You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@ambari.apache.org by Robert Levas <rl...@hortonworks.com> on 2017/05/09 16:12:25 UTC

Review Request 59102: LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59102/
-----------------------------------------------------------

Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene Chekanskiy, Laszlo Puskas, and Sebastian Toader.


Bugs: AMBARI-20938
    https://issues.apache.org/jira/browse/AMBARI-20938


Repository: ambari


Description
-------

LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate.  The current implementation skips validation checks to help avoid SSL issues; however this is not secure. Also the _trusting_ SSL connection may not support the more secure SSL protocols when Java 1.7 is used. For example `TLSv1.2`

A flag in the `ambari.properties` file (`kerberos.operation.verify.kdc.trust`) should be available to allow for the user to select either a _trusting_ SSL connection or a validating (non-trusting) SSL connection to be used.  The default should be to use a (non-trusting) SSL connection.


Diffs
-----

  ambari-server/conf/unix/ambari.properties b8b645d7be 
  ambari-server/docs/configuration/index.md ff9ce54b69 
  ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java 114046f7f6 
  ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java 6687942b3f 
  ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryNonTrusting.java PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryTrusting.java PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandler.java cd19174431 
  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCSSLConnectionException.java PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java 52b3703fcb 
  ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java 603f744352 
  ambari-web/app/controllers/main/admin/kerberos/step1_controller.js 2e41e3d774 
  ambari-web/app/messages.js 8f8d981af7 


Diff: https://reviews.apache.org/r/59102/diff/1/


Testing
-------

Manually tested using Java 1.7 and Java 1.8 using both trusing and non-trusting SSL sockets to ensure expected behavior.

# Local test results: PENDING

# Jenkins test results: PENDING


Thanks,

Robert Levas

Re: Review Request 59102: LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate

Posted by Eugene Chekanskiy <ec...@hortonworks.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59102/#review174645
-----------------------------------------------------------


Ship it!




Ship It!

- Eugene Chekanskiy


On May 9, 2017, 4:38 p.m., Robert Levas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59102/
> -----------------------------------------------------------
> 
> (Updated May 9, 2017, 4:38 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene Chekanskiy, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-20938
>     https://issues.apache.org/jira/browse/AMBARI-20938
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate.  The current implementation skips validation checks to help avoid SSL issues; however this is not secure. Also the _trusting_ SSL connection may not support the more secure SSL protocols when Java 1.7 is used. For example `TLSv1.2`
> 
> A flag in the `ambari.properties` file (`kerberos.operation.verify.kdc.trust`) should be available to allow for the user to select either a _trusting_ SSL connection or a validating (non-trusting) SSL connection to be used.  The default should be to use a (non-trusting) SSL connection.
> 
> 
> Diffs
> -----
> 
>   ambari-server/conf/unix/ambari.properties b8b645d7be 
>   ambari-server/docs/configuration/index.md ff9ce54b69 
>   ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java 114046f7f6 
>   ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java 6687942b3f 
>   ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryNonTrusting.java PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryTrusting.java PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandler.java cd19174431 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCSSLConnectionException.java PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java 52b3703fcb 
>   ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java 603f744352 
>   ambari-web/app/controllers/main/admin/kerberos/step1_controller.js 2e41e3d774 
>   ambari-web/app/messages.js 8f8d981af7 
> 
> 
> Diff: https://reviews.apache.org/r/59102/diff/1/
> 
> 
> Testing
> -------
> 
> Manually tested using Java 1.7 and Java 1.8 using both trusing and non-trusting SSL sockets to ensure expected behavior.
> 
> # Local test results: 
> ```
> [INFO] ------------------------------------------------------------------------
> [INFO] BUILD SUCCESS
> [INFO] ------------------------------------------------------------------------
> [INFO] Total time: 26:12 min
> [INFO] Finished at: 2017-05-09T12:37:05-04:00
> [INFO] Final Memory: 76M/582M
> [INFO] ------------------------------------------------------------------------
> ```
> 
> # Jenkins test results: PENDING
> 
> 
> Thanks,
> 
> Robert Levas
> 
>

Re: Review Request 59102: LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate

Posted by Sebastian Toader <st...@hortonworks.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59102/#review174338
-----------------------------------------------------------


Ship it!




Ship It!

- Sebastian Toader


On May 9, 2017, 6:38 p.m., Robert Levas wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/59102/
> -----------------------------------------------------------
> 
> (Updated May 9, 2017, 6:38 p.m.)
> 
> 
> Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene Chekanskiy, Laszlo Puskas, and Sebastian Toader.
> 
> 
> Bugs: AMBARI-20938
>     https://issues.apache.org/jira/browse/AMBARI-20938
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate.  The current implementation skips validation checks to help avoid SSL issues; however this is not secure. Also the _trusting_ SSL connection may not support the more secure SSL protocols when Java 1.7 is used. For example `TLSv1.2`
> 
> A flag in the `ambari.properties` file (`kerberos.operation.verify.kdc.trust`) should be available to allow for the user to select either a _trusting_ SSL connection or a validating (non-trusting) SSL connection to be used.  The default should be to use a (non-trusting) SSL connection.
> 
> 
> Diffs
> -----
> 
>   ambari-server/conf/unix/ambari.properties b8b645d7be 
>   ambari-server/docs/configuration/index.md ff9ce54b69 
>   ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java 114046f7f6 
>   ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java 6687942b3f 
>   ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryNonTrusting.java PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryTrusting.java PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandler.java cd19174431 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCSSLConnectionException.java PRE-CREATION 
>   ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java 52b3703fcb 
>   ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java 603f744352 
>   ambari-web/app/controllers/main/admin/kerberos/step1_controller.js 2e41e3d774 
>   ambari-web/app/messages.js 8f8d981af7 
> 
> 
> Diff: https://reviews.apache.org/r/59102/diff/1/
> 
> 
> Testing
> -------
> 
> Manually tested using Java 1.7 and Java 1.8 using both trusing and non-trusting SSL sockets to ensure expected behavior.
> 
> # Local test results: 
> ```
> [INFO] ------------------------------------------------------------------------
> [INFO] BUILD SUCCESS
> [INFO] ------------------------------------------------------------------------
> [INFO] Total time: 26:12 min
> [INFO] Finished at: 2017-05-09T12:37:05-04:00
> [INFO] Final Memory: 76M/582M
> [INFO] ------------------------------------------------------------------------
> ```
> 
> # Jenkins test results: PENDING
> 
> 
> Thanks,
> 
> Robert Levas
> 
>

Re: Review Request 59102: LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate

Posted by Robert Levas <rl...@hortonworks.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/59102/
-----------------------------------------------------------

(Updated May 9, 2017, 12:38 p.m.)


Review request for Ambari, Attila Magyar, Balázs Bence Sári, Eugene Chekanskiy, Laszlo Puskas, and Sebastian Toader.


Bugs: AMBARI-20938
    https://issues.apache.org/jira/browse/AMBARI-20938


Repository: ambari


Description
-------

LDAPS connections to an Active Directory when enabling Kerberos should validate the server's SSL certificate.  The current implementation skips validation checks to help avoid SSL issues; however this is not secure. Also the _trusting_ SSL connection may not support the more secure SSL protocols when Java 1.7 is used. For example `TLSv1.2`

A flag in the `ambari.properties` file (`kerberos.operation.verify.kdc.trust`) should be available to allow for the user to select either a _trusting_ SSL connection or a validating (non-trusting) SSL connection to be used.  The default should be to use a (non-trusting) SSL connection.


Diffs
-----

  ambari-server/conf/unix/ambari.properties b8b645d7be 
  ambari-server/docs/configuration/index.md ff9ce54b69 
  ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java 114046f7f6 
  ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java 6687942b3f 
  ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryNonTrusting.java PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/security/InternalSSLSocketFactoryTrusting.java PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandler.java cd19174431 
  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCSSLConnectionException.java PRE-CREATION 
  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java 52b3703fcb 
  ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java 603f744352 
  ambari-web/app/controllers/main/admin/kerberos/step1_controller.js 2e41e3d774 
  ambari-web/app/messages.js 8f8d981af7 


Diff: https://reviews.apache.org/r/59102/diff/1/


Testing (updated)
-------

Manually tested using Java 1.7 and Java 1.8 using both trusing and non-trusting SSL sockets to ensure expected behavior.

# Local test results: 
```
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 26:12 min
[INFO] Finished at: 2017-05-09T12:37:05-04:00
[INFO] Final Memory: 76M/582M
[INFO] ------------------------------------------------------------------------
```

# Jenkins test results: PENDING


Thanks,

Robert Levas