The following is where most of the service tests go that need to test expectations of the rewrite rules and dispatch classes within the definition for a given service: https://github.com/apache/knox/blob/master/gateway-test/src/test/java/org/apache/hadoop/gateway/GatewayBasicFuncTest.java
This is especially important for when there are nuances to what rewrite or dispatch need to do.
Ah ok I'll take a look.
That said, there are still a few things about he POC that needs to be addressed:
1. It seems that the solr definition provided in your POC is really only for the UI. So, there needs to be a corresponding REST API definition as well. This is generally done with a SOLRUI and SOLR service pair.
Is it possible to have one service? There really isn't a difference between the Solr UI and the APIs. It would be awesome to be able to visit a single Knox endpoint for both. Below expands a bit more on the relationship between the UI and the APIs and maybe that helps.
2. The current definition is using the Anonymous authentication provider. This is commonly used for UIs that provide their own authentication with form-based login, HTTP basic auth or even with KnoxSSO integration, etc. It doesn't look like solr UI is doing any authentication for the user. Unauthenticated UI access should be avoided. We should discuss what is needed there further.
Ah wasn't really sure what that was for other than just copied from the proxying UI page. Right now with the basic setup there is no UI authentication. Solr really doesn't support UI authentication per say. The authentication is actually at the API layer itself. The UI really just needs rewriting. The APIs have support for basic and SPNEGO Kerberos authentication if you enable it in Solr (not the easiest to do right now, but possible).
3. The dispatch being used is another common one for UIs and won't likely be sufficient for REST APIs though we can discuss that as well. It depends on what straight API access requires as far as credentials or identity propagation.
Just to provide a little more background on the Solr UI, it really just calls out to the Solr REST APIs and otherwise is just an angular UI.
4. I need some clarity on the topology service descriptor. The URL within the default.xml topology for the service seems strange (I probably just need it explained to me) and there doesn't seem to be any HA specific URLs. I expected to see multiple URLs or Zookeeper specifics for determining the URLs, etc.
Right now for the quick demo there is only one Solr host. Each host in a Solr cluster knows how to forward requests to the right host. This means that Knox just needs to be able to pick one available host. I have tested this a little by just adding another url and Knox "does the right thing". I am using the Knox built in HA provider to do failover if it determines the first URL is down.
The Solr url format is as follows:
The /solr is hardcoded with Solr 5.x+ since it is meant to be run as is. The docker example has a format that looks a bit weird since the name I gave the Solr container is "solr".