OOZIE-3171 Revert OOZIE-2771 commit on branch-4.3 (satishsaley)
diff --git a/release-log.txt b/release-log.txt
index 2ebc296..6405baf 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -1,5 +1,6 @@
-- Oozie 4.3.1 release
+OOZIE-3171 Revert OOZIE-2771 commit on branch-4.3 (satishsaley)
OOZIE-2533 Oozie Web UI gives Error 500 with Java 8u91 (asasvari via satishsaley)
OOZIE-3167 Upgrade tomcat version on Oozie 4.3 branch (satishsaley)
OOZIE-3161 Spark job failing because of servlet-api-2.5 jar (satishsaley)
@@ -33,7 +34,6 @@
OOZIE-2790 log4j configuration is not passed to spark executors (satishsaley)
OOZIE-2787 Oozie distributes application jar twice making the spark job fail (satishsaley)
OOZIE-2777 Config-default.xml longer than 64k results in java.io.UTFDataFormatException (gezapeti via harsh)
-OOZIE-2771 Allow retrieving keystore and truststore passwords from Hadoop Credential Provider (asasvari via abhishekbafna)
OOZIE-2748 NPE in LauncherMapper.printArgs() (pbacsko via rkanter)
OOZIE-2654 Zookeeper dependent services should not depend on Connectionstate to be valid before cleaning up (venkatnrangan via abhishekbafna)
OOZIE-2690 OOZIE NPE while executing kill() (abhishekbafna via jaydeepvishwakarma)
diff --git a/server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java b/server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java
deleted file mode 100644
index a7253d7..0000000
--- a/server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java
+++ /dev/null
@@ -1,167 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.oozie.server;
-
-
-import com.google.common.base.Preconditions;
-import com.google.inject.Inject;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.oozie.service.ConfigurationService;
-import org.eclipse.jetty.http.HttpVersion;
-import org.eclipse.jetty.server.HttpConfiguration;
-import org.eclipse.jetty.server.HttpConnectionFactory;
-import org.eclipse.jetty.server.SecureRequestCustomizer;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.SslConnectionFactory;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Arrays;
-
-/**
- * Factory that is used to configure SSL settings for the Oozie server.
- */
-class SSLServerConnectorFactory {
- private static final Logger LOG = LoggerFactory.getLogger(SSLServerConnectorFactory.class);
- public static final String OOZIE_HTTPS_TRUSTSTORE_FILE = "oozie.https.truststore.file";
- public static final String OOZIE_HTTPS_TRUSTSTORE_PASS = "oozie.https.truststore.pass";
- public static final String OOZIE_HTTPS_KEYSTORE_PASS = "oozie.https.keystore.pass";
- public static final String OOZIE_HTTPS_KEYSTORE_FILE = "oozie.https.keystore.file";
- public static final String OOZIE_HTTPS_EXCLUDE_PROTOCOLS = "oozie.https.exclude.protocols";
- public static final String OOZIE_HTTPS_INCLUDE_PROTOCOLS = "oozie.https.include.protocols";
- public static final String OOZIE_HTTPS_INCLUDE_CIPHER_SUITES = "oozie.https.include.cipher.suites";
- public static final String OOZIE_HTTPS_EXCLUDE_CIPHER_SUITES = "oozie.https.exclude.cipher.suites";
-
- private SslContextFactory sslContextFactory;
- private Configuration conf;
-
- @Inject
- public SSLServerConnectorFactory(final SslContextFactory sslContextFactory) {
- this.sslContextFactory = Preconditions.checkNotNull(sslContextFactory, "sslContextFactory is null");
- }
-
- /**
- * Construct a ServerConnector object with SSL settings
- *
- * @param oozieHttpsPort Oozie HTTPS port
- * @param conf Oozie configuration
- * @param server jetty Server which the connector is attached to
- *
- * @return ServerConnector
- */
- public ServerConnector createSecureServerConnector(int oozieHttpsPort, Configuration conf, Server server) {
- this.conf = Preconditions.checkNotNull(conf, "conf is null");
- Preconditions.checkNotNull(server, "server is null");
- Preconditions.checkState(oozieHttpsPort >= 1 && oozieHttpsPort <= 65535,
- String.format("Invalid port number specified: \'%d\'. It should be between 1 and 65535.", oozieHttpsPort));
-
- setIncludeProtocols();
- setExcludeProtocols();
-
- setIncludeCipherSuites();
- setExludeCipherSuites();
-
- setTrustStorePath();
- setTrustStorePass();
-
- setKeyStoreFile();
- setKeystorePass();
-
- HttpConfiguration httpsConfiguration = getHttpsConfiguration();
- ServerConnector secureServerConnector = new ServerConnector(server,
- new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
- new HttpConnectionFactory(httpsConfiguration));
-
- secureServerConnector.setPort(oozieHttpsPort);
-
- LOG.info(String.format("Secure server connector created, listenning on port %d", oozieHttpsPort));
- return secureServerConnector;
- }
-
- private void setExludeCipherSuites() {
- String excludeCipherList = conf.get(OOZIE_HTTPS_EXCLUDE_CIPHER_SUITES);
- String[] excludeCipherSuites = excludeCipherList.split(",");
- sslContextFactory.setExcludeCipherSuites(excludeCipherSuites);
-
- LOG.info(String.format("SSL context - excluding cipher suites: %s", Arrays.toString(excludeCipherSuites)));
- }
-
- private void setIncludeCipherSuites() {
- String includeCipherList = conf.get(OOZIE_HTTPS_INCLUDE_CIPHER_SUITES);
- if (includeCipherList == null || includeCipherList.isEmpty()) {
- return;
- }
-
- String[] includeCipherSuites = includeCipherList.split(",");
- sslContextFactory.setIncludeCipherSuites(includeCipherSuites);
-
- LOG.info(String.format("SSL context - including cipher suites: %s", Arrays.toString(includeCipherSuites)));
- }
-
- private void setIncludeProtocols() {
- String enabledProtocolsList = conf.get(OOZIE_HTTPS_INCLUDE_PROTOCOLS);
- String[] enabledProtocols = enabledProtocolsList.split(",");
- sslContextFactory.setIncludeProtocols(enabledProtocols);
-
- LOG.info(String.format("SSL context - including protocols: %s", Arrays.toString(enabledProtocols)));
- }
-
- private void setExcludeProtocols() {
- String excludedProtocolsList = conf.get(OOZIE_HTTPS_EXCLUDE_PROTOCOLS);
- if (excludedProtocolsList == null || excludedProtocolsList.isEmpty()) {
- return;
- }
- String[] excludedProtocols = excludedProtocolsList.split(",");
- sslContextFactory.setExcludeProtocols(excludedProtocols);
- LOG.info(String.format("SSL context - excluding protocols: %s", Arrays.toString(excludedProtocols)));
- }
-
- private void setTrustStorePath() {
- String trustStorePath = conf.get(OOZIE_HTTPS_TRUSTSTORE_FILE);
- Preconditions.checkNotNull(trustStorePath, "trustStorePath is null");
- sslContextFactory.setTrustStorePath(trustStorePath);
- }
-
- private void setTrustStorePass() {
- String trustStorePass = ConfigurationService.getPassword(conf, OOZIE_HTTPS_TRUSTSTORE_PASS).trim();
- Preconditions.checkNotNull(trustStorePass, "setTrustStorePass is null");
- sslContextFactory.setTrustStorePassword(trustStorePass);
- }
-
- private void setKeystorePass() {
- String keystorePass = ConfigurationService.getPassword(conf, OOZIE_HTTPS_KEYSTORE_PASS).trim();
- Preconditions.checkNotNull(keystorePass, "keystorePass is null");
- sslContextFactory.setKeyManagerPassword(keystorePass);
- }
-
- private void setKeyStoreFile() {
- String keystoreFile = conf.get(OOZIE_HTTPS_KEYSTORE_FILE);
- Preconditions.checkNotNull(keystoreFile, "keystoreFile is null");
- sslContextFactory.setKeyStorePath(keystoreFile);
- }
-
- private HttpConfiguration getHttpsConfiguration() {
- HttpConfiguration https = new HttpConfigurationWrapper(conf).getDefaultHttpConfiguration();
- https.setSecureScheme("https");
- https.addCustomizer(new SecureRequestCustomizer());
- return https;
- }
-}
