
@Test
public void testSimpleDescriptorsTopologyGeneration() throws Exception {
@@ -313,7 +309,7 @@ public class DefaultTopologyServiceTest {
* Test the lifecycle relationship between provider configuration files, simple descriptors, and topology files.
*
* N.B. This test depends on the DummyServiceDiscovery extension being configured:
- * org.apache.hadoop.gateway.topology.discovery.test.extension.DummyServiceDiscovery
+ * org.apache.knox.gateway.topology.discovery.test.extension.DummyServiceDiscovery
*/
@Test
public void testTopologiesUpdateFromProviderConfigChange() throws Exception {
@@ -447,14 +443,16 @@ public class DefaultTopologyServiceTest {
// "Deploy" the referenced provider configs first
boolean isDeployed =
ts.deployProviderConfiguration(provConfOne,
- FileUtils.readFileToString(new File(ClassLoader.getSystemResource("org/apache/hadoop/gateway/topology/file/provider-config-one.xml").toURI())));
+ FileUtils.readFileToString(new File(ClassLoader.getSystemResource(
+ "org/apache/knox/gateway/topology/file/provider-config-one.xml").toURI())));
assertTrue(isDeployed);
File provConfOneFile = new File(sharedProvidersDir, provConfOne);
assertTrue(provConfOneFile.exists());
isDeployed =
ts.deployProviderConfiguration(provConfTwo,
- FileUtils.readFileToString(new File(ClassLoader.getSystemResource("org/apache/hadoop/gateway/topology/file/ambari-cluster-policy.xml").toURI())));
+ FileUtils.readFileToString(new File(ClassLoader.getSystemResource(
+ "org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml").toURI())));
assertTrue(isDeployed);
File provConfTwoFile = new File(sharedProvidersDir, provConfTwo);
assertTrue(provConfTwoFile.exists());
@@ -469,7 +467,8 @@ public class DefaultTopologyServiceTest {
// "Deploy" the simple descriptor, which depends on provConfOne
isDeployed =
ts.deployDescriptor(simpleDescName,
- FileUtils.readFileToString(new File(ClassLoader.getSystemResource("org/apache/hadoop/gateway/topology/file/simple-descriptor-six.json").toURI())));
+ FileUtils.readFileToString(new File(ClassLoader.getSystemResource(
+ "org/apache/knox/gateway/topology/file/simple-descriptor-six.json").toURI())));
assertTrue(isDeployed);
File simpleDesc = new File(descriptorsDir, simpleDescName);
assertTrue(simpleDesc.exists());
@@ -490,7 +489,8 @@ public class DefaultTopologyServiceTest {
// Overwrite the simple descriptor with content that changes the provider config reference to provConfTwo
isDeployed =
ts.deployDescriptor(simpleDescName,
- FileUtils.readFileToString(new File(ClassLoader.getSystemResource("org/apache/hadoop/gateway/topology/file/simple-descriptor-five.json").toURI())));
+ FileUtils.readFileToString(new File(ClassLoader.getSystemResource(
+ "org/apache/knox/gateway/topology/file/simple-descriptor-five.json").toURI())));
assertTrue(isDeployed);
assertTrue(simpleDesc.exists());
ts.getProviderConfigurations();
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java b/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
index a0c977a..f40fad7 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/topology/simple/SimpleDescriptorHandlerTest.java
@@ -302,7 +302,7 @@ public class SimpleDescriptorHandlerTest {
* a service.
*
* N.B. This test depends on the PropertiesFileServiceDiscovery extension being configured:
- * org.apache.hadoop.gateway.topology.discovery.test.extension.PropertiesFileServiceDiscovery
+ * org.apache.knox.gateway.topology.discovery.test.extension.PropertiesFileServiceDiscovery
*/
@Test
public void testInvalidServiceURLFromDiscovery() throws Exception {
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/provider-config-one.xml
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/provider-config-one.xml b/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/provider-config-one.xml
deleted file mode 100644
index 95465a4..0000000
--- a/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/provider-config-one.xml
+++ /dev/null
@@ -1,74 +0,0 @@
-<gateway>
- <provider>
- <role>authentication</role>
- <name>ShiroProvider</name>
- <enabled>false</enabled>
- <param>
- <!--
- session timeout in minutes, this is really idle timeout,
- defaults to 30mins, if the property value is not defined,,
- current client authentication would expire if client idles contiuosly for more than this value
- -->
- <name>sessionTimeout</name>
- <value>30</value>
- </param>
- <param>
- <name>main.ldapRealm</name>
- <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
- </param>
- <param>
- <name>main.ldapContextFactory</name>
- <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapContextFactory</value>
- </param>
- <param>
- <name>main.ldapRealm.contextFactory</name>
- <value>$ldapContextFactory</value>
- </param>
- <param>
- <name>main.ldapRealm.userDnTemplate</name>
- <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>
- </param>
- <param>
- <name>main.ldapRealm.contextFactory.url</name>
- <value>ldap://localhost:33389</value>
- </param>
- <param>
- <name>main.ldapRealm.contextFactory.authenticationMechanism</name>
- <value>simple</value>
- </param>
- <param>
- <name>urls./**</name>
- <value>authcBasic</value>
- </param>
- </provider>
-
- <provider>
- <role>identity-assertion</role>
- <name>Default</name>
- <enabled>true</enabled>
- </provider>
-
- <!--
- Defines rules for mapping host names internal to a Hadoop cluster to externally accessible host names.
- For example, a hadoop service running in AWS may return a response that includes URLs containing the
- some AWS internal host name. If the client needs to make a subsequent request to the host identified
- in those URLs they need to be mapped to external host names that the client Knox can use to connect.
-
- If the external hostname and internal host names are same turn of this provider by setting the value of
- enabled parameter as false.
-
- The name parameter specifies the external host names in a comma separated list.
- The value parameter specifies corresponding internal host names in a comma separated list.
-
- Note that when you are using Sandbox, the external hostname needs to be localhost, as seen in out
- of box sandbox.xml. This is because Sandbox uses port mapping to allow clients to connect to the
- Hadoop services using localhost. In real clusters, external host names would almost never be localhost.
- -->
- <provider>
- <role>hostmap</role>
- <name>static</name>
- <enabled>true</enabled>
- <param><name>localhost</name><value>sandbox,sandbox.hortonworks.com</value></param>
- </provider>
-
-</gateway>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-five.json
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-five.json b/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-five.json
deleted file mode 100644
index 52cec35..0000000
--- a/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-five.json
+++ /dev/null
@@ -1,14 +0,0 @@
-{
- "discovery-type":"DUMMY",
- "discovery-address":"http://c6401.ambari.apache.org:8080",
- "provider-config-ref":"../shared-providers/ambari-cluster-policy.xml",
- "cluster":"dummy",
- "services":[
- {"name":"NAMENODE"},
- {"name":"JOBTRACKER"},
- {"name":"WEBHDFS"},
- {"name":"OOZIE"},
- {"name":"HIVE"},
- {"name":"RESOURCEMANAGER"}
- ]
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-six.json
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-six.json b/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-six.json
deleted file mode 100644
index e78f193..0000000
--- a/gateway-server/src/test/resources/org/apache/hadoop/gateway/topology/file/simple-descriptor-six.json
+++ /dev/null
@@ -1,18 +0,0 @@
-{
- "discovery-type":"DUMMY",
- "discovery-address":"http://c6401.ambari.apache.org:8080",
- "provider-config-ref":"../shared-providers/provider-config-one.xml",
- "cluster":"dummy",
- "services":[
- {"name":"NAMENODE"},
- {"name":"JOBTRACKER"},
- {"name":"WEBHDFS"},
- {"name":"WEBHCAT"},
- {"name":"OOZIE"},
- {"name":"WEBHBASE"},
- {"name":"HIVE"},
- {"name":"RESOURCEMANAGER"},
- {"name":"AMBARI", "urls":["http://c6401.ambari.apache.org:8080"]},
- {"name":"AMBARIUI", "urls":["http://c6401.ambari.apache.org:8080"]}
- ]
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml
index 8223bea..32ae6e1 100644
--- a/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml
+++ b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/ambari-cluster-policy.xml
@@ -14,11 +14,11 @@
</param>
<param>
<name>main.ldapRealm</name>
- <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
+ <value>org.apache.knox.gateway.shirorealm.KnoxLdapRealm</value>
</param>
<param>
<name>main.ldapContextFactory</name>
- <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapContextFactory</value>
+ <value>org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory</value>
</param>
<param>
<name>main.ldapRealm.contextFactory</name>
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/provider-config-one.xml
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/provider-config-one.xml b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/provider-config-one.xml
new file mode 100644
index 0000000..049d5cb
--- /dev/null
+++ b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/provider-config-one.xml
@@ -0,0 +1,74 @@
+<gateway>
+ <provider>
+ <role>authentication</role>
+ <name>ShiroProvider</name>
+ <enabled>false</enabled>
+ <param>
+ <!--
+ session timeout in minutes, this is really idle timeout,
+ defaults to 30mins, if the property value is not defined,,
+ current client authentication would expire if client idles contiuosly for more than this value
+ -->
+ <name>sessionTimeout</name>
+ <value>30</value>
+ </param>
+ <param>
+ <name>main.ldapRealm</name>
+ <value>org.apache.knox.gateway.shirorealm.KnoxLdapRealm</value>
+ </param>
+ <param>
+ <name>main.ldapContextFactory</name>
+ <value>org.apache.knox.gateway.shirorealm.KnoxLdapContextFactory</value>
+ </param>
+ <param>
+ <name>main.ldapRealm.contextFactory</name>
+ <value>$ldapContextFactory</value>
+ </param>
+ <param>
+ <name>main.ldapRealm.userDnTemplate</name>
+ <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>
+ </param>
+ <param>
+ <name>main.ldapRealm.contextFactory.url</name>
+ <value>ldap://localhost:33389</value>
+ </param>
+ <param>
+ <name>main.ldapRealm.contextFactory.authenticationMechanism</name>
+ <value>simple</value>
+ </param>
+ <param>
+ <name>urls./**</name>
+ <value>authcBasic</value>
+ </param>
+ </provider>
+
+ <provider>
+ <role>identity-assertion</role>
+ <name>Default</name>
+ <enabled>true</enabled>
+ </provider>
+
+ <!--
+ Defines rules for mapping host names internal to a Hadoop cluster to externally accessible host names.
+ For example, a hadoop service running in AWS may return a response that includes URLs containing the
+ some AWS internal host name. If the client needs to make a subsequent request to the host identified
+ in those URLs they need to be mapped to external host names that the client Knox can use to connect.
+
+ If the external hostname and internal host names are same turn of this provider by setting the value of
+ enabled parameter as false.
+
+ The name parameter specifies the external host names in a comma separated list.
+ The value parameter specifies corresponding internal host names in a comma separated list.
+
+ Note that when you are using Sandbox, the external hostname needs to be localhost, as seen in out
+ of box sandbox.xml. This is because Sandbox uses port mapping to allow clients to connect to the
+ Hadoop services using localhost. In real clusters, external host names would almost never be localhost.
+ -->
+ <provider>
+ <role>hostmap</role>
+ <name>static</name>
+ <enabled>true</enabled>
+ <param><name>localhost</name><value>sandbox,sandbox.hortonworks.com</value></param>
+ </provider>
+
+</gateway>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-five.json
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-five.json b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-five.json
new file mode 100644
index 0000000..52cec35
--- /dev/null
+++ b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-five.json
@@ -0,0 +1,14 @@
+{
+ "discovery-type":"DUMMY",
+ "discovery-address":"http://c6401.ambari.apache.org:8080",
+ "provider-config-ref":"../shared-providers/ambari-cluster-policy.xml",
+ "cluster":"dummy",
+ "services":[
+ {"name":"NAMENODE"},
+ {"name":"JOBTRACKER"},
+ {"name":"WEBHDFS"},
+ {"name":"OOZIE"},
+ {"name":"HIVE"},
+ {"name":"RESOURCEMANAGER"}
+ ]
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-six.json
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-six.json b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-six.json
new file mode 100644
index 0000000..e78f193
--- /dev/null
+++ b/gateway-server/src/test/resources/org/apache/knox/gateway/topology/file/simple-descriptor-six.json
@@ -0,0 +1,18 @@
+{
+ "discovery-type":"DUMMY",
+ "discovery-address":"http://c6401.ambari.apache.org:8080",
+ "provider-config-ref":"../shared-providers/provider-config-one.xml",
+ "cluster":"dummy",
+ "services":[
+ {"name":"NAMENODE"},
+ {"name":"JOBTRACKER"},
+ {"name":"WEBHDFS"},
+ {"name":"WEBHCAT"},
+ {"name":"OOZIE"},
+ {"name":"WEBHBASE"},
+ {"name":"HIVE"},
+ {"name":"RESOURCEMANAGER"},
+ {"name":"AMBARI", "urls":["http://c6401.ambari.apache.org:8080"]},
+ {"name":"AMBARIUI", "urls":["http://c6401.ambari.apache.org:8080"]}
+ ]
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-service-admin/src/main/java/org/apache/hadoop/gateway/service/admin/HrefListingMarshaller.java
----------------------------------------------------------------------
diff --git a/gateway-service-admin/src/main/java/org/apache/hadoop/gateway/service/admin/HrefListingMarshaller.java b/gateway-service-admin/src/main/java/org/apache/hadoop/gateway/service/admin/HrefListingMarshaller.java
deleted file mode 100644
index c251213..0000000
--- a/gateway-service-admin/src/main/java/org/apache/hadoop/gateway/service/admin/HrefListingMarshaller.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with this
- * work for additional information regarding copyright ownership. The ASF
- * licenses this file to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- * License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.hadoop.gateway.service.admin;
-
-import org.eclipse.persistence.jaxb.JAXBContextProperties;
-
-import javax.ws.rs.Produces;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.ext.MessageBodyWriter;
-import javax.ws.rs.ext.Provider;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.lang.annotation.Annotation;
-import java.lang.reflect.Type;
-import java.util.HashMap;
-import java.util.Map;
-
-@Provider
-@Produces({MediaType.APPLICATION_JSON})
-public class HrefListingMarshaller implements MessageBodyWriter<TopologiesResource.HrefListing> {
-
- @Override
- public boolean isWriteable(Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType) {
- return (TopologiesResource.HrefListing.class == type);
- }
-
- @Override
- public long getSize(TopologiesResource.HrefListing instance,
- Class<?> type,
- Type genericType,
- Annotation[] annotations,
- MediaType mediaType) {
- return -1;
- }
-
- @Override
- public void writeTo(TopologiesResource.HrefListing instance,
- Class<?> type,
- Type genericType,
- Annotation[] annotations,
- MediaType mediaType,
- MultivaluedMap<String, Object> httpHeaders,
- OutputStream entityStream) throws IOException, WebApplicationException {
- try {
- Map<String, Object> properties = new HashMap<>(1);
- properties.put( JAXBContextProperties.MEDIA_TYPE, mediaType.toString());
- JAXBContext context = JAXBContext.newInstance(new Class[]{TopologiesResource.HrefListing.class}, properties);
- Marshaller m = context.createMarshaller();
- m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
- m.marshal(instance, entityStream);
- } catch (JAXBException e) {
- throw new IOException(e);
- }
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/HrefListingMarshaller.java
----------------------------------------------------------------------
diff --git a/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/HrefListingMarshaller.java b/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/HrefListingMarshaller.java
new file mode 100644
index 0000000..3313601
--- /dev/null
+++ b/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/HrefListingMarshaller.java
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.knox.gateway.service.admin;
+
+import org.eclipse.persistence.jaxb.JAXBContextProperties;
+
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.ext.MessageBodyWriter;
+import javax.ws.rs.ext.Provider;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
+import java.util.HashMap;
+import java.util.Map;
+
+@Provider
+@Produces({MediaType.APPLICATION_JSON})
+public class HrefListingMarshaller implements MessageBodyWriter<TopologiesResource.HrefListing> {
+
+ @Override
+ public boolean isWriteable(Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType) {
+ return (TopologiesResource.HrefListing.class == type);
+ }
+
+ @Override
+ public long getSize(TopologiesResource.HrefListing instance,
+ Class<?> type,
+ Type genericType,
+ Annotation[] annotations,
+ MediaType mediaType) {
+ return -1;
+ }
+
+ @Override
+ public void writeTo(TopologiesResource.HrefListing instance,
+ Class<?> type,
+ Type genericType,
+ Annotation[] annotations,
+ MediaType mediaType,
+ MultivaluedMap<String, Object> httpHeaders,
+ OutputStream entityStream) throws IOException, WebApplicationException {
+ try {
+ Map<String, Object> properties = new HashMap<>(1);
+ properties.put( JAXBContextProperties.MEDIA_TYPE, mediaType.toString());
+ JAXBContext context = JAXBContext.newInstance(new Class[]{TopologiesResource.HrefListing.class}, properties);
+ Marshaller m = context.createMarshaller();
+ m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+ m.marshal(instance, entityStream);
+ } catch (JAXBException e) {
+ throw new IOException(e);
+ }
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/TopologiesResource.java
----------------------------------------------------------------------
diff --git a/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/TopologiesResource.java b/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/TopologiesResource.java
index 948447b..a0035fc 100644
--- a/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/TopologiesResource.java
+++ b/gateway-service-admin/src/main/java/org/apache/knox/gateway/service/admin/TopologiesResource.java
@@ -461,7 +461,7 @@ public class TopologiesResource {
return buildHref(t.getName(), req);
}
- private SimpleTopology getSimpleTopology(org.apache.hadoop.gateway.topology.Topology t, GatewayConfig config) {
+ private SimpleTopology getSimpleTopology(org.apache.knox.gateway.topology.Topology t, GatewayConfig config) {
String uri = buildURI(t, config, request);
String href = buildHref(t, request);
return new SimpleTopology(t, uri, href);
http://git-wip-us.apache.org/repos/asf/knox/blob/46109ad8/gateway-service-definitions/src/main/resources/services/ambariui/2.2.1/service.xml
----------------------------------------------------------------------
diff --git a/gateway-service-definitions/src/main/resources/services/ambariui/2.2.1/service.xml b/gateway-service-definitions/src/main/resources/services/ambariui/2.2.1/service.xml
index ab4ab2b..c6135ae 100644
--- a/gateway-service-definitions/src/main/resources/services/ambariui/2.2.1/service.xml
+++ b/gateway-service-definitions/src/main/resources/services/ambariui/2.2.1/service.xml
@@ -87,6 +87,6 @@
<!-- No need to rewrite Slider View -->
</routes>
- <dispatch classname="org.apache.hadoop.gateway.dispatch.PassAllHeadersNoEncodingDispatch"/>
+ <dispatch classname="org.apache.knox.gateway.dispatch.PassAllHeadersNoEncodingDispatch"/>
</service>