knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kris...@apache.org
Subject knox git commit: KNOX-1546 - Fix javadoc errors and warnings
Date Sat, 03 Nov 2018 01:42:40 GMT
Repository: knox
Updated Branches:
  refs/heads/master 15b471ee9 -> e5a3ab604


KNOX-1546 - Fix javadoc errors and warnings

Signed-off-by: Kevin Risden <krisden@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/e5a3ab60
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/e5a3ab60
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/e5a3ab60

Branch: refs/heads/master
Commit: e5a3ab604f912a6a4841f67a36b28a154c9e28de
Parents: 15b471e
Author: Kevin Risden <krisden@apache.org>
Authored: Fri Nov 2 19:27:19 2018 -0400
Committer: Kevin Risden <krisden@apache.org>
Committed: Fri Nov 2 19:35:39 2018 -0400

----------------------------------------------------------------------
 .../filter/rewrite/impl/UrlRewriteRequest.java  |   4 +-
 .../rewrite/impl/html/HtmlPrefixProcessor.java  |  11 +-
 .../federation/AbstractJWTFilterTest.java       |   3 +-
 .../pac4j/filter/Pac4jIdentityAdapter.java      |   5 +-
 .../preauth/filter/PreAuthFederationFilter.java |  67 ---------
 .../gateway/preauth/filter/PreAuthService.java  |   2 +
 .../security/impl/DefaultKeystoreService.java   |   8 +-
 .../security/impl/RemoteAliasService.java       |  10 +-
 .../knox/gateway/util/PrincipalCredentials.java |   3 -
 .../gateway/websockets/ProxyInboundSocket.java  |   3 -
 .../websockets/ProxyWebSocketAdapter.java       |   5 +-
 .../gateway/websockets/WebsocketClient.java     |   9 +-
 .../knox/gateway/config/GatewayConfig.java      |   1 +
 .../apache/knox/gateway/dispatch/Dispatch.java  |   5 +-
 .../gateway/filter/GatewayRequestWrapper.java   |   1 +
 .../gateway/filter/GatewayResponseWrapper.java  |   1 +
 .../AbstractIdentityAssertionFilter.java        | 136 -------------------
 .../security/principal/PrincipalMapper.java     |  14 +-
 .../gateway/services/ServerInfoService.java     |   2 +
 .../security/impl/X509CertificateUtil.java      |   7 +-
 .../security/token/TokenServiceException.java   |   3 -
 .../discovery/ClusterConfigurationMonitor.java  |   3 +
 .../topology/discovery/ServiceDiscovery.java    |   2 +
 .../SimpleDescriptorHandlerFuncTest.java        |   2 +-
 .../knox/gateway/audit/api/AuditService.java    |   2 +
 .../gateway/audit/api/CorrelationService.java   |   1 +
 26 files changed, 61 insertions(+), 249 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteRequest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteRequest.java
b/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteRequest.java
index 489de33..f3aab7d 100644
--- a/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteRequest.java
+++ b/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/UrlRewriteRequest.java
@@ -72,9 +72,11 @@ public class UrlRewriteRequest extends GatewayRequestWrapper implements
Resolver
   /**
    * Constructs a request object wrapping the given request.
    *
+   * @param config  FilterConfig
+   * @param request request to wrap
    * @throws IllegalArgumentException if the request is null
    */
-  public UrlRewriteRequest( FilterConfig config, HttpServletRequest request ) throws IOException
{
+  public UrlRewriteRequest( FilterConfig config, HttpServletRequest request ) {
     super( request );
     this.config = config;
     this.rewriter = UrlRewriteServletContextListener.getUrlRewriter( config.getServletContext()
);

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/html/HtmlPrefixProcessor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/html/HtmlPrefixProcessor.java
b/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/html/HtmlPrefixProcessor.java
index 1f9d42a..2e2d307 100644
--- a/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/html/HtmlPrefixProcessor.java
+++ b/gateway-provider-rewrite/src/main/java/org/apache/knox/gateway/filter/rewrite/impl/html/HtmlPrefixProcessor.java
@@ -31,27 +31,26 @@ import java.util.List;
  * This function enhances the 'frontend' function with the ability to add a
  * prefix to the rewritten frontend portion along with the literals
  * provided as an argument.
- * <p>
+ *
  * <pre>
  * {@code
  * <div ng-include src=\"'components/navbar/navbar.html?v=1498928142479'\"></div>
  * }
  * </pre>
- * <p>
+ *
  * and needs to be rewritten to something like
- * <p>
+ *
  * <pre>
  * {@code
  * <div ng-include src=\"'http://localhost:8443/sandbox/service/components/navbar/navbar.html?v=1498928142479'\"></div>
  * }
  * </pre>
- * <p>
+ * 
  * The rewrite rule could then contain the $prefix function that would delegate
  * to the frontend function.
- * <p>
+ *
  * The parameter to the function would be the symbol used as a prefix.
  */
-
 public class HtmlPrefixProcessor
     implements UrlRewriteFunctionProcessor<HtmlPrefixDescriptor> {
 

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
b/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
index 7e98ee6..ea8607d 100644
--- a/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
+++ b/gateway-provider-security-jwt/src/test/java/org/apache/knox/gateway/provider/federation/AbstractJWTFilterTest.java
@@ -54,7 +54,6 @@ import java.nio.charset.StandardCharsets;
 import java.security.AccessController;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
 import java.security.Principal;
 import java.security.PublicKey;
 import java.security.cert.Certificate;
@@ -93,7 +92,7 @@ public abstract class AbstractJWTFilterTest  {
   }
 
   @BeforeClass
-  public static void generateKeys() throws Exception, NoSuchAlgorithmException {
+  public static void generateKeys() throws Exception {
     KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
     kpg.initialize(2048);
     KeyPair KPair = kpg.generateKeyPair();

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java
b/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java
index 694d95e..b954af5 100644
--- a/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java
+++ b/gateway-provider-security-pac4j/src/main/java/org/apache/knox/gateway/pac4j/filter/Pac4jIdentityAdapter.java
@@ -145,6 +145,7 @@ public class Pac4jIdentityAdapter implements Filter {
 
   /**
    * For tests only.
+   * @param auditService AuditService to set
    */
   public static void setAuditService(AuditService auditService) {
     Pac4jIdentityAdapter.auditService = auditService;
@@ -152,6 +153,7 @@ public class Pac4jIdentityAdapter implements Filter {
 
   /**
    * For tests only.
+   * @param auditor Auditor to set
    */
   public static void setAuditor(Auditor auditor) {
     Pac4jIdentityAdapter.auditor = auditor;
@@ -159,7 +161,8 @@ public class Pac4jIdentityAdapter implements Filter {
 
   /**
    * For tests only.
-     */
+   * @return testIdentifier
+   */
   public String getTestIdentifier() {
     return testIdentifier;
   }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthFederationFilter.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthFederationFilter.java
b/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthFederationFilter.java
index eefbc26..d056b84 100644
--- a/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthFederationFilter.java
+++ b/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthFederationFilter.java
@@ -18,13 +18,8 @@
 package org.apache.knox.gateway.preauth.filter;
 
 import java.io.IOException;
-import java.security.AccessController;
-import java.security.Principal;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 import java.util.List;
 
-import javax.security.auth.Subject;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -34,8 +29,6 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.knox.gateway.security.PrimaryPrincipal;
-
 public class PreAuthFederationFilter implements Filter {
   private static final String CUSTOM_HEADER_PARAM = "preauth.customHeader";
   private List<PreAuthValidator> validators = null;
@@ -73,64 +66,4 @@ public class PreAuthFederationFilter implements Filter {
   public void destroy() {
 
   }
-
-  /**
-   * Recreate the current Subject based upon the provided mappedPrincipal
-   * and look for the groups that should be associated with the new Subject.
-   * Upon finding groups mapped to the principal - add them to the new Subject.
-   */
-  protected void continueChainAsPrincipal(final ServletRequest request, final ServletResponse
response,
-                                          final FilterChain chain, String principal) throws
IOException, ServletException {
-    Subject subject = null;
-    Principal primaryPrincipal = null;
-
-    // do some check to ensure that the extracted identity matches any existing security
context
-    // if not, there is may be someone tampering with the request - consult config to determine
-    // how we are to handle it
-
-    // TODO: make sure that this makes sense with existing sessions or lack thereof
-    Subject currentSubject = Subject.getSubject(AccessController.getContext());
-    if (currentSubject != null) {
-      primaryPrincipal = (PrimaryPrincipal) currentSubject.getPrincipals(PrimaryPrincipal.class).toArray()[0];
-      if (primaryPrincipal != null) {
-        if (!primaryPrincipal.getName().equals(principal)) {
-          // TODO?
-        }
-      }
-    }
-
-    subject = new Subject();
-    subject.getPrincipals().add(primaryPrincipal);
-    doAs(request, response, chain, subject);
-  }
-
-  private void doAs(final ServletRequest request,
-                    final ServletResponse response, final FilterChain chain, Subject subject)
-      throws IOException, ServletException {
-    try {
-      Subject.doAs(
-          subject,
-          new PrivilegedExceptionAction<Object>() {
-            public Object run() throws Exception {
-              doFilterInternal(request, response, chain);
-              return null;
-            }
-          }
-      );
-    } catch (PrivilegedActionException e) {
-      Throwable t = e.getCause();
-      if (t instanceof IOException) {
-        throw (IOException) t;
-      } else if (t instanceof ServletException) {
-        throw (ServletException) t;
-      } else {
-        throw new ServletException(t);
-      }
-    }
-  }
-
-  private void doFilterInternal(ServletRequest request, ServletResponse response, FilterChain
chain) throws IOException, ServletException {
-    chain.doFilter(request, response);
-  }
-
 }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthService.java
----------------------------------------------------------------------
diff --git a/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthService.java
b/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthService.java
index 59100b5..13b43af 100644
--- a/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthService.java
+++ b/gateway-provider-security-preauth/src/main/java/org/apache/knox/gateway/preauth/filter/PreAuthService.java
@@ -60,7 +60,9 @@ public class PreAuthService {
    * This method returns appropriate pre-auth Validator as defined in config
    *
    * @since 0.12
+   * @param filterConfig filter config to pull validators from
    * @return a list of PreAuthValidator instances as defined in config
+   * @throws ServletException unable to find validator
    */
   public static List<PreAuthValidator> getValidators(FilterConfig filterConfig) throws
ServletException {
     String validationMethods = filterConfig.getInitParameter(VALIDATION_METHOD_PARAM);

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
index 994e3d4..26ca369 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.java
@@ -205,13 +205,7 @@ public class DefaultKeystoreService extends BaseKeystoreService implements
         
         writeKeystoreToFile(privateKS, new File( keyStoreDir + GATEWAY_KEYSTORE  ));
         //writeCertificateToFile( cert, new File( keyStoreDir + alias + ".pem" ) );
-      } catch (NoSuchAlgorithmException e) {
-        LOG.failedToAddSeflSignedCertForGateway( alias, e );
-        throw new KeystoreServiceException(e);
-      } catch (GeneralSecurityException e) {
-        LOG.failedToAddSeflSignedCertForGateway( alias, e );
-        throw new KeystoreServiceException(e);
-      } catch (IOException e) {
+      } catch (GeneralSecurityException | IOException e) {
         LOG.failedToAddSeflSignedCertForGateway( alias, e );
         throw new KeystoreServiceException(e);
       }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
index 447af26..52507c2 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/services/security/impl/RemoteAliasService.java
@@ -167,20 +167,20 @@ public class RemoteAliasService implements AliasService {
     ensureEntry(
         PATH_KNOX_ALIAS_STORE_TOPOLOGY + PATH_SEPARATOR + DEFAULT_CLUSTER_NAME,
         remoteClient);
-
   }
 
   /**
    * Returns an empty list if the given list is null,
    * else returns the given list.
    */
-  private static List<String> safe(final List given) {
+  private static List<String> safe(final List<String> given) {
     return given == null ? Collections.EMPTY_LIST : given;
   }
 
   /**
    * Set a {@link RemoteConfigurationRegistryClientService} instance
    * used to talk to remote remote service registry.
+   * @param registryClientService registryClientService to set
    */
   public void setRegistryClientService(
       final RemoteConfigurationRegistryClientService registryClientService) {
@@ -189,6 +189,7 @@ public class RemoteAliasService implements AliasService {
 
   /**
    * Set a {@link MasterService} instance.
+   * @param ms master service to set
    */
   public void setMasterService(final MasterService ms) {
     this.ms = ms;
@@ -196,6 +197,7 @@ public class RemoteAliasService implements AliasService {
 
   /**
    * Set local alias service
+   * @param localAliasService local alias service to set
    */
   public void setLocalAliasService(AliasService localAliasService) {
     this.localAliasService = localAliasService;
@@ -485,6 +487,7 @@ public class RemoteAliasService implements AliasService {
    * @param clusterName Name of the cluster
    * @param alias       Alias name to be added
    * @param value       alias value to be added
+   * @throws AliasServiceException exception on failure adding alias
    */
   public void addAliasForClusterLocally(final String clusterName,
       final String alias, final String value) throws AliasServiceException {
@@ -497,6 +500,7 @@ public class RemoteAliasService implements AliasService {
    *
    * @param clusterName Name of the cluster
    * @param alias       Alias name to be removed
+   * @throws AliasServiceException exception on failure removing alias
    */
   public void removeAliasForClusterLocally(final String clusterName,
       final String alias) throws AliasServiceException {
@@ -521,6 +525,7 @@ public class RemoteAliasService implements AliasService {
    * Encrypt the clear text with master password.
    * @param clear clear text to be encrypted
    * @return encrypted and base 64 encoded result.
+   * @throws Exception exception on failure
    */
   public String encrypt(final String clear) throws Exception {
 
@@ -538,6 +543,7 @@ public class RemoteAliasService implements AliasService {
    *
    * @param encoded encoded and encrypted string.
    * @return decrypted password.
+   * @throws Exception exception on failure
    */
   public String decrypt(final String encoded) throws Exception {
 

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-server/src/main/java/org/apache/knox/gateway/util/PrincipalCredentials.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/util/PrincipalCredentials.java
b/gateway-server/src/main/java/org/apache/knox/gateway/util/PrincipalCredentials.java
index 0652db7..7757437 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/util/PrincipalCredentials.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/util/PrincipalCredentials.java
@@ -36,9 +36,6 @@ public class PrincipalCredentials implements Credentials, Serializable {
 
   private final Principal principal;
 
-  /**
-   * The constructor with the principal.
-   */
   public PrincipalCredentials( Principal principal ) {
     super();
     if( principal == null ) throw new IllegalArgumentException( "principal==null" );

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyInboundSocket.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyInboundSocket.java
b/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyInboundSocket.java
index 0c3d0da..e133b0f 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyInboundSocket.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyInboundSocket.java
@@ -36,9 +36,6 @@ public class ProxyInboundSocket {
    */
   final MessageEventCallback callback;
 
-  /**
-   * Create an instance
-   */
   public ProxyInboundSocket(final MessageEventCallback callback) {
     super();
     this.callback = callback;

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyWebSocketAdapter.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyWebSocketAdapter.java
b/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyWebSocketAdapter.java
index 2eaf50e..d3cc717 100644
--- a/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyWebSocketAdapter.java
+++ b/gateway-server/src/main/java/org/apache/knox/gateway/websockets/ProxyWebSocketAdapter.java
@@ -64,10 +64,7 @@ public class ProxyWebSocketAdapter extends WebSocketAdapter {
    * @since 0.14
    */
   private ClientEndpointConfig clientConfig;
-
-  /**
-   * Create an instance
-   */
+  
   public ProxyWebSocketAdapter(final URI backend, final ExecutorService pool) {
     this(backend, pool, null);
   }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketClient.java
----------------------------------------------------------------------
diff --git a/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketClient.java
b/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketClient.java
index 08c9ffc..08ac45f 100644
--- a/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketClient.java
+++ b/gateway-server/src/test/java/org/apache/knox/gateway/websockets/WebsocketClient.java
@@ -80,9 +80,14 @@ public class WebsocketClient {
 
   /**
    * Check whether we have expected close code
+   *
+   * @param expectedCloseCode code to expect on close
+   * @param timeoutDuration duration to wait
+   * @param timeoutUnit duration unit
+   * @throws TimeoutException if waiting too long to close
    */
-  public void awaitClose(int expectedCloseCode, int timeoutDuration,
-      TimeUnit timeoutUnit) throws TimeoutException {
+  public void awaitClose(int expectedCloseCode, int timeoutDuration, TimeUnit timeoutUnit)
+      throws TimeoutException {
 
     long msDur = TimeUnit.MILLISECONDS.convert(timeoutDuration, timeoutUnit);
     long now = System.currentTimeMillis();

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/config/GatewayConfig.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/config/GatewayConfig.java b/gateway-spi/src/main/java/org/apache/knox/gateway/config/GatewayConfig.java
index 53e8394..98846ac 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/config/GatewayConfig.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/config/GatewayConfig.java
@@ -236,6 +236,7 @@ public interface GatewayConfig {
   /**
    * Enable cookie scoping to gateway path
    *
+   * @return true if cookie scoping to path is enabled
    * @since 0.13
    */
   boolean isCookieScopingToPathEnabled();

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/Dispatch.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/Dispatch.java b/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/Dispatch.java
index e7aeb3e..ac13031 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/Dispatch.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/dispatch/Dispatch.java
@@ -52,10 +52,7 @@ public interface Dispatch {
 
   void doOptions( URI url, HttpServletRequest request, HttpServletResponse response )
       throws IOException, ServletException, URISyntaxException;
-
-  /**
-   * @since 0.14.0
-   */
+  
   void doHead( URI url, HttpServletRequest request, HttpServletResponse response )
       throws IOException, ServletException, URISyntaxException;
 

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayRequestWrapper.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayRequestWrapper.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayRequestWrapper.java
index fe2ff53..851fe29 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayRequestWrapper.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayRequestWrapper.java
@@ -28,6 +28,7 @@ public class GatewayRequestWrapper extends HttpServletRequestWrapper implements
   /**
    * Constructs a request object wrapping the given request.
    *
+   * @param request the request object to wrap
    * @throws IllegalArgumentException if the request is null
    */
   public GatewayRequestWrapper( HttpServletRequest request ) {

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayResponseWrapper.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayResponseWrapper.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayResponseWrapper.java
index 0364bb0..94db2b7 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayResponseWrapper.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/filter/GatewayResponseWrapper.java
@@ -34,6 +34,7 @@ public abstract class GatewayResponseWrapper extends HttpServletResponseWrapper
   /**
    * Constructs a response adaptor wrapping the given response.
    *
+   * @param response the response object to wrap
    * @throws IllegalArgumentException if the response is null
    */
   public GatewayResponseWrapper( HttpServletResponse response ) {

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/filter/security/AbstractIdentityAssertionFilter.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/filter/security/AbstractIdentityAssertionFilter.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/filter/security/AbstractIdentityAssertionFilter.java
index 2e6e311..76a8db5 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/filter/security/AbstractIdentityAssertionFilter.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/filter/security/AbstractIdentityAssertionFilter.java
@@ -17,43 +17,22 @@
  */
 package org.apache.knox.gateway.filter.security;
 
-import org.apache.knox.gateway.audit.api.Action;
-import org.apache.knox.gateway.audit.api.ActionOutcome;
 import org.apache.knox.gateway.audit.api.AuditService;
 import org.apache.knox.gateway.audit.api.AuditServiceFactory;
 import org.apache.knox.gateway.audit.api.Auditor;
-import org.apache.knox.gateway.audit.api.ResourceType;
 import org.apache.knox.gateway.audit.log4j.audit.AuditConstants;
 import org.apache.knox.gateway.i18n.GatewaySpiMessages;
 import org.apache.knox.gateway.i18n.GatewaySpiResources;
 import org.apache.knox.gateway.i18n.messages.MessagesFactory;
 import org.apache.knox.gateway.i18n.resources.ResourcesFactory;
-import org.apache.knox.gateway.security.GroupPrincipal;
-import org.apache.knox.gateway.security.ImpersonatedPrincipal;
-import org.apache.knox.gateway.security.PrimaryPrincipal;
 import org.apache.knox.gateway.security.principal.PrincipalMapper;
 import org.apache.knox.gateway.security.principal.PrincipalMappingException;
 import org.apache.knox.gateway.security.principal.SimplePrincipalMapper;
 
-import javax.security.auth.Subject;
-
-import java.io.IOException;
-import java.security.AccessController;
-import java.security.Principal;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
 import javax.servlet.Filter;
-import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
 import javax.servlet.ServletException;
 
-import java.util.Arrays;
-import java.util.Set;
-
 public abstract class AbstractIdentityAssertionFilter extends AbstractIdentityAssertionBase
implements Filter {
 
   private static final GatewaySpiMessages LOG = MessagesFactory.get( GatewaySpiMessages.class
);
@@ -90,119 +69,4 @@ public abstract class AbstractIdentityAssertionFilter extends AbstractIdentityAs
   public void destroy() {
     
   }
-
-  /**
-   * Recreate the current Subject based upon the provided mappedPrincipal
-   * and look for the groups that should be associated with the new Subject.
-   * Upon finding groups mapped to the principal - add them to the new Subject.
-   */
-  protected void continueChainAsPrincipal(final ServletRequest request, final ServletResponse
response, 
-      final FilterChain chain, String mappedPrincipalName) throws IOException, ServletException
{
-    Subject subject = null;
-    Principal impersonationPrincipal = null;
-    Principal primaryPrincipal = null;
-    
-    // get the current subject and determine whether we need another doAs with 
-    // an impersonatedPrincipal and/or mapped group principals
-    boolean impersonationNeeded = false;
-    boolean groupsMapped = false;
-    
-    // look up the current Java Subject and assosciated group principals
-    Subject currentSubject = Subject.getSubject(AccessController.getContext());
-    Set<?> currentGroups = currentSubject.getPrincipals(GroupPrincipal.class);
-    
-    primaryPrincipal = (PrimaryPrincipal) currentSubject.getPrincipals(PrimaryPrincipal.class).toArray()[0];
-    if (primaryPrincipal != null) {
-      if (!primaryPrincipal.getName().equals(mappedPrincipalName)) {
-        impersonationNeeded = true;
-        auditService.getContext().setProxyUsername( mappedPrincipalName );
-        auditor.audit( Action.IDENTITY_MAPPING, primaryPrincipal.getName(), ResourceType.PRINCIPAL,
ActionOutcome.SUCCESS );
-      }
-    }
-    else {
-      // something is amiss - authentication/federation providers should have run
-      // before identity assertion and should have ensured that the appropriate
-      // principals were added to the current subject
-      // TODO: log as appropriate
-      primaryPrincipal = new PrimaryPrincipal(((HttpServletRequest) request).getUserPrincipal().getName());
-    }
-    
-    groupsMapped = areGroupsMappedForPrincipal(mappedPrincipalName) || !currentGroups.isEmpty();
-    
-    if (impersonationNeeded || groupsMapped) {
-      // gonna need a new subject and doAs
-      subject = new Subject();
-      Set<Principal> principals = subject.getPrincipals();
-      principals.add(primaryPrincipal);
-      
-      // map group principals from current Subject into newly created Subject
-      for (Object obj : currentGroups) {
-        principals.add((Principal)obj);
-      }
-      
-      if (impersonationNeeded) {
-        impersonationPrincipal = new ImpersonatedPrincipal(mappedPrincipalName);
-        subject.getPrincipals().add(impersonationPrincipal);
-      }
-      if (groupsMapped) {
-        addMappedGroupsToSubject(mappedPrincipalName, subject);
-        addMappedGroupsToSubject("*", subject);
-      }
-      doAs(request, response, chain, subject);
-    }
-    else {
-      doFilterInternal(request, response, chain);
-    }
-  }
-
-  private void doAs(final ServletRequest request,
-      final ServletResponse response, final FilterChain chain, Subject subject)
-      throws IOException, ServletException {
-    try {
-      Subject.doAs(
-          subject,
-          new PrivilegedExceptionAction<Object>() {
-            public Object run() throws Exception {
-              doFilterInternal(request, response, chain);
-              return null;
-            }
-          }
-          );
-    }
-    catch (PrivilegedActionException e) {
-      Throwable t = e.getCause();
-      if (t instanceof IOException) {
-        throw (IOException) t;
-      }
-      else if (t instanceof ServletException) {
-        throw (ServletException) t;
-      }
-      else {
-        throw new ServletException(t);
-      }
-    }
-  }
-
-  private void addMappedGroupsToSubject(String mappedPrincipalName, Subject subject) {
-    String[] groups = mapper.mapGroupPrincipal(mappedPrincipalName);
-    if (groups != null) {
-      auditor.audit( Action.IDENTITY_MAPPING, mappedPrincipalName, ResourceType.PRINCIPAL,
ActionOutcome.SUCCESS, RES.groupsList( Arrays.toString( groups ) ) );
-      for (int i = 0; i < groups.length; i++) {
-        subject.getPrincipals().add(new GroupPrincipal(groups[i]));
-      }
-    }
-  }
-  
-  private boolean areGroupsMappedForPrincipal(String principalName) {
-    boolean mapped = false;
-    mapped = (mapper.mapGroupPrincipal(principalName) != null ? true : false);
-    if (!mapped) {
-      mapped = (mapper.mapGroupPrincipal("*") != null ? true : false);
-    }
-    return mapped;
-  }
-
-  private void doFilterInternal(ServletRequest request, ServletResponse response, FilterChain
chain) throws IOException, ServletException {
-    chain.doFilter(request, response);
-  }
 }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/security/principal/PrincipalMapper.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/security/principal/PrincipalMapper.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/security/principal/PrincipalMapper.java
index 660f228..bc70a3d 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/security/principal/PrincipalMapper.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/security/principal/PrincipalMapper.java
@@ -23,22 +23,30 @@ public interface PrincipalMapper {
    * Load the internal principal mapping table from the provided
    * string value which conforms to the following semicolon delimited format:
    * actual[,another-actual]=mapped;...
+   *
+   * @param principalMapping semicolon delimited format of principal mapping
+   * @param groupMapping semicolon delimited format of principal mapping
+   * @throws PrincipalMappingException Exception if principal mapping cannot be loaded
    */
-  public abstract void loadMappingTable(String principalMapping, String groupMapping)
+  void loadMappingTable(String principalMapping, String groupMapping)
       throws PrincipalMappingException;
 
   /**
    * Acquire a mapped principal name from the mapping table
    * as appropriate. Otherwise, the provided principalName
    * will be used.
+   *
+   * @param principalName principal name to look up in the mapping table
    * @return principal name to be used in the assertion
    */
-  public abstract String mapUserPrincipal(String principalName);
+  String mapUserPrincipal(String principalName);
 
   /**
    * Acquire array of group principal names from the mapping table
    * as appropriate. Otherwise, return null.
+   *
+   * @param principalName principal name to look up in the mapping table
    * @return group principal names to be used in the assertion
    */
-  public abstract String[] mapGroupPrincipal(String principalName);
+  String[] mapGroupPrincipal(String principalName);
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/services/ServerInfoService.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/services/ServerInfoService.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/services/ServerInfoService.java
index 31f448f..2cb2f01 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/services/ServerInfoService.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/services/ServerInfoService.java
@@ -24,11 +24,13 @@ package org.apache.knox.gateway.services;
 public interface ServerInfoService extends Service {
   /**
    * Get the build version for the server instance
+   * @return build version
    */
   String getBuildVersion();
   
   /**
    * Get the build hash for the server instance
+   * @return build hash
    */
   String getBuildHash();
 }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java
index 20e98ee..ab57f8a 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/impl/X509CertificateUtil.java
@@ -26,7 +26,6 @@ import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.math.BigInteger;
 import java.nio.charset.StandardCharsets;
-import java.security.GeneralSecurityException;
 import java.security.KeyPair;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
@@ -54,15 +53,15 @@ public class X509CertificateUtil {
    * @param pair the KeyPair
    * @param days how many days from now the Certificate is valid for
    * @param algorithm the signing algorithm, eg "SHA1withRSA"
+   * @return self-signed X.509 certificate
    */
-  public static X509Certificate generateCertificate(String dn, KeyPair pair,
-   int days, String algorithm) throws GeneralSecurityException, IOException {
+  public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String
algorithm) {
 
   PrivateKey privkey = pair.getPrivate();
   Object x509CertImplObject = null;
   try {
     Date from = new Date();
-    Date to = new Date(from.getTime() + days * 86400000l);
+    Date to = new Date(from.getTime() + days * 86400000L);
 
     Class<?> certInfoClass = Class.forName(getX509CertInfoModuleName());
     Constructor<?> certInfoConstr = certInfoClass.getConstructor();

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/token/TokenServiceException.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/token/TokenServiceException.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/token/TokenServiceException.java
index 67869fe..cd584c0 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/token/TokenServiceException.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/services/security/token/TokenServiceException.java
@@ -28,9 +28,6 @@ public class TokenServiceException extends Exception {
     super(message, e);
   }
 
-  /**
-   * 
-   */
   public TokenServiceException(String message) {
     super(message);
   }

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ClusterConfigurationMonitor.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ClusterConfigurationMonitor.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ClusterConfigurationMonitor.java
index ca31c2e..5e9b957 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ClusterConfigurationMonitor.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ClusterConfigurationMonitor.java
@@ -36,11 +36,14 @@ public interface ClusterConfigurationMonitor {
 
     /**
      * Register for notifications from the monitor.
+     * @param listener ConfigurationChangeListener
      */
     void addListener(ConfigurationChangeListener listener);
 
     /**
      * Clear the configuration data cache for the specified source and cluster name.
+     * @param source source to clear for
+     * @param clusterName clusterName to clear for
      */
     void clearCache(String source, String clusterName);
 

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ServiceDiscovery.java
----------------------------------------------------------------------
diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ServiceDiscovery.java
b/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ServiceDiscovery.java
index 932efcf..50c3af6 100644
--- a/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ServiceDiscovery.java
+++ b/gateway-spi/src/main/java/org/apache/knox/gateway/topology/discovery/ServiceDiscovery.java
@@ -41,6 +41,7 @@ public interface ServiceDiscovery {
     /**
      * Discover details of all the clusters known to the target registry.
      *
+     * @param gwConfig The gateway configuration
      * @param config The configuration for the discovery invocation
      *
      * @return A Map of the discovered service data, keyed by the cluster name.
@@ -51,6 +52,7 @@ public interface ServiceDiscovery {
     /**
      * Discover details for a single cluster.
      *
+     * @param gwConfig The gateway configuration
      * @param config The configuration for the discovery invocation
      * @param clusterName The name of a particular cluster
      *

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-test/src/test/java/org/apache/knox/gateway/SimpleDescriptorHandlerFuncTest.java
----------------------------------------------------------------------
diff --git a/gateway-test/src/test/java/org/apache/knox/gateway/SimpleDescriptorHandlerFuncTest.java
b/gateway-test/src/test/java/org/apache/knox/gateway/SimpleDescriptorHandlerFuncTest.java
index 7a6f82e..f7c2103 100644
--- a/gateway-test/src/test/java/org/apache/knox/gateway/SimpleDescriptorHandlerFuncTest.java
+++ b/gateway-test/src/test/java/org/apache/knox/gateway/SimpleDescriptorHandlerFuncTest.java
@@ -106,7 +106,7 @@ public class SimpleDescriptorHandlerFuncTest {
           "    </gateway>\n";
 
 
-  /**
+  /*
    * KNOX-1136
    * <p>
    * Test that a credential store is created, and a encryptQueryString alias is defined,
with a password that is not

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/AuditService.java
----------------------------------------------------------------------
diff --git a/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/AuditService.java
b/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/AuditService.java
index d0312a4..7b8dc06 100644
--- a/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/AuditService.java
+++ b/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/AuditService.java
@@ -60,6 +60,7 @@ public interface AuditService {
    * @param auditorName The name of auditor. Can be used to separate audit events to different
destinations. For example security audit, operations audit, etc
    * @param componentName The name of component that will be placed used in every audit event
generated by {@link Auditor Auditor} instance
    * @param serviceName The name of service that will be placed used in every audit event
generated by {@link Auditor Auditor} instance
+   * @return Auditor configured with the component and service names. Will never be null.
    */
   Auditor getAuditor( String auditorName, String componentName, String serviceName );
 
@@ -67,6 +68,7 @@ public interface AuditService {
    * Executes the callable within the provided audit context.
    * The provided context is attached and detached around the invocation of the callable.
    *
+   * @param <T> Type of callable
    * @param context The context to establish around the invocation of the callable.  May
not be null.
    * @param callable The callable to invoke after establishing the correlation context. 
May not be null.
    * @return The result of the callable's call method.

http://git-wip-us.apache.org/repos/asf/knox/blob/e5a3ab60/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/CorrelationService.java
----------------------------------------------------------------------
diff --git a/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/CorrelationService.java
b/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/CorrelationService.java
index 9e87685..9d8f721 100644
--- a/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/CorrelationService.java
+++ b/gateway-util-common/src/main/java/org/apache/knox/gateway/audit/api/CorrelationService.java
@@ -65,6 +65,7 @@ public interface CorrelationService {
    * The provided context is attached and detached around the invocation of the callable.
    * @param context The correlation context to establish around the invocation of the callable.
 May not be null.
    * @param callable The callable to invoke after establishing the correlation context. 
May not be null.
+   * @param <T> Type of callable
    * @return The result of the callable's call method.
    * @throws Exception Thrown if thrown by the callable's call method.
    */


Mime
View raw message