New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KNOX-2631 - Webshell #639
KNOX-2631 - Webshell #639
Conversation
…n logic, WebshellWebsocketAdapter extend ProxyWebSocketAdapter
… in WebshellWebsocketAdapater;
# Conflicts: # pom.xml
2769e0b
to
3e8e0c0
Compare
3e8e0c0
to
554c9b3
Compare
554c9b3
to
2120e93
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, asked some questions and we need to update the LICENSE file for pty4j EPLv1 license.
gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java
Outdated
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandler.java
Outdated
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/websockets/JWTValidator.java
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/websockets/JWTValidatorFactory.java
Show resolved
Hide resolved
...way-server/src/test/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandlerTest.java
Show resolved
Hide resolved
...way-server/src/test/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandlerTest.java
Show resolved
Hide resolved
Thanks @lmccay ! For license I added Pty4j to the existing EPLv1 license text, is that fine or should I be copying the entire license text? There is no language in the license that indicates I need a separate copy as long as we clearly indicate that Pty4j uses EPLv1 license (followed by the license text) |
# Conflicts: # gateway-release/pom.xml
…nt webshell sessions property
gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java
Outdated
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/config/impl/GatewayConfigImpl.java
Outdated
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/deploy/DeploymentFactory.java
Outdated
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/webshell/ConnectionInfo.java
Outdated
Show resolved
Hide resolved
gateway-server/src/main/java/org/apache/knox/gateway/webshell/ConnectionInfo.java
Outdated
Show resolved
Hide resolved
...way-server/src/test/java/org/apache/knox/gateway/websockets/GatewayWebsocketHandlerTest.java
Outdated
Show resolved
Hide resolved
gateway-server/src/test/java/org/apache/knox/gateway/webshell/WebshellWebsocketAdapterTest.java
Outdated
Show resolved
Hide resolved
knox-homepage-ui/home/app/generalProxyInformation/general.proxy.information.component.ts
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
What changes were proposed in this pull request?
This feature enables shell access to the machine running Apache Knox. Users can SSO into Knox and then access shell using the KnoxShell URL on knox homepage.
Configuration:
Webshell is not turned on by default. To enable Webshell following properties needs to be changed in gateway-site.xml
Create a sudoers file
/etc/sudoers.d/knox
with entries for all the users that need webshell acess. e.g. the following config file let's usersam
login to webshell. Further restrictions on what usersam
can do can be performed with sudoers file. More info: https://linux.die.net/man/5/sudoers
How was this patch tested?
This patch was tested on my local machine.