You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ja...@apache.org on 2013/06/27 11:11:39 UTC
svn commit: r1497256 - in /incubator/ambari/trunk/ambari-web/app:
controllers/main/admin/security/add/step3.js data/secure_mapping.js
Author: jaimin
Date: Thu Jun 27 09:11:39 2013
New Revision: 1497256
URL: http://svn.apache.org/r1497256
Log:
AMBARI-2501: Cannot enable security when certain services are not installed on the cluster.
Modified:
incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js
incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js
Modified: incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js?rev=1497256&r1=1497255&r2=1497256&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js (original)
+++ incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js Thu Jun 27 09:11:39 2013
@@ -21,6 +21,7 @@ App.MainAdminSecurityAddStep3Controller
name: 'mainAdminSecurityAddStep3Controller',
secureMapping: require('data/secure_mapping'),
+ secureProperties: require('data/secure_properties').configProperties,
stages: [],
configs: [],
noOfWaitingAjaxCalls: 0,
@@ -35,6 +36,18 @@ App.MainAdminSecurityAddStep3Controller
return this.get('content.services').someProperty('serviceName', 'OOZIE');
}.property('content.services'),
+ isHiveSelected: function () {
+ return this.get('content.services').someProperty('serviceName', 'HIVE');
+ }.property('content.services'),
+
+ isNagiosSelected: function () {
+ return this.get('content.services').someProperty('serviceName', 'NAGIOS');
+ }.property('content.services'),
+
+ isZkSelected: function () {
+ return this.get('content.services').someProperty('serviceName', 'ZOOKEEPER');
+ }.property('content.services'),
+
isWebHcatSelected: function () {
var installedServices = App.Service.find().mapProperty('serviceName');
return installedServices.contains('WEBHCAT');
@@ -209,13 +222,15 @@ App.MainAdminSecurityAddStep3Controller
}, this);
var dependentConfig = this.get('secureMapping').filterProperty('foreignKey');
dependentConfig.forEach(function (_config) {
- this.setConfigValue(uiConfig, _config);
- uiConfig.pushObject({
- "id": "site property",
- "name": _config._name || _config.name,
- "value": _config.value,
- "filename": _config.filename
- });
+ if (App.Service.find().mapProperty('serviceName').contains( _config.serviceName)) {
+ this.setConfigValue(uiConfig, _config);
+ uiConfig.pushObject({
+ "id": "site property",
+ "name": _config._name || _config.name,
+ "value": _config.value,
+ "filename": _config.filename
+ });
+ }
}, this);
return uiConfig;
},
@@ -315,16 +330,18 @@ App.MainAdminSecurityAddStep3Controller
},
loadHostNamesToGlobal: function () {
- if (this.get('isOozieSelected')) {
- var oozieHostName = App.Service.find('OOZIE').get('hostComponents').findProperty('componentName', 'OOZIE_SERVER').get('host.hostName');
+ var oozieHostComponent = App.Service.find('OOZIE').get('hostComponents').findProperty('componentName', 'OOZIE_SERVER');
+ if (this.get('isOozieSelected') && oozieHostComponent) {
+ var oozieHostName = oozieHostComponent.get('host.hostName');
this.get('globalProperties').pushObject({
id: 'puppet var',
name: 'oozieserver_host',
value: oozieHostName
});
}
- if (App.Service.find('HIVE')) {
- var hiveHostName = App.Service.find('HIVE').get('hostComponents').findProperty('componentName', 'HIVE_METASTORE').get('host.hostName');
+ var hiveHostComponent = App.Service.find('HIVE').get('hostComponents').findProperty('componentName', 'HIVE_METASTORE');
+ if (this.get('isHiveSelected') && hiveHostComponent) {
+ var hiveHostName = hiveHostComponent.get('host.hostName');
this.get('globalProperties').pushObject({
id: 'puppet var',
name: 'hivemetastore_host',
@@ -361,11 +378,21 @@ App.MainAdminSecurityAddStep3Controller
getPrincipalNames: function () {
var principalNames = [];
+ var allPrincipalNames = [];
this.get('globalProperties').forEach(function (_globalProperty) {
if (/principal_name?$/.test(_globalProperty.name)) {
principalNames.pushObject(_globalProperty);
}
}, this);
+ this.get('secureProperties').forEach(function (_secureProperty) {
+ if (/principal_name?$/.test(_secureProperty.name)) {
+ var principalName = principalNames.findProperty('name', _secureProperty.name);
+ if (!principalName) {
+ _secureProperty.value = _secureProperty.defaultValue;
+ principalNames.pushObject(_secureProperty);
+ }
+ }
+ }, this);
return principalNames;
},
@@ -510,11 +537,15 @@ App.MainAdminSecurityAddStep3Controller
this.get('serviceConfigTags').forEach(function (_serviceConfigTags) {
_serviceConfigTags.newTagName = 'version' + (new Date).getTime();
if (_serviceConfigTags.siteName === 'global') {
- var nagiosPrincipalName = this.get('globalProperties').findProperty('name', 'nagios_principal_name');
- var zkPrincipalName = this.get('globalProperties').findProperty('name', 'zookeeper_principal_name');
var realmName = this.get('globalProperties').findProperty('name', 'kerberos_domain');
- nagiosPrincipalName.value = nagiosPrincipalName.value + '@' + realmName.value;
- zkPrincipalName.value = zkPrincipalName.value + '@' + realmName.value;
+ if (this.get('isNagiosSelected')) {
+ var nagiosPrincipalName = this.get('globalProperties').findProperty('name', 'nagios_principal_name');
+ nagiosPrincipalName.value = nagiosPrincipalName.value + '@' + realmName.value;
+ }
+ if (this.get('isZkSelected')) {
+ var zkPrincipalName = this.get('globalProperties').findProperty('name', 'zookeeper_principal_name');
+ zkPrincipalName.value = zkPrincipalName.value + '@' + realmName.value;
+ }
this.get('globalProperties').forEach(function (_globalProperty) {
_serviceConfigTags.configs[_globalProperty.name] = _globalProperty.value;
}, this);
Modified: incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js?rev=1497256&r1=1497255&r2=1497256&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js (original)
+++ incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js Thu Jun 27 09:11:39 2013
@@ -22,14 +22,16 @@ module.exports = [
"templateName": [],
"foreignKey": null,
"value": "kerberos",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "hadoop.security.authorization",
"templateName": [],
"foreignKey": null,
"value": "true",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "HDFS"
},
{
@@ -37,21 +39,24 @@ module.exports = [
"templateName": ["jobtracker_primary_name", "kerberos_domain", "mapred_user", "tasktracker_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_primary_name", "hbase_user"],
"foreignKey": null,
"value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/ RULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/ RULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/ RULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/ RULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/ DEFAULT",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.namenode.kerberos.principal",
"templateName": ["namenode_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.namenode.keytab.file",
"templateName": ["namenode_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.secondary.namenode.kerberos.principal",
@@ -65,259 +70,296 @@ module.exports = [
"templateName": ["namenode_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.web.authentication.kerberos.principal",
"templateName": ["hadoop_http_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.web.authentication.kerberos.keytab",
"templateName": ["hadoop_http_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.datanode.kerberos.principal",
"templateName": ["datanode_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.datanode.keytab.file",
"templateName": ["datanode_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.namenode.kerberos.internal.spnego.principal",
"templateName": [],
"foreignKey": null,
"value": "${dfs.web.authentication.kerberos.principal}",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.secondary.namenode.kerberos.internal.spnego.principal",
"templateName": [],
"foreignKey": null,
"value": "${dfs.web.authentication.kerberos.principal}",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.datanode.address",
"templateName": ["dfs_datanode_address"],
"foreignKey": null,
"value": "0.0.0.0:<templateName[0]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "dfs.datanode.http.address",
"templateName": ["dfs_datanode_http_address"],
"foreignKey": null,
"value": "0.0.0.0:<templateName[0]>",
- "filename": "hdfs-site.xml"
+ "filename": "hdfs-site.xml",
+ "serviceName": "HDFS"
},
{
"name": "mapreduce.jobtracker.kerberos.principal",
"templateName": ["jobtracker_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "mapred-site.xml"
+ "filename": "mapred-site.xml",
+ "serviceName": "MAPREDUCE"
},
{
"name": "mapreduce.jobtracker.keytab.file",
"templateName": ["jobtracker_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "mapred-site.xml"
+ "filename": "mapred-site.xml",
+ "serviceName": "MAPREDUCE"
},
{
"name": "mapreduce.jobhistory.kerberos.principal",
"templateName": ["jobtracker_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "mapred-site.xml"
+ "filename": "mapred-site.xml",
+ "serviceName": "MAPREDUCE"
},
{
"name": "mapreduce.jobhistory.keytab.file",
"templateName": ["jobtracker_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "mapred-site.xml"
+ "filename": "mapred-site.xml",
+ "serviceName": "MAPREDUCE"
},
{
"name": "mapreduce.tasktracker.kerberos.principal",
"templateName": ["tasktracker_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "mapred-site.xml"
+ "filename": "mapred-site.xml",
+ "serviceName": "MAPREDUCE"
},
{
"name": "mapreduce.tasktracker.keytab.file",
"templateName": ["tasktracker_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "mapred-site.xml"
+ "filename": "mapred-site.xml",
+ "serviceName": "MAPREDUCE"
},
{
"name": "hbase.master.kerberos.principal",
"templateName": ["hbase_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.master.keytab.file",
"templateName": ["hbase_service_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.regionserver.kerberos.principal",
"templateName": ["hbase_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.regionserver.keytab.file",
"templateName": ["hbase_service_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hive.metastore.sasl.enabled",
"templateName": [],
"foreignKey": null,
"value": "true",
- "filename": "hive-site.xml"
+ "filename": "hive-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hive.server2.authentication",
"templateName": [],
"foreignKey": null,
"value": "KERBEROS",
- "filename": "hive-site.xml"
+ "filename": "hive-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hive.metastore.kerberos.principal",
"templateName": ["hive_metastore_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hive-site.xml"
+ "filename": "hive-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hive.metastore.kerberos.keytab.file",
"templateName": ["hive_metastore__keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hive-site.xml"
+ "filename": "hive-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hive.server2.authentication.kerberos.principal",
"templateName": ["hive_metastore_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "hive-site.xml"
+ "filename": "hive-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hive.server2.authentication.kerberos.keytab",
"templateName": ["hive_metastore__keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "hive-site.xml"
+ "filename": "hive-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "oozie.service.AuthorizationService.authorization.enabled",
"templateName": [],
"foreignKey": null,
"value": "true",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.service.HadoopAccessorService.kerberos.enabled",
"templateName": [],
"foreignKey": null,
"value": "true",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "local.realm",
"templateName": ["kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.service.HadoopAccessorService.keytab.file",
"templateName": ["oozie_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.service.HadoopAccessorService.kerberos.principal",
"templateName": ["oozie_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.authentication.type",
"templateName": [],
"foreignKey": null,
"value": "kerberos",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.authentication.kerberos.principal",
"templateName": ["oozie_http_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.authentication.kerberos.keytab",
"templateName": ["hadoop_http_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "oozie.authentication.kerberos.name.rules",
"templateName": ["jobtracker_primary_name", "kerberos_domain", "mapred_user", "tasktracker_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_primary_name", "hbase_user"],
"foreignKey": null,
"value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/ RULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/ RULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/ RULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/ RULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/ DEFAULT",
- "filename": "oozie-site.xml"
+ "filename": "oozie-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "templeton.kerberos.principal",
"templateName": ["webHCat_http_principal_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
- "filename": "webhcat-site.xml"
+ "filename": "webhcat-site.xml",
+ "serviceName": "WEBHCAT"
},
{
"name": "templeton.kerberos.keytab",
"templateName": ["hadoop_http_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
- "filename": "webhcat-site.xml"
+ "filename": "webhcat-site.xml",
+ "serviceName": "WEBHCAT"
},
{
"name": "templeton.kerberos.secret",
"templateName": [""],
"foreignKey": null,
"value": "secret",
- "filename": "webhcat-site.xml"
+ "filename": "webhcat-site.xml",
+ "serviceName": "WEBHCAT"
},
{
"name": "templeton.kerberos.properties",
@@ -325,84 +367,96 @@ module.exports = [
"foreignKey": null,
"value": "hive.metastore.local=false, hive.metastore.uris=thrift://MetastoreHost_FQDN:9083, hive.q" +
"metastore.sasl.enabled=true,hive.metastore.execute.setugi= true, hive.exec.mode.local.auto=false, hive.metastore.kerberos.principal=<templateName[0]>/_HOST@EXAMPLE.COM",
- "filename": "webhcat-site.xml"
+ "filename": "webhcat-site.xml",
+ "serviceName": "WEBHCAT"
},
{
"name": "hbase.coprocessor.master.classes",
"templateName": [],
"foreignKey": null,
"value": "org.apache.hadoop.hbase.security.access.AccessController",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.coprocessor.region.classes",
"templateName": [],
"foreignKey": null,
"value": "org.apache.hadoop.hbase.security.token.TokenProvider,org.apache.hadoop.hbase.security.access.SecureBulkLoadEndpoint,org.apache.hadoop.hbase.security.access.AccessController",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.security.authentication",
"templateName": [],
"foreignKey": null,
"value": "kerberos",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.rpc.engine",
"templateName": [],
"foreignKey": null,
"value": "org.apache.hadoop.hbase.ipc.SecureRpcEngine",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.security.authorization",
"templateName": [],
"foreignKey": null,
"value": "true",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hbase.bulkload.staging.dir",
"templateName": [],
"foreignKey": null,
"value": "/apps/hbase/staging",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "zookeeper.znode.parent",
"templateName": [],
"foreignKey": null,
"value": "/hbase-secure",
- "filename": "hbase-site.xml"
+ "filename": "hbase-site.xml",
+ "serviceName": "HBASE"
},
{
"name": "hadoop.proxyuser.<foreignKey[0]>.groups",
"templateName": ["proxyuser_group"],
"foreignKey": ["hive_metastore_primary_name"],
"value": "<templateName[0]>",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hadoop.proxyuser.<foreignKey[0]>.hosts",
"templateName": ["hivemetastore_host"],
"foreignKey": ["hive_metastore_primary_name"],
"value": "<templateName[0]>",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "HIVE"
},
{
"name": "hadoop.proxyuser.<foreignKey[0]>.groups",
"templateName": ["proxyuser_group"],
"foreignKey": ["oozie_primary_name"],
"value": "<templateName[0]>",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "OOZIE"
},
{
"name": "hadoop.proxyuser.<foreignKey[0]>.hosts",
"templateName": ["oozieserver_host"],
"foreignKey": ["oozie_primary_name"],
"value": "<templateName[0]>",
- "filename": "core-site.xml"
+ "filename": "core-site.xml",
+ "serviceName": "OOZIE"
}
];