knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From su...@apache.org
Subject knox git commit: KNOX-593 Moved SPNEGO code to httpclient
Date Thu, 03 Sep 2015 15:32:51 GMT
Repository: knox
Updated Branches:
  refs/heads/master 2fc2220f5 -> c59bfeb3a


KNOX-593 Moved SPNEGO code to httpclient


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/c59bfeb3
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/c59bfeb3
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/c59bfeb3

Branch: refs/heads/master
Commit: c59bfeb3a1467606568df6829c0edc6cdc801fb5
Parents: 2fc2220
Author: Sumit Gupta <sumit@apache.org>
Authored: Thu Sep 3 11:30:38 2015 -0400
Committer: Sumit Gupta <sumit@apache.org>
Committed: Thu Sep 3 11:30:38 2015 -0400

----------------------------------------------------------------------
 .../gateway/ha/provider/impl/URLManager.java    |   2 +-
 .../ServiceDefinitionDeploymentContributor.java |  16 +-
 .../service/definition/CustomDispatch.java      |  11 +
 .../definition/ServiceDefinitionTest.java       |   4 +-
 .../resources/services/foo/1.0.0/service.xml    |   2 +-
 .../gateway/hbase/HBaseCookieManager.java       |  43 ----
 .../hadoop/gateway/hbase/HBaseDispatch.java     |  11 +-
 .../hadoop/gateway/hive/HiveDispatch.java       |  39 ----
 .../hdfs/dispatch/WebHdfsHaDispatchTest.java    |  36 ----
 .../gateway/dispatch/AppCookieManager.java      | 205 -------------------
 .../gateway/dispatch/DefaultDispatch.java       |  63 +-----
 .../dispatch/DefaultHttpClientFactory.java      | 132 ++++++++++++
 .../gateway/dispatch/GatewayDispatchFilter.java |  92 +++------
 .../gateway/dispatch/HadoopAuthCookieStore.java |  31 +++
 .../gateway/dispatch/HttpClientFactory.java     |  27 +++
 .../gateway/dispatch/AppCookieManagerTest.java  |  53 -----
 16 files changed, 246 insertions(+), 521 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/URLManager.java
----------------------------------------------------------------------
diff --git a/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/URLManager.java b/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/URLManager.java
index f14eb25..fc40909 100644
--- a/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/URLManager.java
+++ b/gateway-provider-ha/src/main/java/org/apache/hadoop/gateway/ha/provider/impl/URLManager.java
@@ -64,7 +64,7 @@ public class URLManager {
       if (pushToBottom) {
          String failed = urls.poll();
          urls.offer(failed);
-         LOG.markedFailedUrl(failed, top);
+         LOG.markedFailedUrl(failed, urls.peek());
       }
    }
 }

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-server/src/main/java/org/apache/hadoop/gateway/deploy/impl/ServiceDefinitionDeploymentContributor.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/hadoop/gateway/deploy/impl/ServiceDefinitionDeploymentContributor.java b/gateway-server/src/main/java/org/apache/hadoop/gateway/deploy/impl/ServiceDefinitionDeploymentContributor.java
index 8adbb43..8b1d17f 100644
--- a/gateway-server/src/main/java/org/apache/hadoop/gateway/deploy/impl/ServiceDefinitionDeploymentContributor.java
+++ b/gateway-server/src/main/java/org/apache/hadoop/gateway/deploy/impl/ServiceDefinitionDeploymentContributor.java
@@ -46,6 +46,8 @@ public class ServiceDefinitionDeploymentContributor extends ServiceDeploymentCon
 
   private static final String DISPATCH_IMPL_PARAM = "dispatch-impl";
 
+  private static final String HTTP_CLIENT_FACTORY_PARAM = "httpClientFactory";
+
   private static final String SERVICE_ROLE_PARAM = "serviceRole";
 
   private static final String REPLAY_BUFFER_SIZE_PARAM = "replayBufferSize";
@@ -178,11 +180,12 @@ public class ServiceDefinitionDeploymentContributor extends ServiceDeploymentCon
     if ( customDispatch != null ) {
       String haContributorName = customDispatch.getHaContributorName();
       String haClassName = customDispatch.getHaClassName();
+      String httpClientFactory = customDispatch.getHttpClientFactory();
       if ( isHaEnabled) {
         if (haContributorName != null) {
           addDispatchFilter(context, service, resource, DISPATCH_ROLE, haContributorName);
         } else if (haClassName != null) {
-          addDispatchFilterForClass(context, service, resource, haClassName);
+          addDispatchFilterForClass(context, service, resource, haClassName, httpClientFactory);
         } else {
           addDefaultHaDispatchFilter(context, service, resource);
         }
@@ -193,7 +196,7 @@ public class ServiceDefinitionDeploymentContributor extends ServiceDeploymentCon
         } else {
           String className = customDispatch.getClassName();
           if ( className != null ) {
-            addDispatchFilterForClass(context, service, resource, className);
+            addDispatchFilterForClass(context, service, resource, className, httpClientFactory);
           } else {
             //final fallback to the default dispatch
             addDispatchFilter(context, service, resource, DISPATCH_ROLE, "http-client");
@@ -208,13 +211,16 @@ public class ServiceDefinitionDeploymentContributor extends ServiceDeploymentCon
   }
 
   private void addDefaultHaDispatchFilter(DeploymentContext context, Service service, ResourceDescriptor resource) {
-    FilterDescriptor filter = addDispatchFilterForClass(context, service, resource, DEFAULT_HA_DISPATCH_CLASS);
+    FilterDescriptor filter = addDispatchFilterForClass(context, service, resource, DEFAULT_HA_DISPATCH_CLASS, null);
     filter.param().name(SERVICE_ROLE_PARAM).value(service.getRole());
   }
 
-  private FilterDescriptor addDispatchFilterForClass(DeploymentContext context, Service service, ResourceDescriptor resource, String className) {
+  private FilterDescriptor addDispatchFilterForClass(DeploymentContext context, Service service, ResourceDescriptor resource, String dispatchClass, String httpClientFactory) {
     FilterDescriptor filter = resource.addFilter().name(getName()).role(DISPATCH_ROLE).impl(GatewayDispatchFilter.class);
-    filter.param().name(DISPATCH_IMPL_PARAM).value(className);
+    filter.param().name(DISPATCH_IMPL_PARAM).value(dispatchClass);
+    if (httpClientFactory != null) {
+      filter.param().name(HTTP_CLIENT_FACTORY_PARAM).value(httpClientFactory);
+    }
     FilterParamDescriptor filterParam = filter.param().name(REPLAY_BUFFER_SIZE_PARAM).value(DEFAULT_REPLAY_BUFFER_SIZE);
     for ( Map.Entry<String, String> serviceParam : service.getParams().entrySet() ) {
       if ( REPLAY_BUFFER_SIZE_PARAM.equals(serviceParam.getKey()) ) {

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-definitions/src/main/java/org/apache/hadoop/gateway/service/definition/CustomDispatch.java
----------------------------------------------------------------------
diff --git a/gateway-service-definitions/src/main/java/org/apache/hadoop/gateway/service/definition/CustomDispatch.java b/gateway-service-definitions/src/main/java/org/apache/hadoop/gateway/service/definition/CustomDispatch.java
index 7270a2b..abde82d 100644
--- a/gateway-service-definitions/src/main/java/org/apache/hadoop/gateway/service/definition/CustomDispatch.java
+++ b/gateway-service-definitions/src/main/java/org/apache/hadoop/gateway/service/definition/CustomDispatch.java
@@ -31,6 +31,8 @@ public class CustomDispatch {
 
   private String haClassName;
 
+  private String httpClientFactory;
+
   @XmlAttribute(name = "contributor-name")
   public String getContributorName() {
     return contributorName;
@@ -66,4 +68,13 @@ public class CustomDispatch {
   public void setHaClassName(String haContributorClassName) {
     this.haClassName = haContributorClassName;
   }
+
+  @XmlAttribute(name = "http-client-factory")
+  public String getHttpClientFactory() {
+    return httpClientFactory;
+  }
+
+  public void setHttpClientFactory(String httpClientFactory) {
+    this.httpClientFactory = httpClientFactory;
+  }
 }

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-definitions/src/test/java/org/apache/hadoop/gateway/service/definition/ServiceDefinitionTest.java
----------------------------------------------------------------------
diff --git a/gateway-service-definitions/src/test/java/org/apache/hadoop/gateway/service/definition/ServiceDefinitionTest.java b/gateway-service-definitions/src/test/java/org/apache/hadoop/gateway/service/definition/ServiceDefinitionTest.java
index f4a92cb..c8ab790 100644
--- a/gateway-service-definitions/src/test/java/org/apache/hadoop/gateway/service/definition/ServiceDefinitionTest.java
+++ b/gateway-service-definitions/src/test/java/org/apache/hadoop/gateway/service/definition/ServiceDefinitionTest.java
@@ -24,7 +24,8 @@ import javax.xml.bind.Unmarshaller;
 import java.net.URL;
 import java.util.List;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
 
 public class ServiceDefinitionTest {
 
@@ -39,6 +40,7 @@ public class ServiceDefinitionTest {
     assertEquals("1.0.0", definition.getVersion());
     assertEquals("custom-client", definition.getDispatch().getContributorName());
     assertEquals("ha-client", definition.getDispatch().getHaContributorName());
+    assertEquals("org.apache.hadoop.gateway.MockHttpClientFactory", definition.getDispatch().getHttpClientFactory());
     List<Policy> policies = definition.getPolicies();
     assertEquals(5, policies.size());
     String[] policyOrder = new String[]{"webappsec", "authentication", "rewrite", "identity-assertion", "authorization"};

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-definitions/src/test/resources/services/foo/1.0.0/service.xml
----------------------------------------------------------------------
diff --git a/gateway-service-definitions/src/test/resources/services/foo/1.0.0/service.xml b/gateway-service-definitions/src/test/resources/services/foo/1.0.0/service.xml
index 21a10f1..f18a74b 100644
--- a/gateway-service-definitions/src/test/resources/services/foo/1.0.0/service.xml
+++ b/gateway-service-definitions/src/test/resources/services/foo/1.0.0/service.xml
@@ -35,5 +35,5 @@
             <dispatch contributor-name="http-client" />
         </route>
     </routes>
-    <dispatch contributor-name="custom-client" ha-contributor-name="ha-client"/>
+    <dispatch contributor-name="custom-client" ha-contributor-name="ha-client" http-client-factory="org.apache.hadoop.gateway.MockHttpClientFactory"/>
 </service>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseCookieManager.java
----------------------------------------------------------------------
diff --git a/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseCookieManager.java b/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseCookieManager.java
deleted file mode 100644
index 8eea445..0000000
--- a/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseCookieManager.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.hbase;
-
-import org.apache.hadoop.gateway.dispatch.AppCookieManager;
-import org.apache.http.HttpRequest;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.client.methods.HttpUriRequest;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-
-public class HBaseCookieManager extends AppCookieManager {
-
-  protected HttpRequest createKerberosAuthenticationRequest( HttpUriRequest userRequest ) {
-    URI userUri = userRequest.getURI();
-    try {
-      URI authUri = new URI(
-          userUri.getScheme(), null, userUri.getHost(), userUri.getPort(),
-          "/version", userUri.getQuery(), null );
-      HttpRequest authRequest = new HttpGet( authUri );
-      return authRequest;
-    } catch( URISyntaxException e ) {
-      throw new IllegalArgumentException( userUri.toString(), e );
-    }
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseDispatch.java
----------------------------------------------------------------------
diff --git a/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseDispatch.java b/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseDispatch.java
index b019aed..f909852 100644
--- a/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseDispatch.java
+++ b/gateway-service-hbase/src/main/java/org/apache/hadoop/gateway/hbase/HBaseDispatch.java
@@ -20,16 +20,11 @@ package org.apache.hadoop.gateway.hbase;
 import org.apache.hadoop.gateway.dispatch.DefaultDispatch;
 
 /**
- * This specialized dispatch provides HBase specific features to the
- * default HttpClientDispatch.
+ * This used to be a specialized dispatch providing HBase specific features to the
+ * default dispatch. Now it is just a marker class for backwards compatibility
  */
+@Deprecated
 public class HBaseDispatch extends DefaultDispatch {
 
-  @Override
-  public void init() {
-    super.init();
-    setAppCookieManager(new HBaseCookieManager());
-  }
-
 }
 

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-hive/src/main/java/org/apache/hadoop/gateway/hive/HiveDispatch.java
----------------------------------------------------------------------
diff --git a/gateway-service-hive/src/main/java/org/apache/hadoop/gateway/hive/HiveDispatch.java b/gateway-service-hive/src/main/java/org/apache/hadoop/gateway/hive/HiveDispatch.java
index 56679fe..2504b9f 100644
--- a/gateway-service-hive/src/main/java/org/apache/hadoop/gateway/hive/HiveDispatch.java
+++ b/gateway-service-hive/src/main/java/org/apache/hadoop/gateway/hive/HiveDispatch.java
@@ -19,23 +19,10 @@ package org.apache.hadoop.gateway.hive;
 
 import org.apache.hadoop.gateway.config.Configure;
 import org.apache.hadoop.gateway.dispatch.DefaultDispatch;
-import org.apache.hadoop.gateway.security.PrimaryPrincipal;
 import org.apache.hadoop.gateway.security.SubjectUtils;
-import org.apache.http.HttpResponse;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.Credentials;
 import org.apache.http.auth.UsernamePasswordCredentials;
-import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpUriRequest;
-import org.apache.http.client.params.AuthPolicy;
 import org.apache.http.impl.auth.BasicScheme;
-import org.apache.http.impl.auth.SPNegoSchemeFactory;
-import org.apache.http.impl.client.DefaultHttpClient;
-
-import javax.security.auth.Subject;
-import java.io.IOException;
-import java.security.AccessController;
-import java.security.Principal;
 
 /**
  * This specialized dispatch provides Hive specific features to the
@@ -45,7 +32,6 @@ public class HiveDispatch extends DefaultDispatch {
   private static final String PASSWORD_PLACEHOLDER = "*";
   private boolean basicAuthPreemptive = false;
   private boolean kerberos = false;
-  private static final EmptyJaasCredentials EMPTY_JAAS_CREDENTIALS = new EmptyJaasCredentials();
 
   @Override
   public void init() {
@@ -83,30 +69,5 @@ public class HiveDispatch extends DefaultDispatch {
     this.kerberos = kerberos;
   }
 
-  protected HttpResponse executeKerberosDispatch(HttpUriRequest outboundRequest,
-      HttpClient httpClient) throws IOException {
-    DefaultHttpClient client = new DefaultHttpClient();
-    SPNegoSchemeFactory spNegoSF = new SPNegoSchemeFactory(
-          /* stripPort */true);
-    // spNegoSF.setSpengoGenerator(new BouncySpnegoTokenGenerator());
-    client.getAuthSchemes().register(AuthPolicy.SPNEGO, spNegoSF);
-    client.getCredentialsProvider().setCredentials(
-        new AuthScope(/* host */null, /* port */-1, /* realm */null),
-        EMPTY_JAAS_CREDENTIALS);
-    return client.execute(outboundRequest);
-  }
- 
-  private static class EmptyJaasCredentials implements Credentials {
-
-    public String getPassword() {
-      return null;
-    }
-
-    public Principal getUserPrincipal() {
-      return null;
-    }
-
-  }
-  
 }
 

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-service-webhdfs/src/test/java/org/apache/hadoop/gateway/hdfs/dispatch/WebHdfsHaDispatchTest.java
----------------------------------------------------------------------
diff --git a/gateway-service-webhdfs/src/test/java/org/apache/hadoop/gateway/hdfs/dispatch/WebHdfsHaDispatchTest.java b/gateway-service-webhdfs/src/test/java/org/apache/hadoop/gateway/hdfs/dispatch/WebHdfsHaDispatchTest.java
index 422218f..0ac6b57 100644
--- a/gateway-service-webhdfs/src/test/java/org/apache/hadoop/gateway/hdfs/dispatch/WebHdfsHaDispatchTest.java
+++ b/gateway-service-webhdfs/src/test/java/org/apache/hadoop/gateway/hdfs/dispatch/WebHdfsHaDispatchTest.java
@@ -17,13 +17,10 @@
  */
 package org.apache.hadoop.gateway.hdfs.dispatch;
 
-import org.apache.hadoop.gateway.dispatch.AppCookieManager;
 import org.apache.hadoop.gateway.ha.provider.HaDescriptor;
 import org.apache.hadoop.gateway.ha.provider.HaProvider;
 import org.apache.hadoop.gateway.ha.provider.HaServletContextListener;
-import org.apache.hadoop.gateway.ha.provider.impl.DefaultHaDescriptor;
 import org.apache.hadoop.gateway.ha.provider.impl.DefaultHaProvider;
-import org.apache.hadoop.gateway.ha.provider.impl.DefaultHaServiceConfig;
 import org.apache.hadoop.gateway.ha.provider.impl.HaDescriptorFactory;
 import org.apache.http.client.methods.HttpRequestBase;
 import org.apache.http.client.methods.HttpUriRequest;
@@ -36,7 +33,6 @@ import org.junit.Test;
 
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
 import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -45,40 +41,8 @@ import java.net.URI;
 import java.util.ArrayList;
 import java.util.concurrent.atomic.AtomicInteger;
 
-import static org.hamcrest.CoreMatchers.notNullValue;
-import static org.hamcrest.MatcherAssert.assertThat;
-
 public class WebHdfsHaDispatchTest {
 
-  private class InstrumentedWebHdfsHaHttpClientDispatch extends WebHdfsHaDispatch {
-
-    public InstrumentedWebHdfsHaHttpClientDispatch() throws ServletException {
-    }
-
-    public AppCookieManager getAppCookieManager() {
-      return appCookieManager;
-    }
-
-  }
-
-   @Test
-   public void testInitCallsSuperInit() throws Exception {
-     DefaultHaDescriptor haDescriptor = new DefaultHaDescriptor();
-     haDescriptor.addServiceConfig( new DefaultHaServiceConfig( "test-role" ) );
-     HaProvider haProvider = new DefaultHaProvider( haDescriptor );
-     ServletContext context = EasyMock.createNiceMock(ServletContext.class);
-     EasyMock.expect(context.getAttribute(HaServletContextListener.PROVIDER_ATTRIBUTE_NAME)).andReturn(haProvider).anyTimes();
-     FilterConfig config = EasyMock.createNiceMock( FilterConfig.class );
-     EasyMock.expect(config.getServletContext()).andReturn(context).anyTimes();
-     EasyMock.expect(config.getInitParameter(EasyMock.anyObject(String.class))).andReturn(null).anyTimes();
-     InstrumentedWebHdfsHaHttpClientDispatch dispatch = new InstrumentedWebHdfsHaHttpClientDispatch();
-     EasyMock.replay(context,config);
-
-     dispatch.init();
-
-     assertThat( dispatch.getAppCookieManager(), notNullValue() );
-   }
-
    @Test
    public void testConnectivityFailover() throws Exception {
       String serviceName = "WEBHDFS";

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/AppCookieManager.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/AppCookieManager.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/AppCookieManager.java
deleted file mode 100644
index cbbbcc5..0000000
--- a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/AppCookieManager.java
+++ /dev/null
@@ -1,205 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.dispatch;
-
-import java.io.IOException;
-import java.net.URI;
-import java.security.Principal;
-
-import org.apache.hadoop.gateway.SpiGatewayMessages;
-import org.apache.hadoop.gateway.audit.api.Action;
-import org.apache.hadoop.gateway.audit.api.ActionOutcome;
-import org.apache.hadoop.gateway.audit.api.AuditServiceFactory;
-import org.apache.hadoop.gateway.audit.api.Auditor;
-import org.apache.hadoop.gateway.audit.api.ResourceType;
-import org.apache.hadoop.gateway.audit.log4j.audit.AuditConstants;
-import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
-import org.apache.http.Header;
-import org.apache.http.HeaderElement;
-import org.apache.http.HttpEntity;
-import org.apache.http.HttpHost;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpResponse;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.Credentials;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.client.methods.HttpOptions;
-import org.apache.http.client.methods.HttpUriRequest;
-import org.apache.http.client.params.AuthPolicy;
-import org.apache.http.impl.auth.SPNegoSchemeFactory;
-import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.util.EntityUtils;
-
-/**
- * Handles SPNego authentication as a client of hadoop service, caches
- * hadoop.auth cookie returned by hadoop service on successful SPNego
- * authentication. Refreshes hadoop.auth cookie on demand if the cookie has
- * expired.
- * 
- */
-public class AppCookieManager {
-
-  static final String HADOOP_AUTH = "hadoop.auth";
-  private static final String HADOOP_AUTH_EQ = "hadoop.auth=";
-  private static final String SET_COOKIE = "Set-Cookie";
-
-  private static SpiGatewayMessages LOG = MessagesFactory.get(SpiGatewayMessages.class);
-  private static Auditor auditor = AuditServiceFactory.getAuditService().getAuditor( AuditConstants.DEFAULT_AUDITOR_NAME,
-          AuditConstants.KNOX_SERVICE_NAME, AuditConstants.KNOX_COMPONENT_NAME );
-  private static final EmptyJaasCredentials EMPTY_JAAS_CREDENTIALS = new EmptyJaasCredentials();
-
-  String appCookie;
-
-  /**
-   * Utility method to excerise AppCookieManager directly
-   * @param args element 0 of args should be a URL to hadoop service protected by SPengo
-   * @throws IOException in case of errors
-   */
-  public static void main(String[] args) throws IOException {
-    HttpUriRequest outboundRequest = new HttpGet(args[0]);
-    new AppCookieManager().getAppCookie(outboundRequest, false);
-  }
-
-  public AppCookieManager() {
-  }
-
-  /**
-   * Fetches hadoop.auth cookie from hadoop service authenticating using SpNego
-   * 
-   * @param outboundRequest
-   *          out going request
-   * @param refresh
-   *          flag indicating whether to refresh the cached cookie
-   * @return hadoop.auth cookie from hadoop service authenticating using SpNego
-   * @throws IOException
-   *           in case of errors
-   */
-  public String getAppCookie(HttpUriRequest outboundRequest, boolean refresh)
-      throws IOException {
-
-    URI uri = outboundRequest.getURI();
-    String scheme = uri.getScheme();
-    String host = uri.getHost();
-    int port = uri.getPort();
-    if (!refresh) {
-      if (appCookie != null) {
-        return appCookie;
-      }
-    }
-
-    DefaultHttpClient client = new DefaultHttpClient();
-    SPNegoSchemeFactory spNegoSF = new SPNegoSchemeFactory(
-    /* stripPort */true);
-    // spNegoSF.setSpengoGenerator(new BouncySpnegoTokenGenerator());
-    client.getAuthSchemes().register(AuthPolicy.SPNEGO, spNegoSF);
-    client.getCredentialsProvider().setCredentials(
-        new AuthScope(/* host */null, /* port */-1, /* realm */null),
-        EMPTY_JAAS_CREDENTIALS);
-
-    clearAppCookie();
-    String hadoopAuthCookie = null;
-    HttpResponse httpResponse = null;
-    try {
-      HttpHost httpHost = new HttpHost(host, port, scheme);
-      HttpRequest httpRequest = createKerberosAuthenticationRequest( outboundRequest );
-      httpResponse = client.execute(httpHost, httpRequest);
-      Header[] headers = httpResponse.getHeaders(SET_COOKIE);
-      hadoopAuthCookie = getHadoopAuthCookieValue(headers);
-      EntityUtils.consume( httpResponse.getEntity() );
-      if (hadoopAuthCookie == null) {
-        LOG.failedSPNegoAuthn(uri.toString());
-        auditor.audit( Action.AUTHENTICATION, uri.toString(), ResourceType.URI, ActionOutcome.FAILURE );
-        throw new IOException(
-            "SPNego authn failed, can not get hadoop.auth cookie");
-      }
-    } finally {
-      if (httpResponse != null) {
-        HttpEntity entity = httpResponse.getEntity();
-        if (entity != null) {
-          entity.getContent().close();
-        }
-      }
-
-    }
-    LOG.successfulSPNegoAuthn(uri.toString());
-    auditor.audit( Action.AUTHENTICATION, uri.toString(), ResourceType.URI, ActionOutcome.SUCCESS);
-    hadoopAuthCookie = HADOOP_AUTH_EQ + quote(hadoopAuthCookie);
-    setAppCookie(hadoopAuthCookie);
-    return appCookie;
-  }
-
-  protected HttpRequest createKerberosAuthenticationRequest( HttpUriRequest userRequest ) {
-    HttpRequest authRequest = new HttpOptions( userRequest.getURI().getPath() );
-    return authRequest;
-  }
-
-  /**
-   * Returns the cached app cookie
-   * 
-   * @return the cached app cookie, can be null
-   */
-  public String getCachedAppCookie() {
-    return appCookie;
-  }
-  
-  private void setAppCookie(String appCookie) {
-    this.appCookie = appCookie;
-  }
-
-  private void clearAppCookie() {
-    appCookie = null;
-  }
-  
-  static String quote(String s) {
-    return s == null ? s : "\"" + s + "\"";
-  }
-
-  static String getHadoopAuthCookieValue(Header[] headers) {
-    if (headers == null) {
-      return null;
-    }
-    for (Header header : headers) {
-      HeaderElement[] elements = header.getElements();
-      for (HeaderElement element : elements) {
-        String cookieName = element.getName();
-        if (cookieName.equals(HADOOP_AUTH)) {
-          if (element.getValue() != null) {
-            String trimmedVal = element.getValue().trim();
-            if (!trimmedVal.isEmpty()) {
-              return trimmedVal;
-            }
-          }
-        }
-      }
-    }
-    return null;
-  }
-
-  private static class EmptyJaasCredentials implements Credentials {
-
-    public String getPassword() {
-      return null;
-    }
-
-    public Principal getUserPrincipal() {
-      return null;
-    }
-
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultDispatch.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultDispatch.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultDispatch.java
index 4bcd21c..26001bf 100644
--- a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultDispatch.java
+++ b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultDispatch.java
@@ -33,8 +33,6 @@ import org.apache.hadoop.gateway.i18n.resources.ResourcesFactory;
 import org.apache.http.Header;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
-import org.apache.http.HttpStatus;
-import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpDelete;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpOptions;
@@ -43,8 +41,6 @@ import org.apache.http.client.methods.HttpPut;
 import org.apache.http.client.methods.HttpUriRequest;
 import org.apache.http.entity.ContentType;
 import org.apache.http.entity.InputStreamEntity;
-import org.apache.http.message.BasicHeader;
-import org.apache.http.util.EntityUtils;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -61,29 +57,20 @@ import java.util.Set;
  */
 public class DefaultDispatch extends AbstractGatewayDispatch {
 
-  // private static final String CT_APP_WWW_FORM_URL_ENCODED = "application/x-www-form-urlencoded";
-  // private static final String CT_APP_XML = "application/xml";
-  protected static final String Q_DELEGATION_EQ = "?delegation=";
-  protected static final String AMP_DELEGATION_EQ = "&delegation=";
-  protected static final String COOKIE = "Cookie";
   protected static final String SET_COOKIE = "Set-Cookie";
   protected static final String WWW_AUTHENTICATE = "WWW-Authenticate";
-  protected static final String NEGOTIATE = "Negotiate";
 
   protected static SpiGatewayMessages LOG = MessagesFactory.get(SpiGatewayMessages.class);
   protected static SpiGatewayResources RES = ResourcesFactory.get(SpiGatewayResources.class);
   protected static Auditor auditor = AuditServiceFactory.getAuditService().getAuditor(AuditConstants.DEFAULT_AUDITOR_NAME,
       AuditConstants.KNOX_SERVICE_NAME, AuditConstants.KNOX_COMPONENT_NAME);
 
-  protected AppCookieManager appCookieManager;
-
   private int replayBufferSize = 0;
   private Set<String> outboundResponseExcludeHeaders;
 
   @Override
   public void init() {
-    setAppCookieManager(new AppCookieManager());
-    outboundResponseExcludeHeaders = new HashSet<String>();
+    outboundResponseExcludeHeaders = new HashSet<>();
     outboundResponseExcludeHeaders.add(SET_COOKIE);
     outboundResponseExcludeHeaders.add(WWW_AUTHENTICATE);
   }
@@ -93,10 +80,6 @@ public class DefaultDispatch extends AbstractGatewayDispatch {
 
   }
 
-  public void setAppCookieManager(AppCookieManager appCookieManager) {
-    this.appCookieManager = appCookieManager;
-  }
-
   protected void executeRequest(
          HttpUriRequest outboundRequest,
          HttpServletRequest inboundRequest,
@@ -112,19 +95,12 @@ public class DefaultDispatch extends AbstractGatewayDispatch {
 
     try {
       auditor.audit( Action.DISPATCH, outboundRequest.getURI().toString(), ResourceType.URI, ActionOutcome.UNAVAILABLE, RES.requestMethod( outboundRequest.getMethod() ) );
-      String query = outboundRequest.getURI().getQuery();
       if( !"true".equals( System.getProperty( GatewayConfig.HADOOP_KERBEROS_SECURED ) ) ) {
         // Hadoop cluster not Kerberos enabled
         addCredentialsToRequest( outboundRequest );
-        inboundResponse = client.execute( outboundRequest );
-      } else if( query.contains( Q_DELEGATION_EQ ) ||
-          // query string carries delegation token
-          query.contains( AMP_DELEGATION_EQ ) ) {
-        inboundResponse = client.execute( outboundRequest );
-      } else {
-        // Kerberos secured, no delegation token in query string
-        inboundResponse = executeKerberosDispatch( outboundRequest, client );
       }
+      inboundResponse = client.execute( outboundRequest );
+
       int statusCode = inboundResponse.getStatusLine().getStatusCode();
       if( statusCode != 201 ) {
         LOG.dispatchResponseStatusCode( statusCode );
@@ -205,39 +181,6 @@ public class DefaultDispatch extends AbstractGatewayDispatch {
    protected void addCredentialsToRequest(HttpUriRequest outboundRequest) {
    }
 
-   protected HttpResponse executeKerberosDispatch(HttpUriRequest outboundRequest,
-                                                  HttpClient client) throws IOException {
-      HttpResponse inboundResponse;
-      outboundRequest.removeHeaders(COOKIE);
-      String appCookie = appCookieManager.getCachedAppCookie();
-      if (appCookie != null) {
-         outboundRequest.addHeader(new BasicHeader(COOKIE, appCookie));
-      }
-      inboundResponse = client.execute(outboundRequest);
-      // if inBoundResponse has status 401 and header WWW-Authenticate: Negoitate
-      // refresh hadoop.auth.cookie and attempt one more time
-      int statusCode = inboundResponse.getStatusLine().getStatusCode();
-      if (statusCode == HttpStatus.SC_UNAUTHORIZED) {
-         Header[] wwwAuthHeaders = inboundResponse.getHeaders(WWW_AUTHENTICATE);
-         if (wwwAuthHeaders != null && wwwAuthHeaders.length != 0 &&
-               wwwAuthHeaders[0].getValue().trim().startsWith(NEGOTIATE)) {
-            //need to consume the previous inbound response first
-            EntityUtils.consume(inboundResponse.getEntity());
-
-            appCookie = appCookieManager.getAppCookie(outboundRequest, true);
-            outboundRequest.removeHeaders(COOKIE);
-            outboundRequest.addHeader(new BasicHeader(COOKIE, appCookie));
-            inboundResponse = client.execute(outboundRequest);
-         } else {
-            // no supported authentication type found
-            // we would let the original response propagate
-         }
-      } else {
-         // not a 401 Unauthorized status code
-         // we would let the original response propagate
-      }
-      return inboundResponse;
-   }
 
    protected HttpEntity createRequestEntity(HttpServletRequest request)
          throws IOException {

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultHttpClientFactory.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultHttpClientFactory.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultHttpClientFactory.java
new file mode 100644
index 0000000..bc4b5ef
--- /dev/null
+++ b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/DefaultHttpClientFactory.java
@@ -0,0 +1,132 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.dispatch;
+
+import org.apache.hadoop.gateway.config.GatewayConfig;
+import org.apache.http.HttpRequest;
+import org.apache.http.HttpResponse;
+import org.apache.http.ProtocolException;
+import org.apache.http.auth.AuthSchemeProvider;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.Credentials;
+import org.apache.http.client.CookieStore;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.HttpRequestRetryHandler;
+import org.apache.http.client.RedirectStrategy;
+import org.apache.http.client.config.AuthSchemes;
+import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.config.Registry;
+import org.apache.http.config.RegistryBuilder;
+import org.apache.http.cookie.Cookie;
+import org.apache.http.impl.auth.SPNegoSchemeFactory;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.protocol.HttpContext;
+
+import javax.servlet.FilterConfig;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+
+public class DefaultHttpClientFactory implements HttpClientFactory {
+
+  @Override
+  public HttpClient createHttpClient(FilterConfig filterConfig) {
+    HttpClientBuilder builder = HttpClients.custom();
+
+    if ("true".equals( System.getProperty( GatewayConfig.HADOOP_KERBEROS_SECURED ))) {
+      CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
+      credentialsProvider.setCredentials(AuthScope.ANY, new UseJaasCredentials());
+
+      Registry<AuthSchemeProvider> authSchemeRegistry = RegistryBuilder.<AuthSchemeProvider>create()
+          .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true))
+          .build();
+
+      builder =  builder.setDefaultAuthSchemeRegistry(authSchemeRegistry)
+          .setDefaultCookieStore(new HadoopAuthCookieStore())
+          .setDefaultCredentialsProvider(credentialsProvider);
+    } else {
+      builder = builder.setDefaultCookieStore(new NoCookieStore());
+    }
+
+    return builder
+        .setRedirectStrategy(new NeverRedirectStrategy())
+        .setRetryHandler(new NeverRetryHandler())
+        .build();
+  }
+
+  private class NoCookieStore implements CookieStore {
+    @Override
+    public void addCookie(Cookie cookie) {
+      //no op
+    }
+
+    @Override
+    public List<Cookie> getCookies() {
+      return Collections.EMPTY_LIST;
+    }
+
+    @Override
+    public boolean clearExpired(Date date) {
+      return true;
+    }
+
+    @Override
+    public void clear() {
+      //no op
+    }
+  }
+
+  private class NeverRedirectStrategy implements RedirectStrategy {
+    @Override
+    public boolean isRedirected( HttpRequest request, HttpResponse response, HttpContext context )
+        throws ProtocolException {
+      return false;
+    }
+
+    @Override
+    public HttpUriRequest getRedirect( HttpRequest request, HttpResponse response, HttpContext context )
+        throws ProtocolException {
+      return null;
+    }
+  }
+
+  private class NeverRetryHandler implements HttpRequestRetryHandler {
+    @Override
+    public boolean retryRequest( IOException exception, int executionCount, HttpContext context ) {
+      return false;
+    }
+  }
+
+  private static class UseJaasCredentials implements Credentials {
+
+    public String getPassword() {
+      return null;
+    }
+
+    public Principal getUserPrincipal() {
+      return null;
+    }
+
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/GatewayDispatchFilter.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/GatewayDispatchFilter.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/GatewayDispatchFilter.java
index ff65c07..86601db 100644
--- a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/GatewayDispatchFilter.java
+++ b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/GatewayDispatchFilter.java
@@ -20,17 +20,8 @@ package org.apache.hadoop.gateway.dispatch;
 import org.apache.hadoop.gateway.SpiGatewayMessages;
 import org.apache.hadoop.gateway.filter.AbstractGatewayFilter;
 import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
-import org.apache.http.HttpRequest;
-import org.apache.http.HttpResponse;
-import org.apache.http.ProtocolException;
-import org.apache.http.client.CookieStore;
-import org.apache.http.client.HttpRequestRetryHandler;
-import org.apache.http.client.RedirectStrategy;
-import org.apache.http.client.methods.HttpUriRequest;
-import org.apache.http.cookie.Cookie;
+import org.apache.http.client.HttpClient;
 import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
-import org.apache.http.protocol.HttpContext;
 
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -41,9 +32,7 @@ import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.Collections;
-import java.util.Date;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
 
 import static org.apache.hadoop.gateway.config.ConfigurationInjectorBuilder.configuration;
@@ -56,10 +45,10 @@ public class GatewayDispatchFilter extends AbstractGatewayFilter {
 
   private Dispatch dispatch;
 
-  private CloseableHttpClient httpClient;
+  private HttpClient httpClient;
 
   private static Map<String, Adapter> createMethodAdapters() {
-    Map<String, Adapter> map = new HashMap<String, Adapter>();
+    Map<String, Adapter> map = new HashMap<>();
     map.put("GET", new GetAdapter());
     map.put("POST", new PostAdapter());
     map.put("PUT", new PutAdapter());
@@ -73,15 +62,17 @@ public class GatewayDispatchFilter extends AbstractGatewayFilter {
     super.init(filterConfig);
     if (dispatch == null) {
       String dispatchImpl = filterConfig.getInitParameter("dispatch-impl");
-      dispatch = newDispatch(dispatchImpl);
+      dispatch = newInstanceFromName(dispatchImpl);
     }
     configuration().target(dispatch).source(filterConfig).inject();
-    httpClient = HttpClients.custom()
-        .setDefaultCookieStore(new NoCookieStore())
-        .setRedirectStrategy(new NeverRedirectStrategy())
-        .setRetryHandler(new NeverRetryHandler())
-        .build();
-    //[sumit] this can perhaps be stashed in the servlet context to increase sharing of the client
+    HttpClientFactory httpClientFactory;
+    String httpClientFactoryClass = filterConfig.getInitParameter("httpClientFactory");
+    if (httpClientFactoryClass != null) {
+      httpClientFactory = newInstanceFromName(httpClientFactoryClass);
+    } else {
+      httpClientFactory = new DefaultHttpClientFactory();
+    }
+    httpClient = httpClientFactory.createHttpClient(filterConfig);
     dispatch.setHttpClient(httpClient);
     dispatch.init();
   }
@@ -90,7 +81,9 @@ public class GatewayDispatchFilter extends AbstractGatewayFilter {
   public void destroy() {
     dispatch.destroy();
     try {
-      httpClient.close();
+      if (httpClient instanceof  CloseableHttpClient) {
+        ((CloseableHttpClient) httpClient).close();
+      }
     } catch ( IOException e ) {
       LOG.errorClosingHttpClient(e);
     }
@@ -170,59 +163,20 @@ public class GatewayDispatchFilter extends AbstractGatewayFilter {
     }
   }
 
-  private Dispatch newDispatch(String dispatchImpl) throws ServletException {
+  private <T> T newInstanceFromName(String dispatchImpl) throws ServletException {
     try {
-      ClassLoader loader = Thread.currentThread().getContextClassLoader();
-      if ( loader == null ) {
-        loader = this.getClass().getClassLoader();
-      }
-      Class<Dispatch> clazz = (Class) loader.loadClass(dispatchImpl);
+      Class<T> clazz = loadClass(dispatchImpl);
       return clazz.newInstance();
     } catch ( Exception e ) {
       throw new ServletException(e);
     }
   }
 
-  private class NoCookieStore implements CookieStore {
-    @Override
-    public void addCookie(Cookie cookie) {
-      //no op
-    }
-
-    @Override
-    public List<Cookie> getCookies() {
-      return Collections.EMPTY_LIST;
-    }
-
-    @Override
-    public boolean clearExpired(Date date) {
-      return true;
-    }
-
-    @Override
-    public void clear() {
-      //no op
-    }
-  }
-
-  private class NeverRedirectStrategy implements RedirectStrategy {
-    @Override
-    public boolean isRedirected( HttpRequest request, HttpResponse response, HttpContext context )
-        throws ProtocolException {
-      return false;
-    }
-
-    @Override
-    public HttpUriRequest getRedirect( HttpRequest request, HttpResponse response, HttpContext context )
-        throws ProtocolException {
-      return null;
-    }
-  }
-
-  private class NeverRetryHandler implements HttpRequestRetryHandler {
-    @Override
-    public boolean retryRequest( IOException exception, int executionCount, HttpContext context ) {
-      return false;
-    }
+  private <T> Class<T> loadClass(String className) throws ClassNotFoundException {
+      ClassLoader loader = Thread.currentThread().getContextClassLoader();
+      if ( loader == null ) {
+        loader = this.getClass().getClassLoader();
+      }
+      return (Class<T>) loader.loadClass(className);
   }
 }

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HadoopAuthCookieStore.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HadoopAuthCookieStore.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HadoopAuthCookieStore.java
new file mode 100644
index 0000000..17406a3
--- /dev/null
+++ b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HadoopAuthCookieStore.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.dispatch;
+
+import org.apache.http.cookie.Cookie;
+import org.apache.http.impl.client.BasicCookieStore;
+
+public class HadoopAuthCookieStore extends BasicCookieStore {
+
+  @Override
+  public void addCookie(Cookie cookie) {
+    if (cookie.getName().equals("hadoop.auth")) {
+      super.addCookie(cookie);
+    }
+  }
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientFactory.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientFactory.java b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientFactory.java
new file mode 100644
index 0000000..ab4dbb9
--- /dev/null
+++ b/gateway-spi/src/main/java/org/apache/hadoop/gateway/dispatch/HttpClientFactory.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.gateway.dispatch;
+
+import org.apache.http.client.HttpClient;
+
+import javax.servlet.FilterConfig;
+
+public interface HttpClientFactory {
+
+  public HttpClient createHttpClient( FilterConfig filterConfig );
+}

http://git-wip-us.apache.org/repos/asf/knox/blob/c59bfeb3/gateway-spi/src/test/java/org/apache/hadoop/gateway/dispatch/AppCookieManagerTest.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/test/java/org/apache/hadoop/gateway/dispatch/AppCookieManagerTest.java b/gateway-spi/src/test/java/org/apache/hadoop/gateway/dispatch/AppCookieManagerTest.java
deleted file mode 100644
index 94ef797..0000000
--- a/gateway-spi/src/test/java/org/apache/hadoop/gateway/dispatch/AppCookieManagerTest.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.hadoop.gateway.dispatch;
-
-
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-
-import org.apache.http.Header;
-import org.apache.http.message.BasicHeader;
-import org.junit.Test;
-
-public class AppCookieManagerTest {
-
-  @Test
-  public void getCachedAppCookie() {
-    assertNull(new AppCookieManager().getCachedAppCookie());
-  }
-
-  @Test
-  public void getHadoopAuthCookieValueWithNullHeaders() {
-    assertNull(AppCookieManager.getHadoopAuthCookieValue(null));
-  }
-  
-  @Test
-  public void getHadoopAuthCookieValueWitEmptylHeaders() {
-    assertNull(AppCookieManager.getHadoopAuthCookieValue(new Header[0]));
-  }
-  
-  @Test
-  public void getHadoopAuthCookieValueWithValidlHeaders() {
-    Header[] headers = new Header[1];
-    headers[0] = new BasicHeader("Set-Cookie", AppCookieManager.HADOOP_AUTH + "=dummyvalue");
-    assertNotNull(AppCookieManager.getHadoopAuthCookieValue(headers));
-  }
-  
-}
-


Mime
View raw message