zeppelin-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jongy...@apache.org
Subject [16/49] zeppelin git commit: [ZEPPELIN-3740] Adopt `google-java-format` and `fmt-maven-plugin`
Date Sun, 26 Aug 2018 04:43:59 GMT
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-plugins/notebookrepo/s3/src/main/java/org/apache/zeppelin/notebook/repo/S3NotebookRepo.java
----------------------------------------------------------------------
diff --git a/zeppelin-plugins/notebookrepo/s3/src/main/java/org/apache/zeppelin/notebook/repo/S3NotebookRepo.java b/zeppelin-plugins/notebookrepo/s3/src/main/java/org/apache/zeppelin/notebook/repo/S3NotebookRepo.java
index 364943c..21363d8 100644
--- a/zeppelin-plugins/notebookrepo/s3/src/main/java/org/apache/zeppelin/notebook/repo/S3NotebookRepo.java
+++ b/zeppelin-plugins/notebookrepo/s3/src/main/java/org/apache/zeppelin/notebook/repo/S3NotebookRepo.java
@@ -17,6 +17,26 @@
 
 package org.apache.zeppelin.notebook.repo;
 
+import com.amazonaws.AmazonClientException;
+import com.amazonaws.ClientConfiguration;
+import com.amazonaws.ClientConfigurationFactory;
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
+import com.amazonaws.regions.Region;
+import com.amazonaws.regions.Regions;
+import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.AmazonS3Client;
+import com.amazonaws.services.s3.AmazonS3EncryptionClient;
+import com.amazonaws.services.s3.model.CryptoConfiguration;
+import com.amazonaws.services.s3.model.EncryptionMaterialsProvider;
+import com.amazonaws.services.s3.model.GetObjectRequest;
+import com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider;
+import com.amazonaws.services.s3.model.ListObjectsRequest;
+import com.amazonaws.services.s3.model.ObjectListing;
+import com.amazonaws.services.s3.model.ObjectMetadata;
+import com.amazonaws.services.s3.model.PutObjectRequest;
+import com.amazonaws.services.s3.model.S3Object;
+import com.amazonaws.services.s3.model.S3ObjectSummary;
 import java.io.File;
 import java.io.FileOutputStream;
 import java.io.IOException;
@@ -27,7 +47,6 @@ import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
-
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -35,36 +54,11 @@ import org.apache.zeppelin.conf.ZeppelinConfiguration;
 import org.apache.zeppelin.conf.ZeppelinConfiguration.ConfVars;
 import org.apache.zeppelin.notebook.Note;
 import org.apache.zeppelin.notebook.NoteInfo;
-import org.apache.zeppelin.notebook.Paragraph;
-import org.apache.zeppelin.scheduler.Job.Status;
 import org.apache.zeppelin.user.AuthenticationInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.amazonaws.AmazonClientException;
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.ClientConfigurationFactory;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
-import com.amazonaws.services.s3.AmazonS3;
-import com.amazonaws.services.s3.AmazonS3Client;
-import com.amazonaws.services.s3.AmazonS3EncryptionClient;
-import com.amazonaws.services.s3.model.CryptoConfiguration;
-import com.amazonaws.services.s3.model.EncryptionMaterialsProvider;
-import com.amazonaws.services.s3.model.GetObjectRequest;
-import com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider;
-import com.amazonaws.services.s3.model.ListObjectsRequest;
-import com.amazonaws.services.s3.model.ObjectListing;
-import com.amazonaws.services.s3.model.ObjectMetadata;
-import com.amazonaws.services.s3.model.PutObjectRequest;
-import com.amazonaws.regions.Region;
-import com.amazonaws.regions.Regions;
-import com.amazonaws.services.s3.model.S3Object;
-import com.amazonaws.services.s3.model.S3ObjectSummary;
-
-/**
- * Backend for storing Notebooks on S3
- */
+/** Backend for storing Notebooks on S3 */
 public class S3NotebookRepo implements NotebookRepo {
   private static final Logger LOG = LoggerFactory.getLogger(S3NotebookRepo.class);
 
@@ -88,9 +82,7 @@ public class S3NotebookRepo implements NotebookRepo {
   private boolean useServerSideEncryption;
   private ZeppelinConfiguration conf;
 
-  public S3NotebookRepo() {
-
-  }
+  public S3NotebookRepo() {}
 
   public void init(ZeppelinConfiguration conf) throws IOException {
     this.conf = conf;
@@ -108,20 +100,18 @@ public class S3NotebookRepo implements NotebookRepo {
     }
 
     ClientConfiguration cliConf = createClientConfiguration();
-    
+
     // see if we should be encrypting data in S3
     String kmsKeyID = conf.getS3KMSKeyID();
     if (kmsKeyID != null) {
       // use the AWS KMS to encrypt data
       KMSEncryptionMaterialsProvider emp = new KMSEncryptionMaterialsProvider(kmsKeyID);
       this.s3client = new AmazonS3EncryptionClient(credentialsProvider, emp, cliConf, cryptoConf);
-    }
-    else if (conf.getS3EncryptionMaterialsProviderClass() != null) {
+    } else if (conf.getS3EncryptionMaterialsProviderClass() != null) {
       // use a custom encryption materials provider class
       EncryptionMaterialsProvider emp = createCustomProvider(conf);
       this.s3client = new AmazonS3EncryptionClient(credentialsProvider, emp, cliConf, cryptoConf);
-    }
-    else {
+    } else {
       // regular S3
       this.s3client = new AmazonS3Client(credentialsProvider, cliConf);
     }
@@ -131,8 +121,8 @@ public class S3NotebookRepo implements NotebookRepo {
   }
 
   /**
-   * Create an instance of a custom encryption materials provider class
-   * which supplies encryption keys to use when reading/writing data in S3.
+   * Create an instance of a custom encryption materials provider class which supplies encryption
+   * keys to use when reading/writing data in S3.
    */
   private EncryptionMaterialsProvider createCustomProvider(ZeppelinConfiguration conf)
       throws IOException {
@@ -143,15 +133,17 @@ public class S3NotebookRepo implements NotebookRepo {
       Object empInstance = Class.forName(empClassname).newInstance();
       if (empInstance instanceof EncryptionMaterialsProvider) {
         emp = (EncryptionMaterialsProvider) empInstance;
-      }
-      else {
-        throw new IOException("Class " + empClassname + " does not implement "
+      } else {
+        throw new IOException(
+            "Class "
+                + empClassname
+                + " does not implement "
                 + EncryptionMaterialsProvider.class.getName());
       }
-    }
-    catch (Exception e) {
-      throw new IOException("Unable to instantiate encryption materials provider class "
-              + empClassname + ": " + e, e);
+    } catch (Exception e) {
+      throw new IOException(
+          "Unable to instantiate encryption materials provider class " + empClassname + ": " + e,
+          e);
     }
 
     return emp;
@@ -159,6 +151,7 @@ public class S3NotebookRepo implements NotebookRepo {
 
   /**
    * Create AWS client configuration and return it.
+   *
    * @return AWS client configuration
    */
   private ClientConfiguration createClientConfiguration() {
@@ -178,9 +171,8 @@ public class S3NotebookRepo implements NotebookRepo {
     List<NoteInfo> infos = new LinkedList<>();
     NoteInfo info;
     try {
-      ListObjectsRequest listObjectsRequest = new ListObjectsRequest()
-              .withBucketName(bucketName)
-              .withPrefix(user + "/" + "notebook");
+      ListObjectsRequest listObjectsRequest =
+          new ListObjectsRequest().withBucketName(bucketName).withPrefix(user + "/" + "notebook");
       ObjectListing objectListing;
       do {
         objectListing = s3client.listObjects(listObjectsRequest);
@@ -204,8 +196,7 @@ public class S3NotebookRepo implements NotebookRepo {
     S3Object s3object;
     try {
       s3object = s3client.getObject(new GetObjectRequest(bucketName, key));
-    }
-    catch (AmazonClientException ace) {
+    } catch (AmazonClientException ace) {
       throw new IOException("Unable to retrieve object from S3: " + ace, ace);
     }
 
@@ -246,11 +237,9 @@ public class S3NotebookRepo implements NotebookRepo {
       }
 
       s3client.putObject(putRequest);
-    }
-    catch (AmazonClientException ace) {
+    } catch (AmazonClientException ace) {
       throw new IOException("Unable to store note in S3: " + ace, ace);
-    }
-    finally {
+    } finally {
       FileUtils.deleteQuietly(file);
     }
   }
@@ -258,8 +247,8 @@ public class S3NotebookRepo implements NotebookRepo {
   @Override
   public void remove(String noteId, AuthenticationInfo subject) throws IOException {
     String key = user + "/" + "notebook" + "/" + noteId;
-    final ListObjectsRequest listObjectsRequest = new ListObjectsRequest()
-        .withBucketName(bucketName).withPrefix(key);
+    final ListObjectsRequest listObjectsRequest =
+        new ListObjectsRequest().withBucketName(bucketName).withPrefix(key);
 
     try {
       ObjectListing objects = s3client.listObjects(listObjectsRequest);
@@ -269,15 +258,14 @@ public class S3NotebookRepo implements NotebookRepo {
         }
         objects = s3client.listNextBatchOfObjects(objects);
       } while (objects.isTruncated());
-    }
-    catch (AmazonClientException ace) {
+    } catch (AmazonClientException ace) {
       throw new IOException("Unable to remove note in S3: " + ace, ace);
     }
   }
 
   @Override
   public void close() {
-    //no-op
+    // no-op
   }
 
   @Override
@@ -290,5 +278,4 @@ public class S3NotebookRepo implements NotebookRepo {
   public void updateSettings(Map<String, String> settings, AuthenticationInfo subject) {
     LOG.warn("Method not implemented");
   }
-
 }

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-plugins/notebookrepo/vfs/src/main/java/org/apache/zeppelin/notebook/repo/VFSNotebookRepo.java
----------------------------------------------------------------------
diff --git a/zeppelin-plugins/notebookrepo/vfs/src/main/java/org/apache/zeppelin/notebook/repo/VFSNotebookRepo.java b/zeppelin-plugins/notebookrepo/vfs/src/main/java/org/apache/zeppelin/notebook/repo/VFSNotebookRepo.java
index 4294b86..8577554 100644
--- a/zeppelin-plugins/notebookrepo/vfs/src/main/java/org/apache/zeppelin/notebook/repo/VFSNotebookRepo.java
+++ b/zeppelin-plugins/notebookrepo/vfs/src/main/java/org/apache/zeppelin/notebook/repo/VFSNotebookRepo.java
@@ -17,7 +17,6 @@
 
 package org.apache.zeppelin.notebook.repo;
 
-import com.google.common.collect.Lists;
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
@@ -46,9 +45,7 @@ import org.apache.zeppelin.user.AuthenticationInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-/**
-*
-*/
+/** */
 public class VFSNotebookRepo implements NotebookRepo {
   private static final Logger LOG = LoggerFactory.getLogger(VFSNotebookRepo.class);
 
@@ -56,9 +53,7 @@ public class VFSNotebookRepo implements NotebookRepo {
   private URI filesystemRoot;
   protected ZeppelinConfiguration conf;
 
-  public VFSNotebookRepo() {
-
-  }
+  public VFSNotebookRepo() {}
 
   @Override
   public void init(ZeppelinConfiguration conf) throws IOException {
@@ -162,7 +157,7 @@ public class VFSNotebookRepo implements NotebookRepo {
     if (!noteJson.exists()) {
       throw new IOException(noteJson.getName().toString() + " not found");
     }
-    
+
     FileContent content = noteJson.getContent();
     InputStream ins = content.getInputStream();
     String json = IOUtils.toString(ins, conf.getString(ConfVars.ZEPPELIN_ENCODING));
@@ -242,7 +237,7 @@ public class VFSNotebookRepo implements NotebookRepo {
 
   @Override
   public void close() {
-    //no-op    
+    // no-op
   }
 
   @Override
@@ -273,14 +268,15 @@ public class VFSNotebookRepo implements NotebookRepo {
       LOG.error("Notebook path is invalid");
       return;
     }
-    LOG.warn("{} will change notebook dir from {} to {}",
-        subject.getUser(), getNotebookDirPath(), newNotebookDirectotyPath);
+    LOG.warn(
+        "{} will change notebook dir from {} to {}",
+        subject.getUser(),
+        getNotebookDirPath(),
+        newNotebookDirectotyPath);
     try {
       setNotebookDirectory(newNotebookDirectotyPath);
     } catch (IOException e) {
       LOG.error("Cannot update notebook directory", e);
     }
   }
-
 }
-

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-plugins/notebookrepo/vfs/src/test/java/org/apache/zeppelin/notebook/repo/TestVFSNotebookRepo.java
----------------------------------------------------------------------
diff --git a/zeppelin-plugins/notebookrepo/vfs/src/test/java/org/apache/zeppelin/notebook/repo/TestVFSNotebookRepo.java b/zeppelin-plugins/notebookrepo/vfs/src/test/java/org/apache/zeppelin/notebook/repo/TestVFSNotebookRepo.java
index 452adc0..72aaf74 100644
--- a/zeppelin-plugins/notebookrepo/vfs/src/test/java/org/apache/zeppelin/notebook/repo/TestVFSNotebookRepo.java
+++ b/zeppelin-plugins/notebookrepo/vfs/src/test/java/org/apache/zeppelin/notebook/repo/TestVFSNotebookRepo.java
@@ -17,7 +17,13 @@
 
 package org.apache.zeppelin.notebook.repo;
 
+import static org.junit.Assert.assertEquals;
+
 import com.google.common.collect.ImmutableMap;
+import java.io.File;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
 import org.apache.commons.io.FileUtils;
 import org.apache.zeppelin.conf.ZeppelinConfiguration;
 import org.apache.zeppelin.notebook.Note;
@@ -27,13 +33,6 @@ import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
 
-import java.io.File;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-
-import static org.junit.Assert.assertEquals;
-
 public class TestVFSNotebookRepo {
 
   private ZeppelinConfiguration zConf;
@@ -44,7 +43,8 @@ public class TestVFSNotebookRepo {
   public void setUp() throws IOException {
     notebookRepo = new VFSNotebookRepo();
     FileUtils.forceMkdir(new File(notebookDir));
-    System.setProperty(ZeppelinConfiguration.ConfVars.ZEPPELIN_NOTEBOOK_DIR.getVarName(), notebookDir);
+    System.setProperty(
+        ZeppelinConfiguration.ConfVars.ZEPPELIN_NOTEBOOK_DIR.getVarName(), notebookDir);
     zConf = new ZeppelinConfiguration();
     notebookRepo.init(zConf);
   }
@@ -91,7 +91,8 @@ public class TestVFSNotebookRepo {
 
   @Test
   public void testUpdateSettings() throws IOException {
-    List<NotebookRepoSettingsInfo> repoSettings = notebookRepo.getSettings(AuthenticationInfo.ANONYMOUS);
+    List<NotebookRepoSettingsInfo> repoSettings =
+        notebookRepo.getSettings(AuthenticationInfo.ANONYMOUS);
     assertEquals(1, repoSettings.size());
     NotebookRepoSettingsInfo settingInfo = repoSettings.get(0);
     assertEquals("Notebook Path", settingInfo.name);

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-plugins/notebookrepo/zeppelin-hub/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/ZeppelinHubRepo.java
----------------------------------------------------------------------
diff --git a/zeppelin-plugins/notebookrepo/zeppelin-hub/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/ZeppelinHubRepo.java b/zeppelin-plugins/notebookrepo/zeppelin-hub/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/ZeppelinHubRepo.java
index 9dd9fbf..adc54a1 100644
--- a/zeppelin-plugins/notebookrepo/zeppelin-hub/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/ZeppelinHubRepo.java
+++ b/zeppelin-plugins/notebookrepo/zeppelin-hub/src/main/java/org/apache/zeppelin/notebook/repo/zeppelinhub/ZeppelinHubRepo.java
@@ -16,22 +16,26 @@
  */
 package org.apache.zeppelin.notebook.repo.zeppelinhub;
 
+import com.google.common.base.Joiner;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.Lists;
+import com.google.gson.Gson;
+import com.google.gson.reflect.TypeToken;
 import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
-
 import org.apache.commons.lang.StringUtils;
 import org.apache.zeppelin.conf.ZeppelinConfiguration;
 import org.apache.zeppelin.notebook.Note;
 import org.apache.zeppelin.notebook.NoteInfo;
-import org.apache.zeppelin.notebook.repo.NotebookRepoWithVersionControl;
 import org.apache.zeppelin.notebook.repo.NotebookRepoSettingsInfo;
+import org.apache.zeppelin.notebook.repo.NotebookRepoWithVersionControl;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.model.Instance;
-import org.apache.zeppelin.notebook.repo.zeppelinhub.model.UserTokenContainer;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.model.UserSessionContainer;
+import org.apache.zeppelin.notebook.repo.zeppelinhub.model.UserTokenContainer;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.rest.ZeppelinhubRestApiHandler;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.websocket.Client;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.websocket.utils.ZeppelinhubUtils;
@@ -39,15 +43,7 @@ import org.apache.zeppelin.user.AuthenticationInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.google.common.base.Joiner;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.Lists;
-import com.google.gson.Gson;
-import com.google.gson.reflect.TypeToken;
-
-/**
- * ZeppelinHub repo class.
- */
+/** ZeppelinHub repo class. */
 public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
   private static final Logger LOG = LoggerFactory.getLogger(ZeppelinHubRepo.class);
   private static final String DEFAULT_SERVER = "https://www.zeppelinhub.com";
@@ -61,12 +57,10 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
 
   private String token;
   private ZeppelinhubRestApiHandler restApiClient;
-  
-  private ZeppelinConfiguration conf;
 
-  public ZeppelinHubRepo() {
+  private ZeppelinConfiguration conf;
 
-  }
+  public ZeppelinHubRepo() {}
 
   public ZeppelinHubRepo(ZeppelinConfiguration conf) {
     this();
@@ -80,11 +74,12 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
 
     token = conf.getString("ZEPPELINHUB_API_TOKEN", ZEPPELIN_CONF_PROP_NAME_TOKEN, "");
     restApiClient = ZeppelinhubRestApiHandler.newInstance(zeppelinHubUrl);
-    //TODO(khalid): check which realm for authentication, pass to token manager
+    // TODO(khalid): check which realm for authentication, pass to token manager
     tokenManager = UserTokenContainer.init(restApiClient, token);
 
-    websocketClient = Client.initialize(getZeppelinWebsocketUri(conf),
-        getZeppelinhubWebsocketUri(conf), token, conf);
+    websocketClient =
+        Client.initialize(
+            getZeppelinWebsocketUri(conf), getZeppelinhubWebsocketUri(conf), token, conf);
     websocketClient.start();
   }
 
@@ -97,8 +92,10 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     }
 
     if (scheme == null) {
-      LOG.info("{} is not a valid zeppelinhub server address. proceed with default address {}",
-          apiRoot, DEFAULT_SERVER);
+      LOG.info(
+          "{} is not a valid zeppelinhub server address. proceed with default address {}",
+          apiRoot,
+          DEFAULT_SERVER);
       apiRoot = new URI(DEFAULT_SERVER);
       scheme = apiRoot.getScheme();
       port = apiRoot.getPort();
@@ -113,8 +110,11 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
   String getZeppelinhubWebsocketUri(ZeppelinConfiguration conf) {
     String zeppelinHubUri = StringUtils.EMPTY;
     try {
-      zeppelinHubUri = getZeppelinHubWsUri(new URI(conf.getString("ZEPPELINHUB_API_ADDRESS",
-          ZEPPELIN_CONF_PROP_NAME_SERVER, DEFAULT_SERVER)));
+      zeppelinHubUri =
+          getZeppelinHubWsUri(
+              new URI(
+                  conf.getString(
+                      "ZEPPELINHUB_API_ADDRESS", ZEPPELIN_CONF_PROP_NAME_SERVER, DEFAULT_SERVER)));
     } catch (URISyntaxException e) {
       LOG.error("Cannot get ZeppelinHub URI", e);
     }
@@ -143,9 +143,8 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     URI apiRoot;
     String zeppelinhubUrl;
     try {
-      String url = conf.getString("ZEPPELINHUB_API_ADDRESS",
-                                  ZEPPELIN_CONF_PROP_NAME_SERVER,
-                                  DEFAULT_SERVER);
+      String url =
+          conf.getString("ZEPPELINHUB_API_ADDRESS", ZEPPELIN_CONF_PROP_NAME_SERVER, DEFAULT_SERVER);
       apiRoot = new URI(url);
     } catch (URISyntaxException e) {
       LOG.error("Invalid zeppelinhub url, using default address {}", DEFAULT_SERVER, e);
@@ -154,8 +153,10 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
 
     String scheme = apiRoot.getScheme();
     if (scheme == null) {
-      LOG.info("{} is not a valid zeppelinhub server address. proceed with default address {}",
-               apiRoot, DEFAULT_SERVER);
+      LOG.info(
+          "{} is not a valid zeppelinhub server address. proceed with default address {}",
+          apiRoot,
+          DEFAULT_SERVER);
       zeppelinhubUrl = DEFAULT_SERVER;
     } else {
       zeppelinhubUrl = scheme + "://" + apiRoot.getHost();
@@ -172,7 +173,7 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     }
     return (subject.isAnonymous() && !conf.isAnonymousAllowed()) ? false : true;
   }
-  
+
   @Override
   public List<NoteInfo> list(AuthenticationInfo subject) throws IOException {
     if (!isSubjectValid(subject)) {
@@ -238,7 +239,7 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     }
     String endpoint = Joiner.on("/").join(noteId, "checkpoint");
     String content = GSON.toJson(ImmutableMap.of("message", checkpointMsg));
-    
+
     String token = getUserToken(subject.getUser());
     String response = restApiClient.putWithResponseBody(token, endpoint, content);
 
@@ -272,13 +273,13 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     try {
       String token = getUserToken(subject.getUser());
       String response = restApiClient.get(token, endpoint);
-      history = GSON.fromJson(response, new TypeToken<List<Revision>>(){}.getType());
+      history = GSON.fromJson(response, new TypeToken<List<Revision>>() {}.getType());
     } catch (IOException e) {
       LOG.error("Cannot get note history", e);
     }
     return history;
   }
-  
+
   private String getUserToken(String user) {
     return tokenManager.getUserToken(user);
   }
@@ -299,13 +300,14 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     try {
       instances = tokenManager.getUserInstances(zeppelinHubUserSession);
     } catch (IOException e) {
-      LOG.warn("Couldnt find instances for the session {}, returning empty collection",
+      LOG.warn(
+          "Couldnt find instances for the session {}, returning empty collection",
           zeppelinHubUserSession);
       // user not logged
-      //TODO(xxx): handle this case.
+      // TODO(xxx): handle this case.
       instances = Collections.emptyList();
     }
-    
+
     NotebookRepoSettingsInfo repoSetting = NotebookRepoSettingsInfo.newInstance();
     repoSetting.type = NotebookRepoSettingsInfo.Type.DROPDOWN;
     for (Instance instance : instances) {
@@ -381,5 +383,4 @@ public class ZeppelinHubRepo implements NotebookRepoWithVersionControl {
     // Auto-generated method stub
     return null;
   }
-
 }

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/pom.xml
----------------------------------------------------------------------
diff --git a/zeppelin-server/pom.xml b/zeppelin-server/pom.xml
index 4eaedb2..d30060d 100644
--- a/zeppelin-server/pom.xml
+++ b/zeppelin-server/pom.xml
@@ -445,14 +445,6 @@
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-dependency-plugin</artifactId>
       </plugin>
-
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-checkstyle-plugin</artifactId>
-        <configuration>
-          <skip>false</skip>
-        </configuration>
-      </plugin>
     </plugins>
   </build>
 

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
index 41d9f5d..7d7d56b 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ActiveDirectoryGroupRealm.java
@@ -16,7 +16,23 @@
  */
 package org.apache.zeppelin.realm;
 
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
 import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.LdapContext;
 import org.apache.commons.lang.StringUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
@@ -34,29 +50,10 @@ import org.apache.shiro.subject.PrincipalCollection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedHashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.naming.ldap.LdapContext;
-
 /**
- * A {@link org.apache.shiro.realm.Realm} that authenticates with an active directory LDAP
- * server to determine the roles for a particular user.  This implementation
- * queries for the user's groups and then maps the group names to roles using the
- * {@link #groupRolesMap}.
+ * A {@link org.apache.shiro.realm.Realm} that authenticates with an active directory LDAP server to
+ * determine the roles for a particular user. This implementation queries for the user's groups and
+ * then maps the group names to roles using the {@link #groupRolesMap}.
  *
  * @since 0.1
  */
@@ -73,9 +70,9 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
   }
 
   /**
-   * Mapping from fully qualified active directory
-   * group names (e.g. CN=Group,OU=Company,DC=MyDomain,DC=local)
-   * as returned by the active directory LDAP server to role names.
+   * Mapping from fully qualified active directory group names (e.g.
+   * CN=Group,OU=Company,DC=MyDomain,DC=local) as returned by the active directory LDAP server to
+   * role names.
    */
   private Map<String, String> groupRolesMap = new LinkedHashMap<>();
 
@@ -109,10 +106,10 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
   }
 
   protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
-          throws AuthenticationException {
+      throws AuthenticationException {
     try {
-      AuthenticationInfo info = this.queryForAuthenticationInfo(token,
-          this.getLdapContextFactory());
+      AuthenticationInfo info =
+          this.queryForAuthenticationInfo(token, this.getLdapContextFactory());
       return info;
     } catch (javax.naming.AuthenticationException var5) {
       throw new AuthenticationException("LDAP authentication failed.", var5);
@@ -124,12 +121,15 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
 
   protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
     try {
-      AuthorizationInfo info = this.queryForAuthorizationInfo(principals,
-          this.getLdapContextFactory());
+      AuthorizationInfo info =
+          this.queryForAuthorizationInfo(principals, this.getLdapContextFactory());
       return info;
     } catch (NamingException var5) {
-      String msg = "LDAP naming error while attempting to " +
-          "retrieve authorization for user [" + principals + "].";
+      String msg =
+          "LDAP naming error while attempting to "
+              + "retrieve authorization for user ["
+              + principals
+              + "].";
       throw new AuthorizationException(msg, var5);
     }
   }
@@ -146,18 +146,18 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
 
   /**
    * Builds an {@link AuthenticationInfo} object by querying the active directory LDAP context for
-   * the specified username.  This method binds to the LDAP server using the provided username
-   * and password - which if successful, indicates that the password is correct.
-   * <p/>
-   * This method can be overridden by subclasses to query the LDAP server in a more complex way.
+   * the specified username. This method binds to the LDAP server using the provided username and
+   * password - which if successful, indicates that the password is correct.
    *
-   * @param token              the authentication token provided by the user.
+   * <p>This method can be overridden by subclasses to query the LDAP server in a more complex way.
+   *
+   * @param token the authentication token provided by the user.
    * @param ldapContextFactory the factory used to build connections to the LDAP server.
    * @return an {@link AuthenticationInfo} instance containing information retrieved from LDAP.
    * @throws NamingException if any LDAP errors occur during the search.
    */
-  protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token,
-          LdapContextFactory ldapContextFactory) throws NamingException {
+  protected AuthenticationInfo queryForAuthenticationInfo(
+      AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
     UsernamePasswordToken upToken = (UsernamePasswordToken) token;
 
     // Binds using the username and password provided by the user.
@@ -170,8 +170,7 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
       if (this.principalSuffix != null && userPrincipalName.indexOf('@') < 0) {
         userPrincipalName = upToken.getUsername() + this.principalSuffix;
       }
-      ctx = ldapContextFactory.getLdapContext(
-          userPrincipalName, upToken.getPassword());
+      ctx = ldapContextFactory.getLdapContext(userPrincipalName, upToken.getPassword());
     } finally {
       LdapUtils.closeContext(ctx);
     }
@@ -202,22 +201,23 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
 
   /**
    * Builds an {@link org.apache.shiro.authz.AuthorizationInfo} object by querying the active
-   * directory LDAP context for the groups that a user is a member of.  The groups are then
+   * directory LDAP context for the groups that a user is a member of. The groups are then
    * translated to role names by using the configured {@link #groupRolesMap}.
-   * <p/>
-   * This implementation expects the <tt>principal</tt> argument to be a String username.
-   * <p/>
-   * Subclasses can override this method to determine authorization data (roles, permissions, etc)
-   * in a more complex way.  Note that this default implementation does not support permissions,
+   *
+   * <p>This implementation expects the <tt>principal</tt> argument to be a String username.
+   *
+   * <p>Subclasses can override this method to determine authorization data (roles, permissions,
+   * etc) in a more complex way. Note that this default implementation does not support permissions,
    * only roles.
    *
-   * @param principals         the principal of the Subject whose account is being retrieved.
+   * @param principals the principal of the Subject whose account is being retrieved.
    * @param ldapContextFactory the factory used to create LDAP connections.
    * @return the AuthorizationInfo for the given Subject principal.
    * @throws NamingException if an error occurs when searching the LDAP server.
    */
-  protected AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals,
-          LdapContextFactory ldapContextFactory) throws NamingException {
+  protected AuthorizationInfo queryForAuthorizationInfo(
+      PrincipalCollection principals, LdapContextFactory ldapContextFactory)
+      throws NamingException {
     String username = (String) getAvailablePrincipal(principals);
 
     // Perform context search
@@ -238,9 +238,8 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
     return new SimpleAuthorizationInfo(roleNames);
   }
 
-  public List<String> searchForUserName(String containString, LdapContext ldapContext,
-      int numUsersToFetch)
-          throws NamingException {
+  public List<String> searchForUserName(
+      String containString, LdapContext ldapContext, int numUsersToFetch) throws NamingException {
     List<String> userNameList = new ArrayList<>();
 
     SearchControls searchCtls = new SearchControls();
@@ -248,10 +247,10 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
     searchCtls.setCountLimit(numUsersToFetch);
 
     String searchFilter = "(&(objectClass=*)(userPrincipalName=*" + containString + "*))";
-    Object[] searchArguments = new Object[]{containString};
+    Object[] searchArguments = new Object[] {containString};
 
-    NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments,
-        searchCtls);
+    NamingEnumeration answer =
+        ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls);
 
     while (answer.hasMoreElements()) {
       SearchResult sr = (SearchResult) answer.next();
@@ -285,7 +284,7 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
   }
 
   private Set<String> getRoleNamesForUser(String username, LdapContext ldapContext)
-          throws NamingException {
+      throws NamingException {
     Set<String> roleNames = new LinkedHashSet<>();
 
     SearchControls searchCtls = new SearchControls();
@@ -296,10 +295,10 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
     }
 
     String searchFilter = "(&(objectClass=*)(userPrincipalName=" + userPrincipalName + "))";
-    Object[] searchArguments = new Object[]{userPrincipalName};
+    Object[] searchArguments = new Object[] {userPrincipalName};
 
-    NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments,
-        searchCtls);
+    NamingEnumeration answer =
+        ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls);
 
     while (answer.hasMoreElements()) {
       SearchResult sr = (SearchResult) answer.next();
@@ -334,7 +333,7 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
 
   /**
    * This method is called by the default implementation to translate Active Directory group names
-   * to role names.  This implementation uses the {@link #groupRolesMap} to map group names to role
+   * to role names. This implementation uses the {@link #groupRolesMap} to map group names to role
    * names.
    *
    * @param groupNames the group names that apply to the current user.
@@ -350,12 +349,11 @@ public class ActiveDirectoryGroupRealm extends AbstractLdapRealm {
           for (String roleName : strRoleNames.split(ROLE_NAMES_DELIMETER)) {
 
             if (log.isDebugEnabled()) {
-              log.debug("User is member of group [" + groupName + "] so adding role [" +
-                  roleName + "]");
+              log.debug(
+                  "User is member of group [" + groupName + "] so adding role [" + roleName + "]");
             }
 
             roleNames.add(roleName);
-
           }
         }
       }

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapGroupRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapGroupRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapGroupRealm.java
index cdc2c22..06924dd 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapGroupRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapGroupRealm.java
@@ -16,18 +16,9 @@
  */
 package org.apache.zeppelin.realm;
 
-import org.apache.shiro.authz.AuthorizationInfo;
-import org.apache.shiro.authz.SimpleAuthorizationInfo;
-import org.apache.shiro.realm.ldap.JndiLdapRealm;
-import org.apache.shiro.realm.ldap.LdapContextFactory;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import java.util.HashSet;
 import java.util.LinkedHashSet;
 import java.util.Set;
-
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
@@ -35,23 +26,29 @@ import javax.naming.directory.Attributes;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.naming.ldap.LdapContext;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.ldap.JndiLdapRealm;
+import org.apache.shiro.realm.ldap.LdapContextFactory;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-/**
- * Created for org.apache.zeppelin.server.
- */
+/** Created for org.apache.zeppelin.server. */
 public class LdapGroupRealm extends JndiLdapRealm {
   private static final Logger LOG = LoggerFactory.getLogger(LdapGroupRealm.class);
 
-  public AuthorizationInfo queryForAuthorizationInfo(PrincipalCollection principals,
-          LdapContextFactory ldapContextFactory) throws NamingException {
+  public AuthorizationInfo queryForAuthorizationInfo(
+      PrincipalCollection principals, LdapContextFactory ldapContextFactory)
+      throws NamingException {
     String username = (String) getAvailablePrincipal(principals);
     LdapContext ldapContext = ldapContextFactory.getSystemLdapContext();
     Set<String> roleNames = getRoleNamesForUser(username, ldapContext, getUserDnTemplate());
     return new SimpleAuthorizationInfo(roleNames);
   }
 
-  public Set<String> getRoleNamesForUser(String username, LdapContext ldapContext,
-          String userDnTemplate) throws NamingException {
+  public Set<String> getRoleNamesForUser(
+      String username, LdapContext ldapContext, String userDnTemplate) throws NamingException {
     try {
       Set<String> roleNames = new LinkedHashSet<>();
 
@@ -59,13 +56,14 @@ public class LdapGroupRealm extends JndiLdapRealm {
       searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
 
       String searchFilter = "(&(objectClass=groupOfNames)(member=" + userDnTemplate + "))";
-      Object[] searchArguments = new Object[]{username};
+      Object[] searchArguments = new Object[] {username};
 
-      NamingEnumeration<?> answer = ldapContext.search(
-          String.valueOf(ldapContext.getEnvironment().get("ldap.searchBase")),
-          searchFilter,
-          searchArguments,
-          searchCtls);
+      NamingEnumeration<?> answer =
+          ldapContext.search(
+              String.valueOf(ldapContext.getEnvironment().get("ldap.searchBase")),
+              searchFilter,
+              searchArguments,
+              searchCtls);
 
       while (answer.hasMoreElements()) {
         SearchResult sr = (SearchResult) answer.next();

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapRealm.java
index 562ed96..c68ab35 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/LdapRealm.java
@@ -74,56 +74,44 @@ import org.slf4j.LoggerFactory;
  * Implementation of {@link org.apache.shiro.realm.ldap.JndiLdapRealm} that also returns each user's
  * groups. This implementation is heavily based on org.apache.isis.security.shiro.IsisLdapRealm.
  *
- * <p>This implementation saves looked up ldap groups in Shiro Session to make them
- * easy to be looked up outside of this object
+ * <p>This implementation saves looked up ldap groups in Shiro Session to make them easy to be
+ * looked up outside of this object
  *
  * <p>Sample config for <tt>shiro.ini</tt>:
  *
- * <p>
- *   [main]
- *   ldapRealm = org.apache.zeppelin.realm.LdapRealm
- *   ldapRealm.contextFactory.url = ldap://localhost:33389
- *   ldapRealm.contextFactory.authenticationMechanism = simple
- *   ldapRealm.contextFactory.systemUsername = uid=guest,ou=people,dc=hadoop,dc= apache,dc=org
- *   ldapRealm.contextFactory.systemPassword = S{ALIAS=ldcSystemPassword}
- *   ldapRealm.hadoopSecurityCredentialPath = jceks://file/user/zeppelin/zeppelin.jceks
- *   ldapRealm.userDnTemplate = uid={0},ou=people,dc=hadoop,dc=apache,dc=org
- *   # Ability to set ldap paging Size if needed default is 100
- *   ldapRealm.pagingSize = 200
- *   ldapRealm.authorizationEnabled = true
- *   ldapRealm.searchBase = dc=hadoop,dc=apache,dc=org
- *   ldapRealm.userSearchBase = dc=hadoop,dc=apache,dc=org
- *   ldapRealm.groupSearchBase = ou=groups,dc=hadoop,dc=apache,dc=org
- *   ldapRealm.userObjectClass = person
- *   ldapRealm.groupObjectClass = groupofnames
- *   # Allow userSearchAttribute to be customized
- *   ldapRealm.userSearchAttributeName = sAMAccountName
- *   ldapRealm.memberAttribute = member
- *   # force usernames returned from ldap to lowercase useful for AD
- *   ldapRealm.userLowerCase = true
- *   # ability set searchScopes subtree (default), one, base
- *   ldapRealm.userSearchScope = subtree;
- *   ldapRealm.groupSearchScope = subtree;
- *   ldapRealm.userSearchFilter = (&(objectclass=person)(sAMAccountName={0}))
- *   ldapRealm.groupSearchFilter = (&(objectclass=groupofnames)(member={0}))
- *   ldapRealm.memberAttributeValueTemplate=cn={0},ou=people,dc=hadoop,dc=apache,dc=org
- *   # enable support for nested groups using the LDAP_MATCHING_RULE_IN_CHAIN operator
- *   ldapRealm.groupSearchEnableMatchingRuleInChain = true
- * <p>
- *   # optional mapping from physical groups to logical application roles
- *   ldapRealm.rolesByGroup = \ LDN_USERS: user_role,\ NYK_USERS: user_role,\ HKG_USERS: user_role,
- *   \GLOBAL_ADMIN: admin_role,\ DEMOS: self-install_role
- * <p>
- *   # optional list of roles that are allowed to authenticate
- *   ldapRealm.allowedRolesForAuthentication = admin_role,user_role
- * <p>
- *   ldapRealm.permissionsByRole=\ user_role = *:ToDoItemsJdo:*:*,\*:ToDoItem:*:*;
- *   \ self-install_role = *:ToDoItemsFixturesService:install:* ; \ admin_role = *
- * <p>
- *   [urls]
- *   **=authcBasic
- * <p>
- *   securityManager.realms = $ldapRealm
+ * <p>[main] ldapRealm = org.apache.zeppelin.realm.LdapRealm ldapRealm.contextFactory.url =
+ * ldap://localhost:33389 ldapRealm.contextFactory.authenticationMechanism = simple
+ * ldapRealm.contextFactory.systemUsername = uid=guest,ou=people,dc=hadoop,dc= apache,dc=org
+ * ldapRealm.contextFactory.systemPassword = S{ALIAS=ldcSystemPassword}
+ * ldapRealm.hadoopSecurityCredentialPath = jceks://file/user/zeppelin/zeppelin.jceks
+ * ldapRealm.userDnTemplate = uid={0},ou=people,dc=hadoop,dc=apache,dc=org # Ability to set ldap
+ * paging Size if needed default is 100 ldapRealm.pagingSize = 200 ldapRealm.authorizationEnabled =
+ * true ldapRealm.searchBase = dc=hadoop,dc=apache,dc=org ldapRealm.userSearchBase =
+ * dc=hadoop,dc=apache,dc=org ldapRealm.groupSearchBase = ou=groups,dc=hadoop,dc=apache,dc=org
+ * ldapRealm.userObjectClass = person ldapRealm.groupObjectClass = groupofnames # Allow
+ * userSearchAttribute to be customized ldapRealm.userSearchAttributeName = sAMAccountName
+ * ldapRealm.memberAttribute = member # force usernames returned from ldap to lowercase useful for
+ * AD ldapRealm.userLowerCase = true # ability set searchScopes subtree (default), one, base
+ * ldapRealm.userSearchScope = subtree; ldapRealm.groupSearchScope = subtree;
+ * ldapRealm.userSearchFilter = (&(objectclass=person)(sAMAccountName={0}))
+ * ldapRealm.groupSearchFilter = (&(objectclass=groupofnames)(member={0}))
+ * ldapRealm.memberAttributeValueTemplate=cn={0},ou=people,dc=hadoop,dc=apache,dc=org # enable
+ * support for nested groups using the LDAP_MATCHING_RULE_IN_CHAIN operator
+ * ldapRealm.groupSearchEnableMatchingRuleInChain = true
+ *
+ * <p># optional mapping from physical groups to logical application roles ldapRealm.rolesByGroup =
+ * \ LDN_USERS: user_role,\ NYK_USERS: user_role,\ HKG_USERS: user_role, \GLOBAL_ADMIN: admin_role,\
+ * DEMOS: self-install_role
+ *
+ * <p># optional list of roles that are allowed to authenticate
+ * ldapRealm.allowedRolesForAuthentication = admin_role,user_role
+ *
+ * <p>ldapRealm.permissionsByRole=\ user_role = *:ToDoItemsJdo:*:*,\*:ToDoItem:*:*; \
+ * self-install_role = *:ToDoItemsFixturesService:install:* ; \ admin_role = *
+ *
+ * <p>[urls] **=authcBasic
+ *
+ * <p>securityManager.realms = $ldapRealm
  */
 public class LdapRealm extends JndiLdapRealm {
 
@@ -193,8 +181,6 @@ public class LdapRealm extends JndiLdapRealm {
 
   private HashService hashService = new DefaultHashService();
 
-
-
   public void setHadoopSecurityCredentialPath(String hadoopSecurityCredentialPath) {
     this.hadoopSecurityCredentialPath = hadoopSecurityCredentialPath;
   }
@@ -218,18 +204,17 @@ public class LdapRealm extends JndiLdapRealm {
     super.onInit();
     if (!org.apache.commons.lang.StringUtils.isEmpty(this.hadoopSecurityCredentialPath)
         && getContextFactory() != null) {
-      ((JndiLdapContextFactory) getContextFactory()).setSystemPassword(
-          getSystemPassword(this.hadoopSecurityCredentialPath, keystorePass));
+      ((JndiLdapContextFactory) getContextFactory())
+          .setSystemPassword(getSystemPassword(this.hadoopSecurityCredentialPath, keystorePass));
     }
   }
 
-  static String getSystemPassword(String hadoopSecurityCredentialPath,
-      String keystorePass) {
+  static String getSystemPassword(String hadoopSecurityCredentialPath, String keystorePass) {
     String password = "";
     try {
       Configuration configuration = new Configuration();
-      configuration.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH,
-          hadoopSecurityCredentialPath);
+      configuration.set(
+          CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, hadoopSecurityCredentialPath);
       CredentialProvider provider = CredentialProviderFactory.getProviders(configuration).get(0);
       CredentialProvider.CredentialEntry credEntry = provider.getCredentialEntry(keystorePass);
       if (credEntry != null) {
@@ -239,16 +224,19 @@ public class LdapRealm extends JndiLdapRealm {
       throw new ShiroException("Error from getting credential entry from keystore", e);
     }
     if (org.apache.commons.lang.StringUtils.isEmpty(password)) {
-      throw new ShiroException("Error getting SystemPassword from the provided keystore:"
-          + keystorePass + ", in path:" + hadoopSecurityCredentialPath);
+      throw new ShiroException(
+          "Error getting SystemPassword from the provided keystore:"
+              + keystorePass
+              + ", in path:"
+              + hadoopSecurityCredentialPath);
     }
     return password;
   }
 
   /**
-   * This overrides the implementation of queryForAuthenticationInfo inside JndiLdapRealm.
-   * In addition to calling the super method for authentication it also tries to validate
-   * if this user has atleast one of the allowed roles for authentication. In case the property
+   * This overrides the implementation of queryForAuthenticationInfo inside JndiLdapRealm. In
+   * addition to calling the super method for authentication it also tries to validate if this user
+   * has atleast one of the allowed roles for authentication. In case the property
    * allowedRolesForAuthentication is empty this check always returns true.
    *
    * @param token the submitted authentication token that triggered the authentication attempt.
@@ -257,8 +245,8 @@ public class LdapRealm extends JndiLdapRealm {
    * @throws NamingException if any LDAP errors occur.
    */
   @Override
-  protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token,
-      LdapContextFactory ldapContextFactory) throws NamingException {
+  protected AuthenticationInfo queryForAuthenticationInfo(
+      AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
     AuthenticationInfo info = super.queryForAuthenticationInfo(token, ldapContextFactory);
     // Credentials were verified. Verify that the principal has all allowedRulesForAuthentication
     if (!hasAllowedAuthenticationRules(info.getPrincipals(), ldapContextFactory)) {
@@ -268,21 +256,19 @@ public class LdapRealm extends JndiLdapRealm {
   }
 
   /**
-  * Get groups from LDAP.
-  * 
-  * @param principals
-  *            the principals of the Subject whose AuthenticationInfo should
-  *            be queried from the LDAP server.
-  * @param ldapContextFactory
-  *            factory used to retrieve LDAP connections.
-  * @return an {@link AuthorizationInfo} instance containing information
-  *         retrieved from the LDAP server.
-  * @throws NamingException
-  *             if any LDAP errors occur during the search.
-  */
+   * Get groups from LDAP.
+   *
+   * @param principals the principals of the Subject whose AuthenticationInfo should be queried from
+   *     the LDAP server.
+   * @param ldapContextFactory factory used to retrieve LDAP connections.
+   * @return an {@link AuthorizationInfo} instance containing information retrieved from the LDAP
+   *     server.
+   * @throws NamingException if any LDAP errors occur during the search.
+   */
   @Override
-  public AuthorizationInfo queryForAuthorizationInfo(final PrincipalCollection principals,
-      final LdapContextFactory ldapContextFactory) throws NamingException {
+  public AuthorizationInfo queryForAuthorizationInfo(
+      final PrincipalCollection principals, final LdapContextFactory ldapContextFactory)
+      throws NamingException {
     if (!isAuthorizationEnabled()) {
       return null;
     }
@@ -296,8 +282,9 @@ public class LdapRealm extends JndiLdapRealm {
     return simpleAuthorizationInfo;
   }
 
-  private boolean hasAllowedAuthenticationRules(PrincipalCollection principals,
-          final LdapContextFactory ldapContextFactory) throws NamingException {
+  private boolean hasAllowedAuthenticationRules(
+      PrincipalCollection principals, final LdapContextFactory ldapContextFactory)
+      throws NamingException {
     boolean allowed = allowedRolesForAuthentication.isEmpty();
     if (!allowed) {
       Set<String> roles = getRoles(principals, ldapContextFactory);
@@ -312,15 +299,20 @@ public class LdapRealm extends JndiLdapRealm {
     return allowed;
   }
 
-  private Set<String> getRoles(PrincipalCollection principals,
-          final LdapContextFactory ldapContextFactory) throws NamingException {
+  private Set<String> getRoles(
+      PrincipalCollection principals, final LdapContextFactory ldapContextFactory)
+      throws NamingException {
     final String username = (String) getAvailablePrincipal(principals);
 
     LdapContext systemLdapCtx = null;
     try {
       systemLdapCtx = ldapContextFactory.getSystemLdapContext();
-      return rolesFor(principals, username, systemLdapCtx,
-        ldapContextFactory, SecurityUtils.getSubject().getSession());
+      return rolesFor(
+          principals,
+          username,
+          systemLdapCtx,
+          ldapContextFactory,
+          SecurityUtils.getSubject().getSession());
     } catch (AuthenticationException ae) {
       ae.printStackTrace();
       return Collections.emptySet();
@@ -329,9 +321,13 @@ public class LdapRealm extends JndiLdapRealm {
     }
   }
 
-  protected Set<String> rolesFor(PrincipalCollection principals, String userNameIn,
-          final LdapContext ldapCtx, final LdapContextFactory ldapContextFactory, Session session)
-          throws NamingException {
+  protected Set<String> rolesFor(
+      PrincipalCollection principals,
+      String userNameIn,
+      final LdapContext ldapCtx,
+      final LdapContextFactory ldapContextFactory,
+      Session session)
+      throws NamingException {
     final Set<String> roleNames = new HashSet<>();
     final Set<String> groupNames = new HashSet<>();
     final String userName;
@@ -341,7 +337,7 @@ public class LdapRealm extends JndiLdapRealm {
     } else {
       userName = userNameIn;
     }
-    
+
     String userDn = getUserDnForSearch(userName);
 
     // Activate paged results
@@ -353,10 +349,10 @@ public class LdapRealm extends JndiLdapRealm {
     byte[] cookie = null;
     try {
       ldapCtx.addToEnvironment(Context.REFERRAL, "ignore");
-        
-      ldapCtx.setRequestControls(new Control[]{new PagedResultsControl(pageSize, 
-            Control.NONCRITICAL)});
-        
+
+      ldapCtx.setRequestControls(
+          new Control[] {new PagedResultsControl(pageSize, Control.NONCRITICAL)});
+
       do {
         // ldapsearch -h localhost -p 33389 -D
         // uid=guest,ou=people,dc=hadoop,dc=apache,dc=org -w guest-password
@@ -365,19 +361,20 @@ public class LdapRealm extends JndiLdapRealm {
         SearchControls searchControls = getGroupSearchControls();
         try {
           if (groupSearchEnableMatchingRuleInChain) {
-            searchResultEnum = ldapCtx.search(
-                getGroupSearchBase(),
-                String.format(
-                    MATCHING_RULE_IN_CHAIN_FORMAT, groupObjectClass, memberAttribute, userDn),
-                searchControls);
+            searchResultEnum =
+                ldapCtx.search(
+                    getGroupSearchBase(),
+                    String.format(
+                        MATCHING_RULE_IN_CHAIN_FORMAT, groupObjectClass, memberAttribute, userDn),
+                    searchControls);
             while (searchResultEnum != null && searchResultEnum.hasMore()) {
               // searchResults contains all the groups in search scope
               numResults++;
               final SearchResult group = searchResultEnum.next();
 
               Attribute attribute = group.getAttributes().get(getGroupIdAttribute());
-              String groupName = attribute.get().toString();            
-              
+              String groupName = attribute.get().toString();
+
               String roleName = roleNameFor(groupName);
               if (roleName != null) {
                 roleNames.add(roleName);
@@ -392,16 +389,18 @@ public class LdapRealm extends JndiLdapRealm {
             // If group search filter is defined in Shiro config, then use it
             if (groupSearchFilter != null) {
               searchFilter = expandTemplate(groupSearchFilter, userName);
-              //searchFilter = String.format("%1$s", groupSearchFilter);
+              // searchFilter = String.format("%1$s", groupSearchFilter);
             }
             if (log.isDebugEnabled()) {
-              log.debug("Group SearchBase|SearchFilter|GroupSearchScope: " + getGroupSearchBase()
-                    + "|" + searchFilter + "|" + groupSearchScope);
+              log.debug(
+                  "Group SearchBase|SearchFilter|GroupSearchScope: "
+                      + getGroupSearchBase()
+                      + "|"
+                      + searchFilter
+                      + "|"
+                      + groupSearchScope);
             }
-            searchResultEnum = ldapCtx.search(
-                getGroupSearchBase(),
-                searchFilter,
-                searchControls);
+            searchResultEnum = ldapCtx.search(getGroupSearchBase(), searchFilter, searchControls);
             while (searchResultEnum != null && searchResultEnum.hasMore()) {
               // searchResults contains all the groups in search scope
               numResults++;
@@ -417,12 +416,11 @@ public class LdapRealm extends JndiLdapRealm {
           }
         }
         // Re-activate paged results
-        ldapCtx.setRequestControls(new Control[]{new PagedResultsControl(pageSize,
-            cookie, Control.CRITICAL)});
+        ldapCtx.setRequestControls(
+            new Control[] {new PagedResultsControl(pageSize, cookie, Control.CRITICAL)});
       } while (cookie != null);
     } catch (SizeLimitExceededException e) {
-      log.info("Only retrieved first " + numResults +
-          " groups due to SizeLimitExceededException.");
+      log.info("Only retrieved first " + numResults + " groups due to SizeLimitExceededException.");
     } catch (IOException e) {
       log.error("Unabled to setup paged results");
     }
@@ -449,9 +447,13 @@ public class LdapRealm extends JndiLdapRealm {
     }
   }
 
-  private void addRoleIfMember(final String userDn, final SearchResult group,
-      final Set<String> roleNames, final Set<String> groupNames,
-      final LdapContextFactory ldapContextFactory) throws NamingException {
+  private void addRoleIfMember(
+      final String userDn,
+      final SearchResult group,
+      final Set<String> roleNames,
+      final Set<String> groupNames,
+      final LdapContextFactory ldapContextFactory)
+      throws NamingException {
     NamingEnumeration<? extends Attribute> attributeEnum = null;
     NamingEnumeration<?> ne = null;
     try {
@@ -469,8 +471,8 @@ public class LdapRealm extends JndiLdapRealm {
         while (ne.hasMore()) {
           String attrValue = ne.next().toString();
           if (memberAttribute.equalsIgnoreCase(MEMBER_URL)) {
-            boolean dynamicGroupMember = isUserMemberOfDynamicGroup(userLdapDn, attrValue,
-                ldapContextFactory);
+            boolean dynamicGroupMember =
+                isUserMemberOfDynamicGroup(userLdapDn, attrValue, ldapContextFactory);
             if (dynamicGroupMember) {
               groupNames.add(groupName);
               String roleName = roleNameFor(groupName);
@@ -600,13 +602,11 @@ public class LdapRealm extends JndiLdapRealm {
   }
 
   /**
-  * Set Member Attribute Template for LDAP.
-  * 
-  * @param template
-  *            DN template to be used to query ldap.
-  * @throws IllegalArgumentException
-  *             if template is empty or null.
-  */
+   * Set Member Attribute Template for LDAP.
+   *
+   * @param template DN template to be used to query ldap.
+   * @throws IllegalArgumentException if template is empty or null.
+   */
   public void setMemberAttributeValueTemplate(String template) {
     if (!StringUtils.hasText(template)) {
       String msg = "User DN template cannot be null or empty.";
@@ -614,8 +614,11 @@ public class LdapRealm extends JndiLdapRealm {
     }
     int index = template.indexOf(MEMBER_SUBSTITUTION_TOKEN);
     if (index < 0) {
-      String msg = "Member attribute value template must contain the '" + MEMBER_SUBSTITUTION_TOKEN
-          + "' replacement token to understand how to " + "parse the group members.";
+      String msg =
+          "Member attribute value template must contain the '"
+              + MEMBER_SUBSTITUTION_TOKEN
+              + "' replacement token to understand how to "
+              + "parse the group members.";
       throw new IllegalArgumentException(msg);
     }
     String prefix = template.substring(0, index);
@@ -657,11 +660,10 @@ public class LdapRealm extends JndiLdapRealm {
   }
 
   /**
-  * Set User Search Attribute Name for LDAP.
-  * 
-  * @param userSearchAttributeName
-  *            userAttribute to search ldap.
-  */
+   * Set User Search Attribute Name for LDAP.
+   *
+   * @param userSearchAttributeName userAttribute to search ldap.
+   */
   public void setUserSearchAttributeName(String userSearchAttributeName) {
     if (userSearchAttributeName != null) {
       userSearchAttributeName = userSearchAttributeName.trim();
@@ -700,8 +702,9 @@ public class LdapRealm extends JndiLdapRealm {
     return perms;
   }
 
-  boolean isUserMemberOfDynamicGroup(LdapName userLdapDn, String memberUrl,
-      final LdapContextFactory ldapContextFactory) throws NamingException {
+  boolean isUserMemberOfDynamicGroup(
+      LdapName userLdapDn, String memberUrl, final LdapContextFactory ldapContextFactory)
+      throws NamingException {
     // ldap://host:port/dn?attributes?scope?filter?extensions
     if (memberUrl == null) {
       return false;
@@ -736,8 +739,11 @@ public class LdapRealm extends JndiLdapRealm {
     boolean member = false;
     NamingEnumeration<SearchResult> searchResultEnum = null;
     try {
-      searchResultEnum = systemLdapCtx.search(userLdapDn, searchFilter,
-          searchScope.equalsIgnoreCase("sub") ? SUBTREE_SCOPE : ONELEVEL_SCOPE);
+      searchResultEnum =
+          systemLdapCtx.search(
+              userLdapDn,
+              searchFilter,
+              searchScope.equalsIgnoreCase("sub") ? SUBTREE_SCOPE : ONELEVEL_SCOPE);
       if (searchResultEnum.hasMore()) {
         return true;
       }
@@ -758,11 +764,10 @@ public class LdapRealm extends JndiLdapRealm {
   }
 
   /**
-  * Set Regex for Principal LDAP.
-  * 
-  * @param regex
-  *            regex to use to search for principal in shiro.
-  */
+   * Set Regex for Principal LDAP.
+   *
+   * @param regex regex to use to search for principal in shiro.
+   */
   public void setPrincipalRegex(String regex) {
     if (regex == null || regex.trim().isEmpty()) {
       principalPattern = Pattern.compile(DEFAULT_PRINCIPAL_REGEX);
@@ -860,47 +865,44 @@ public class LdapRealm extends JndiLdapRealm {
   private String matchPrincipal(final String principal) {
     Matcher matchedPrincipal = principalPattern.matcher(principal);
     if (!matchedPrincipal.matches()) {
-      throw new IllegalArgumentException("Principal "
-          + principal + " does not match " + principalRegex);
+      throw new IllegalArgumentException(
+          "Principal " + principal + " does not match " + principalRegex);
     }
     return matchedPrincipal.group();
   }
 
   /**
-  * Returns the LDAP User Distinguished Name (DN) to use when acquiring an
-  * {@link javax.naming.ldap.LdapContext LdapContext} from the
-  * {@link LdapContextFactory}.
-  * <p/>
-  * If the the {@link #getUserDnTemplate() userDnTemplate} property has been
-  * set, this implementation will construct the User DN by substituting the
-  * specified {@code principal} into the configured template. If the
-  * {@link #getUserDnTemplate() userDnTemplate} has not been set, the method
-  * argument will be returned directly (indicating that the submitted
-  * authentication token principal <em>is</em> the User DN).
-  *
-  * @param principal
-  *            the principal to substitute into the configured
-  *            {@link #getUserDnTemplate() userDnTemplate}.
-  * @return the constructed User DN to use at runtime when acquiring an
-  *         {@link javax.naming.ldap.LdapContext}.
-  * @throws IllegalArgumentException
-  *             if the method argument is null or empty
-  * @throws IllegalStateException
-  *             if the {@link #getUserDnTemplate userDnTemplate} has not been
-  *             set.
-  * @see LdapContextFactory#getLdapContext(Object, Object)
-  */
+   * Returns the LDAP User Distinguished Name (DN) to use when acquiring an {@link
+   * javax.naming.ldap.LdapContext LdapContext} from the {@link LdapContextFactory}.
+   *
+   * <p>If the the {@link #getUserDnTemplate() userDnTemplate} property has been set, this
+   * implementation will construct the User DN by substituting the specified {@code principal} into
+   * the configured template. If the {@link #getUserDnTemplate() userDnTemplate} has not been set,
+   * the method argument will be returned directly (indicating that the submitted authentication
+   * token principal <em>is</em> the User DN).
+   *
+   * @param principal the principal to substitute into the configured {@link #getUserDnTemplate()
+   *     userDnTemplate}.
+   * @return the constructed User DN to use at runtime when acquiring an {@link
+   *     javax.naming.ldap.LdapContext}.
+   * @throws IllegalArgumentException if the method argument is null or empty
+   * @throws IllegalStateException if the {@link #getUserDnTemplate userDnTemplate} has not been
+   *     set.
+   * @see LdapContextFactory#getLdapContext(Object, Object)
+   */
   @Override
-  protected String getUserDn(final String principal) throws IllegalArgumentException,
-      IllegalStateException {
+  protected String getUserDn(final String principal)
+      throws IllegalArgumentException, IllegalStateException {
     String userDn;
     String matchedPrincipal = matchPrincipal(principal);
     String userSearchBase = getUserSearchBase();
     String userSearchAttributeName = getUserSearchAttributeName();
 
     // If not searching use the userDnTemplate and return.
-    if ((userSearchBase == null || userSearchBase.isEmpty()) || (userSearchAttributeName == null
-        && userSearchFilter == null && !"object".equalsIgnoreCase(userSearchScope))) {
+    if ((userSearchBase == null || userSearchBase.isEmpty())
+        || (userSearchAttributeName == null
+            && userSearchFilter == null
+            && !"object".equalsIgnoreCase(userSearchScope))) {
       userDn = expandTemplate(userDnTemplate, matchedPrincipal);
       if (log.isDebugEnabled()) {
         log.debug("LDAP UserDN and Principal: " + userDn + "," + principal);
@@ -915,9 +917,12 @@ public class LdapRealm extends JndiLdapRealm {
       if (userSearchAttributeName == null) {
         searchFilter = String.format("(objectclass=%1$s)", getUserObjectClass());
       } else {
-        searchFilter = String.format("(&(objectclass=%1$s)(%2$s=%3$s))", getUserObjectClass(),
-            userSearchAttributeName, expandTemplate(getUserSearchAttributeTemplate(),
-                matchedPrincipal));
+        searchFilter =
+            String.format(
+                "(&(objectclass=%1$s)(%2$s=%3$s))",
+                getUserObjectClass(),
+                userSearchAttributeName,
+                expandTemplate(getUserSearchAttributeTemplate(), matchedPrincipal));
       }
     } else {
       searchFilter = expandTemplate(userSearchFilter, matchedPrincipal);
@@ -930,8 +935,13 @@ public class LdapRealm extends JndiLdapRealm {
     try {
       systemLdapCtx = getContextFactory().getSystemLdapContext();
       if (log.isDebugEnabled()) {
-        log.debug("SearchBase,SearchFilter,UserSearchScope: " + searchBase
-            + "," + searchFilter + "," + userSearchScope);
+        log.debug(
+            "SearchBase,SearchFilter,UserSearchScope: "
+                + searchBase
+                + ","
+                + searchFilter
+                + ","
+                + userSearchScope);
       }
       searchResultEnum = systemLdapCtx.search(searchBase, searchFilter, searchControls);
       // SearchResults contains all the entries in search scope
@@ -964,16 +974,18 @@ public class LdapRealm extends JndiLdapRealm {
   }
 
   @Override
-  protected AuthenticationInfo createAuthenticationInfo(AuthenticationToken token,
-      Object ldapPrincipal, Object ldapCredentials, LdapContext ldapContext)
+  protected AuthenticationInfo createAuthenticationInfo(
+      AuthenticationToken token,
+      Object ldapPrincipal,
+      Object ldapCredentials,
+      LdapContext ldapContext)
       throws NamingException {
     HashRequest.Builder builder = new HashRequest.Builder();
-    Hash credentialsHash = hashService
-        .computeHash(builder.setSource(token.getCredentials())
-            .setAlgorithmName(HASHING_ALGORITHM).build());
-    return new SimpleAuthenticationInfo(token.getPrincipal(),
-        credentialsHash.toHex(), credentialsHash.getSalt(),
-        getName());
+    Hash credentialsHash =
+        hashService.computeHash(
+            builder.setSource(token.getCredentials()).setAlgorithmName(HASHING_ALGORITHM).build());
+    return new SimpleAuthenticationInfo(
+        token.getPrincipal(), credentialsHash.toHex(), credentialsHash.getSalt(), getName());
   }
 
   protected static final String expandTemplate(final String template, final String input) {

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/PamRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/PamRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/PamRealm.java
index 0622673..2af5e81 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/PamRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/PamRealm.java
@@ -16,6 +16,8 @@
  */
 package org.apache.zeppelin.realm;
 
+import java.util.LinkedHashSet;
+import java.util.Set;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
@@ -31,12 +33,7 @@ import org.jvnet.libpam.UnixUser;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.LinkedHashSet;
-import java.util.Set;
-
-/**
- * An {@code AuthorizingRealm} based on libpam4j.
- */
+/** An {@code AuthorizingRealm} based on libpam4j. */
 public class PamRealm extends AuthorizingRealm {
   private static final Logger LOG = LoggerFactory.getLogger(PamRealm.class);
 
@@ -48,7 +45,7 @@ public class PamRealm extends AuthorizingRealm {
 
     UserPrincipal user = principals.oneByType(UserPrincipal.class);
 
-    if (user != null){
+    if (user != null) {
       roles.addAll(user.getUnixUser().getGroups());
     }
 
@@ -57,21 +54,20 @@ public class PamRealm extends AuthorizingRealm {
 
   @Override
   protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
-          throws AuthenticationException {
+      throws AuthenticationException {
     UsernamePasswordToken userToken = (UsernamePasswordToken) token;
     UnixUser user;
 
     try {
-      user = (new PAM(this.getService()))
-          .authenticate(userToken.getUsername(), new String(userToken.getPassword()));
+      user =
+          (new PAM(this.getService()))
+              .authenticate(userToken.getUsername(), new String(userToken.getPassword()));
     } catch (PAMException e) {
       throw new AuthenticationException("Authentication failed for PAM.", e);
     }
 
     return new SimpleAuthenticationInfo(
-        new UserPrincipal(user),
-        userToken.getCredentials(),
-        getName());
+        new UserPrincipal(user), userToken.getCredentials(), getName());
   }
 
   public String getService() {

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/UserPrincipal.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/UserPrincipal.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/UserPrincipal.java
index c1221e7..ee2ee30 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/UserPrincipal.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/UserPrincipal.java
@@ -16,13 +16,10 @@
  */
 package org.apache.zeppelin.realm;
 
-import org.jvnet.libpam.UnixUser;
-
 import java.security.Principal;
+import org.jvnet.libpam.UnixUser;
 
-/**
- * A {@code java.security.Principal} implememtation for use with Shiro {@code PamRealm}.
- */
+/** A {@code java.security.Principal} implememtation for use with Shiro {@code PamRealm}. */
 public class UserPrincipal implements Principal {
   private final UnixUser userName;
 

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ZeppelinHubRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ZeppelinHubRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ZeppelinHubRealm.java
index 2a4dcda..18b4b2c 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ZeppelinHubRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/ZeppelinHubRealm.java
@@ -19,7 +19,12 @@ package org.apache.zeppelin.realm;
 import com.google.common.base.Joiner;
 import com.google.gson.Gson;
 import com.google.gson.JsonParseException;
-
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.HashSet;
+import java.util.concurrent.atomic.AtomicInteger;
 import org.apache.commons.httpclient.HttpClient;
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.httpclient.methods.PutMethod;
@@ -34,26 +39,15 @@ import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
-import org.apache.zeppelin.service.ServiceContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.HashSet;
-import java.util.concurrent.atomic.AtomicInteger;
-
 import org.apache.zeppelin.common.JsonSerializable;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.model.UserSessionContainer;
 import org.apache.zeppelin.notebook.repo.zeppelinhub.websocket.utils.ZeppelinhubUtils;
 import org.apache.zeppelin.server.ZeppelinServer;
+import org.apache.zeppelin.service.ServiceContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-/**
- * A {@code Realm} implementation that uses the ZeppelinHub to authenticate users.
- *
- */
+/** A {@code Realm} implementation that uses the ZeppelinHub to authenticate users. */
 public class ZeppelinHubRealm extends AuthorizingRealm {
   private static final Logger LOG = LoggerFactory.getLogger(ZeppelinHubRealm.class);
   private static final String DEFAULT_ZEPPELINHUB_URL = "https://www.zeppelinhub.com";
@@ -71,7 +65,7 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
   public ZeppelinHubRealm() {
     super();
     LOG.debug("Init ZeppelinhubRealm");
-    //TODO(anthonyc): think about more setting for this HTTP client.
+    // TODO(anthonyc): think about more setting for this HTTP client.
     //                eg: if user uses proxy etcetc...
     httpClient = new HttpClient();
     name = getClass().getName() + "_" + INSTANCE_COUNT.getAndIncrement();
@@ -79,7 +73,7 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
 
   @Override
   protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken)
-          throws AuthenticationException {
+      throws AuthenticationException {
     UsernamePasswordToken token = (UsernamePasswordToken) authToken;
     if (StringUtils.isBlank(token.getUsername())) {
       throw new AccountException("Empty usernames are not allowed by this realm.");
@@ -101,11 +95,11 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
   }
 
   /**
-   * Setter of ZeppelinHub URL, this will be called by Shiro based on zeppelinhubUrl property
-   * in shiro.ini file.
+   * Setter of ZeppelinHub URL, this will be called by Shiro based on zeppelinhubUrl property in
+   * shiro.ini file.
    *
-   * It will also perform a check of ZeppelinHub url {@link #isZeppelinHubUrlValid},
-   * if the url is not valid, the default zeppelinhub url will be used.
+   * <p>It will also perform a check of ZeppelinHub url {@link #isZeppelinHubUrlValid}, if the url
+   * is not valid, the default zeppelinhub url will be used.
    *
    * @param url
    */
@@ -137,8 +131,8 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
       if (statusCode != HttpStatus.SC_OK) {
         LOG.error("Cannot login user, HTTP status code is {} instead on 200 (OK)", statusCode);
         put.releaseConnection();
-        throw new AuthenticationException("Couldnt login to ZeppelinHub. "
-            + "Login or password incorrect");
+        throw new AuthenticationException(
+            "Couldnt login to ZeppelinHub. " + "Login or password incorrect");
       }
       responseBody = put.getResponseBodyAsString();
       userSession = put.getResponseHeader(USER_SESSION_HEADER).getValue();
@@ -165,13 +159,8 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
   /**
    * Create a JSON String that represent login payload.
    *
-   * Payload will look like:
-   * {@code
-   *  {
-   *   'login': 'userLogin',
-   *   'password': 'userpassword'
-   *  }
-   * }
+   * <p>Payload will look like: {@code { 'login': 'userLogin', 'password': 'userpassword' } }
+   *
    * @param login
    * @param pwd
    * @return
@@ -182,9 +171,9 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
   }
 
   /**
-   * Perform a Simple URL check by using {@code URI(url).toURL()}.
-   * If the url is not valid, the try-catch condition will catch the exceptions and return false,
-   * otherwise true will be returned.
+   * Perform a Simple URL check by using {@code URI(url).toURL()}. If the url is not valid, the
+   * try-catch condition will catch the exceptions and return false, otherwise true will be
+   * returned.
    *
    * @param url
    * @return
@@ -201,9 +190,7 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
     return valid;
   }
 
-  /**
-   * Helper class that will be use to fromJson ZeppelinHub response.
-   */
+  /** Helper class that will be use to fromJson ZeppelinHub response. */
   protected static class User implements JsonSerializable {
     private static final Gson gson = new Gson();
     public String login;
@@ -225,8 +212,8 @@ public class ZeppelinHubRealm extends AuthorizingRealm {
     /* TODO(xxx): add proper roles */
     HashSet<String> userAndRoles = new HashSet<>();
     userAndRoles.add(username);
-    ServiceContext context = new ServiceContext(
-        new org.apache.zeppelin.user.AuthenticationInfo(username), userAndRoles);
+    ServiceContext context =
+        new ServiceContext(new org.apache.zeppelin.user.AuthenticationInfo(username), userAndRoles);
     try {
       ZeppelinServer.notebookWsServer.broadcastReloadedNoteList(null, context);
     } catch (IOException e) {

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/JWTAuthenticationToken.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/JWTAuthenticationToken.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/JWTAuthenticationToken.java
index 8dc86ed..38c4d31 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/JWTAuthenticationToken.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/JWTAuthenticationToken.java
@@ -18,9 +18,7 @@ package org.apache.zeppelin.realm.jwt;
 
 import org.apache.shiro.authc.AuthenticationToken;
 
-/**
- * Created for org.apache.zeppelin.server.
- */
+/** Created for org.apache.zeppelin.server. */
 public class JWTAuthenticationToken implements AuthenticationToken {
   private Object userId;
   private String token;

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxAuthenticationFilter.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxAuthenticationFilter.java
index eccf6de..1bfafcf 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxAuthenticationFilter.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxAuthenticationFilter.java
@@ -16,30 +16,27 @@
  */
 package org.apache.zeppelin.realm.jwt;
 
-import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
-import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.Cookie;
-
+import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
+import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
 import org.apache.zeppelin.utils.SecurityUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-/**
- * Created for org.apache.zeppelin.server.
- */
+/** Created for org.apache.zeppelin.server. */
 public class KnoxAuthenticationFilter extends FormAuthenticationFilter {
   private static final Logger LOGGER = LoggerFactory.getLogger(KnoxAuthenticationFilter.class);
 
-  protected boolean isAccessAllowed(ServletRequest request, ServletResponse response,
-          Object mappedValue) {
-    //Check with existing shiro authentication logic
-    //https://github.com/apache/shiro/blob/shiro-root-1.3.2/web/src/main/java/org/apache/shiro/
+  protected boolean isAccessAllowed(
+      ServletRequest request, ServletResponse response, Object mappedValue) {
+    // Check with existing shiro authentication logic
+    // https://github.com/apache/shiro/blob/shiro-root-1.3.2/web/src/main/java/org/apache/shiro/
     // web/filter/authc/AuthenticatingFilter.java#L123-L124
-    Boolean accessAllowed = super.isAccessAllowed(request, response, mappedValue) ||
-            !isLoginRequest(request, response) && isPermissive(mappedValue);
+    Boolean accessAllowed =
+        super.isAccessAllowed(request, response, mappedValue)
+            || !isLoginRequest(request, response) && isPermissive(mappedValue);
 
     if (accessAllowed) {
       accessAllowed = false;
@@ -60,9 +57,10 @@ public class KnoxAuthenticationFilter extends FormAuthenticationFilter {
           }
         }
       } else {
-        LOGGER.error("Looks like this filter is enabled without enabling KnoxJwtRealm, please refer"
-            + " to https://zeppelin.apache.org/docs/latest/security/shiroauthentication.html"
-            + "#knox-sso");
+        LOGGER.error(
+            "Looks like this filter is enabled without enabling KnoxJwtRealm, please refer"
+                + " to https://zeppelin.apache.org/docs/latest/security/shiroauthentication.html"
+                + "#knox-sso");
       }
     }
     return accessAllowed;

http://git-wip-us.apache.org/repos/asf/zeppelin/blob/55f6c91c/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxJwtRealm.java
----------------------------------------------------------------------
diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxJwtRealm.java b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxJwtRealm.java
index 3663174..83a75ff 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxJwtRealm.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/realm/jwt/KnoxJwtRealm.java
@@ -16,20 +16,10 @@
  */
 package org.apache.zeppelin.realm.jwt;
 
-import java.util.Date;
-import org.apache.commons.io.FileUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.Groups;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.authc.SimpleAccount;
-import org.apache.shiro.authz.AuthorizationInfo;
-import org.apache.shiro.authz.SimpleAuthorizationInfo;
-import org.apache.shiro.realm.AuthorizingRealm;
-import org.apache.shiro.subject.PrincipalCollection;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
+import com.nimbusds.jose.JWSObject;
+import com.nimbusds.jose.JWSVerifier;
+import com.nimbusds.jose.crypto.RSASSAVerifier;
+import com.nimbusds.jwt.SignedJWT;
 import java.io.ByteArrayInputStream;
 import java.io.File;
 import java.io.IOException;
@@ -40,20 +30,25 @@ import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPublicKey;
 import java.text.ParseException;
+import java.util.Date;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
-
 import javax.servlet.ServletException;
+import org.apache.commons.io.FileUtils;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.security.Groups;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAccount;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-import com.nimbusds.jose.JWSObject;
-import com.nimbusds.jose.JWSVerifier;
-import com.nimbusds.jose.crypto.RSASSAVerifier;
-import com.nimbusds.jwt.SignedJWT;
-
-/**
- * Created for org.apache.zeppelin.server.
- */
+/** Created for org.apache.zeppelin.server. */
 public class KnoxJwtRealm extends AuthorizingRealm {
   private static final Logger LOGGER = LoggerFactory.getLogger(KnoxJwtRealm.class);
 
@@ -70,14 +65,10 @@ public class KnoxJwtRealm extends AuthorizingRealm {
 
   private SimplePrincipalMapper mapper = new SimplePrincipalMapper();
 
-  /**
-   * Configuration object needed by for Hadoop classes.
-   */
+  /** Configuration object needed by for Hadoop classes. */
   private Configuration hadoopConfig;
 
-  /**
-   * Hadoop Groups implementation.
-   */
+  /** Hadoop Groups implementation. */
   private Groups hadoopGroups;
 
   @Override
@@ -162,15 +153,16 @@ public class KnoxJwtRealm extends AuthorizingRealm {
     PublicKey key = null;
     try {
       CertificateFactory fact = CertificateFactory.getInstance("X.509");
-      ByteArrayInputStream is = new ByteArrayInputStream(
-          FileUtils.readFileToString(new File(pem)).getBytes("UTF8"));
+      ByteArrayInputStream is =
+          new ByteArrayInputStream(FileUtils.readFileToString(new File(pem)).getBytes("UTF8"));
       X509Certificate cer = (X509Certificate) fact.generateCertificate(is);
       key = cer.getPublicKey();
     } catch (CertificateException ce) {
       String message = null;
       if (pem.startsWith(pemHeader)) {
-        message = "CertificateException - be sure not to include PEM header "
-            + "and footer in the PEM configuration element.";
+        message =
+            "CertificateException - be sure not to include PEM header "
+                + "and footer in the PEM configuration element.";
       } else {
         message = "CertificateException - PEM may be corrupt";
       }
@@ -202,12 +194,11 @@ public class KnoxJwtRealm extends AuthorizingRealm {
   }
 
   /**
-   * Validate that the expiration time of the JWT token has not been violated.
-   * If it has then throw an AuthenticationException. Override this method in
-   * subclasses in order to customize the expiration validation behavior.
+   * Validate that the expiration time of the JWT token has not been violated. If it has then throw
+   * an AuthenticationException. Override this method in subclasses in order to customize the
+   * expiration validation behavior.
    *
-   * @param jwtToken
-   *            the token that contains the expiration date to validate
+   * @param jwtToken the token that contains the expiration date to validate
    * @return valid true if the token has not expired; false otherwise
    */
   protected boolean validateExpiration(SignedJWT jwtToken) {
@@ -234,20 +225,17 @@ public class KnoxJwtRealm extends AuthorizingRealm {
     return new SimpleAuthorizationInfo(roles);
   }
 
-  /**
-   * Query the Hadoop implementation of {@link Groups} to retrieve groups for provided user.
-   */
+  /** Query the Hadoop implementation of {@link Groups} to retrieve groups for provided user. */
   public Set<String> mapGroupPrincipals(final String mappedPrincipalName) {
     /* return the groups as seen by Hadoop */
     Set<String> groups = null;
     try {
       hadoopGroups.refresh();
-      final List<String> groupList = hadoopGroups
-          .getGroups(mappedPrincipalName);
+      final List<String> groupList = hadoopGroups.getGroups(mappedPrincipalName);
 
       if (LOGGER.isDebugEnabled()) {
-        LOGGER.debug(String.format("group found %s, %s",
-            mappedPrincipalName, groupList.toString()));
+        LOGGER.debug(
+            String.format("group found %s, %s", mappedPrincipalName, groupList.toString()));
       }
 
       groups = new HashSet<>(groupList);


Mime
View raw message