You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by mp...@apache.org on 2017/04/13 09:18:51 UTC
[1/2] ambari git commit: AMBARI-20743. Prototype server websocket
endpoint with STOMP sub-protocol. (mpapirkovskyy) [Forced Update!]
Repository: ambari
Updated Branches:
refs/heads/branch-3.0-perf a98a8a25a -> 04f8c53fe (forced update)
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationFilter.java
index 1b001ec..f0ee646 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosAuthenticationFilter.java
@@ -42,6 +42,7 @@ import org.springframework.security.kerberos.web.authentication.SpnegoAuthentica
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.stereotype.Component;
/**
* AmbariKerberosAuthenticationFilter extends the {@link SpnegoAuthenticationProcessingFilter} class
@@ -49,6 +50,7 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand
* <p>
* If configured, auditing is performed using {@link AuditLogger}.
*/
+@Component
public class AmbariKerberosAuthenticationFilter extends SpnegoAuthenticationProcessingFilter implements AmbariAuthenticationFilter {
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosTicketValidator.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosTicketValidator.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosTicketValidator.java
index bb57108..eb71328 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosTicketValidator.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariKerberosTicketValidator.java
@@ -26,6 +26,7 @@ import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.kerberos.authentication.KerberosTicketValidation;
import org.springframework.security.kerberos.authentication.KerberosTicketValidator;
import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosTicketValidator;
+import org.springframework.stereotype.Component;
/**
* AmbariKerberosTicketValidator is a {@link KerberosTicketValidator} implementation that delegates
@@ -37,6 +38,7 @@ import org.springframework.security.kerberos.authentication.sun.SunJaasKerberosT
* <li>{@link SunJaasKerberosTicketValidator#setKeyTabLocation(Resource)} using the Ambari server property from {@link Configuration#KERBEROS_AUTH_SPNEGO_KEYTAB_FILE}</li>
* </ul>
*/
+@Component
public class AmbariKerberosTicketValidator implements KerberosTicketValidator, InitializingBean {
private final SunJaasKerberosTicketValidator kerberosTicketValidator;
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
index ce9a790..19bcd3e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
@@ -51,7 +51,9 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+@Component
public class AmbariAuthorizationFilter implements Filter {
private static final String REALM_PARAM = "realm";
private static final String DEFAULT_REALM = "AuthFilter";
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthentication.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthentication.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthentication.java
index ebcbdca..992f9c9 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthentication.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariUserAuthentication.java
@@ -21,6 +21,8 @@ import java.util.Collection;
import org.springframework.security.core.Authentication;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
public class AmbariUserAuthentication implements Authentication, UserIdAuthentication {
private String serializedToken;
@@ -35,6 +37,7 @@ public class AmbariUserAuthentication implements Authentication, UserIdAuthentic
}
@Override
+ @JsonIgnore
public Collection<? extends AmbariGrantedAuthority> getAuthorities() {
return userAuthorities;
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml b/ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml
deleted file mode 100644
index bdbf0de..0000000
--- a/ambari-server/src/main/resources/webapp/WEB-INF/spring-security.xml
+++ /dev/null
@@ -1,102 +0,0 @@
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<beans:beans xmlns="http://www.springframework.org/schema/security"
- xmlns:beans="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/security
- http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
- <http use-expressions="true"
- disable-url-rewriting="true" entry-point-ref="ambariEntryPoint">
- <intercept-url pattern="/**" access="isAuthenticated()"/>
- <custom-filter ref="ambariUserAuthorizationFilter" before="BASIC_AUTH_FILTER"/>
- <custom-filter ref="ambariDelegatingAuthenticationFilter" position="BASIC_AUTH_FILTER"/>
- <custom-filter ref="ambariAuthorizationFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
- </http>
-
- <authentication-manager alias="authenticationManager">
- <authentication-provider ref="ambariLocalAuthenticationProvider"/>
- <authentication-provider ref="ambariPamAuthenticationProvider"/>
- <authentication-provider ref="ambariLdapAuthenticationProvider"/>
- <authentication-provider ref="ambariInternalAuthenticationProvider"/>
- <authentication-provider ref="kerberosServiceAuthenticationProvider"/>
- </authentication-manager>
-
- <beans:bean id="ambariEntryPoint" class="org.apache.ambari.server.security.AmbariEntryPoint">
- <beans:constructor-arg ref="ambariConfiguration"/>
- </beans:bean>
-
- <beans:bean id="ambariDelegatingAuthenticationFilter" class="org.apache.ambari.server.security.authentication.AmbariDelegatingAuthenticationFilter">
- <beans:constructor-arg>
- <beans:list>
- <beans:ref bean="ambariBasicAuthenticationFilter"/>
- <beans:ref bean="ambariKerberosAuthenticationFilter"/>
- <beans:ref bean="ambariJwtAuthenticationFilter"/>
- </beans:list>
- </beans:constructor-arg>
- </beans:bean>
-
- <beans:bean id="ambariBasicAuthenticationFilter" class="org.apache.ambari.server.security.authentication.AmbariBasicAuthenticationFilter">
- <beans:constructor-arg ref="authenticationManager"/>
- <beans:constructor-arg ref="ambariEntryPoint"/>
- <beans:constructor-arg ref="auditLogger"/>
- <beans:constructor-arg ref="permissionHelper"/>
- </beans:bean>
-
- <beans:bean id="ambariJwtAuthenticationFilter" class="org.apache.ambari.server.security.authentication.AmbariJWTAuthenticationFilter">
- <beans:constructor-arg ref="ambariEntryPoint"/>
- <beans:constructor-arg ref="ambariConfiguration"/>
- <beans:constructor-arg ref="ambariUsers"/>
- <beans:constructor-arg ref="auditLogger"/>
- <beans:constructor-arg ref="permissionHelper"/>
- </beans:bean>
-
- <beans:bean id="ambariKerberosAuthenticationFilter" class="org.apache.ambari.server.security.authentication.kerberos.AmbariKerberosAuthenticationFilter">
- <beans:constructor-arg ref="authenticationManager"/>
- <beans:constructor-arg ref="ambariEntryPoint"/>
- <beans:constructor-arg ref="ambariConfiguration"/>
- <beans:constructor-arg ref="auditLogger"/>
- <beans:constructor-arg ref="permissionHelper"/>
- </beans:bean>
-
- <beans:bean id="ambariAuthorizationFilter" class="org.apache.ambari.server.security.authorization.AmbariAuthorizationFilter">
- <beans:constructor-arg ref="ambariEntryPoint"/>
- <beans:constructor-arg ref="ambariConfiguration"/>
- <beans:constructor-arg ref="ambariUsers"/>
- <beans:constructor-arg ref="auditLogger"/>
- <beans:constructor-arg ref="permissionHelper"/>
- </beans:bean>
-
- <beans:bean id="kerberosServiceAuthenticationProvider" class="org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider">
- <beans:property name="ticketValidator">
- <beans:bean class="org.apache.ambari.server.security.authentication.kerberos.AmbariKerberosTicketValidator">
- <beans:constructor-arg ref="ambariConfiguration"/>
- <beans:property name="debug" value="false"/>
- </beans:bean>
- </beans:property>
-
- <beans:property name="userDetailsService" ref="authToLocalUserDetailsService"/>
- </beans:bean>
-
- <beans:bean id="authToLocalUserDetailsService" class="org.apache.ambari.server.security.authentication.kerberos.AmbariAuthToLocalUserDetailsService">
- <beans:constructor-arg ref="ambariConfiguration"/>
- <beans:constructor-arg ref="ambariUsers"/>
- </beans:bean>
-
-</beans:beans>
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/agent/AgentResourceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/agent/AgentResourceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/agent/AgentResourceTest.java
index 5feb3cc..3b485b0 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/agent/AgentResourceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/agent/AgentResourceTest.java
@@ -79,7 +79,7 @@ import org.apache.commons.logging.LogFactory;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.easymock.EasyMock;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.junit.Test;
import com.google.gson.Gson;
@@ -106,7 +106,7 @@ public class AgentResourceTest extends RandomPortJerseyTest {
protected Client client;
HeartBeatHandler handler;
ActionManager actionManager;
- SessionManager sessionManager;
+ SessionHandler sessionHandler;
Injector injector;
AmbariMetaInfo ambariMetaInfo;
OsFamily os_family;
@@ -308,11 +308,11 @@ public class AgentResourceTest extends RandomPortJerseyTest {
actionManager = mock(ActionManager.class);
ambariMetaInfo = mock(AmbariMetaInfo.class);
actionDBAccessor = mock(ActionDBAccessor.class);
- sessionManager = mock(SessionManager.class);
+ sessionHandler = mock(SessionHandler.class);
bind(OsFamily.class).toInstance(os_family);
bind(ActionDBAccessor.class).toInstance(actionDBAccessor);
bind(ActionManager.class).toInstance(actionManager);
- bind(SessionManager.class).toInstance(sessionManager);
+ bind(SessionHandler.class).toInstance(sessionHandler);
bind(AgentCommand.class).to(ExecutionCommand.class);
bind(HeartBeatHandler.class).toInstance(handler);
bind(AmbariMetaInfo.class).toInstance(ambariMetaInfo);
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/api/AmbariErrorHandlerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/AmbariErrorHandlerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/AmbariErrorHandlerTest.java
index 239bfcb..1f5c5cd 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/api/AmbariErrorHandlerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/api/AmbariErrorHandlerTest.java
@@ -32,6 +32,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.ambari.server.configuration.Configuration;
import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.servlet.DefaultServlet;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.junit.Test;
@@ -65,7 +66,7 @@ public class AmbariErrorHandlerTest {
server.start();
- int localPort = server.getConnectors()[0].getLocalPort();
+ int localPort = ((ServerConnector)server.getConnectors()[0]).getLocalPort();
Client client = new Client();
WebResource resource = client.resource("http://localhost:" + localPort + "/");
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java
index f64a97f..d9d524f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariServerTest.java
@@ -59,7 +59,7 @@ import org.easymock.EasyMock;
import org.easymock.EasyMockSupport;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlets.GzipFilter;
@@ -101,12 +101,12 @@ public class AmbariServerTest {
AmbariServer ambariServer = new AmbariServer();
Configuration configuration = createNiceMock(Configuration.class);
- SessionManager sessionManager = createNiceMock(SessionManager.class);
+ SessionHandler sessionHandler = createNiceMock(SessionHandler.class);
SessionCookieConfig sessionCookieConfig = createNiceMock(SessionCookieConfig.class);
ambariServer.configs = configuration;
- expect(sessionManager.getSessionCookieConfig()).andReturn(sessionCookieConfig).anyTimes();
+ expect(sessionHandler.getSessionCookieConfig()).andReturn(sessionCookieConfig).anyTimes();
expect(configuration.getApiSSLAuthentication()).andReturn(false);
sessionCookieConfig.setHttpOnly(true);
@@ -115,15 +115,15 @@ public class AmbariServerTest {
sessionCookieConfig.setHttpOnly(true);
sessionCookieConfig.setSecure(true);
- replay(configuration, sessionManager, sessionCookieConfig);
+ replay(configuration, sessionHandler, sessionCookieConfig);
// getApiSSLAuthentication == false
- ambariServer.configureSessionManager(sessionManager);
+ ambariServer.configureSessionHandler(sessionHandler);
// getApiSSLAuthentication == true
- ambariServer.configureSessionManager(sessionManager);
+ ambariServer.configureSessionHandler(sessionHandler);
- verify(configuration, sessionManager, sessionCookieConfig);
+ verify(configuration, sessionHandler, sessionCookieConfig);
}
@Test
@@ -216,15 +216,15 @@ public class AmbariServerTest {
AmbariServer ambariServer = new AmbariServer();
// 12 acceptors (48 core machine) with a configured pool size of 25
- ambariServer.configureJettyThreadPool(server, 12, "mock-pool", 25);
+ server = ambariServer.configureJettyThreadPool(12, "mock-pool", 25);
Assert.assertEquals(44, ((QueuedThreadPool) server.getThreadPool()).getMaxThreads());
// 2 acceptors (8 core machine) with a configured pool size of 25
- ambariServer.configureJettyThreadPool(server, 2, "mock-pool", 25);
+ server = ambariServer.configureJettyThreadPool(2, "mock-pool", 25);
Assert.assertEquals(25, ((QueuedThreadPool) server.getThreadPool()).getMaxThreads());
// 16 acceptors (64 core machine) with a configured pool size of 35
- ambariServer.configureJettyThreadPool(server, 16, "mock-pool", 35);
+ server = ambariServer.configureJettyThreadPool(16, "mock-pool", 35);
Assert.assertEquals(52, ((QueuedThreadPool) server.getThreadPool()).getMaxThreads());
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariSessionManagerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariSessionManagerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariSessionManagerTest.java
index 23f07c7..0782a85 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariSessionManagerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariSessionManagerTest.java
@@ -29,7 +29,7 @@ import static org.junit.Assert.assertNull;
import javax.servlet.SessionCookieConfig;
import javax.servlet.http.HttpSession;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.junit.Test;
public class AmbariSessionManagerTest {
@@ -55,21 +55,21 @@ public class AmbariSessionManagerTest {
@Test
public void testGetSessionCookie() throws Exception {
- SessionManager sessionManager = createNiceMock(SessionManager.class);
+ SessionHandler sessionHandler = createNiceMock(SessionHandler.class);
SessionCookieConfig sessionCookieConfig = createNiceMock(SessionCookieConfig.class);
AmbariSessionManager ambariSessionManager = new AmbariSessionManager();
- ambariSessionManager.sessionManager = sessionManager;
+ ambariSessionManager.sessionHandler = sessionHandler;
expect(sessionCookieConfig.getName()).andReturn("SESSION_COOKIE").anyTimes();
- expect(sessionManager.getSessionCookieConfig()).andReturn(sessionCookieConfig).anyTimes();
+ expect(sessionHandler.getSessionCookieConfig()).andReturn(sessionCookieConfig).anyTimes();
- replay(sessionManager, sessionCookieConfig);
+ replay(sessionHandler, sessionCookieConfig);
assertEquals("SESSION_COOKIE", ambariSessionManager.getSessionCookie());
- verify(sessionManager, sessionCookieConfig);
+ verify(sessionHandler, sessionCookieConfig);
}
@Test
@@ -119,4 +119,4 @@ public class AmbariSessionManagerTest {
verify(session, sessionManager);
}
-}
\ No newline at end of file
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/StackUpgradeConfigurationMergeTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/StackUpgradeConfigurationMergeTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/StackUpgradeConfigurationMergeTest.java
index 1c45589..f359fc1 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/StackUpgradeConfigurationMergeTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/StackUpgradeConfigurationMergeTest.java
@@ -65,7 +65,7 @@ import org.apache.ambari.server.state.stack.upgrade.Grouping;
import org.easymock.Capture;
import org.easymock.EasyMock;
import org.easymock.EasyMockSupport;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -279,7 +279,7 @@ public class StackUpgradeConfigurationMergeTest extends EasyMockSupport {
binder.bind(AmbariManagementController.class).toInstance(createNiceMock(AmbariManagementController.class));
binder.bind(ClusterController.class).toInstance(createNiceMock(ClusterController.class));
binder.bind(StackManagerFactory.class).toInstance(createNiceMock(StackManagerFactory.class));
- binder.bind(SessionManager.class).toInstance(createNiceMock(SessionManager.class));
+ binder.bind(SessionHandler.class).toInstance(createNiceMock(SessionHandler.class));
binder.bind(RequestExecutionFactory.class).toInstance(createNiceMock(RequestExecutionFactory.class));
binder.bind(ExecutionScheduler.class).toInstance(createNiceMock(ExecutionScheduler.class));
binder.bind(RequestFactory.class).toInstance(createNiceMock(RequestFactory.class));
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/state/cluster/ClusterEffectiveVersionTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/cluster/ClusterEffectiveVersionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/state/cluster/ClusterEffectiveVersionTest.java
index d3c8acf..35c5fbf 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/cluster/ClusterEffectiveVersionTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/cluster/ClusterEffectiveVersionTest.java
@@ -68,7 +68,7 @@ import org.apache.ambari.server.state.stack.upgrade.Direction;
import org.apache.ambari.server.state.stack.upgrade.UpgradeType;
import org.easymock.EasyMock;
import org.easymock.EasyMockSupport;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
@@ -261,7 +261,7 @@ public class ClusterEffectiveVersionTest extends EasyMockSupport {
binder.bind(AmbariManagementController.class).toInstance(EasyMock.createNiceMock(AmbariManagementController.class));
binder.bind(ClusterController.class).toInstance(EasyMock.createNiceMock(ClusterController.class));
binder.bind(StackManagerFactory.class).toInstance(EasyMock.createNiceMock(StackManagerFactory.class));
- binder.bind(SessionManager.class).toInstance(EasyMock.createNiceMock(SessionManager.class));
+ binder.bind(SessionHandler.class).toInstance(EasyMock.createNiceMock(SessionHandler.class));
binder.bind(RequestExecutionFactory.class).toInstance(EasyMock.createNiceMock(RequestExecutionFactory.class));
binder.bind(ExecutionScheduler.class).toInstance(EasyMock.createNiceMock(ExecutionScheduler.class));
binder.bind(RequestFactory.class).toInstance(EasyMock.createNiceMock(RequestFactory.class));
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/test/java/org/apache/ambari/server/view/persistence/DataStoreImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/view/persistence/DataStoreImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/view/persistence/DataStoreImplTest.java
index fd3f4e4..48e6120 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/view/persistence/DataStoreImplTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/view/persistence/DataStoreImplTest.java
@@ -164,9 +164,9 @@ public class DataStoreImplTest {
dataStore.store(new TestEntity("foo", new TestSubEntity("bar")));
Assert.assertEquals("bar", entityCapture.getValue().get("DS_name"));
- Assert.assertEquals(99, entityCapture.getValue().get("DS_id"));
+ Assert.assertEquals(new Integer(99), entityCapture.getValue().get("DS_id"));
- Assert.assertEquals(100, entityCapture2.getValue().get("DS_id"));
+ Assert.assertEquals(new Integer(100), entityCapture2.getValue().get("DS_id"));
Assert.assertEquals("foo", entityCapture2.getValue().get("DS_name"));
// verify mocks
[2/2] ambari git commit: AMBARI-20743. Prototype server websocket
endpoint with STOMP sub-protocol. (mpapirkovskyy)
Posted by mp...@apache.org.
AMBARI-20743. Prototype server websocket endpoint with STOMP sub-protocol. (mpapirkovskyy)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/04f8c53f
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/04f8c53f
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/04f8c53f
Branch: refs/heads/branch-3.0-perf
Commit: 04f8c53fec3febab19a68f80bd22a5ae7a312346
Parents: 6b76fc9
Author: Myroslav Papirkovskyi <mp...@hortonworks.com>
Authored: Mon Apr 10 18:48:54 2017 +0300
Committer: Myroslav Papirkovskyi <mp...@hortonworks.com>
Committed: Thu Apr 13 12:18:36 2017 +0300
----------------------------------------------------------------------
ambari-project/pom.xml | 6 +
ambari-server/pom.xml | 9 +-
.../ambari/server/agent/rest/AgentResource.java | 2 +-
.../server/agent/stomp/HeartbeatController.java | 88 +++++++
.../ambari/server/api/AmbariErrorHandler.java | 7 +-
.../AmbariSendToMethodReturnValueHandler.java | 171 +++++++++++++
.../server/api/stomp/ClustersController.java | 28 ++
.../ambari/server/api/stomp/TestController.java | 39 +++
.../configuration/spring/AgentStompConfig.java | 41 +++
.../configuration/spring/ApiSecurityConfig.java | 110 ++++++++
.../configuration/spring/ApiStompConfig.java | 43 ++++
.../configuration/spring/GuiceBeansConfig.java | 94 +++++++
.../configuration/spring/RootStompConfig.java | 112 ++++++++
.../server/controller/AmbariHandlerList.java | 26 +-
.../ambari/server/controller/AmbariServer.java | 255 +++++++++----------
.../server/controller/AmbariSessionManager.java | 6 +-
.../server/controller/ControllerModule.java | 14 +-
.../server/orm/entities/ResourceEntity.java | 2 +
.../server/security/AmbariEntryPoint.java | 2 +
.../AmbariBasicAuthenticationFilter.java | 16 +-
.../AmbariDelegatingAuthenticationFilter.java | 2 +
.../AmbariJWTAuthenticationFilter.java | 2 +
.../AmbariAuthToLocalUserDetailsService.java | 4 +-
.../AmbariKerberosAuthenticationFilter.java | 2 +
.../kerberos/AmbariKerberosTicketValidator.java | 2 +
.../AmbariAuthorizationFilter.java | 2 +
.../authorization/AmbariUserAuthentication.java | 3 +
.../webapp/WEB-INF/spring-security.xml | 102 --------
.../ambari/server/agent/AgentResourceTest.java | 8 +-
.../server/api/AmbariErrorHandlerTest.java | 3 +-
.../server/controller/AmbariServerTest.java | 20 +-
.../controller/AmbariSessionManagerTest.java | 14 +-
.../StackUpgradeConfigurationMergeTest.java | 4 +-
.../cluster/ClusterEffectiveVersionTest.java | 4 +-
.../view/persistence/DataStoreImplTest.java | 4 +-
35 files changed, 944 insertions(+), 303 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-project/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-project/pom.xml b/ambari-project/pom.xml
index 5333d9d..e4668f3 100644
--- a/ambari-project/pom.xml
+++ b/ambari-project/pom.xml
@@ -384,6 +384,12 @@
<version>1.9.13</version>
</dependency>
<dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>2.8.7</version>
+ </dependency>
+
+ <dependency>
<groupId>com.sun.grizzly</groupId>
<artifactId>grizzly-comet-org.apache.ambari.server.controller.utilities.webserver</artifactId>
<version>1.9.36</version>
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index 7fc62f2..694f7c7 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -109,6 +109,8 @@
<artifactId>maven-compiler-plugin</artifactId>
<version>3.2</version>
<configuration>
+ <source>1.8</source>
+ <target>1.8</target>
<useIncrementalCompilation>false</useIncrementalCompilation>
<compilerArgs>
<arg>-Xlint:${xlint}</arg>
@@ -1292,7 +1294,6 @@
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-mapper-asl</artifactId>
- <version>1.9.2</version>
</dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
@@ -1307,6 +1308,10 @@
<artifactId>jackson-xc</artifactId>
</dependency>
<dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ </dependency>
+ <dependency>
<groupId>com.sun.jersey.jersey-test-framework</groupId>
<artifactId>jersey-test-framework-core</artifactId>
<scope>test</scope>
@@ -1516,7 +1521,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
- <version>2.1.4</version>
+ <version>2.8.7</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/agent/rest/AgentResource.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/rest/AgentResource.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/rest/AgentResource.java
index 120fab5..dcf9e90 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/agent/rest/AgentResource.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/rest/AgentResource.java
@@ -63,7 +63,7 @@ public class AgentResource {
/**
* Explicitly start HH
*/
- public static void statHeartBeatHandler() {
+ public static void startHeartBeatHandler() {
hh.start();
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/HeartbeatController.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/HeartbeatController.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/HeartbeatController.java
new file mode 100644
index 0000000..510f200
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/stomp/HeartbeatController.java
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.agent.stomp;
+
+import javax.ws.rs.WebApplicationException;
+
+import org.apache.ambari.server.AmbariException;
+import org.apache.ambari.server.agent.HeartBeat;
+import org.apache.ambari.server.agent.HeartBeatHandler;
+import org.apache.ambari.server.agent.HeartBeatResponse;
+import org.apache.ambari.server.agent.Register;
+import org.apache.ambari.server.agent.RegistrationResponse;
+import org.apache.ambari.server.agent.RegistrationStatus;
+import org.apache.ambari.server.state.fsm.InvalidStateTransitionException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.messaging.handler.annotation.MessageMapping;
+import org.springframework.messaging.simp.annotation.SendToUser;
+import org.springframework.messaging.simp.annotation.SubscribeMapping;
+import org.springframework.stereotype.Controller;
+
+import com.google.inject.Injector;
+
+@Controller
+@SendToUser("/")
+@MessageMapping("/")
+public class HeartbeatController {
+ private static Log LOG = LogFactory.getLog(HeartbeatController.class);
+ private final HeartBeatHandler hh;
+
+ public HeartbeatController(Injector injector) {
+ hh = injector.getInstance(HeartBeatHandler.class);
+ }
+
+ @SubscribeMapping("/register")
+ public RegistrationResponse register(Register message)
+ throws WebApplicationException, InvalidStateTransitionException {
+ /* Call into the heartbeat handler */
+
+ RegistrationResponse response = null;
+ try {
+ response = hh.handleRegistration(message);
+ LOG.debug("Sending registration response " + response);
+ } catch (AmbariException ex) {
+ response = new RegistrationResponse();
+ response.setResponseId(-1);
+ response.setResponseStatus(RegistrationStatus.FAILED);
+ response.setExitstatus(1);
+ response.setLog(ex.getMessage());
+ return response;
+ }
+ return response;
+ }
+
+ @SubscribeMapping("/heartbeat")
+ public HeartBeatResponse heartbeat(HeartBeat message) {
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Received Heartbeat message " + message);
+ }
+ HeartBeatResponse heartBeatResponse;
+ try {
+ heartBeatResponse = hh.handleHeartBeat(message);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Sending heartbeat response with response id " + heartBeatResponse.getResponseId());
+ LOG.debug("Response details " + heartBeatResponse);
+ }
+ } catch (Exception e) {
+ LOG.warn("Error in HeartBeat", e);
+ throw new WebApplicationException(500);
+ }
+ return heartBeatResponse;
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
index a57effc..3a52c9d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariErrorHandler.java
@@ -29,7 +29,8 @@ import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.security.authorization.jwt.JwtAuthenticationProperties;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.http.MimeTypes;
-import org.eclipse.jetty.server.AbstractHttpConnection;
+import org.eclipse.jetty.server.HttpChannel;
+import org.eclipse.jetty.server.HttpConnection;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.handler.ErrorHandler;
@@ -52,10 +53,10 @@ public class AmbariErrorHandler extends ErrorHandler {
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException {
- AbstractHttpConnection connection = AbstractHttpConnection.getCurrentConnection();
+ HttpChannel connection = HttpConnection.getCurrentConnection().getHttpChannel();
connection.getRequest().setHandled(true);
- response.setContentType(MimeTypes.TEXT_PLAIN);
+ response.setContentType(MimeTypes.Type.TEXT_PLAIN.asString());
Map<String, Object> errorMap = new LinkedHashMap<>();
int code = connection.getResponse().getStatus();
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariSendToMethodReturnValueHandler.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariSendToMethodReturnValueHandler.java b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariSendToMethodReturnValueHandler.java
new file mode 100644
index 0000000..618771e
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/AmbariSendToMethodReturnValueHandler.java
@@ -0,0 +1,171 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.api;
+
+import java.lang.annotation.Annotation;
+import java.util.Map;
+
+import org.springframework.core.MethodParameter;
+import org.springframework.core.annotation.AnnotatedElementUtils;
+import org.springframework.messaging.Message;
+import org.springframework.messaging.MessageHeaders;
+import org.springframework.messaging.handler.annotation.SendTo;
+import org.springframework.messaging.handler.annotation.support.DestinationVariableMethodArgumentResolver;
+import org.springframework.messaging.simp.SimpMessageHeaderAccessor;
+import org.springframework.messaging.simp.SimpMessageSendingOperations;
+import org.springframework.messaging.simp.SimpMessageType;
+import org.springframework.messaging.simp.SimpMessagingTemplate;
+import org.springframework.messaging.simp.annotation.SendToUser;
+import org.springframework.messaging.simp.annotation.support.MissingSessionUserException;
+import org.springframework.messaging.simp.annotation.support.SendToMethodReturnValueHandler;
+import org.springframework.util.ObjectUtils;
+import org.springframework.util.PropertyPlaceholderHelper;
+
+public class AmbariSendToMethodReturnValueHandler extends SendToMethodReturnValueHandler {
+ private final SimpMessageSendingOperations messagingTemplate;
+ private final boolean annotationRequired;
+ private PropertyPlaceholderHelper placeholderHelper = new PropertyPlaceholderHelper("{", "}", null, false);
+ private String defaultUserDestinationPrefix = "/queue";
+ private String defaultDestinationPrefix = "/topic";
+ public static final String CORRELATION_ID_HEADER = "correlationId";
+ public static final String NATIVE_HEADERS = "nativeHeaders";
+ public AmbariSendToMethodReturnValueHandler(SimpMessageSendingOperations messagingTemplate, boolean annotationRequired) {
+ super(messagingTemplate, annotationRequired);
+ this.messagingTemplate = messagingTemplate;
+ this.annotationRequired = annotationRequired;
+ }
+
+ @Override
+ public void handleReturnValue(Object returnValue, MethodParameter returnType, Message<?> message) throws Exception {
+ if (returnValue == null) {
+ return;
+ }
+
+ MessageHeaders headers = message.getHeaders();
+ String sessionId = SimpMessageHeaderAccessor.getSessionId(headers);
+ PropertyPlaceholderHelper.PlaceholderResolver varResolver = initVarResolver(headers);
+ Object annotation = findAnnotation(returnType);
+
+ String correlationId = getCorrelationId(message);
+ if (annotation != null && annotation instanceof SendToUser) {
+ SendToUser sendToUser = (SendToUser) annotation;
+ boolean broadcast = sendToUser.broadcast();
+ String user = getUserName(message, headers);
+ if (user == null) {
+ if (sessionId == null) {
+ throw new MissingSessionUserException(message);
+ }
+ user = sessionId;
+ broadcast = false;
+ }
+ String[] destinations = getTargetDestinations(sendToUser, message, this.defaultUserDestinationPrefix);
+ for (String destination : destinations) {
+ destination = this.placeholderHelper.replacePlaceholders(destination, varResolver);
+ if (broadcast) {
+ this.messagingTemplate.convertAndSendToUser(
+ user, destination, returnValue, createHeaders(null, returnType, correlationId));
+ }
+ else {
+ this.messagingTemplate.convertAndSendToUser(
+ user, destination, returnValue, createHeaders(sessionId, returnType, correlationId));
+ }
+ }
+ }
+ else {
+ SendTo sendTo = (SendTo) annotation;
+ String[] destinations = getTargetDestinations(sendTo, message, this.defaultDestinationPrefix);
+ for (String destination : destinations) {
+ destination = this.placeholderHelper.replacePlaceholders(destination, varResolver);
+ this.messagingTemplate.convertAndSend(destination, returnValue, createHeaders(sessionId, returnType, correlationId));
+ }
+ }
+ }
+
+ private String getCorrelationId(Message<?> message) {
+ SimpMessageHeaderAccessor headerAccessor = SimpMessageHeaderAccessor.wrap(message);
+ return headerAccessor.getFirstNativeHeader(CORRELATION_ID_HEADER);
+ }
+
+ private MessageHeaders createHeaders(String sessionId, MethodParameter returnType, String correlationId) {
+ SimpMessageHeaderAccessor headerAccessor = SimpMessageHeaderAccessor.create(SimpMessageType.MESSAGE);
+ if (getHeaderInitializer() != null) {
+ getHeaderInitializer().initHeaders(headerAccessor);
+ }
+ if (sessionId != null) {
+ headerAccessor.setSessionId(sessionId);
+ }
+ headerAccessor.setHeader(SimpMessagingTemplate.CONVERSION_HINT_HEADER, returnType);
+ headerAccessor.setLeaveMutable(true);
+ headerAccessor.addNativeHeader(CORRELATION_ID_HEADER, correlationId);
+ return headerAccessor.getMessageHeaders();
+ }
+
+ private Object findAnnotation(MethodParameter returnType) {
+ Annotation[] anns = new Annotation[4];
+ anns[0] = AnnotatedElementUtils.findMergedAnnotation(returnType.getMethod(), SendToUser.class);
+ anns[1] = AnnotatedElementUtils.findMergedAnnotation(returnType.getMethod(), SendTo.class);
+ anns[2] = AnnotatedElementUtils.findMergedAnnotation(returnType.getDeclaringClass(), SendToUser.class);
+ anns[3] = AnnotatedElementUtils.findMergedAnnotation(returnType.getDeclaringClass(), SendTo.class);
+
+ if (anns[0] != null && !ObjectUtils.isEmpty(((SendToUser) anns[0]).value())) {
+ return anns[0];
+ }
+ if (anns[1] != null && !ObjectUtils.isEmpty(((SendTo) anns[1]).value())) {
+ return anns[1];
+ }
+ if (anns[2] != null && !ObjectUtils.isEmpty(((SendToUser) anns[2]).value())) {
+ return anns[2];
+ }
+ if (anns[3] != null && !ObjectUtils.isEmpty(((SendTo) anns[3]).value())) {
+ return anns[3];
+ }
+
+ for (int i=0; i < 4; i++) {
+ if (anns[i] != null) {
+ return anns[i];
+ }
+ }
+
+ return null;
+ }
+
+ private PropertyPlaceholderHelper.PlaceholderResolver initVarResolver(MessageHeaders headers) {
+ String name = DestinationVariableMethodArgumentResolver.DESTINATION_TEMPLATE_VARIABLES_HEADER;
+ Map<String, String> vars = (Map<String, String>) headers.get(name);
+ return new DestinationVariablePlaceholderResolver(vars);
+ }
+
+ @Override
+ public String toString() {
+ return "AmbariSendToMethodReturnValueHandler [annotationRequired=" + annotationRequired + "]";
+ }
+
+ private static class DestinationVariablePlaceholderResolver implements PropertyPlaceholderHelper.PlaceholderResolver {
+
+ private final Map<String, String> vars;
+
+ public DestinationVariablePlaceholderResolver(Map<String, String> vars) {
+ this.vars = vars;
+ }
+
+ @Override
+ public String resolvePlaceholder(String placeholderName) {
+ return (this.vars != null ? this.vars.get(placeholderName) : null);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/ClustersController.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/ClustersController.java b/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/ClustersController.java
new file mode 100644
index 0000000..bfd60fa
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/ClustersController.java
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.api.stomp;
+
+import org.springframework.messaging.handler.annotation.MessageMapping;
+import org.springframework.messaging.simp.annotation.SendToUser;
+
+//@Controller
+@MessageMapping("clusters")
+@SendToUser(destinations = "/")
+public class ClustersController {
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/TestController.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/TestController.java b/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/TestController.java
new file mode 100644
index 0000000..133c46c
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/stomp/TestController.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.api.stomp;
+
+import org.springframework.messaging.handler.annotation.MessageMapping;
+import org.springframework.messaging.simp.annotation.SendToUser;
+import org.springframework.messaging.simp.annotation.SubscribeMapping;
+import org.springframework.stereotype.Controller;
+
+@Controller
+@MessageMapping("/test")
+@SendToUser("/")
+public class TestController {
+
+ @SubscribeMapping("/echo")
+ public String echo(String payload) {
+ return payload;
+ }
+
+ @SubscribeMapping("/time")
+ public Long time() {
+ return System.currentTimeMillis();
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/AgentStompConfig.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/AgentStompConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/AgentStompConfig.java
new file mode 100644
index 0000000..cadfd62
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/AgentStompConfig.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.configuration.spring;
+
+import org.apache.ambari.server.agent.stomp.HeartbeatController;
+import org.apache.ambari.server.api.stomp.TestController;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
+import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
+import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
+
+@Configuration
+@EnableWebSocketMessageBroker
+@ComponentScan(basePackageClasses = {TestController.class, HeartbeatController.class})
+@Import(RootStompConfig.class)
+public class AgentStompConfig extends AbstractWebSocketMessageBrokerConfigurer {
+
+ @Override
+ public void registerStompEndpoints(StompEndpointRegistry registry) {
+ registry.addEndpoint("/v1")
+ .setAllowedOrigins("*");
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
new file mode 100644
index 0000000..cb8c265
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiSecurityConfig.java
@@ -0,0 +1,110 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.configuration.spring;
+
+import org.apache.ambari.server.security.AmbariEntryPoint;
+import org.apache.ambari.server.security.authentication.AmbariDelegatingAuthenticationFilter;
+import org.apache.ambari.server.security.authentication.kerberos.AmbariAuthToLocalUserDetailsService;
+import org.apache.ambari.server.security.authentication.kerberos.AmbariKerberosTicketValidator;
+import org.apache.ambari.server.security.authorization.AmbariAuthorizationFilter;
+import org.apache.ambari.server.security.authorization.AmbariLdapAuthenticationProvider;
+import org.apache.ambari.server.security.authorization.AmbariLocalUserProvider;
+import org.apache.ambari.server.security.authorization.AmbariPamAuthenticationProvider;
+import org.apache.ambari.server.security.authorization.internal.AmbariInternalAuthenticationProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.kerberos.authentication.KerberosServiceAuthenticationProvider;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
+import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+
+@Configuration
+@EnableWebSecurity
+@Import(GuiceBeansConfig.class)
+@ComponentScan("org.apache.ambari.server.security")
+public class ApiSecurityConfig extends WebSecurityConfigurerAdapter{
+
+ private final GuiceBeansConfig guiceBeansConfig;
+
+ @Autowired
+ private AmbariEntryPoint ambariEntryPoint;
+ @Autowired
+ private AmbariDelegatingAuthenticationFilter delegatingAuthenticationFilter;
+ @Autowired
+ private AmbariAuthorizationFilter authorizationFilter;
+
+ public ApiSecurityConfig(GuiceBeansConfig guiceBeansConfig) {
+ this.guiceBeansConfig = guiceBeansConfig;
+ }
+
+ @Autowired
+ public void configureAuthenticationManager(AuthenticationManagerBuilder auth,
+ AmbariLocalUserProvider ambariLocalUserProvider,
+ AmbariPamAuthenticationProvider ambariPamAuthenticationProvider,
+ AmbariLdapAuthenticationProvider ambariLdapAuthenticationProvider,
+ AmbariInternalAuthenticationProvider ambariInternalAuthenticationProvider,
+ KerberosServiceAuthenticationProvider kerberosServiceAuthenticationProvider
+ ) {
+ auth.authenticationProvider(ambariLocalUserProvider)
+ .authenticationProvider(ambariPamAuthenticationProvider)
+ .authenticationProvider(ambariLdapAuthenticationProvider)
+ .authenticationProvider(ambariInternalAuthenticationProvider)
+ .authenticationProvider(kerberosServiceAuthenticationProvider);
+
+ }
+
+ @Override
+ @Bean
+ public AuthenticationManager authenticationManagerBean() throws Exception {
+ return super.authenticationManagerBean();
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.csrf().disable()
+ .authorizeRequests().anyRequest().authenticated()
+ .and()
+ .exceptionHandling().authenticationEntryPoint(ambariEntryPoint)
+ .and()
+ .addFilterBefore(guiceBeansConfig.ambariUserAuthorizationFilter(), BasicAuthenticationFilter.class)
+ .addFilterAt(delegatingAuthenticationFilter, BasicAuthenticationFilter.class)
+ .addFilterBefore(authorizationFilter, FilterSecurityInterceptor.class);
+ }
+
+ @Bean
+ public KerberosServiceAuthenticationProvider kerberosServiceAuthenticationProvider(
+ AmbariKerberosTicketValidator ambariKerberosTicketValidator,
+ AmbariAuthToLocalUserDetailsService userDetailsService) {
+
+ KerberosServiceAuthenticationProvider kerberosServiceAuthenticationProvider =
+ new KerberosServiceAuthenticationProvider();
+
+ kerberosServiceAuthenticationProvider.setTicketValidator(ambariKerberosTicketValidator);
+ kerberosServiceAuthenticationProvider.setUserDetailsService(userDetailsService);
+
+ return kerberosServiceAuthenticationProvider;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiStompConfig.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiStompConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiStompConfig.java
new file mode 100644
index 0000000..f248e17
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/ApiStompConfig.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.configuration.spring;
+
+import org.apache.ambari.server.api.stomp.TestController;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.web.socket.config.annotation.AbstractWebSocketMessageBrokerConfigurer;
+import org.springframework.web.socket.config.annotation.EnableWebSocketMessageBroker;
+import org.springframework.web.socket.config.annotation.StompEndpointRegistry;
+
+@Configuration
+@EnableWebSocketMessageBroker
+@ComponentScan(basePackageClasses = {TestController.class})
+@Import(RootStompConfig.class)
+public class ApiStompConfig extends AbstractWebSocketMessageBrokerConfigurer {
+ private static final Logger LOG = LoggerFactory.getLogger(ApiStompConfig.class);
+
+ @Override
+ public void registerStompEndpoints(StompEndpointRegistry registry) {
+ registry.addEndpoint("/v1")
+ .setAllowedOrigins("*");
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/GuiceBeansConfig.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/GuiceBeansConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/GuiceBeansConfig.java
new file mode 100644
index 0000000..52e5a98
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/GuiceBeansConfig.java
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.configuration.spring;
+
+import org.apache.ambari.server.audit.AuditLogger;
+import org.apache.ambari.server.security.authorization.AmbariLdapAuthenticationProvider;
+import org.apache.ambari.server.security.authorization.AmbariLocalUserProvider;
+import org.apache.ambari.server.security.authorization.AmbariPamAuthenticationProvider;
+import org.apache.ambari.server.security.authorization.AmbariUserAuthorizationFilter;
+import org.apache.ambari.server.security.authorization.PermissionHelper;
+import org.apache.ambari.server.security.authorization.Users;
+import org.apache.ambari.server.security.authorization.internal.AmbariInternalAuthenticationProvider;
+import org.apache.ambari.server.security.ldap.AmbariLdapDataPopulator;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import com.google.inject.Injector;
+
+@Configuration
+public class GuiceBeansConfig {
+
+ @Autowired
+ //ignore warning, inherited from parent context, injected as field to reduce number of warnings
+ private Injector injector;
+
+ @Bean
+ public org.apache.ambari.server.configuration.Configuration ambariConfig() {
+ return injector.getInstance(org.apache.ambari.server.configuration.Configuration.class);
+ }
+
+ @Bean
+ public PasswordEncoder passwordEncoder() {
+ return injector.getInstance(PasswordEncoder.class);
+ }
+
+ @Bean
+ public AuditLogger auditLogger() {
+ return injector.getInstance(AuditLogger.class);
+ }
+
+ @Bean
+ public PermissionHelper permissionHelper() {
+ return injector.getInstance(PermissionHelper.class);
+ }
+
+ @Bean
+ public AmbariLdapAuthenticationProvider ambariLdapAuthenticationProvider() {
+ return injector.getInstance(AmbariLdapAuthenticationProvider.class);
+ }
+
+ @Bean
+ public AmbariLocalUserProvider localUserProvider() {
+ return injector.getInstance(AmbariLocalUserProvider.class);
+ }
+
+ @Bean
+ public AmbariLdapDataPopulator ambariLdapDataPopulator() {
+ return injector.getInstance(AmbariLdapDataPopulator.class);
+ }
+
+ @Bean
+ public AmbariUserAuthorizationFilter ambariUserAuthorizationFilter() {
+ return injector.getInstance(AmbariUserAuthorizationFilter.class);
+ }
+
+ @Bean
+ public AmbariInternalAuthenticationProvider ambariInternalAuthenticationProvider() {
+ return injector.getInstance(AmbariInternalAuthenticationProvider.class);
+ }
+
+ @Bean
+ public AmbariPamAuthenticationProvider ambariPamAuthenticationProvider() {
+ return injector.getInstance(AmbariPamAuthenticationProvider.class);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/RootStompConfig.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/RootStompConfig.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/RootStompConfig.java
new file mode 100644
index 0000000..7ca3166
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/spring/RootStompConfig.java
@@ -0,0 +1,112 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.configuration.spring;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.ServletContext;
+
+import org.apache.ambari.server.api.AmbariSendToMethodReturnValueHandler;
+import org.eclipse.jetty.websocket.server.WebSocketServerFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.messaging.Message;
+import org.springframework.messaging.MessagingException;
+import org.springframework.messaging.handler.annotation.MessageExceptionHandler;
+import org.springframework.messaging.handler.invocation.HandlerMethodReturnValueHandler;
+import org.springframework.messaging.simp.SimpMessagingTemplate;
+import org.springframework.messaging.simp.annotation.SendToUser;
+import org.springframework.messaging.simp.annotation.support.SendToMethodReturnValueHandler;
+import org.springframework.messaging.simp.annotation.support.SimpAnnotationMethodMessageHandler;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.socket.server.jetty.JettyRequestUpgradeStrategy;
+import org.springframework.web.socket.server.support.DefaultHandshakeHandler;
+
+@Configuration
+public class RootStompConfig {
+
+ @Autowired
+ private SimpMessagingTemplate brokerTemplate;
+
+ private final ServletContext servletContext;
+
+ public RootStompConfig(ServletContext servletContext) {
+ this.servletContext = servletContext;
+ }
+
+ @Bean
+ public DefaultHandshakeHandler handshakeHandler() {
+
+ return new DefaultHandshakeHandler(
+ new JettyRequestUpgradeStrategy(new WebSocketServerFactory(servletContext)));
+ }
+
+ @Autowired
+ public void configureGlobal(SimpAnnotationMethodMessageHandler messageHandler) {
+ List<HandlerMethodReturnValueHandler> handlers = new ArrayList<>(messageHandler.getReturnValueHandlers());
+ List<HandlerMethodReturnValueHandler> changedHandlers = new ArrayList<>();
+
+ boolean handlerReplaced = false;
+ for (HandlerMethodReturnValueHandler handler : handlers) {
+ if (handler instanceof SendToMethodReturnValueHandler && !handlerReplaced) {
+ SendToMethodReturnValueHandler sendHandler = (SendToMethodReturnValueHandler)handler;
+ AmbariSendToMethodReturnValueHandler ambariSendToMethodReturnValueHandler =
+ new AmbariSendToMethodReturnValueHandler(brokerTemplate, true);
+ ambariSendToMethodReturnValueHandler.setHeaderInitializer(sendHandler.getHeaderInitializer());
+ changedHandlers.add(ambariSendToMethodReturnValueHandler);
+ handlerReplaced = true;
+ } else {
+ changedHandlers.add(handler);
+ }
+ }
+ messageHandler.setReturnValueHandlers(null);
+ messageHandler.setReturnValueHandlers(changedHandlers);
+ }
+
+ @ControllerAdvice
+ public static class ExceptionHandlingAdvice{
+ private static final Logger LOG = LoggerFactory.getLogger(ExceptionHandlingAdvice.class);
+
+
+ @MessageExceptionHandler(MessagingException.class)
+ @SendToUser("/")
+ public ErrorMessage handle(MessagingException e) {
+
+ LOG.error("Exception caught while processing message", e);
+
+ return new ErrorMessage(e);
+ }
+
+ static class ErrorMessage {
+ Message<?> failedMessage;
+ String exception;
+
+ ErrorMessage(MessagingException e) {
+ this.failedMessage = e.getFailedMessage();
+ this.exception = e.getLocalizedMessage();
+ }
+ }
+
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
index 4d4c8cc..ac0efd8 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariHandlerList.java
@@ -43,7 +43,6 @@ import org.apache.ambari.view.SystemException;
import org.apache.ambari.view.ViewContext;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
-import org.eclipse.jetty.server.SessionManager;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.servlet.FilterHolder;
@@ -63,7 +62,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
* The target pattern for a view resource request.
*/
private static final Pattern VIEW_RESOURCE_TARGET_PATTERN =
- Pattern.compile("/api/(\\S+)/views/(\\S+)/versions/(\\S+)/instances/(\\S+)/resources/(\\S+)");
+ Pattern.compile("/api/(\\S+)/views/(\\S+)/versions/(\\S+)/instances/(\\S+)/resources/(\\S+)");
/**
* The view registry.
@@ -75,7 +74,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
* Session manager.
*/
@Inject
- SessionManager sessionManager;
+ SessionHandler sessionHandler;
/**
* The web app context provider.
@@ -132,7 +131,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
@Override
public void handle(String target, Request baseRequest,
HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
+ throws IOException, ServletException {
ViewEntity viewEntity = getTargetView(target);
@@ -193,7 +192,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
// call the handlers until the request is handled
private void processHandlers(String target, Request baseRequest,
HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
+ throws IOException, ServletException {
final Handler[] handlers = getHandlers();
@@ -206,8 +205,8 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
// call the given handlers until the request is handled; return true if the request is handled
private boolean processHandlers(Collection<Handler> handlers, String target, Request baseRequest,
- HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
+ HttpServletRequest request, HttpServletResponse response)
+ throws IOException, ServletException {
for (Handler handler : handlers) {
handler.handle(target, baseRequest, request, response);
@@ -228,7 +227,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
* @throws org.apache.ambari.view.SystemException if an handler can not be obtained for the given view instance
*/
private Handler getHandler(ViewInstanceEntity viewInstanceDefinition)
- throws SystemException {
+ throws SystemException {
ViewEntity viewDefinition = viewInstanceDefinition.getViewEntity();
WebAppContext webAppContext = webAppContextProvider.get();
@@ -237,7 +236,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
webAppContext.setContextPath(viewInstanceDefinition.getContextPath());
webAppContext.setClassLoader(viewInstanceDefinition.getViewEntity().getClassLoader());
webAppContext.setAttribute(ViewContext.CONTEXT_ATTRIBUTE, new ViewContextImpl(viewInstanceDefinition, viewRegistry));
- webAppContext.setSessionHandler(new SharedSessionHandler(sessionManager));
+ webAppContext.setSessionHandler(new SharedSessionHandler(sessionHandler));
webAppContext.addFilter(new FilterHolder(ambariViewsSecurityHeaderFilter), "/*", AmbariServer.DISPATCHER_TYPES);
webAppContext.addFilter(new FilterHolder(persistFilter), "/*", AmbariServer.DISPATCHER_TYPES);
webAppContext.addFilter(new FilterHolder(springSecurityFilter), "/*", AmbariServer.DISPATCHER_TYPES);
@@ -267,16 +266,17 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
* This handler DOES NOT attempt stop the shared session manager.
*/
private static class SharedSessionHandler extends SessionHandler {
+ final SessionHandler sessionHandler;
// ----- Constructors ----------------------------------------------------
/**
* Construct a SharedSessionHandler.
*
- * @param manager the shared session manager.
+ * @param sessionHandler the shared session manager.
*/
- public SharedSessionHandler(SessionManager manager) {
- super(manager);
+ public SharedSessionHandler(SessionHandler sessionHandler) {
+ this.sessionHandler = sessionHandler;
}
@@ -286,5 +286,7 @@ public class AmbariHandlerList extends HandlerCollection implements ViewInstance
protected void doStop() throws Exception {
// do nothing...
}
+
+ //TODO delagate all other?
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
index 4e7af0c..3a3908d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
@@ -52,7 +52,6 @@ import org.apache.ambari.server.api.services.PersistKeyValueImpl;
import org.apache.ambari.server.api.services.PersistKeyValueService;
import org.apache.ambari.server.api.services.stackadvisor.StackAdvisorBlueprintProcessor;
import org.apache.ambari.server.api.services.stackadvisor.StackAdvisorHelper;
-import org.apache.ambari.server.audit.AuditLogger;
import org.apache.ambari.server.audit.AuditLoggerModule;
import org.apache.ambari.server.audit.request.RequestAuditLogger;
import org.apache.ambari.server.bootstrap.BootStrapImpl;
@@ -60,6 +59,9 @@ import org.apache.ambari.server.checks.DatabaseConsistencyCheckHelper;
import org.apache.ambari.server.checks.DatabaseConsistencyCheckResult;
import org.apache.ambari.server.configuration.ComponentSSLConfiguration;
import org.apache.ambari.server.configuration.Configuration;
+import org.apache.ambari.server.configuration.spring.AgentStompConfig;
+import org.apache.ambari.server.configuration.spring.ApiSecurityConfig;
+import org.apache.ambari.server.configuration.spring.ApiStompConfig;
import org.apache.ambari.server.controller.internal.AbstractControllerResourceProvider;
import org.apache.ambari.server.controller.internal.AmbariPrivilegeResourceProvider;
import org.apache.ambari.server.controller.internal.BaseClusterRequest;
@@ -97,14 +99,7 @@ import org.apache.ambari.server.security.AmbariServerSecurityHeaderFilter;
import org.apache.ambari.server.security.AmbariViewsSecurityHeaderFilter;
import org.apache.ambari.server.security.CertificateManager;
import org.apache.ambari.server.security.SecurityFilter;
-import org.apache.ambari.server.security.authorization.AmbariLdapAuthenticationProvider;
-import org.apache.ambari.server.security.authorization.AmbariLocalUserProvider;
-import org.apache.ambari.server.security.authorization.AmbariPamAuthenticationProvider;
-import org.apache.ambari.server.security.authorization.AmbariUserAuthorizationFilter;
-import org.apache.ambari.server.security.authorization.PermissionHelper;
import org.apache.ambari.server.security.authorization.Users;
-import org.apache.ambari.server.security.authorization.internal.AmbariInternalAuthenticationProvider;
-import org.apache.ambari.server.security.ldap.AmbariLdapDataPopulator;
import org.apache.ambari.server.security.unsecured.rest.CertificateDownload;
import org.apache.ambari.server.security.unsecured.rest.CertificateSign;
import org.apache.ambari.server.security.unsecured.rest.ConnectionInfo;
@@ -123,18 +118,23 @@ import org.apache.ambari.server.view.AmbariViewsMDCLoggingFilter;
import org.apache.ambari.server.view.ViewDirectoryWatcher;
import org.apache.ambari.server.view.ViewRegistry;
import org.apache.ambari.server.view.ViewThrottleFilter;
+import org.apache.commons.httpclient.HttpVersion;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.PropertyConfigurator;
import org.apache.velocity.app.Velocity;
import org.eclipse.jetty.server.Handler;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.NCSARequestLog;
+import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SessionIdManager;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.HandlerCollection;
import org.eclipse.jetty.server.handler.RequestLogHandler;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
-import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
+import org.eclipse.jetty.server.session.DefaultSessionIdManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.eclipse.jetty.servlet.DefaultServlet;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
@@ -148,11 +148,11 @@ import org.slf4j.bridge.SLF4JBridgeHandler;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.web.context.WebApplicationContext;
+import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.context.request.RequestContextListener;
-import org.springframework.web.context.support.GenericWebApplicationContext;
+import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
import org.springframework.web.filter.DelegatingFilterProxy;
+import org.springframework.web.servlet.DispatcherServlet;
import com.google.common.base.Joiner;
import com.google.common.util.concurrent.ServiceManager;
@@ -189,6 +189,7 @@ public class AmbariServer {
* Dispatcher types for webAppContext.addFilter.
*/
public static final EnumSet<DispatcherType> DISPATCHER_TYPES = EnumSet.of(DispatcherType.REQUEST);
+ private static final int DEFAULT_ACCEPTORS_COUNT = 1;
static {
Velocity.setProperty("runtime.log.logsystem.log4j.logger", VELOCITY_LOG_CATEGORY);
@@ -221,8 +222,6 @@ public class AmbariServer {
public volatile boolean running = true; // true while controller runs
final String CONTEXT_PATH = "/";
- final String SPRING_CONTEXT_LOCATION =
- "classpath:/webapp/WEB-INF/spring-security.xml";
final String DISABLED_ENTRIES_SPLITTER = "\\|";
@Inject
@@ -266,13 +265,7 @@ public class AmbariServer {
* Session manager.
*/
@Inject
- SessionManager sessionManager;
-
- /**
- * Session ID manager.
- */
- @Inject
- SessionIdManager sessionIdManager;
+ SessionHandler sessionHandler;
@Inject
DelegatingFilterProxy springSecurityFilter;
@@ -308,9 +301,23 @@ public class AmbariServer {
performStaticInjection();
initDB();
- server = new Server();
+ // Client Jetty thread pool - widen the thread pool if needed !
+ Integer clientAcceptors = configs.getClientApiAcceptors() != null ? configs
+ .getClientApiAcceptors() : DEFAULT_ACCEPTORS_COUNT;
+
+ server = configureJettyThreadPool(clientAcceptors, CLIENT_THREAD_POOL_NAME,
+ configs.getClientThreadPoolSize());
+
+ final SessionIdManager sessionIdManager = new DefaultSessionIdManager(server);
+ sessionHandler.setSessionIdManager(sessionIdManager);
server.setSessionIdManager(sessionIdManager);
- Server serverForAgent = new Server();
+
+ // Agent Jetty thread pool - widen the thread pool if needed !
+ Integer agentAcceptors = configs.getAgentApiAcceptors() != null ?
+ configs.getAgentApiAcceptors() : DEFAULT_ACCEPTORS_COUNT;
+
+ Server serverForAgent = configureJettyThreadPool(agentAcceptors * 2,
+ AGENT_THREAD_POOL_NAME, configs.getAgentThreadPoolSize());
setSystemProperties(configs);
@@ -323,48 +330,33 @@ public class AmbariServer {
ConfigurableListableBeanFactory factory = parentSpringAppContext.
getBeanFactory();
- factory.registerSingleton("guiceInjector", injector);
- factory.registerSingleton("ambariConfiguration", injector.getInstance(Configuration.class));
+ factory.registerSingleton("injector", injector);
+ //todo unable to register Users class as Spring @Bean since it tries to process @Inject annotations, investigate
factory.registerSingleton("ambariUsers", injector.getInstance(Users.class));
- factory.registerSingleton("passwordEncoder",
- injector.getInstance(PasswordEncoder.class));
- factory.registerSingleton("auditLogger",
- injector.getInstance(AuditLogger.class));
- factory.registerSingleton("permissionHelper",
- injector.getInstance(PermissionHelper.class));
- factory.registerSingleton("ambariLdapAuthenticationProvider",
- injector.getInstance(AmbariLdapAuthenticationProvider.class));
- factory.registerSingleton("ambariLocalAuthenticationProvider",
- injector.getInstance(AmbariLocalUserProvider.class));
- factory.registerSingleton("ambariLdapDataPopulator",
- injector.getInstance(AmbariLdapDataPopulator.class));
- factory.registerSingleton("ambariUserAuthorizationFilter",
- injector.getInstance(AmbariUserAuthorizationFilter.class));
- factory.registerSingleton("ambariInternalAuthenticationProvider",
- injector.getInstance(AmbariInternalAuthenticationProvider.class));
- factory.registerSingleton("ambariPamAuthenticationProvider",
- injector.getInstance(AmbariPamAuthenticationProvider.class));
-
- // Spring Security xml config depends on this Bean
- String[] contextLocations = {SPRING_CONTEXT_LOCATION};
- ClassPathXmlApplicationContext springAppContext = new
- ClassPathXmlApplicationContext(contextLocations, parentSpringAppContext);
+
+ //create spring context for web api
+ AnnotationConfigWebApplicationContext apiContext = new AnnotationConfigWebApplicationContext();
+ apiContext.setParent(parentSpringAppContext);
+ apiContext.register(ApiSecurityConfig.class);
+ //refresh will be called in ContextLoaderListener
+
+ AnnotationConfigWebApplicationContext apiDispatcherContext = new AnnotationConfigWebApplicationContext();
+ apiDispatcherContext.register(ApiStompConfig.class);
+ DispatcherServlet apiDispatcherServlet = new DispatcherServlet(apiDispatcherContext);
+
+ AnnotationConfigWebApplicationContext agentDispatcherContext = new AnnotationConfigWebApplicationContext();
+ agentDispatcherContext.register(AgentStompConfig.class);
+ DispatcherServlet agentDispatcherServlet = new DispatcherServlet(agentDispatcherContext);
ServletContextHandler root = new ServletContextHandler(
ServletContextHandler.SECURITY | ServletContextHandler.SESSIONS);
configureRootHandler(root);
- configureSessionManager(sessionManager);
- root.getSessionHandler().setSessionManager(sessionManager);
-
- // setting ambari web context
- GenericWebApplicationContext springWebAppContext = new GenericWebApplicationContext();
- springWebAppContext.setServletContext(root.getServletContext());
- springWebAppContext.setParent(springAppContext);
+ configureSessionHandler(sessionHandler);
+ root.setSessionHandler(sessionHandler);
- root.getServletContext().setAttribute(
- WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE,
- springWebAppContext);
+ //ContextLoaderListener handles all work on registration in servlet container
+ root.addEventListener(new ContextLoaderListener(apiContext));
certMan.initRootCert();
@@ -373,9 +365,13 @@ public class AmbariServer {
ServletContextHandler agentroot = new ServletContextHandler(
serverForAgent, "/", ServletContextHandler.NO_SESSIONS);
+ AnnotationConfigWebApplicationContext agentApiContext = new AnnotationConfigWebApplicationContext();
+ agentApiContext.setParent(parentSpringAppContext);
+
if (configs.isAgentApiGzipped()) {
configureHandlerCompression(agentroot);
}
+ agentroot.addEventListener(new ContextLoaderListener(agentApiContext));
ServletHolder rootServlet = root.addServlet(DefaultServlet.class, "/");
rootServlet.setInitParameter("dirAllowed", "false");
@@ -409,7 +405,6 @@ public class AmbariServer {
// register listener to capture request context
root.addEventListener(new RequestContextListener());
-
root.addFilter(new FilterHolder(springSecurityFilter), "/api/*", DISPATCHER_TYPES);
root.addFilter(new FilterHolder(new UserNameOverrideFilter()), "/api/v1/users/*", DISPATCHER_TYPES);
@@ -421,18 +416,8 @@ public class AmbariServer {
// Agents download cert on on-way connector but always communicate on
// two-way connector for server-agent communication
- SelectChannelConnector agentOneWayConnector = createSelectChannelConnectorForAgent(configs.getOneWayAuthPort(), false);
- SelectChannelConnector agentTwoWayConnector = createSelectChannelConnectorForAgent(configs.getTwoWayAuthPort(), configs.isTwoWaySsl());
-
- // Override acceptor defaults if configured or use Jetty defaults
- Integer acceptors = configs.getAgentApiAcceptors() != null ?
- configs.getAgentApiAcceptors() : agentOneWayConnector.getAcceptors();
- agentOneWayConnector.setAcceptors(acceptors);
- agentTwoWayConnector.setAcceptors(acceptors);
-
- // Agent Jetty thread pool - widen the thread pool if needed !
- configureJettyThreadPool(serverForAgent, acceptors * 2,
- AGENT_THREAD_POOL_NAME, configs.getAgentThreadPoolSize());
+ ServerConnector agentOneWayConnector = createSelectChannelConnectorForAgent(serverForAgent, configs.getOneWayAuthPort(), false, agentAcceptors);
+ ServerConnector agentTwoWayConnector = createSelectChannelConnectorForAgent(serverForAgent, configs.getTwoWayAuthPort(), configs.isTwoWaySsl(), agentAcceptors);
serverForAgent.addConnector(agentOneWayConnector);
serverForAgent.addConnector(agentTwoWayConnector);
@@ -451,6 +436,15 @@ public class AmbariServer {
root.addServlet(sh, "/api/v1/*");
sh.setInitOrder(2);
+ ServletHolder springDispatcherServlet = new ServletHolder("springDispatcherServlet", apiDispatcherServlet);
+ springDispatcherServlet.setInitOrder(3);
+ root.addServlet(springDispatcherServlet, "/api/stomp/*");
+
+ ServletHolder agentSpringDispatcherServlet =
+ new ServletHolder("agentSpringDispatcherServlet", agentDispatcherServlet);
+ agentSpringDispatcherServlet.setInitOrder(2);
+ agentroot.addServlet(agentSpringDispatcherServlet, "/agent/stomp/*");
+
SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL);
viewRegistry.readViewArchives();
@@ -473,7 +467,7 @@ public class AmbariServer {
agentroot.addServlet(agent, "/agent/v1/*");
agent.setInitOrder(3);
- AgentResource.statHeartBeatHandler();
+ AgentResource.startHeartBeatHandler();
LOG.info("********** Started Heartbeat handler **********");
ServletHolder cert = new ServletHolder(ServletContainer.class);
@@ -500,20 +494,13 @@ public class AmbariServer {
}
/* Configure the API server to use the NIO connectors */
- SelectChannelConnector apiConnector = createSelectChannelConnectorForClient();
+ ServerConnector apiConnector = createSelectChannelConnectorForClient(server, clientAcceptors);
- acceptors = configs.getClientApiAcceptors() != null ? configs
- .getClientApiAcceptors() : apiConnector.getAcceptors();
- apiConnector.setAcceptors(acceptors);
-
- // Client Jetty thread pool - widen the thread pool if needed !
- configureJettyThreadPool(server, acceptors, CLIENT_THREAD_POOL_NAME,
- configs.getClientThreadPoolSize());
server.addConnector(apiConnector);
server.setStopAtShutdown(true);
serverForAgent.setStopAtShutdown(true);
- springAppContext.start();
+//todo remove springAppContext.start();
String osType = getServerOsType();
if (osType == null || osType.isEmpty()) {
@@ -553,7 +540,6 @@ public class AmbariServer {
StateRecoveryManager.class);
recoveryManager.doWork();
-
/*
* Start the server after controller state is recovered.
*/
@@ -599,9 +585,9 @@ public class AmbariServer {
* @return org.eclipse.jetty.server.nio.SelectChannelConnector
*/
@SuppressWarnings("deprecation")
- private SelectChannelConnector createSelectChannelConnectorForAgent(int port, boolean needClientAuth) {
+ private ServerConnector createSelectChannelConnectorForAgent(Server server, int port, boolean needClientAuth, int acceptors) {
Map<String, String> configsMap = configs.getConfigsMap();
- SelectChannelConnector agentConnector;
+ ServerConnector agentConnector;
if (configs.getAgentSSLAuthentication()) {
String keystore = configsMap.get(Configuration.SRVR_KSTR_DIR.getKey()) + File.separator
@@ -612,25 +598,30 @@ public class AmbariServer {
String srvrCrtPass = configsMap.get(Configuration.SRVR_CRT_PASS.getKey());
+
+ HttpConfiguration https_config = new HttpConfiguration();
+ https_config.addCustomizer(new SecureRequestCustomizer());
+ https_config.setRequestHeaderSize(configs.getHttpRequestHeaderSize());
+ https_config.setResponseHeaderSize(configs.getHttpResponseHeaderSize());
+
// Secured connector - default constructor sets trustAll = true for certs
- SslContextFactory contextFactory = new SslContextFactory();
- disableInsecureProtocols(contextFactory);
-
- SslSelectChannelConnector agentSslConnector = new SslSelectChannelConnector(contextFactory);
- agentSslConnector.setKeystore(keystore);
- agentSslConnector.setTruststore(truststore);
- agentSslConnector.setPassword(srvrCrtPass);
- agentSslConnector.setKeyPassword(srvrCrtPass);
- agentSslConnector.setTrustPassword(srvrCrtPass);
- agentSslConnector.setKeystoreType(configsMap.get(Configuration.KSTR_TYPE.getKey()));
- agentSslConnector.setTruststoreType(configsMap.get(Configuration.TSTR_TYPE.getKey()));
- agentSslConnector.setNeedClientAuth(needClientAuth);
- agentSslConnector.setRequestHeaderSize(configs.getHttpRequestHeaderSize());
- agentSslConnector.setResponseHeaderSize(configs.getHttpResponseHeaderSize());
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ disableInsecureProtocols(sslContextFactory);
+ sslContextFactory.setKeyStorePath(keystore);
+ sslContextFactory.setTrustStorePath(truststore);
+ sslContextFactory.setKeyStorePassword(srvrCrtPass);
+ sslContextFactory.setKeyManagerPassword(srvrCrtPass);
+ sslContextFactory.setTrustStorePassword(srvrCrtPass);
+ sslContextFactory.setKeyStoreType(configsMap.get(Configuration.KSTR_TYPE.getKey()));
+ sslContextFactory.setTrustStoreType(configsMap.get(Configuration.TSTR_TYPE.getKey()));
+ sslContextFactory.setNeedClientAuth(needClientAuth);
+ ServerConnector agentSslConnector = new ServerConnector(server, acceptors, -1,
+ new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.toString()),
+ new HttpConnectionFactory(https_config));
agentConnector = agentSslConnector;
} else {
- agentConnector = new SelectChannelConnector();
- agentConnector.setMaxIdleTime(configs.getConnectionMaxIdleTime());
+ agentConnector = new ServerConnector(server, acceptors, -1);
+ agentConnector.setIdleTimeout(configs.getConnectionMaxIdleTime());
}
agentConnector.setPort(port);
@@ -639,10 +630,13 @@ public class AmbariServer {
}
@SuppressWarnings("deprecation")
- private SelectChannelConnector createSelectChannelConnectorForClient() {
+ private ServerConnector createSelectChannelConnectorForClient(Server server, int acceptors) {
Map<String, String> configsMap = configs.getConfigsMap();
- SelectChannelConnector apiConnector;
+ ServerConnector apiConnector;
+ HttpConfiguration http_config = new HttpConfiguration();
+ http_config.setRequestHeaderSize(configs.getHttpRequestHeaderSize());
+ http_config.setResponseHeaderSize(configs.getHttpResponseHeaderSize());
if (configs.getApiSSLAuthentication()) {
String httpsKeystore = configsMap.get(Configuration.CLIENT_API_SSL_KSTR_DIR_NAME.getKey()) +
File.separator + configsMap.get(Configuration.CLIENT_API_SSL_KSTR_NAME.getKey());
@@ -652,27 +646,27 @@ public class AmbariServer {
String httpsCrtPass = configsMap.get(Configuration.CLIENT_API_SSL_CRT_PASS.getKey());
+ HttpConfiguration https_config = new HttpConfiguration(http_config);
+ https_config.addCustomizer(new SecureRequestCustomizer());
+ https_config.setSecurePort(configs.getClientSSLApiPort());
+
SslContextFactory contextFactoryApi = new SslContextFactory();
disableInsecureProtocols(contextFactoryApi);
- SslSelectChannelConnector sapiConnector = new SslSelectChannelConnector(contextFactoryApi);
- sapiConnector.setPort(configs.getClientSSLApiPort());
- sapiConnector.setKeystore(httpsKeystore);
- sapiConnector.setTruststore(httpsTruststore);
- sapiConnector.setPassword(httpsCrtPass);
- sapiConnector.setKeyPassword(httpsCrtPass);
- sapiConnector.setTrustPassword(httpsCrtPass);
- sapiConnector.setKeystoreType(configsMap.get(Configuration.CLIENT_API_SSL_KSTR_TYPE.getKey()));
- sapiConnector.setTruststoreType(configsMap.get(Configuration.CLIENT_API_SSL_KSTR_TYPE.getKey()));
- sapiConnector.setMaxIdleTime(configs.getConnectionMaxIdleTime());
- apiConnector = sapiConnector;
+ contextFactoryApi.setKeyStorePath(httpsKeystore);
+ contextFactoryApi.setTrustStorePath(httpsTruststore);
+ contextFactoryApi.setKeyStorePassword(httpsCrtPass);
+ contextFactoryApi.setKeyManagerPassword(httpsCrtPass);
+ contextFactoryApi.setTrustStorePassword(httpsCrtPass);
+ contextFactoryApi.setKeyStoreType(configsMap.get(Configuration.CLIENT_API_SSL_KSTR_TYPE.getKey()));
+ contextFactoryApi.setTrustStoreType(configsMap.get(Configuration.CLIENT_API_SSL_KSTR_TYPE.getKey()));
+ apiConnector = new ServerConnector(server, acceptors, -1,
+ new SslConnectionFactory(contextFactoryApi, HttpVersion.HTTP_1_1.toString()),
+ new HttpConnectionFactory(https_config));
} else {
- apiConnector = new SelectChannelConnector();
+ apiConnector = new ServerConnector(server, acceptors, -1, new HttpConnectionFactory(http_config));
apiConnector.setPort(configs.getClientApiPort());
- apiConnector.setMaxIdleTime(configs.getConnectionMaxIdleTime());
}
-
- apiConnector.setRequestHeaderSize(configs.getHttpRequestHeaderSize());
- apiConnector.setResponseHeaderSize(configs.getHttpResponseHeaderSize());
+ apiConnector.setIdleTimeout(configs.getConnectionMaxIdleTime());
return apiConnector;
}
@@ -727,9 +721,6 @@ public class AmbariServer {
* log a warning and increase the pool size to ensure that there are at least
* 20 available threads for requests.
*
- * @param server
- * the Jetty server instance which will have the threadpool set on it
- * (not {@code null}).
* @param acceptorThreads
* the number of Acceptor threads configured for the connector.
* @param threadPoolName
@@ -737,7 +728,7 @@ public class AmbariServer {
* @param configuredThreadPoolSize
* the size of the pool from {@link Configuration}.
*/
- protected void configureJettyThreadPool(Server server, int acceptorThreads,
+ protected Server configureJettyThreadPool(int acceptorThreads,
String threadPoolName, int configuredThreadPoolSize) {
int minumumAvailableThreads = 20;
@@ -763,7 +754,7 @@ public class AmbariServer {
QueuedThreadPool qtp = new QueuedThreadPool(configuredThreadPoolSize);
qtp.setName(threadPoolName);
- server.setThreadPool(qtp);
+ return new Server(qtp);
}
/**
@@ -829,27 +820,27 @@ public class AmbariServer {
}
/**
- * Performs basic configuration of session manager with static values and values from
+ * Performs basic configuration of session handler with static values and values from
* configuration file.
*
- * @param sessionManager session manager
+ * @param sessionHandler session handler
*/
- protected void configureSessionManager(SessionManager sessionManager) {
+ protected void configureSessionHandler(SessionHandler sessionHandler) {
// use AMBARISESSIONID instead of JSESSIONID to avoid conflicts with
// other services (like HDFS) that run on the same context but a different
// port
- sessionManager.getSessionCookieConfig().setName("AMBARISESSIONID");
+ sessionHandler.setSessionCookie("AMBARISESSIONID");
- sessionManager.getSessionCookieConfig().setHttpOnly(true);
+ sessionHandler.getSessionCookieConfig().setHttpOnly(true);
if (configs.getApiSSLAuthentication()) {
- sessionManager.getSessionCookieConfig().setSecure(true);
+ sessionHandler.getSessionCookieConfig().setSecure(true);
}
// each request that does not use AMBARISESSIONID will create a new
// HashedSession in Jetty; these MUST be reaped after inactivity in order
// to prevent a memory leak
int sessionInactivityTimeout = configs.getHttpSessionInactiveTimeout();
- sessionManager.setMaxInactiveInterval(sessionInactivityTimeout);
+ sessionHandler.setMaxInactiveInterval(sessionInactivityTimeout);
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariSessionManager.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariSessionManager.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariSessionManager.java
index 33d662d..4742209 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariSessionManager.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariSessionManager.java
@@ -22,7 +22,7 @@ import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import org.eclipse.jetty.server.SessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
@@ -36,7 +36,7 @@ public class AmbariSessionManager {
* Session manager.
*/
@Inject
- SessionManager sessionManager;
+ SessionHandler sessionHandler;
// ----- AmbariSessionManager ----------------------------------------------
@@ -59,7 +59,7 @@ public class AmbariSessionManager {
* @return the session cookie
*/
public String getSessionCookie() {
- return sessionManager.getSessionCookieConfig().getName();
+ return sessionHandler.getSessionCookieConfig().getName();
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
index 4fa2362..b8d6733 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/ControllerModule.java
@@ -151,10 +151,7 @@ import org.apache.ambari.server.topology.PersistedStateImpl;
import org.apache.ambari.server.topology.SecurityConfigurationFactory;
import org.apache.ambari.server.topology.tasks.ConfigureClusterTaskFactory;
import org.apache.ambari.server.view.ViewInstanceHandlerList;
-import org.eclipse.jetty.server.SessionIdManager;
-import org.eclipse.jetty.server.SessionManager;
-import org.eclipse.jetty.server.session.HashSessionIdManager;
-import org.eclipse.jetty.server.session.HashSessionManager;
+import org.eclipse.jetty.server.session.SessionHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.config.BeanDefinition;
@@ -314,12 +311,9 @@ public class ControllerModule extends AbstractModule {
protected void configure() {
installFactories();
- final SessionIdManager sessionIdManager = new HashSessionIdManager();
- final SessionManager sessionManager = new HashSessionManager();
- sessionManager.getSessionCookieConfig().setPath("/");
- sessionManager.setSessionIdManager(sessionIdManager);
- bind(SessionManager.class).toInstance(sessionManager);
- bind(SessionIdManager.class).toInstance(sessionIdManager);
+ final SessionHandler sessionHandler = new SessionHandler();
+ sessionHandler.getSessionCookieConfig().setPath("/");
+ bind(SessionHandler.class).toInstance(sessionHandler);
bind(KerberosOperationHandlerFactory.class);
bind(KerberosDescriptorFactory.class);
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
index 53146b1..16c1660 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/ResourceEntity.java
@@ -34,6 +34,8 @@ import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.persistence.TableGenerator;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
/**
* Represents a resource.
*/
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/AmbariEntryPoint.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/AmbariEntryPoint.java b/ambari-server/src/main/java/org/apache/ambari/server/security/AmbariEntryPoint.java
index 8c7dd72..fcfdab1 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/AmbariEntryPoint.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/AmbariEntryPoint.java
@@ -27,7 +27,9 @@ import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.security.authentication.kerberos.AmbariKerberosAuthenticationProperties;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+@Component
public class AmbariEntryPoint implements AuthenticationEntryPoint {
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java
index ac3e15f..5cac55f 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java
@@ -21,8 +21,6 @@ import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -41,6 +39,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
+import org.springframework.stereotype.Component;
/**
* AmbariBasicAuthenticationFilter extends a {@link BasicAuthenticationFilter} to allow for auditing
@@ -50,6 +49,7 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationFi
*
* @see AmbariDelegatingAuthenticationFilter
*/
+@Component
public class AmbariBasicAuthenticationFilter extends BasicAuthenticationFilter implements AmbariAuthenticationFilter {
private static final Logger LOG = LoggerFactory.getLogger(AmbariBasicAuthenticationFilter.class);
@@ -107,16 +107,14 @@ public class AmbariBasicAuthenticationFilter extends BasicAuthenticationFilter i
/**
* Checks whether the authentication information is filled. If it is not, then a login failed audit event is logged
*
- * @param servletRequest the request
- * @param servletResponse the response
- * @param chain the Spring filter chain
+ * @param httpServletRequest the request
+ * @param httpServletResponse the response
+ * @param filterChain the Spring filter chain
* @throws IOException
* @throws ServletException
*/
@Override
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
- HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
-
+ public void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
if (auditLogger.isEnabled() && shouldApply(httpServletRequest) && (AuthorizationHelper.getAuthenticatedName() == null)) {
AuditEvent loginFailedAuditEvent = LoginAuditEvent.builder()
.withRemoteIp(RequestUtils.getRemoteAddress(httpServletRequest))
@@ -127,7 +125,7 @@ public class AmbariBasicAuthenticationFilter extends BasicAuthenticationFilter i
auditLogger.log(loginFailedAuditEvent);
}
- super.doFilter(servletRequest, servletResponse, chain);
+ super.doFilterInternal(httpServletRequest, httpServletResponse, filterChain);
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilter.java
index 141503a..b0295a9 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariDelegatingAuthenticationFilter.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
/**
* The AmbariDelegatingAuthenticationFilter is an authentication filter that holds zero or more
@@ -43,6 +44,7 @@ import org.slf4j.LoggerFactory;
* claims it is to be used for the operation, interation stops ensuring at most only one of the contained
* filters is invoked.
*/
+@Component
public class AmbariDelegatingAuthenticationFilter implements Filter {
private static final Logger LOG = LoggerFactory.getLogger(AmbariDelegatingAuthenticationFilter.class);
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
index 195c55a..9d532ff 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariJWTAuthenticationFilter.java
@@ -40,6 +40,7 @@ import org.apache.ambari.server.utils.RequestUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
/**
* AmbariBasicAuthenticationFilter extends a {@link org.apache.ambari.server.security.authorization.jwt.JwtAuthenticationFilter}
@@ -49,6 +50,7 @@ import org.springframework.security.web.AuthenticationEntryPoint;
*
* @see AmbariDelegatingAuthenticationFilter
*/
+@Component
public class AmbariJWTAuthenticationFilter extends JwtAuthenticationFilter implements AmbariAuthenticationFilter {
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/04f8c53f/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
index 1e4f6ea..be310d2 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/kerberos/AmbariAuthToLocalUserDetailsService.java
@@ -36,12 +36,14 @@ import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Component;
/**
* AmbariAuthToLocalUserDetailsService is a {@link UserDetailsService} that translates
* a Kerberos principal name into a local username that may be used when looking up
* and Ambari user account.
*/
+@Component
public class AmbariAuthToLocalUserDetailsService implements UserDetailsService {
private static final Logger LOG = LoggerFactory.getLogger(AmbariAuthToLocalUserDetailsService.class);
@@ -143,4 +145,4 @@ public class AmbariAuthToLocalUserDetailsService implements UserDetailsService {
LOG.warn(message);
throw new UsernameNotFoundException(message);
}
-}
\ No newline at end of file
+}