You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@atlas.apache.org by Nixon Rodrigues <ni...@freestoneinfotech.com> on 2020/10/14 13:21:52 UTC

Review Request 72962: ATLAS-3995 :- Atlas should support additional keystore/truststores types besides JKS

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72962/
-----------------------------------------------------------

Review request for atlas, Jayendra Parab, Madhan Neethiraj, Nikhil Bonte, and Sarath Subramanian.


Repository: atlas


Description
-------

Currently Atlas server (through Jetty) only supports JKS keystore/truststore types. There are additional keystore/truststore types used for different applications like for FIPS crypto algorithms.

Atlas server should support the default keystore type specified for the JDK and have option to configure other keystore/truststore  types.

This patch makes its configurable to add other keystore/truststore types via atlas-application.properties.

keystore.type=bcfks
truststore.type=bcfks


Diffs
-----

  intg/src/main/java/org/apache/atlas/security/SecurityProperties.java 2e953eb02 
  webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 34086aed8 


Diff: https://reviews.apache.org/r/72962/diff/1/


Testing
-------

Tested Atlas with bcfks type keystores.


Thanks,

Nixon Rodrigues

Re: Review Request 72962: ATLAS-3995 :- Atlas should support additional keystore/truststores types besides JKS

Posted by Madhan Neethiraj <ma...@apache.org>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72962/#review222048
-----------------------------------------------------------


Fix it, then Ship it!





webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
Lines 106 (patched)
<https://reviews.apache.org/r/72962/#comment311114>

    Consider replacing "JKS" with the constant defined above - ATLAS_KEYSTORE_FILE_TYPE_DEFAULT.



webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
Lines 111 (patched)
<https://reviews.apache.org/r/72962/#comment311115>

    Consider replacing "JKS" with the constant defined above - ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT.



webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
Line 201 (original), 205 (patched)
<https://reviews.apache.org/r/72962/#comment311116>

    Consider replacing "JKS" with existing constant - ATLAS_KEYSTORE_FILE_TYPE_DEFAULT.



webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java
Line 254 (original), 258 (patched)
<https://reviews.apache.org/r/72962/#comment311117>

    Consider replacing "JKS" with existing constant - ATLAS_TRUSTSTORE_FILE_TYPE_DEFAULT.


- Madhan Neethiraj


On Oct. 14, 2020, 1:21 p.m., Nixon Rodrigues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72962/
> -----------------------------------------------------------
> 
> (Updated Oct. 14, 2020, 1:21 p.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Madhan Neethiraj, Nikhil Bonte, and Sarath Subramanian.
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> Currently Atlas server (through Jetty) only supports JKS keystore/truststore types. There are additional keystore/truststore types used for different applications like for FIPS crypto algorithms.
> 
> Atlas server should support the default keystore type specified for the JDK and have option to configure other keystore/truststore  types.
> 
> This patch makes its configurable to add other keystore/truststore types via atlas-application.properties.
> 
> keystore.type=bcfks
> truststore.type=bcfks
> 
> 
> Diffs
> -----
> 
>   intg/src/main/java/org/apache/atlas/security/SecurityProperties.java 2e953eb02 
>   webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 34086aed8 
> 
> 
> Diff: https://reviews.apache.org/r/72962/diff/1/
> 
> 
> Testing
> -------
> 
> Tested Atlas with bcfks type keystores.
> 
> 
> Thanks,
> 
> Nixon Rodrigues
> 
>

Re: Review Request 72962: ATLAS-3995 :- Atlas should support additional keystore/truststores types besides JKS

Posted by Sarath Subramanian <sa...@apache.org>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72962/#review222053
-----------------------------------------------------------


Ship it!




Ship It!

- Sarath Subramanian


On Oct. 14, 2020, 9:39 a.m., Nixon Rodrigues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72962/
> -----------------------------------------------------------
> 
> (Updated Oct. 14, 2020, 9:39 a.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Madhan Neethiraj, Nikhil Bonte, and Sarath Subramanian.
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> Currently Atlas server (through Jetty) only supports JKS keystore/truststore types. There are additional keystore/truststore types used for different applications like for FIPS crypto algorithms.
> 
> Atlas server should support the default keystore type specified for the JDK and have option to configure other keystore/truststore  types.
> 
> This patch makes its configurable to add other keystore/truststore types via atlas-application.properties.
> 
> keystore.type=bcfks
> truststore.type=bcfks
> 
> 
> Diffs
> -----
> 
>   intg/src/main/java/org/apache/atlas/security/SecurityProperties.java 2e953eb02 
>   webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 34086aed8 
> 
> 
> Diff: https://reviews.apache.org/r/72962/diff/2/
> 
> 
> Testing
> -------
> 
> Tested Atlas with bcfks type keystores.
> 
> 
> Thanks,
> 
> Nixon Rodrigues
> 
>

Re: Review Request 72962: ATLAS-3995 :- Atlas should support additional keystore/truststores types besides JKS

Posted by Madhan Neethiraj <ma...@apache.org>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72962/#review222055
-----------------------------------------------------------


Ship it!




Ship It!

- Madhan Neethiraj


On Oct. 14, 2020, 4:39 p.m., Nixon Rodrigues wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/72962/
> -----------------------------------------------------------
> 
> (Updated Oct. 14, 2020, 4:39 p.m.)
> 
> 
> Review request for atlas, Jayendra Parab, Madhan Neethiraj, Nikhil Bonte, and Sarath Subramanian.
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> Currently Atlas server (through Jetty) only supports JKS keystore/truststore types. There are additional keystore/truststore types used for different applications like for FIPS crypto algorithms.
> 
> Atlas server should support the default keystore type specified for the JDK and have option to configure other keystore/truststore  types.
> 
> This patch makes its configurable to add other keystore/truststore types via atlas-application.properties.
> 
> keystore.type=bcfks
> truststore.type=bcfks
> 
> 
> Diffs
> -----
> 
>   intg/src/main/java/org/apache/atlas/security/SecurityProperties.java 2e953eb02 
>   webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 34086aed8 
> 
> 
> Diff: https://reviews.apache.org/r/72962/diff/2/
> 
> 
> Testing
> -------
> 
> Tested Atlas with bcfks type keystores.
> 
> 
> Thanks,
> 
> Nixon Rodrigues
> 
>

Re: Review Request 72962: ATLAS-3995 :- Atlas should support additional keystore/truststores types besides JKS

Posted by Nixon Rodrigues <ni...@freestoneinfotech.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/72962/
-----------------------------------------------------------

(Updated Oct. 14, 2020, 4:39 p.m.)


Review request for atlas, Jayendra Parab, Madhan Neethiraj, Nikhil Bonte, and Sarath Subramanian.


Changes
-------

addressed review comment from Madhan


Repository: atlas


Description
-------

Currently Atlas server (through Jetty) only supports JKS keystore/truststore types. There are additional keystore/truststore types used for different applications like for FIPS crypto algorithms.

Atlas server should support the default keystore type specified for the JDK and have option to configure other keystore/truststore  types.

This patch makes its configurable to add other keystore/truststore types via atlas-application.properties.

keystore.type=bcfks
truststore.type=bcfks


Diffs (updated)
-----

  intg/src/main/java/org/apache/atlas/security/SecurityProperties.java 2e953eb02 
  webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 34086aed8 


Diff: https://reviews.apache.org/r/72962/diff/2/

Changes: https://reviews.apache.org/r/72962/diff/1-2/


Testing
-------

Tested Atlas with bcfks type keystores.


Thanks,

Nixon Rodrigues