You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oozie.apache.org by rk...@apache.org on 2016/08/02 20:28:07 UTC
oozie git commit: OOZIE-2172 ZooKeeper Security Tests failed with JVM
IBM JAVA (GauravPande via rkanter)
Repository: oozie
Updated Branches:
refs/heads/master 09cd6042a -> 2b8842a04
OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter)
Project: http://git-wip-us.apache.org/repos/asf/oozie/repo
Commit: http://git-wip-us.apache.org/repos/asf/oozie/commit/2b8842a0
Tree: http://git-wip-us.apache.org/repos/asf/oozie/tree/2b8842a0
Diff: http://git-wip-us.apache.org/repos/asf/oozie/diff/2b8842a0
Branch: refs/heads/master
Commit: 2b8842a047bade3297f1cd1104598349c0bc52b2
Parents: 09cd604
Author: Robert Kanter <rk...@cloudera.com>
Authored: Tue Aug 2 13:28:00 2016 -0700
Committer: Robert Kanter <rk...@cloudera.com>
Committed: Tue Aug 2 13:28:00 2016 -0700
----------------------------------------------------------------------
.../org/apache/oozie/util/JaasConfiguration.java | 16 ++++++++++++----
.../apache/oozie/util/TestJaasConfiguration.java | 19 +++++++++++++------
release-log.txt | 1 +
3 files changed, 26 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java b/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
index 0dbc947..cb9dd17 100644
--- a/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
+++ b/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java
@@ -75,11 +75,19 @@ public class JaasConfiguration extends Configuration {
*/
public static void addEntry(String name, String principal, String keytab) {
Map<String, String> options = new HashMap<String, String>();
- options.put("keyTab", keytab);
options.put("principal", principal);
- options.put("useKeyTab", "true");
- options.put("storeKey", "true");
- options.put("useTicketCache", "false");
+ if (System.getProperty("java.vendor").contains("IBM")) {
+ // IBM JAVA's UseKeytab covers both keyTab and useKeyTab options
+ options.put("useKeytab",keytab.startsWith("file://") ? keytab : "file://" + keytab);
+
+ // Both "initiator" and "acceptor"
+ options.put("credsType", "both");
+ } else {
+ options.put("keyTab", keytab);
+ options.put("useKeyTab", "true");
+ options.put("storeKey", "true");
+ options.put("useTicketCache", "false");
+ }
AppConfigurationEntry entry = new AppConfigurationEntry(krb5LoginModuleName,
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
entries.put(name, entry);
http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java b/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
index 2e4e9b0..e36a6c3 100644
--- a/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
+++ b/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java
@@ -72,11 +72,18 @@ public class TestJaasConfiguration extends XTestCase {
assertEquals(loginModuleName, entry.getLoginModuleName());
assertEquals(AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, entry.getControlFlag());
Map<String, ?> options = entry.getOptions();
- assertEquals(keytab, options.get("keyTab"));
- assertEquals(principal, options.get("principal"));
- assertEquals("true", options.get("useKeyTab"));
- assertEquals("true", options.get("storeKey"));
- assertEquals("false", options.get("useTicketCache"));
- assertEquals(5, options.size());
+ assertEquals(principal, options.get("principal"));
+ if (loginModuleName.equals("com.ibm.security.auth.module.Krb5LoginModule")){
+ assertEquals(keytab.startsWith("file://") ? keytab : "file://" + keytab, options.get("useKeytab"));
+ assertEquals("both",options.get("credsType"));
+ assertEquals(3, options.size());
+ }
+ else{
+ assertEquals("true", options.get("useKeyTab"));
+ assertEquals(keytab, options.get("keyTab"));
+ assertEquals("true", options.get("storeKey"));
+ assertEquals("false", options.get("useTicketCache"));
+ assertEquals(5, options.size());
+ }
}
}
http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/release-log.txt
----------------------------------------------------------------------
diff --git a/release-log.txt b/release-log.txt
index 0e2cf86..e6776a0 100644
--- a/release-log.txt
+++ b/release-log.txt
@@ -1,5 +1,6 @@
-- Oozie 4.3.0 release (trunk - unreleased)
+OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter)
OOZIE-2555 Oozie SSL enable setup does not return port for admin -servers (abhishekbafna via rkanter)
OOZIE-2440 Exponential re-try policy for workflow action (satishsaley via jaydeepvishwakarma)
OOZIE-2539 Incorrect property key is used for 'hive log4j configuration file for execution mode' (abhishekbafna via jaydeepvishwakarma)