HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Chris Mildebrandt <ch...@woodenrhino.com>]

Hey,

I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38 today
and I'm not able to create a cluster using the REST services. Here's the
call I expected to work:

curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1

I get the following response:

<title>Error 400 Bad Request</title>
</head>
<body>
<h2>HTTP ERROR: 400</h2>
<p>Problem accessing /api/v1/clusters/cl1. Reason:
<pre>    Bad Request</pre></p>
<hr /><i><small>Powered by Jetty://</small></i>

However, I'm able to create the cluster from the web UI. Here are the
relevant log entries from the POST:

11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ContextHandler:966 - context=||/api/v1/clusters/cl1 @
o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 -
sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 -
session=null
11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ServletHandler:422 -
chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ServletHandler:1297 - call filter
org.apache.ambari.server.api.AmbariPersistFilter-452688583
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ServletHandler:1297 - call filter
org.springframework.web.filter.DelegatingFilterProxy-1399975832
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
HttpSessionSecurityContextRepository:85 - No SecurityContext was available
from the HttpSession: null. A new one will be created.
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
additional filter chain; firing Filter: 'BasicAuthenticationFilter'
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
BasicAuthenticationFilter:161 - Basic Authentication Authorization header
found for user 'admin'
11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ProviderManager:152 - Authentication attempt using
org.springframework.security.authentication.dao.DaoAuthenticationProvider
11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
AmbariLocalUserDetailsService:62 - Loading user by name: admin
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
BasicAuthenticationFilter:171 - Authentication success:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
Principal: org.springframework.security.core.userdetails.User@586034f:
Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
true; credentialsNonExpired: true; AccountNonLocked: true; Granted
Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
additional filter chain; firing Filter: 'RequestCacheAwareFilter'
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
additional filter chain; firing Filter:
'SecurityContextHolderAwareRequestFilter'
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
with anonymous token, as it already contained:
'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
Principal: org.springframework.security.core.userdetails.User@586034f:
Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
true; credentialsNonExpired: true; AccountNonLocked: true; Granted
Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
additional filter chain; firing Filter: 'SessionManagementFilter'
11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
HttpSessionSecurityContextRepository:336 - HttpSession being created as
SecurityContext is non-default
11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
HttpSessionSecurityContextRepository:292 - SecurityContext stored to
HttpSession:
'org.springframework.security.core.context.SecurityContextImpl@63215be:
Authentication:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
Principal: org.springframework.security.core.userdetails.User@586034f:
Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
true; credentialsNonExpired: true; AccountNonLocked: true; Granted
Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
additional filter chain; firing Filter: 'ExceptionTranslationFilter'
11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
additional filter chain; firing Filter: 'FilterSecurityInterceptor'
11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
match 'GET /**
11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
/api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterSecurityInterceptor:310 - Previously Authenticated:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
Principal: org.springframework.security.core.userdetails.User@586034f:
Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
true; credentialsNonExpired: true; AccountNonLocked: true; Granted
Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
AffirmativeBased:65 - Voter:
org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
returned: 1
11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterSecurityInterceptor:215 - Authorization successful
11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
object
11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
filter chain; proceeding with original chain
11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ServletHandler:1328 - call servlet
com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
HttpSessionSecurityContextRepository:292 - SecurityContext stored to
HttpSession:
'org.springframework.security.core.context.SecurityContextImpl@63215be:
Authentication:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
Principal: org.springframework.security.core.userdetails.User@586034f:
Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
true; credentialsNonExpired: true; AccountNonLocked: true; Granted
Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
ExceptionTranslationFilter:115 - Chain processed normally
11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
request processing completed
11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
RESPONSE /api/v1/clusters/cl1  400 handled=true
11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled read
interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
)<->r(/10.7.200.1:8080
),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}


Any ideas?

Thanks,
-Chris

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Chris Mildebrandt <ch...@woodenrhino.com>]

Thanks for filing the JIRA too.


On Fri, Jan 17, 2014 at 12:35 PM, Yusaku Sako <yu...@hortonworks.com>wrote:

> No problem.
> Glad it worked for you.
>
> Filed https://issues.apache.org/jira/browse/AMBARI-4337 to update the API
> Reference.
>
> Yusaku
>
>
> On Fri, Jan 17, 2014 at 12:29 PM, Chris Mildebrandt <chris@woodenrhino.com
> > wrote:
>
>> Yes, that worked. Thanks for the fast reply!
>>
>> -Chris
>>
>>
>> On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yu...@hortonworks.com>wrote:
>>
>>> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT
>>> calls you make.
>>> This change in the API behavior was made to prevent CSRF (Cross-Site
>>> Request Forgery).
>>>
>>> Yusaku
>>>
>>>
>>> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <
>>> chris@woodenrhino.com> wrote:
>>>
>>>> Hey,
>>>>
>>>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>>>> today and I'm not able to create a cluster using the REST services. Here's
>>>> the call I expected to work:
>>>>
>>>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>>>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>>>
>>>> I get the following response:
>>>>
>>>> <title>Error 400 Bad Request</title>
>>>> </head>
>>>> <body>
>>>> <h2>HTTP ERROR: 400</h2>
>>>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>>>> <pre>    Bad Request</pre></p>
>>>> <hr /><i><small>Powered by Jetty://</small></i>
>>>>
>>>> However, I'm able to create the cluster from the web UI. Here are the
>>>> relevant log entries from the POST:
>>>>
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358
>>>> - REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183
>>>> -
>>>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184
>>>> - session=null
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:422 -
>>>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:1297 - call filter
>>>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:1297 - call filter
>>>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>>>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>>>> from the HttpSession: null. A new one will be created.
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>>>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>>>> found for user 'admin'
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ProviderManager:152 - Authentication attempt using
>>>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>>>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> BasicAuthenticationFilter:171 - Authentication success:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>>>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>>>> additional filter chain; firing Filter:
>>>> 'SecurityContextHolderAwareRequestFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>>>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>>>> with anonymous token, as it already contained:
>>>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>>>> additional filter chain; firing Filter: 'SessionManagementFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>>>> SecurityContext is non-default
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85
>>>> - new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>>> HttpSession:
>>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>>> Authentication:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>>>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>>>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>>>> match 'GET /**
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>>>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:310 - Previously Authenticated:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AffirmativeBased:65 - Voter:
>>>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>>>> returned: 1
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:215 - Authorization successful
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>>>> object
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>>>> filter chain; proceeding with original chain
>>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:1328 - call servlet
>>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>>> HttpSession:
>>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>>> Authentication:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ExceptionTranslationFilter:115 - Chain processed normally
>>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>>>> request processing completed
>>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360
>>>> - RESPONSE /api/v1/clusters/cl1  400 handled=true
>>>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>>>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>>>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>>>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>>>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>>>> )<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>>>
>>>>
>>>> Any ideas?
>>>>
>>>> Thanks,
>>>> -Chris
>>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE
>>> NOTICE: This message is intended for the use of the individual or entity
>>> to which it is addressed and may contain information that is confidential,
>>> privileged and exempt from disclosure under applicable law. If the reader
>>> of this message is not the intended recipient, you are hereby notified that
>>> any printing, copying, dissemination, distribution, disclosure or
>>> forwarding of this communication is strictly prohibited. If you have
>>> received this communication in error, please contact the sender immediately
>>> and delete it from your system. Thank You.
>>
>>
>>
>
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity
> to which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.
>

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Yusaku Sako <yu...@hortonworks.com>]

No problem.
Glad it worked for you.

Filed https://issues.apache.org/jira/browse/AMBARI-4337 to update the API
Reference.

Yusaku


On Fri, Jan 17, 2014 at 12:29 PM, Chris Mildebrandt
<ch...@woodenrhino.com>wrote:

> Yes, that worked. Thanks for the fast reply!
>
> -Chris
>
>
> On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yu...@hortonworks.com>wrote:
>
>> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls
>> you make.
>> This change in the API behavior was made to prevent CSRF (Cross-Site
>> Request Forgery).
>>
>> Yusaku
>>
>>
>> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <
>> chris@woodenrhino.com> wrote:
>>
>>> Hey,
>>>
>>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>>> today and I'm not able to create a cluster using the REST services. Here's
>>> the call I expected to work:
>>>
>>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>>
>>> I get the following response:
>>>
>>> <title>Error 400 Bad Request</title>
>>> </head>
>>> <body>
>>> <h2>HTTP ERROR: 400</h2>
>>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>>> <pre>    Bad Request</pre></p>
>>> <hr /><i><small>Powered by Jetty://</small></i>
>>>
>>> However, I'm able to create the cluster from the web UI. Here are the
>>> relevant log entries from the POST:
>>>
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
>>> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183
>>> -
>>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184
>>> - session=null
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:422 -
>>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:1297 - call filter
>>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:1297 - call filter
>>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>>> from the HttpSession: null. A new one will be created.
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>>> found for user 'admin'
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ProviderManager:152 - Authentication attempt using
>>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> BasicAuthenticationFilter:171 - Authentication success:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>>> additional filter chain; firing Filter:
>>> 'SecurityContextHolderAwareRequestFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>>> with anonymous token, as it already contained:
>>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>>> additional filter chain; firing Filter: 'SessionManagementFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>>> SecurityContext is non-default
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
>>> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>> HttpSession:
>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>> Authentication:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>>> match 'GET /**
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:310 - Previously Authenticated:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AffirmativeBased:65 - Voter:
>>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>>> returned: 1
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:215 - Authorization successful
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>>> object
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>>> filter chain; proceeding with original chain
>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:1328 - call servlet
>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>> HttpSession:
>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>> Authentication:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ExceptionTranslationFilter:115 - Chain processed normally
>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>>> request processing completed
>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
>>> RESPONSE /api/v1/clusters/cl1  400 handled=true
>>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>>> )<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>>
>>>
>>> Any ideas?
>>>
>>> Thanks,
>>> -Chris
>>>
>>
>>
>> CONFIDENTIALITY NOTICE
>> NOTICE: This message is intended for the use of the individual or entity
>> to which it is addressed and may contain information that is confidential,
>> privileged and exempt from disclosure under applicable law. If the reader
>> of this message is not the intended recipient, you are hereby notified that
>> any printing, copying, dissemination, distribution, disclosure or
>> forwarding of this communication is strictly prohibited. If you have
>> received this communication in error, please contact the sender immediately
>> and delete it from your system. Thank You.
>
>
>

-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Chris Mildebrandt <ch...@woodenrhino.com>]

Yes, that worked. Thanks for the fast reply!

-Chris


On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yu...@hortonworks.com>wrote:

> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls
> you make.
> This change in the API behavior was made to prevent CSRF (Cross-Site
> Request Forgery).
>
> Yusaku
>
>
> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <chris@woodenrhino.com
> > wrote:
>
>> Hey,
>>
>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>> today and I'm not able to create a cluster using the REST services. Here's
>> the call I expected to work:
>>
>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>
>> I get the following response:
>>
>> <title>Error 400 Bad Request</title>
>> </head>
>> <body>
>> <h2>HTTP ERROR: 400</h2>
>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>> <pre>    Bad Request</pre></p>
>> <hr /><i><small>Powered by Jetty://</small></i>
>>
>> However, I'm able to create the cluster from the web UI. Here are the
>> relevant log entries from the POST:
>>
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
>> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 -
>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 -
>> session=null
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:422 -
>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1297 - call filter
>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1297 - call filter
>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>> from the HttpSession: null. A new one will be created.
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>> found for user 'admin'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ProviderManager:152 - Authentication attempt using
>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> BasicAuthenticationFilter:171 - Authentication success:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>> additional filter chain; firing Filter:
>> 'SecurityContextHolderAwareRequestFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>> with anonymous token, as it already contained:
>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>> additional filter chain; firing Filter: 'SessionManagementFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>> SecurityContext is non-default
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
>> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>> HttpSession:
>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>> Authentication:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>> match 'GET /**
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:310 - Previously Authenticated:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AffirmativeBased:65 - Voter:
>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>> returned: 1
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:215 - Authorization successful
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>> object
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>> filter chain; proceeding with original chain
>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1328 - call servlet
>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>> HttpSession:
>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>> Authentication:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ExceptionTranslationFilter:115 - Chain processed normally
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>> request processing completed
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
>> RESPONSE /api/v1/clusters/cl1  400 handled=true
>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>> )<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>
>>
>> Any ideas?
>>
>> Thanks,
>> -Chris
>>
>
>
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity
> to which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Chris Mildebrandt <ch...@woodenrhino.com>]

Great, thanks again.

-Chris


On Fri, Jan 17, 2014 at 12:55 PM, Yusaku Sako <yu...@hortonworks.com>wrote:

> Chris,
>
> In addition to the API Reference update, I've also filed a JIRA to show an
> explicit error message in the API response:
> https://issues.apache.org/jira/browse/AMBARI-4338
>
>
> Yusaku
>
>
> On Fri, Jan 17, 2014 at 12:52 PM, Chris Mildebrandt <chris@woodenrhino.com
> > wrote:
>
>> Another related question.....is there something I missed in the log file
>> that would have pointed me to the missing header, or do we need another
>> JIRA opened to that?
>>
>> Thanks,
>> -Chris
>>
>>
>> On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yu...@hortonworks.com>wrote:
>>
>>> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT
>>> calls you make.
>>> This change in the API behavior was made to prevent CSRF (Cross-Site
>>> Request Forgery).
>>>
>>> Yusaku
>>>
>>>
>>> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <
>>> chris@woodenrhino.com> wrote:
>>>
>>>> Hey,
>>>>
>>>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>>>> today and I'm not able to create a cluster using the REST services. Here's
>>>> the call I expected to work:
>>>>
>>>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>>>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>>>
>>>> I get the following response:
>>>>
>>>> <title>Error 400 Bad Request</title>
>>>> </head>
>>>> <body>
>>>> <h2>HTTP ERROR: 400</h2>
>>>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>>>> <pre>    Bad Request</pre></p>
>>>> <hr /><i><small>Powered by Jetty://</small></i>
>>>>
>>>> However, I'm able to create the cluster from the web UI. Here are the
>>>> relevant log entries from the POST:
>>>>
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358
>>>> - REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183
>>>> -
>>>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184
>>>> - session=null
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:422 -
>>>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:1297 - call filter
>>>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:1297 - call filter
>>>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>>>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>>>> from the HttpSession: null. A new one will be created.
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>>>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>>>> found for user 'admin'
>>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ProviderManager:152 - Authentication attempt using
>>>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>>>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> BasicAuthenticationFilter:171 - Authentication success:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>>>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>>>> additional filter chain; firing Filter:
>>>> 'SecurityContextHolderAwareRequestFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>>>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>>>> with anonymous token, as it already contained:
>>>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>>>> additional filter chain; firing Filter: 'SessionManagementFilter'
>>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>>>> SecurityContext is non-default
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85
>>>> - new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>>> HttpSession:
>>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>>> Authentication:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>>>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>>>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>>>> match 'GET /**
>>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>>>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:310 - Previously Authenticated:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> AffirmativeBased:65 - Voter:
>>>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>>>> returned: 1
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:215 - Authorization successful
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>>>> object
>>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>>>> filter chain; proceeding with original chain
>>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ServletHandler:1328 - call servlet
>>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>>> HttpSession:
>>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>>> Authentication:
>>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> ExceptionTranslationFilter:115 - Chain processed normally
>>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>>>> request processing completed
>>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360
>>>> - RESPONSE /api/v1/clusters/cl1  400 handled=true
>>>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>>>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>>>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>>>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>>>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>>>> )<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>>>
>>>>
>>>> Any ideas?
>>>>
>>>> Thanks,
>>>> -Chris
>>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE
>>> NOTICE: This message is intended for the use of the individual or entity
>>> to which it is addressed and may contain information that is confidential,
>>> privileged and exempt from disclosure under applicable law. If the reader
>>> of this message is not the intended recipient, you are hereby notified that
>>> any printing, copying, dissemination, distribution, disclosure or
>>> forwarding of this communication is strictly prohibited. If you have
>>> received this communication in error, please contact the sender immediately
>>> and delete it from your system. Thank You.
>>>
>>
>>
>
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity
> to which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.
>

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Yusaku Sako <yu...@hortonworks.com>]

Chris,

In addition to the API Reference update, I've also filed a JIRA to show an
explicit error message in the API response:
https://issues.apache.org/jira/browse/AMBARI-4338


Yusaku


On Fri, Jan 17, 2014 at 12:52 PM, Chris Mildebrandt
<ch...@woodenrhino.com>wrote:

> Another related question.....is there something I missed in the log file
> that would have pointed me to the missing header, or do we need another
> JIRA opened to that?
>
> Thanks,
> -Chris
>
>
> On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yu...@hortonworks.com>wrote:
>
>> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls
>> you make.
>> This change in the API behavior was made to prevent CSRF (Cross-Site
>> Request Forgery).
>>
>> Yusaku
>>
>>
>> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <
>> chris@woodenrhino.com> wrote:
>>
>>> Hey,
>>>
>>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>>> today and I'm not able to create a cluster using the REST services. Here's
>>> the call I expected to work:
>>>
>>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>>
>>> I get the following response:
>>>
>>> <title>Error 400 Bad Request</title>
>>> </head>
>>> <body>
>>> <h2>HTTP ERROR: 400</h2>
>>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>>> <pre>    Bad Request</pre></p>
>>> <hr /><i><small>Powered by Jetty://</small></i>
>>>
>>> However, I'm able to create the cluster from the web UI. Here are the
>>> relevant log entries from the POST:
>>>
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
>>> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183
>>> -
>>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184
>>> - session=null
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:422 -
>>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:1297 - call filter
>>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:1297 - call filter
>>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>>> from the HttpSession: null. A new one will be created.
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>>> found for user 'admin'
>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ProviderManager:152 - Authentication attempt using
>>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> BasicAuthenticationFilter:171 - Authentication success:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>>> additional filter chain; firing Filter:
>>> 'SecurityContextHolderAwareRequestFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>>> with anonymous token, as it already contained:
>>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>>> additional filter chain; firing Filter: 'SessionManagementFilter'
>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>>> SecurityContext is non-default
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
>>> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>> HttpSession:
>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>> Authentication:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>>> match 'GET /**
>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:310 - Previously Authenticated:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> AffirmativeBased:65 - Voter:
>>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>>> returned: 1
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:215 - Authorization successful
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>>> object
>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>>> filter chain; proceeding with original chain
>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ServletHandler:1328 - call servlet
>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>>> HttpSession:
>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>>> Authentication:
>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>>> Principal: org.springframework.security.core.userdetails.User@586034f:
>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> ExceptionTranslationFilter:115 - Chain processed normally
>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>>> request processing completed
>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
>>> RESPONSE /api/v1/clusters/cl1  400 handled=true
>>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>>> )<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>>
>>>
>>> Any ideas?
>>>
>>> Thanks,
>>> -Chris
>>>
>>
>>
>> CONFIDENTIALITY NOTICE
>> NOTICE: This message is intended for the use of the individual or entity
>> to which it is addressed and may contain information that is confidential,
>> privileged and exempt from disclosure under applicable law. If the reader
>> of this message is not the intended recipient, you are hereby notified that
>> any printing, copying, dissemination, distribution, disclosure or
>> forwarding of this communication is strictly prohibited. If you have
>> received this communication in error, please contact the sender immediately
>> and delete it from your system. Thank You.
>>
>
>

-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Chris Mildebrandt <ch...@woodenrhino.com>]

Another related question.....is there something I missed in the log file
that would have pointed me to the missing header, or do we need another
JIRA opened to that?

Thanks,
-Chris


On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yu...@hortonworks.com>wrote:

> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls
> you make.
> This change in the API behavior was made to prevent CSRF (Cross-Site
> Request Forgery).
>
> Yusaku
>
>
> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <chris@woodenrhino.com
> > wrote:
>
>> Hey,
>>
>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>> today and I'm not able to create a cluster using the REST services. Here's
>> the call I expected to work:
>>
>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>
>> I get the following response:
>>
>> <title>Error 400 Bad Request</title>
>> </head>
>> <body>
>> <h2>HTTP ERROR: 400</h2>
>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>> <pre>    Bad Request</pre></p>
>> <hr /><i><small>Powered by Jetty://</small></i>
>>
>> However, I'm able to create the cluster from the web UI. Here are the
>> relevant log entries from the POST:
>>
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
>> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 -
>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 -
>> session=null
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:422 -
>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1297 - call filter
>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1297 - call filter
>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>> from the HttpSession: null. A new one will be created.
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>> found for user 'admin'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ProviderManager:152 - Authentication attempt using
>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> BasicAuthenticationFilter:171 - Authentication success:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>> additional filter chain; firing Filter:
>> 'SecurityContextHolderAwareRequestFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>> with anonymous token, as it already contained:
>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>> additional filter chain; firing Filter: 'SessionManagementFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>> SecurityContext is non-default
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
>> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>> HttpSession:
>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>> Authentication:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>> match 'GET /**
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:310 - Previously Authenticated:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AffirmativeBased:65 - Voter:
>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>> returned: 1
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:215 - Authorization successful
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>> object
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>> filter chain; proceeding with original chain
>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1328 - call servlet
>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>> HttpSession:
>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>> Authentication:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ExceptionTranslationFilter:115 - Chain processed normally
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>> request processing completed
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
>> RESPONSE /api/v1/clusters/cl1  400 handled=true
>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>> )<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>
>>
>> Any ideas?
>>
>> Thanks,
>> -Chris
>>
>
>
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity
> to which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.

Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services

[Yusaku Sako <yu...@hortonworks.com>]

Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls
you make.
This change in the API behavior was made to prevent CSRF (Cross-Site
Request Forgery).

Yusaku


On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt
<ch...@woodenrhino.com>wrote:

> Hey,
>
> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38 today
> and I'm not able to create a cluster using the REST services. Here's the
> call I expected to work:
>
> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>
> I get the following response:
>
> <title>Error 400 Bad Request</title>
> </head>
> <body>
> <h2>HTTP ERROR: 400</h2>
> <p>Problem accessing /api/v1/clusters/cl1. Reason:
> <pre>    Bad Request</pre></p>
> <hr /><i><small>Powered by Jetty://</small></i>
>
> However, I'm able to create the cluster from the web UI. Here are the
> relevant log entries from the POST:
>
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 -
> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 -
> session=null
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ServletHandler:422 -
> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ServletHandler:1297 - call filter
> org.apache.ambari.server.api.AmbariPersistFilter-452688583
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ServletHandler:1297 - call filter
> org.springframework.web.filter.DelegatingFilterProxy-1399975832
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
> from the HttpSession: null. A new one will be created.
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
> found for user 'admin'
> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ProviderManager:152 - Authentication attempt using
> org.springframework.security.authentication.dao.DaoAuthenticationProvider
> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
> AmbariLocalUserDetailsService:62 - Loading user by name: admin
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> BasicAuthenticationFilter:171 - Authentication success:
> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
> Principal: org.springframework.security.core.userdetails.User@586034f:
> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
> additional filter chain; firing Filter:
> 'SecurityContextHolderAwareRequestFilter'
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
> with anonymous token, as it already contained:
> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
> Principal: org.springframework.security.core.userdetails.User@586034f:
> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
> additional filter chain; firing Filter: 'SessionManagementFilter'
> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> HttpSessionSecurityContextRepository:336 - HttpSession being created as
> SecurityContext is non-default
> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
> HttpSession:
> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
> Authentication:
> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
> Principal: org.springframework.security.core.userdetails.User@586034f:
> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
> match 'GET /**
> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterSecurityInterceptor:310 - Previously Authenticated:
> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
> Principal: org.springframework.security.core.userdetails.User@586034f:
> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> AffirmativeBased:65 - Voter:
> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
> returned: 1
> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterSecurityInterceptor:215 - Authorization successful
> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
> object
> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
> filter chain; proceeding with original chain
> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ServletHandler:1328 - call servlet
> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
> HttpSession:
> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
> Authentication:
> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
> Principal: org.springframework.security.core.userdetails.User@586034f:
> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> ExceptionTranslationFilter:115 - Chain processed normally
> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
> request processing completed
> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
> RESPONSE /api/v1/clusters/cl1  400 handled=true
> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
> )<->r(/10.7.200.1:8080
> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>
>
> Any ideas?
>
> Thanks,
> -Chris
>

-- 
CONFIDENTIALITY NOTICE
NOTICE: This message is intended for the use of the individual or entity to 
which it is addressed and may contain information that is confidential, 
privileged and exempt from disclosure under applicable law. If the reader 
of this message is not the intended recipient, you are hereby notified that 
any printing, copying, dissemination, distribution, disclosure or 
forwarding of this communication is strictly prohibited. If you have 
received this communication in error, please contact the sender immediately 
and delete it from your system. Thank You.