Commit Graph

92 Commits

Author SHA1 Message Date
Andrew Purtell bda2b8af8b Preparing development version 2.4.3-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-03-08 15:59:42 -08:00
Andrew Purtell 3e98c51c51 Preparing hbase release 2.4.2RC0; tagging and updates to CHANGES.md and RELEASENOTES.md
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-03-08 15:59:36 -08:00
Andrew Purtell bab2d41390 Preparing development version 2.4.2-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-15 10:51:49 -08:00
Andrew Purtell 4c3e174297 Revert "Preparing development version 2.4.2-SNAPSHOT"
This reverts commit e0aa015542.
2021-01-15 10:19:09 -08:00
Andrew Purtell e0aa015542 Preparing development version 2.4.2-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-14 12:55:38 -08:00
Andrew Purtell 67a87017b4 Revert "Preparing development version 2.4.2-SNAPSHOT"
This reverts commit 00fec5a2f7.
2021-01-14 12:54:05 -08:00
Andrew Purtell 00fec5a2f7 Preparing development version 2.4.2-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-14 11:43:50 -08:00
Andrew Purtell 3f495149e9 Revert "Preparing development version 2.4.2-SNAPSHOT"
This reverts commit 9f17bd2f1b.
2021-01-14 11:00:42 -08:00
Andrew Purtell 9f17bd2f1b Preparing development version 2.4.2-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-13 18:03:20 -08:00
Andrew Purtell 422a8cc32d Revert "Preparing development version 2.4.2-SNAPSHOT"
This reverts commit 29619049b2.
2021-01-13 17:44:09 -08:00
Andrew Purtell 29619049b2 Preparing development version 2.4.2-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-13 11:39:43 -08:00
Andrew Purtell 85075940c0 Revert "Preparing development version 2.4.2-SNAPSHOT"
This reverts commit 51c55fcc2f.
2021-01-13 10:24:09 -08:00
Andrew Purtell 51c55fcc2f Preparing development version 2.4.2-SNAPSHOT
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-12 17:06:38 -08:00
Andrew Purtell 35044cc40c Preparing hbase release 2.4.1RC0; tagging and updates to CHANGES.md and RELEASENOTES.md
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2021-01-12 17:06:33 -08:00
Duo Zhang 90db5e4f99 HBASE-25452 Use MatcherAssert.assertThat instead of org.junit.Assert.assertThat (#2826)
Signed-off-by: Guanghao Zhang <zghao@apache.org>
2020-12-30 11:06:58 +08:00
Andrew Purtell 3ff115ebe4 Preparing development version 2.4.1-SNAPSHOT 2020-12-03 09:52:11 -08:00
Andrew Purtell f7bc7be1eb Revert "Preparing development version 2.4.1-SNAPSHOT"
This reverts commit 4127a3940a.
2020-12-03 09:37:38 -08:00
Andrew Purtell 4127a3940a Preparing development version 2.4.1-SNAPSHOT 2020-12-02 14:04:53 -08:00
Andrew Purtell 108c2ecb52 Preparing hbase release 2.4.0RC0; tagging and updates to CHANGES.md and RELEASENOTES.md 2020-12-02 14:04:49 -08:00
Andrew Purtell 1b6399a480
HBASE-24640 [branch-2] Purge use of VisibleForTesting (#2696)
Signed-off-by: Nick Dimiduk <ndimiduk@apache.org>
2020-11-25 14:15:32 -08:00
Richard Antal 5ce3e3e12c HBASE-24268 REST and Thrift server do not handle the "doAs" parameter case insensitively
Closes #1843

Signed-off-by: Josh Elser <elserj@apache.org>
Signed-off-by: Sean Busbey <busbey@apache.org>
2020-11-24 12:25:46 -05:00
Mate Szalay-Beko 873bef1d7e HBASE-25267 Add SSL keystore type and truststore related configs for HBase RESTServer (#2642)
HBASE-25267 Make SSL keystore type configurable in HBase RESTServer

In this patch I want to introduce the hbase.rest.ssl.keystore.type parameter,
enabling us to customize the keystore type for the REST server. If the
parameter is not provided, then we should fall-back to the current behaviour
(which assumes keystore type JKS).

This is similar to how we already configure the InfoServer objects with the
ssl.server.keystore.type parameter to set up HTTPS for the various admin UIs.

Signed-off-by: Wellington Chevreuil <wellington.chevreuil@gmail.com>
Signed-off-by: Balazs Meszaros <meszibalu@apache.org>
Signed-off-by: Sean Busbey <busbey@apache.org>
2020-11-12 12:43:58 +01:00
申胜利 1de1ec176f HBASE-24054 To be safe, jetty's version number should be blocked. 2020-10-05 17:37:21 -07:00
ramkrish86 3cb4b29fa3
HBASE-25002 Create simple pattern matching query for retrieving metri… (#2370) (#2398)
* HBASE-25002 Create simple pattern matching query for retrieving metrics matching the pattern

* Address review comments

* Final set of comments addressed

* Address checkstyle comments
2020-09-14 19:44:00 +05:30
Esteban Gutierrez 800a4d9868 HBASE-19352 Port HADOOP-10379: Protect authentication cookies with the HttpOnly and Secure flags
Signed-off-by: Sean Busbey <busbey@apache.org>
2020-09-03 16:18:33 -05:00
Duo Zhang 4455856e9c HBASE-23834 HBase fails to run on Hadoop 3.3.0/3.2.2/3.1.4 due to jetty version mismatch (#2222)
Signed-off-by: Viraj Jasani <vjasani@apache.org>
Signed-off-by: Josh Elser <elserj@apache.org>
Signed-off-by: Peter Somogyi <psomogyi@apache.org>
2020-08-25 15:02:55 +08:00
YeChao Chen 8f31b12ba4
HBASE-24777 InfoServer support ipv6 host and port
Closes #2147

Signed-off-by: Duo Zhang <zhangduo@apache.org>
Signed-off-by: Viraj Jasani <vjasani@apache.org>
2020-07-27 20:46:49 +05:30
David Manning 25e929bdf0
HBASE-24657 add unit test for JSONBean.java
Closes #2004

Signed-off-by: Viraj Jasani <vjasani@apache.org>
2020-07-02 18:51:13 +05:30
shahrs87 941cef71c2
HBASE-24190 : Make kerberos value of hbase.security.authentication property case insensitive (#1687)
Signed-off-by: binlijin <binlijin@gmail.com>
Signed-off-by: Viraj Jasani <vjasani@apache.org>
2020-05-14 11:46:33 +05:30
Viraj Jasani b78f4367f7
Revert "Make kerberos value of hbase.security.authentication property case insensitive (#1687)"
This reverts commit c03ec837e7.
2020-05-14 11:45:23 +05:30
Duo Zhang dc2146069c
HBASE-24309 Avoid introducing log4j and slf4j-log4j dependencies for … (#1697)
Signed-off-by: stack <stack@apache.org>
2020-05-13 17:59:21 +08:00
shahrs87 c03ec837e7
Make kerberos value of hbase.security.authentication property case insensitive (#1687)
Signed-off-by: binlijin <binlijin@gmail.com>
Signed-off-by: Viraj Jasani <vjasani@apache.org>
2020-05-11 11:10:29 +05:30
Duo Zhang ec333922ce HBASE-24310 Use Slf4jRequestLog for hbase-http (#1634)
Signed-off-by: stack <stack@apache.org>
2020-05-08 11:22:18 +08:00
Michael Stack 528e9d6454
HBASE-24307 [Flakey Tests] krb server for secure thrift tests throws BindException (#1656)
Move the random free port generate back into hbasecommontestingutility
  from hbasetestingutility.

  Add a create simple kdc server utility that will start a kdc server and
  if a bindexception, create a new one on a new random port in hbase-common.

  Add new BoundSocketMaker helpful when trying to manufacture
  BindExceptions because of port clash.

  Change thrift and http kdc tests to use this new utility (removes
  code duplication around kdc server setup).
2020-05-05 21:08:09 -07:00
Michael Stack 80561504d2
HBASE-24284 [h3/jdk11] REST server won't start Exclude transitive includes of jax-rs 1.x and then explicitly include jax-rs 2.x glassfish impl for REST context when hadoop3. (#1625) 2020-05-05 15:27:11 -07:00
Josh Elser 8eb2f6752c HBASE-24252 Implement proxyuser/doAs mechanism for hbase-http
copy ProxyUserAuthenticationFilter from Hadoop
add hbase.security.authentication.spnego.kerberos.proxyuser.enable parameter (default false)
wire ProxyUserAuthenticationFilter into HttpServer

Signed-off-by: Sean Busbey <busbey@apache.org>
Signed-off-by: Josh Elser <elserj@apache.org>
2020-04-27 13:15:34 -04:00
Istvan Toth ec266a0743 HBASE-24197 TestHttpServer.testBindAddress failure with latest jetty (#1524)
use the findPort logic even if the BindException is wrapped in an IOException

Signed-off-by: Viraj Jasani <vjasani@apache.org>
Signed-off-by: Jan Hentschel <jan.hentschel@ultratendency.com>
Signed-off-by: Peter Somogyi <psomogyi@apache.org>
2020-04-16 11:52:35 +02:00
Nick Dimiduk ffb2359146
HBASE-24013 Bump branch-2 version to 2.4.0-SNAPSHOT (#1309)
Increment version in poms with

```
$ mvn org.codehaus.mojo:versions-maven-plugin:2.7:set -DnewVersion=2.4.0-SNAPSHOT -DgenerateBackupPoms=false
```

Verified no dangling references with

```
$ find . -iname '*pom.xml' -exec grep -n '2.3.0-SNAPSHOT' {} +
```

Verified build with

```
$ JAVA_HOME=/Library/Java/JavaVirtualMachines/adoptopenjdk-8.jdk/Contents/Home mvn clean package -DskipTests
$ JAVA_HOME=/Library/Java/JavaVirtualMachines/adoptopenjdk-11.jdk/Contents/Home mvn clean package -DskipTests -Dhadoop.profile=3.0
```

Signed-off-by: Jan Hentschel <jan.hentschel@ultratendency.com>
2020-03-19 08:01:43 -07:00
Nick Dimiduk 33cb9fc932 HBASE-23829 Get `-PrunSmallTests` passing on JDK11
Signed-off-by: stack <stack@apache.org>
2020-03-17 09:01:02 -07:00
Duo Zhang 7eeb6a0815 HBASE-23077 move entirely to spotbugs (#1265)
Signed-off-by: Sean Busbey <busbey@apache.org>
2020-03-12 11:42:23 +08:00
Mark Robert Miller e385fd97e0 HBASE-23783: Address tests writing and reading SSL/Security files in a common location. (#1116)
This is causing me issues with parallel test runs.

Also allow setting the surefire reports and temp directories via command line.

Signed-off-by: stack <stack@apache.org>
2020-02-04 14:40:52 -08:00
Michael Stack 12f4e0977c
HBASE-23780 Edit of test classifications (#1109)
These classifications come of running at various fork counts.. A test
may complete quick if low fork count but if it is accessing disk, it
will run much slower if fork count is high. This edit accommodates
some of this phenomenon.


Signed-off-by: Bharath Vissapragada <bharathv@apache.org>
Signed-off-by: Viraj Jasani <vjasani@apache.org>
Signed-off-by: Jan Hentschel <janh@apache.org>
2020-02-03 09:16:47 -08:00
Josh Elser 5fc1141f63 HBASE-17115 Define UI admins via an ACL
The Hadoop AccessControlList allows us to specify admins of the webUI
via a list of users and/or groups. Admins of the WebUI can mutate the
system, potentially seeing sensitive data or modifying the system.

hbase.security.authentication.spnego.admin.users is a comma-separated
list of users who are admins.
hbase.security.authentication.spnego.admin.groups is a comma-separated
list of groups whose membership are admins. Either of these
configuration properties may also contain an asterisk (*) which denotes
"any entity" (e.g user, group).

Previously, when a user was denied from some endpoint that was
designated for admins, they received an HTTP/401. In this case, it is
more correct to return HTTP/403 as they were correctly authenticated,
but they were disallowed from fetching the given resource. This commit
incorporates this change.

hbase.security.authentication.ui.config.protected also exists for users
who have sensitive information stored in the Hadoop service
configuration and want to limit access to this endpoint. By default,
the Hadoop configuration endpoint is not protected and any
authenticated user can access it.

The test is based off of work by Nihal Jain in HBASE-20472.

Co-authored-by: Nihal Jain <nihaljain.cs@gmail.com>
Signed-off-by: Sean Busbey <busbey@apache.org>
2020-01-29 16:45:25 -05:00
Peter Somogyi 49ad127fd6 HBASE-23663 Allow dot and hyphen in Profiler's URL (#1002)
Signed-off-by: Sean Busbey <busbey@apache.org>
Signed-off-by: Viraj Jasani <vjasani@apache.org>
2020-01-09 10:32:38 +01:00
Andor Molnár 188742a82f HBASE-23303 Add security headers to REST server/info page (#843)
Signed-off-by: Toshihiro Suzuki <brfrn169@gmail.com>
Signed-off-by: Sean Busbey <busbey@apache.org>
2019-12-08 22:10:41 +09:00
stack 70771b603e HBASE-23315 Miscellaneous HBCK Report page cleanup
* Add a bit of javadoc around SerialReplicationChecker.
 * Miniscule edit to the profiler jsp page and then a bit of doc on how to make it work that might help.
 * Add some detail if NPE getting BitSetNode to help w/ debug.
 * Change HbckChore to log region names instead of encoded names; helps doing diagnostics; can take region name and query in shell to find out all about the region according to hbase:meta.
 * Add some fix-it help inline in the HBCK Report page – how to fix.
 * Add counts in procedures page so can see if making progress; move listing of WALs to end of the page.
2019-11-19 07:33:13 -08:00
康智冬 576e688cec HBASE-22962 Fix typo in javadoc description (#569)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2019-09-01 20:16:05 +08:00
Mingliang Liu 32e501df6c HBASE-22545 TestLogLevel broken
Signed-off-by: Josh Elser <elserj@apache.org>
2019-06-11 14:46:09 -04:00
Guanghao 78319fab87 HBASE-22488 Cleanup the explicit timeout value for test methods 2019-05-29 14:13:15 +08:00
Josh Elser 4f05b22880 HBASE-22467 UI fixes to enable Knox proxying
Closes #261

Signed-off-by: Sean Busbey <busbey@apache.org>
2019-05-28 16:32:29 -04:00