7/10/2017 6:55:23 PM
on java compiler including info on -Werror flag:
http://docs.oracle.com/javase/7/docs/technotes/tools/windows/javac.html
|
7/10/2017 6:49:11 PM
been scraped and wasn't implemented in totality. Removing dead code.
|
|
|
6/29/2017 10:42:44 PM
from running Azkaban flows (#1257)
* Issue #1256 - enabling config setting to prevent service users from running Azkaban flows
|
|
|
6/28/2017 8:28:12 PM
(#1253)
|
6/28/2017 7:16:38 PM
(#1255)
The current code uses the `SERVICE_PROVIDER` interface to fetch dependencies for the Web Server. Refactored the code to enable parameterized dependency injection from the construction which is the standard way of declaring dependencies. In the process, removed legacy constructor from `AzkabanWebServer` and removed legacy class `AzkabanServletContextListener` which is no longer being used.
Injection sanity tests already exist in the code. Tested solo server and it works as well.
|
|
|
6/27/2017 7:04:20 PM
to #990
Users currently can login by passing their credentials through the query string in the URI in this method:
curl -X POST http://localhost:8081/?action=login\&username=azkaban\&password=azkaban
This leads to sensitive information being logged in access logs and overall isn't a secure method of logging in.
This PR fails these attempts and returns an appropriate warning to users. It also stops the query string from being logged when these requests are made.
This PR includes testing to replicate this user behavior for future regression testing.
|
6/23/2017 3:13:24 PM
JSON blob (#1250)
submitted user should be deserialized from JSON instead of a constant value.
|
