Xiao Chen
|
723afa0978
|
Revert "HADOOP-14445. Delegation tokens are not shared between KMS instances. Contributed by Xiao Chen and Rushabh S Shah."
This reverts commit 95cedc5587a495b46748973218454be87ba8b92e.
Conflicts:
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/kms/KMSTokenRenewer.java
|
2018-05-07 14:11:13 -07:00 |
|
Xiao Chen
|
95cedc5587
|
HADOOP-14445. Delegation tokens are not shared between KMS instances. Contributed by Xiao Chen and Rushabh S Shah.
|
2018-04-10 15:46:46 -07:00 |
|
Ajay Kumar
|
d5d38918d7
|
HADOOP-15286. Remove unused imports from TestKMSWithZK.java
Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
(cherry picked from commit 3dc30bc24e50343efe1f514b923d27a0786d3ac1)
|
2018-03-04 07:20:40 -08:00 |
|
Arun Suresh
|
71a55bebfb
|
Preparing for 2.10.0 development
|
2017-10-31 12:51:14 -07:00 |
|
Xiao Chen
|
a6370dde90
|
HADOOP-14944. Add JvmMetrics to KMS.
|
2017-10-19 22:37:35 -07:00 |
|
Wei-Chiu Chuang
|
9eb33d0e87
|
HADOOP-14880. [KMS] Document&test missing KMS client side configs. Contributed by Gabor Bota.
(cherry picked from commit 97c70c7ac6881f87eee1575bcbdd28b31ecac231)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
|
2017-10-19 06:06:01 -07:00 |
|
Xiao Chen
|
0bddcf10ef
|
HADOOP-14949. TestKMS#testACLs fails intermittently.
(cherry picked from commit 152317d40ece8abfa76fb5bd29f04878c1b0d3d8)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
|
2017-10-16 14:20:05 -07:00 |
|
Xiao Chen
|
78d6dd414a
|
HADOOP-14095. Document caveats about the default JavaKeyStoreProvider in KMS.
(cherry picked from commit d7ecac379a02876919d3e6081d42f0937f54e664)
Conflicts:
hadoop-common-project/hadoop-kms/src/site/markdown/index.md.vm
|
2017-09-29 19:34:50 -07:00 |
|
Akira Ajisaka
|
1c40df5bcd
|
HADOOP-14587. Use GenericTestUtils.setLogLevel when available in hadoop-common. Contributed by Wenxin He.
|
2017-07-08 03:01:18 +09:00 |
|
John Zhuge
|
1272ee153b
|
HADOOP-14024. KMS JMX endpoint throws ClassNotFoundException. Contributed by John Zhuge.
|
2017-06-29 15:54:30 -07:00 |
|
Xiao Chen
|
7e66e133dd
|
HADOOP-14515. Addendum. Specifically configure zookeeper-related log levels in KMS log4j.
(cherry picked from commit aff7a3f8eddd55501366a43d2f44f531c6e8ef48)
|
2017-06-27 23:49:16 -07:00 |
|
Xiao Chen
|
b9bd72c676
|
HADOOP-14515. Specifically configure zookeeper-related log levels in KMS log4j.
(cherry picked from commit 4cdae5d88ef7851ae284a115868dc4bbe24ae1bd)
|
2017-06-19 23:12:28 -07:00 |
|
Xiao Chen
|
aaf533e8a0
|
HADOOP-13854. KMS should log error details in KMSExceptionsProvider.
(cherry picked from commit c4b5c32669423b9a792f33f9f8333d95528f2515)
|
2017-06-08 22:38:31 -07:00 |
|
John Zhuge
|
dad7d0e2ff
|
HADOOP-13911. Remove TRUSTSTORE_PASSWORD related scripts from KMS. Contributed by John Zhuge.
(cherry picked from commit 30f85d7a88a110637757cf7a1f4cdc9ed40f59fb)
Conflicts:
hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh
hadoop-common-project/hadoop-kms/src/main/tomcat/ssl-server.xml
|
2017-05-18 21:33:59 -07:00 |
|
John Zhuge
|
145d716a2b
|
HADOOP-14242. Make KMS Tomcat SSL property sslEnabledProtocols and clientAuth configurable. Contributed by John Zhuge.
|
2017-05-18 18:03:54 -07:00 |
|
John Zhuge
|
2be559b842
|
HADOOP-14417. Update default SSL cipher list for KMS. Contributed by John Zhuge.
|
2017-05-15 16:24:45 -07:00 |
|
John Zhuge
|
1bbba00a20
|
HADOOP-14141. Store KMS SSL keystore password in catalina.properties. Contributed by John Zhuge.
Change-Id: I8326b16aab5c3908529e1a0cc7bfe121d18f42f3
|
2017-04-20 12:36:40 -07:00 |
|
Andrew Wang
|
cf5a1390aa
|
HDFS-11441. Add escaping to error message in KMS web UI. Contributed by Aaron T. Myers.
(cherry picked from commit ec839b94c0eb3f09e74f8a3b0bc9a08b3f5418b2)
|
2017-03-06 10:47:28 -08:00 |
|
John Zhuge
|
133857ba04
|
HADOOP-14131. kms.sh creates bogus dir for tomcat logs. Contributed by John Zhuge.
Change-Id: I444e10318eb64dcd4c0416b985d12049c72e8943
|
2017-03-01 16:31:34 -08:00 |
|
Lei Xu
|
76bf47cb91
|
Add missing file hadoop-common-project/hadoop-kms/src/main/tomcat/catalina-default.properties for HADOOP-14083. (lei)
|
2017-02-27 20:49:35 -08:00 |
|
Lei Xu
|
d440ad46b5
|
HADOOP-14083. KMS should support old SSL clients. (John Zhuge via Lei Xu)
|
2017-02-27 18:12:00 -08:00 |
|
Kihwal Lee
|
7baa6dac54
|
HADOOP-14050. Add process name to kms process. Contributed by Rushabh S Shah.
|
2017-02-03 15:38:55 -06:00 |
|
Xiaoyu Yao
|
6b602c6e34
|
HADOOP-14029. Fix KMSClientProvider for non-secure proxyuser use case. Contributed by Xiaoyu Yao.
(cherry picked from commit 2034315763cd7b1eb77e96c719918fc14e2dabf6)
|
2017-01-26 20:36:43 -08:00 |
|
Xiao Chen
|
4a48f0e702
|
HADOOP-14003. Make additional KMS tomcat settings configurable. Contributed by Andrew Wang.
|
2017-01-26 11:22:16 -08:00 |
|
Arun Suresh
|
8e5de45e08
|
HADOOP-13903. Improvements to KMS logging to help debug authorization errors. (Tristan Stevens via asuresh)
(cherry picked from commit be529dade182dd2f3718fc52133f43e83dce191f)
|
2017-01-11 00:27:14 -08:00 |
|
Xiao Chen
|
7e58eec620
|
HADOOP-13847. KMSWebApp should close KeyProviderCryptoExtension. Contributed by John Zhuge.
(cherry picked from commit 291df5c7fb713d5442ee29eb3f272127afb05a3c)
|
2016-12-05 09:35:51 -08:00 |
|
Akira Ajisaka
|
0c895e8a62
|
HADOOP-13812. Upgrade Tomcat to 6.0.48. Contributed by John Zhuge.
(cherry picked from commit 00096dcc0c23af38e697cd7c6c29e3f00d744e54)
|
2016-11-29 19:50:53 +09:00 |
|
Robert Kanter
|
285edf691d
|
HADOOP-13838. KMSTokenRenewer should close providers (xiaochen via rkanter)
(cherry picked from commit 47ca9e26fba4a639e43bee5bfc001ffc4b42330d)
|
2016-11-28 18:12:53 -08:00 |
|
Akira Ajisaka
|
d29e3d0f52
|
HADOOP-13814. Sample configuration of KMS HTTP Authentication signature is misleading. Contributed by Masahiro Tanaka.
(cherry picked from commit c65d6b65415742288b53f8e38314b71794e47ecc)
|
2016-11-21 11:28:33 +09:00 |
|
Xiao Chen
|
efc9ffc3b6
|
HADOOP-13815. TestKMS#testDelegationTokensOpsSimple and TestKMS#testDelegationTokensOpsKerberized Fails in Trunk.
(cherry picked from commit 61c0bedf775e6e794d4704485ec2c41a95aecae9)
|
2016-11-15 16:26:49 -08:00 |
|
Xiao Chen
|
1e29379244
|
HADOOP-12453. Support decoding KMS Delegation Token with its own Identifier. Contributed by Xiaoyu Yao.
(cherry picked from commit 7154a20bcb1559c23aeb3b78b920bed03d834cb5)
|
2016-11-03 13:10:37 -07:00 |
|
Xiao Chen
|
4c5c6c8c44
|
HADOOP-13669. Addendum patch 2 for KMS Server should log exceptions before throwing.
(cherry picked from commit 09ef97dccbd4c11aaeedf7503d414f999435ad91)
|
2016-10-25 09:59:45 -07:00 |
|
Xiaoyu Yao
|
48c9064b33
|
HADOOP-13749. KMSClientProvider combined with KeyProviderCache can result in wrong UGI being used. Contributed by Xiaoyu Yao.
(cherry picked from commit d0a347984da175948b553a675dc357491df2fd0f)
|
2016-10-23 10:59:01 -07:00 |
|
Xiao Chen
|
562c358a83
|
HADOOP-13669. Addendum patch for KMS Server should log exceptions before throwing.
(cherry picked from commit ae51b11f7872eaac558acf00fd23f6d7b1841cfe)
|
2016-10-13 22:32:25 -07:00 |
|
Xiao Chen
|
eebda43ec1
|
HADOOP-13669. KMS Server should log exceptions before throwing. Contributed by Suraj Acharya.
(cherry picked from commit fc18c32540ed6a410adb123e1105729e0343b7f5)
|
2016-10-10 12:51:08 -07:00 |
|
Xiao Chen
|
1ed23a134c
|
HADOOP-13317. Add logs to KMS server-side to improve supportability. Contributed by Suraj Acharya.
(cherry picked from commit 89bd6d29a62afd7ed8ff87bcc29d17b1cb53dcb6)
|
2016-09-30 17:52:13 -07:00 |
|
Xiao Chen
|
06187e4f98
|
HADOOP-13638. KMS should set UGI's Configuration object properly. Contributed by Wei-Chiu Chuang.
(cherry picked from commit fa397e74fe988bcbb05c816de73eb738794ace4b)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
|
2016-09-26 13:02:57 -07:00 |
|
Xiao Chen
|
b6a60d715d
|
HDFS-10489. Deprecate dfs.encryption.key.provider.uri for HDFS encryption zones. Contributed by Xiao Chen.
(cherry picked from commit ea839bd48e4478fc7b6d0a69e0eaeae2de5e0f0d)
Conflicts:
hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/HdfsConfiguration.java
hadoop-hdfs-project/hadoop-hdfs/src/main/resources/hdfs-default.xml
|
2016-09-19 16:38:18 -07:00 |
|
Xiao Chen
|
e31745e281
|
HADOOP-13396. Allow pluggable audit loggers in KMS. Contributed by Xiao Chen.
(cherry picked from commit 3476156807733505746951f0c9346592742bbbb2)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java
|
2016-08-24 11:09:54 -07:00 |
|
Zhe Zhang
|
dfcbc12026
|
HADOOP-12765. HttpServer2 should switch to using the non-blocking SslSelectChannelConnector to prevent performance degradation when handling SSL connections. Contributed by Min Shen. Branch-2 patch contributed by Wei-Chiu Chuang.
|
2016-08-23 14:46:08 -07:00 |
|
Xiao Chen
|
74156ee20a
|
HADOOP-13437. KMS should reload whitelist and default key ACLs when hot-reloading. Contributed by Xiao Chen.
(cherry picked from commit 9daa9979a1f92fb3230361c10ddfcc1633795c0e)
|
2016-08-15 18:18:31 -07:00 |
|
Wei-Chiu Chuang
|
6d53e096b2
|
HADOOP-13190. Mention LoadBalancingKMSClientProvider in KMS HA documentation. Contributed by Wei-Chiu Chuang.
(cherry picked from commit db719ef125b11b01eab3353e2dc4b48992bf88d5)
|
2016-08-11 12:27:52 -07:00 |
|
Wei-Chiu Chuang
|
cc20316b55
|
HADOOP-13395. Enhance TestKMSAudit. Contributed by Xiao Chen.
(cherry picked from commit 070548943a16370a74277d1b1d10b713e2ca81d0)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java
|
2016-08-08 15:16:14 -07:00 |
|
Xiao Chen
|
8fe4b2429a
|
HADOOP-13381. KMS clients should use KMS Delegation Tokens from current UGI. Contributed by Xiao Chen.
(cherry picked from commit 8ebf2e95d2053cb94c6ff87ca018811fe8276f2b)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
|
2016-07-28 18:39:59 -07:00 |
|
Andrew Wang
|
d8a69c8737
|
HADOOP-13251. Authenticate with Kerberos credentials when renewing KMS delegation token. Contributed by Xiao Chen.
(cherry picked from commit 771f798edf97b27ae003395118c0317b484df6ee)
Conflicts:
hadoop-common-project/hadoop-kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMS.java
|
2016-06-27 18:29:39 -07:00 |
|
Xiaoyu Yao
|
ddf66427ff
|
HADOOP-13255. KMSClientProvider should check and renew tgt when doing delegation token operations. Contributed by Xiao Chen.
|
2016-06-16 20:12:17 -07:00 |
|
Andrew Wang
|
03c4724c88
|
HADOOP-13155. Implement TokenRenewer to renew and cancel delegation tokens in KMS. Contributed by Xiao Chen.
(cherry picked from commit 713cb71820ad94a5436f35824d07aa12fcba5cc6)
Conflicts:
hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/KeyProviderDelegationTokenExtension.java
hadoop-hdfs-project/hadoop-hdfs-client/src/main/java/org/apache/hadoop/hdfs/DFSUtilClient.java
|
2016-06-03 17:01:11 -07:00 |
|
Andrew Wang
|
7271e91b79
|
HADOOP-13030. Handle special characters in passwords in KMS startup script. Contributed by Xiao Chen.
|
2016-04-27 17:13:50 -07:00 |
|
Andrew Wang
|
2f983b161f
|
HADOOP-12951. Improve documentation on KMS ACLs and delegation tokens. Contributed by Xiao Chen.
(cherry picked from commit 594c70f779b277bd0b9d0a5dc98c3e9cc49b7e91)
|
2016-04-07 23:50:36 -07:00 |
|
Andrew Wang
|
c58599acba
|
HADOOP-12962. KMS key names are incorrectly encoded when creating key. Contributed by Xiao Chen.
(cherry picked from commit d4df7849a5caf749403bd89d29652f69c9c3f5a8)
|
2016-03-25 15:29:06 -07:00 |
|