You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2015/05/07 20:23:00 UTC

[jira] [Created] (AMBARI-11001) Ambari uses users' interactive ticket cache

Robert Levas created AMBARI-11001:
-------------------------------------

             Summary: Ambari uses users' interactive ticket cache
                 Key: AMBARI-11001
                 URL: https://issues.apache.org/jira/browse/AMBARI-11001
             Project: Ambari
          Issue Type: Bug
          Components: ambari-server
    Affects Versions: 2.1.0
            Reporter: Robert Levas
            Assignee: Robert Levas
            Priority: Critical
             Fix For: 2.1.0


It appears that it is necessary to kinit prior to starting ambari-server, even after ambari-server setup-security (#3). It seems that this should be automatically handled by Ambari. 

Ambari-server should NOT use the same ticket cache as the interactive user. 

STR:
1. kinit
2. ambari-server start
3. verify that ambari-server can authenticate with ticket specified in #1
4. kdestroy
5. try to authenticate through Ambari again (it will not work)

#Solution#
Ensure JAAS Login works properly such that the Kerberos tickets for the account that executes Ambari is not relevant.





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)