Review Board 1.7.22


SQOOP-941 Do not send sensitive values from server to client

Review Request #9911 - Created March 13, 2013 and submitted

Abraham Elmahrek
SQOOP-941
Reviewers
Sqoop
jarcec
sqoop-sqoop2
commit 4e294831ca2ab0b20e5f2dd16017b7ca28b4d0db
Author: Abraham Elmahrek <abraham@elmahrek.com>
Date:   Wed Mar 13 14:51:06 2013 -0700

    SQOOP-941 Do not send sensitive values from server to client
    
    Remove sensitive string values from metadata sent to clients.
    Add sensitivity filter (boolean parameter) when extracting forms.

:100644 100644 57486b1... a69e009... M  client/src/main/java/org/apache/sqoop/client/request/ConnectionRequest.java
:100644 100644 499ebeb... 55ba9db... M  client/src/main/java/org/apache/sqoop/client/request/JobRequest.java
:100644 100644 dbc0f93... b4e986a... M  common/src/main/java/org/apache/sqoop/json/ConnectionBean.java
:100644 100644 601040d... cbe049a... M  common/src/main/java/org/apache/sqoop/json/ConnectorBean.java
:100644 100644 4e07b6c... ad4753b... M  common/src/main/java/org/apache/sqoop/json/FrameworkBean.java
:100644 100644 a16c06e... a830646... M  common/src/main/java/org/apache/sqoop/json/JobBean.java
:100644 100644 074a579... 8189259... M  common/src/main/java/org/apache/sqoop/json/JsonBean.java
:100644 100644 9d8011b... 1ef72eb... M  common/src/main/java/org/apache/sqoop/json/SubmissionBean.java
:100644 100644 4bb0ffc... 86b637a... M  common/src/main/java/org/apache/sqoop/json/ThrowableBean.java
:100644 100644 747a228... fd36825... M  common/src/main/java/org/apache/sqoop/json/ValidationBean.java
:100644 100644 c37b2cc... 029a776... M  common/src/main/java/org/apache/sqoop/json/VersionBean.java
:100644 100644 8b40a54... 3f8f985... M  common/src/main/java/org/apache/sqoop/json/util/FormSerialization.java
:100644 100644 1322dd3... 58b7cbe... M  common/src/test/java/org/apache/sqoop/json/TestConnectionBean.java
:100644 100644 38cdb7e... e078474... M  common/src/test/java/org/apache/sqoop/json/TestConnectorBean.java
:100644 100644 5aa581b... 5cc110a... M  common/src/test/java/org/apache/sqoop/json/TestFrameworkBean.java
:100644 100644 3ea30ce... 6af1d8b... M  common/src/test/java/org/apache/sqoop/json/TestJobBean.java
:100644 100644 7c77db6... 6ee9aa1... M  common/src/test/java/org/apache/sqoop/json/TestSubmissionBean.java
:100644 100644 88267d1... 0cf0651... M  common/src/test/java/org/apache/sqoop/json/TestThrowableBean.java
:100644 100644 7dab5a4... b88d7a4... M  common/src/test/java/org/apache/sqoop/json/TestUtil.java
:100644 100644 ebcb749... 95ea6e1... M  common/src/test/java/org/apache/sqoop/json/TestValidationBean.java
:100644 100644 dc0764e... 896c605... M  server/src/main/java/org/apache/sqoop/server/SqoopProtocolServlet.java
Updated unit tests and ran all unit tests.
client/src/main/java/org/apache/sqoop/client/request/ConnectionRequest.java
Revision 57486b146f45235ea5a75cabec861da4c38672c4 New Change
[20] 46 lines
[+20] [+] public ConnectionBean read(String serverUrl, Long xid) {
47
  }
47
  }
48

    
   
48

   
49
  public ValidationBean create(String serverUrl, MConnection connection) {
49
  public ValidationBean create(String serverUrl, MConnection connection) {
50

    
   
50

   
51
    ConnectionBean connectionBean = new ConnectionBean(connection);
51
    ConnectionBean connectionBean = new ConnectionBean(connection);
52
    JSONObject connectionJson = connectionBean.extract();

   
53

    
   
52

   

    
   
53
    // Extract all form inputs including sensitive inputs

    
   
54
    JSONObject connectionJson = connectionBean.extract(false);

    
   
55

   
54
    String response = super.post(serverUrl + RESOURCE,
56
    String response = super.post(serverUrl + RESOURCE,
55
                                 connectionJson.toJSONString());
57
                                 connectionJson.toJSONString());
56

    
   
58

   
57
    ValidationBean validationBean = new ValidationBean();
59
    ValidationBean validationBean = new ValidationBean();
58
    validationBean.restore((JSONObject) JSONValue.parse(response));
60
    validationBean.restore((JSONObject) JSONValue.parse(response));
59

    
   
61

   
60
    return validationBean;
62
    return validationBean;
61
  }
63
  }
62

    
   
64

   
63
  public ValidationBean update(String serverUrl, MConnection connection) {
65
  public ValidationBean update(String serverUrl, MConnection connection) {
64

    
   
66

   
65
    ConnectionBean connectionBean = new ConnectionBean(connection);
67
    ConnectionBean connectionBean = new ConnectionBean(connection);
66
    JSONObject connectionJson = connectionBean.extract();

   
67

    
   
68

   

    
   
69
    // Extract all form inputs including sensitive inputs

    
   
70
    JSONObject connectionJson = connectionBean.extract(false);

    
   
71

   
68
    String response = super.put(serverUrl + RESOURCE
72
    String response = super.put(serverUrl + RESOURCE
69
                                  + connection.getPersistenceId(),
73
                                  + connection.getPersistenceId(),
70
                                connectionJson.toJSONString());
74
                                connectionJson.toJSONString());
71

    
   
75

   
72
    ValidationBean validationBean = new ValidationBean();
76
    ValidationBean validationBean = new ValidationBean();
[+20] [20] 9 lines
client/src/main/java/org/apache/sqoop/client/request/JobRequest.java
Revision 499ebebc64e0d306f199b6729e49fdffed604382 New Change
 
common/src/main/java/org/apache/sqoop/json/ConnectionBean.java
Revision dbc0f935bfbe7c164c79f51a49f5704f31a309a2 New Change
 
common/src/main/java/org/apache/sqoop/json/ConnectorBean.java
Revision 601040dced830fdd5509eb3d7f47f8b0ba535ac6 New Change
 
common/src/main/java/org/apache/sqoop/json/FrameworkBean.java
Revision 4e07b6cd77b48ff58df9210da43adba82fd492d3 New Change
 
common/src/main/java/org/apache/sqoop/json/JobBean.java
Revision a16c06e2177d7e1dacd05976d91f4484a8957ea4 New Change
 
common/src/main/java/org/apache/sqoop/json/JsonBean.java
Revision 074a5796135f32c7d3e03f2223601e50b8b628ba New Change
 
common/src/main/java/org/apache/sqoop/json/SubmissionBean.java
Revision 9d8011bee92519e74c0a2813e3ddd108615390dd New Change
 
common/src/main/java/org/apache/sqoop/json/ThrowableBean.java
Revision 4bb0ffc39be0b648d8270400b5348f74f333c0fb New Change
 
common/src/main/java/org/apache/sqoop/json/ValidationBean.java
Revision 747a228084e0079a1c687226cfaecfc6b7ba61bb New Change
 
common/src/main/java/org/apache/sqoop/json/VersionBean.java
Revision c37b2cca53ce41c2594759838b16f43390f78841 New Change
 
common/src/main/java/org/apache/sqoop/json/util/FormSerialization.java
Revision 8b40a547e230793a922cb97dd7f7031cb3e94712 New Change
 
common/src/test/java/org/apache/sqoop/json/TestConnectionBean.java
Revision 1322dd3d64f072f9a93d9ef5bfccbfb9aff0556b New Change
 
common/src/test/java/org/apache/sqoop/json/TestConnectorBean.java
Revision 38cdb7e1d97ac4a7c53cb7e13184bb8433b06874 New Change
 
common/src/test/java/org/apache/sqoop/json/TestFrameworkBean.java
Revision 5aa581bb3f0a4542352a47e27bc1eb53acb955ce New Change
 
common/src/test/java/org/apache/sqoop/json/TestJobBean.java
Revision 3ea30cea6b1a175092645b8c2951045f8465df92 New Change
 
common/src/test/java/org/apache/sqoop/json/TestSubmissionBean.java
Revision 7c77db6b6c746a5010a21fa4b92311706e553992 New Change
 
common/src/test/java/org/apache/sqoop/json/TestThrowableBean.java
Revision 88267d1a730089adf6b72fb38afce61c13d25858 New Change
 
common/src/test/java/org/apache/sqoop/json/TestUtil.java
Revision 7dab5a468322245bb92384ec180066efd5b3c1c3 New Change
 
common/src/test/java/org/apache/sqoop/json/TestValidationBean.java
Revision ebcb7492219dcab580f351f330b4eb7cbc277f35 New Change
 
server/src/main/java/org/apache/sqoop/server/SqoopProtocolServlet.java
Revision dc0764e927289a1b9979a2a7bff08cbb019f6618 New Change
 
  1. client/src/main/java/org/apache/sqoop/client/request/ConnectionRequest.java: Loading...
  2. client/src/main/java/org/apache/sqoop/client/request/JobRequest.java: Loading...
  3. common/src/main/java/org/apache/sqoop/json/ConnectionBean.java: Loading...
  4. common/src/main/java/org/apache/sqoop/json/ConnectorBean.java: Loading...
  5. common/src/main/java/org/apache/sqoop/json/FrameworkBean.java: Loading...
  6. common/src/main/java/org/apache/sqoop/json/JobBean.java: Loading...
  7. common/src/main/java/org/apache/sqoop/json/JsonBean.java: Loading...
  8. common/src/main/java/org/apache/sqoop/json/SubmissionBean.java: Loading...
  9. common/src/main/java/org/apache/sqoop/json/ThrowableBean.java: Loading...
  10. common/src/main/java/org/apache/sqoop/json/ValidationBean.java: Loading...
  11. common/src/main/java/org/apache/sqoop/json/VersionBean.java: Loading...
  12. common/src/main/java/org/apache/sqoop/json/util/FormSerialization.java: Loading...
  13. common/src/test/java/org/apache/sqoop/json/TestConnectionBean.java: Loading...
  14. common/src/test/java/org/apache/sqoop/json/TestConnectorBean.java: Loading...
  15. common/src/test/java/org/apache/sqoop/json/TestFrameworkBean.java: Loading...
  16. common/src/test/java/org/apache/sqoop/json/TestJobBean.java: Loading...
  17. common/src/test/java/org/apache/sqoop/json/TestSubmissionBean.java: Loading...
  18. common/src/test/java/org/apache/sqoop/json/TestThrowableBean.java: Loading...
  19. common/src/test/java/org/apache/sqoop/json/TestUtil.java: Loading...
  20. common/src/test/java/org/apache/sqoop/json/TestValidationBean.java: Loading...
  21. server/src/main/java/org/apache/sqoop/server/SqoopProtocolServlet.java: Loading...