You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oozie.apache.org by rk...@apache.org on 2016/08/02 20:28:07 UTC

oozie git commit: OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter)

Repository: oozie
Updated Branches:
  refs/heads/master 09cd6042a -> 2b8842a04


OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter)


Project: http://git-wip-us.apache.org/repos/asf/oozie/repo
Commit: http://git-wip-us.apache.org/repos/asf/oozie/commit/2b8842a0
Tree: http://git-wip-us.apache.org/repos/asf/oozie/tree/2b8842a0
Diff: http://git-wip-us.apache.org/repos/asf/oozie/diff/2b8842a0

Branch: refs/heads/master
Commit: 2b8842a047bade3297f1cd1104598349c0bc52b2
Parents: 09cd604
Author: Robert Kanter <rk...@cloudera.com>
Authored: Tue Aug 2 13:28:00 2016 -0700
Committer: Robert Kanter <rk...@cloudera.com>
Committed: Tue Aug 2 13:28:00 2016 -0700

----------------------------------------------------------------------
 .../org/apache/oozie/util/JaasConfiguration.java | 16 ++++++++++++----
 .../apache/oozie/util/TestJaasConfiguration.java | 19 +++++++++++++------
 release-log.txt                                  |  1 +
 3 files changed, 26 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java b/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
index 0dbc947..cb9dd17 100644
--- a/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
+++ b/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
@@ -75,11 +75,19 @@ public class JaasConfiguration extends Configuration {
      */
     public static void addEntry(String name, String principal, String keytab) {
         Map<String, String> options = new HashMap<String, String>();
-        options.put("keyTab", keytab);
         options.put("principal", principal);
-        options.put("useKeyTab", "true");
-        options.put("storeKey", "true");
-        options.put("useTicketCache", "false");
+        if (System.getProperty("java.vendor").contains("IBM")) {
+            // IBM JAVA's UseKeytab covers both keyTab and useKeyTab options
+            options.put("useKeytab",keytab.startsWith("file://") ? keytab : "file://" + keytab);
+
+            // Both "initiator" and "acceptor"
+            options.put("credsType", "both");
+        } else {
+            options.put("keyTab", keytab);
+            options.put("useKeyTab", "true");
+            options.put("storeKey", "true");
+            options.put("useTicketCache", "false");
+        }
         AppConfigurationEntry entry = new AppConfigurationEntry(krb5LoginModuleName,
                 AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
         entries.put(name, entry);

http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java b/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
index 2e4e9b0..e36a6c3 100644
--- a/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
+++ b/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
@@ -72,11 +72,18 @@ public class TestJaasConfiguration extends XTestCase {
         assertEquals(loginModuleName, entry.getLoginModuleName());
         assertEquals(AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, entry.getControlFlag());
         Map<String, ?> options = entry.getOptions();
-        assertEquals(keytab, options.get("keyTab"));
-        assertEquals(principal, options.get("principal"));
-        assertEquals("true", options.get("useKeyTab"));
-        assertEquals("true", options.get("storeKey"));
-        assertEquals("false", options.get("useTicketCache"));
-        assertEquals(5, options.size());
+	assertEquals(principal, options.get("principal"));
+	if (loginModuleName.equals("com.ibm.security.auth.module.Krb5LoginModule")){
+			assertEquals(keytab.startsWith("file://") ? keytab : "file://" + keytab, options.get("useKeytab"));
+			assertEquals("both",options.get("credsType"));
+			assertEquals(3, options.size());
+        }
+        else{
+			assertEquals("true", options.get("useKeyTab"));
+			assertEquals(keytab, options.get("keyTab"));
+			assertEquals("true", options.get("storeKey"));
+			assertEquals("false", options.get("useTicketCache"));
+			assertEquals(5, options.size());
+        }
     }
 }

http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/release-log.txt
----------------------------------------------------------------------
diff --git a/release-log.txt b/release-log.txt
index 0e2cf86..e6776a0 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -1,5 +1,6 @@
 -- Oozie 4.3.0 release (trunk - unreleased)
 
+OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter)
 OOZIE-2555 Oozie SSL enable setup does not return port for admin -servers (abhishekbafna via rkanter)
 OOZIE-2440 Exponential re-try policy for workflow action (satishsaley via jaydeepvishwakarma)
 OOZIE-2539 Incorrect property key is used for 'hive log4j configuration file for execution mode' (abhishekbafna via jaydeepvishwakarma)