You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rn...@apache.org on 2015/11/09 16:41:05 UTC
ambari git commit: AMBARI-13778. Submitting kerberos descriptor
should be optional in Blueprint or Cluster template json. (Sandor Magyari via
rnettleton)
Repository: ambari
Updated Branches:
refs/heads/trunk 88c850bbe -> 9cb0cc07a
AMBARI-13778. Submitting kerberos descriptor should be optional in Blueprint or Cluster template json. (Sandor Magyari via rnettleton)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/9cb0cc07
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/9cb0cc07
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/9cb0cc07
Branch: refs/heads/trunk
Commit: 9cb0cc07abbcf42317f56a777f758b4fa60f77b3
Parents: 88c850b
Author: Bob Nettleton <rn...@hortonworks.com>
Authored: Mon Nov 9 10:30:40 2015 -0500
Committer: Bob Nettleton <rn...@hortonworks.com>
Committed: Mon Nov 9 10:31:07 2015 -0500
----------------------------------------------------------------------
.../server/topology/SecurityConfigurationFactory.java | 11 ++++-------
.../apache/ambari/server/topology/TopologyManager.java | 8 ++++++--
.../topology/SecurityConfigurationFactoryTest.java | 2 +-
3 files changed, 11 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/9cb0cc07/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfigurationFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfigurationFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfigurationFactory.java
index 5f8cde1..8a31a42 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfigurationFactory.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/SecurityConfigurationFactory.java
@@ -99,12 +99,6 @@ public class SecurityConfigurationFactory {
Object descriptorJsonMap = securityProperties.get(KERBEROS_DESCRIPTOR_PROPERTY_ID);
- if (descriptorReference == null && descriptorJsonMap == null) {
- LOGGER.error("Both kerberos descriptor and kerberos descriptor reference are null in the security configuration!");
- throw new IllegalArgumentException(KERBEROS_DESCRIPTOR_PROPERTY_ID + " or "
- + KERBEROS_DESCRIPTOR_REFERENCE_PROPERTY_ID + " is required for KERBEROS security setup.");
- }
-
if (descriptorReference != null && descriptorJsonMap != null) {
LOGGER.error("Both kerberos descriptor and kerberos descriptor reference are set in the security configuration!");
throw new IllegalArgumentException("Usage of properties : " + KERBEROS_DESCRIPTOR_PROPERTY_ID + " and "
@@ -120,9 +114,12 @@ public class SecurityConfigurationFactory {
descriptorReference = persistKerberosDescriptor(descriptorText);
}
securityConfiguration = new SecurityConfiguration(SecurityType.KERBEROS, descriptorReference, descriptorText);
- } else { // this means the reference is not null
+ } else if (descriptorReference != null) { // this means the reference is not null
LOGGER.debug("Found descriptor reference: {}", descriptorReference);
securityConfiguration = loadSecurityConfigurationByReference(descriptorReference);
+ } else {
+ LOGGER.debug("There is no security descriptor found in the request");
+ securityConfiguration = new SecurityConfiguration(SecurityType.KERBEROS);
}
} else {
LOGGER.debug("There is no security configuration found in the request");
http://git-wip-us.apache.org/repos/asf/ambari/blob/9cb0cc07/ambari-server/src/main/java/org/apache/ambari/server/topology/TopologyManager.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/topology/TopologyManager.java b/ambari-server/src/main/java/org/apache/ambari/server/topology/TopologyManager.java
index 7f571ce..a688464 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/topology/TopologyManager.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/topology/TopologyManager.java
@@ -139,7 +139,10 @@ public class TopologyManager {
// create Cluster resource with security_type = KERBEROS, this will trigger cluster Kerberization
// upon host install task execution
ambariContext.createAmbariResources(topology, clusterName, securityConfiguration.getType());
- submitKerberosDescriptorAsArtifact(clusterName, securityConfiguration.getDescriptor());
+ if (securityConfiguration.getDescriptor() != null) {
+ submitKerberosDescriptorAsArtifact(clusterName, securityConfiguration.getDescriptor());
+ }
+
Credential credential = request.getCredentialsMap().get(KDC_ADMIN_CREDENTIAL);
if (credential == null) {
throw new InvalidTopologyException(KDC_ADMIN_CREDENTIAL + " is missing from request.");
@@ -219,7 +222,8 @@ public class TopologyManager {
// todo - perform this logic at request creation instead!
LOG.debug("There's no security configuration in the request, retrieving it from the associated blueprint");
securityConfiguration = request.getBlueprint().getSecurity();
- if (securityConfiguration.getType() == SecurityType.KERBEROS) {
+ if (securityConfiguration.getType() == SecurityType.KERBEROS &&
+ securityConfiguration.getDescriptorReference() != null) {
securityConfiguration = securityConfigurationFactory.loadSecurityConfigurationByReference
(securityConfiguration.getDescriptorReference());
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/9cb0cc07/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationFactoryTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationFactoryTest.java b/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationFactoryTest.java
index bf9556f..e991ead 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationFactoryTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/topology/SecurityConfigurationFactoryTest.java
@@ -102,7 +102,7 @@ public class SecurityConfigurationFactoryTest {
kdEntityCaptor.getValue().getName());
}
- @Test(expected = IllegalArgumentException.class)
+ @Test
public void testCreateKerberosSecurityWithoutDescriptor() throws Exception {
Map<String, Object> reuqestMap = new HashMap<>();
Map<String, Object> security = new HashMap<>();