You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/05/07 20:23:00 UTC
[jira] [Created] (AMBARI-11001) Ambari uses users' interactive
ticket cache
Robert Levas created AMBARI-11001:
-------------------------------------
Summary: Ambari uses users' interactive ticket cache
Key: AMBARI-11001
URL: https://issues.apache.org/jira/browse/AMBARI-11001
Project: Ambari
Issue Type: Bug
Components: ambari-server
Affects Versions: 2.1.0
Reporter: Robert Levas
Assignee: Robert Levas
Priority: Critical
Fix For: 2.1.0
It appears that it is necessary to kinit prior to starting ambari-server, even after ambari-server setup-security (#3). It seems that this should be automatically handled by Ambari.
Ambari-server should NOT use the same ticket cache as the interactive user.
STR:
1. kinit
2. ambari-server start
3. verify that ambari-server can authenticate with ticket specified in #1
4. kdestroy
5. try to authenticate through Ambari again (it will not work)
#Solution#
Ensure JAAS Login works properly such that the Kerberos tickets for the account that executes Ambari is not relevant.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)