You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sm...@apache.org on 2018/07/27 06:52:58 UTC
[ambari] branch trunk updated: AMBARI-24319. Reverting previous
changes until we did not find out what's happening with BP installations
(#1893)
This is an automated email from the ASF dual-hosted git repository.
smolnar pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new 052f28c AMBARI-24319. Reverting previous changes until we did not find out what's happening with BP installations (#1893)
052f28c is described below
commit 052f28ca9ab14318ef3c4590e3cc79209e9e0ed9
Author: Sandor Molnar <sm...@apache.org>
AuthorDate: Fri Jul 27 08:52:55 2018 +0200
AMBARI-24319. Reverting previous changes until we did not find out what's happening with BP installations (#1893)
---
.../server/controller/KerberosHelperImpl.java | 6 ++-
.../kerberos/KerberosServerAction.java | 50 ++++++----------------
2 files changed, 16 insertions(+), 40 deletions(-)
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
index a15f424..13cb8fa 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
@@ -138,6 +138,7 @@ import org.slf4j.LoggerFactory;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
@@ -1866,7 +1867,7 @@ public class KerberosHelperImpl implements KerberosHelper {
String uniqueKey = String.format("%s|%s", principal, (keytabFile == null) ? "" : keytabFile);
- if (!hostActiveIdentities.containsKey(uniqueKey) || (StringUtils.isNotBlank(hostActiveIdentities.get(uniqueKey).getReference()) && StringUtils.isBlank(identity.getReference()))) {
+ if (!hostActiveIdentities.containsKey(uniqueKey)) {
KerberosPrincipalType principalType = principalDescriptor.getType();
// Assume the principal is a service principal if not specified
@@ -2467,7 +2468,8 @@ public class KerberosHelperImpl implements KerberosHelper {
handler.createStages(cluster,
clusterHostInfoJson, hostParamsJson, event, roleCommandOrder, kerberosDetails,
dataDirectory, requestStageContainer, serviceComponentHostsToProcess,
- null, null, Sets.newHashSet(principal), hostsWithValidKerberosClient);
+ Collections.singletonMap("KERBEROS", Lists.newArrayList("KERBEROS_CLIENT")),
+ null, Sets.newHashSet(principal), hostsWithValidKerberosClient);
handler.addFinalizeOperationStage(cluster, clusterHostInfoJson, hostParamsJson, event,
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java
index 0c11e34..904fd01 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java
@@ -21,7 +21,6 @@ package org.apache.ambari.server.serveraction.kerberos;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.Type;
-import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
@@ -42,7 +41,6 @@ import org.apache.ambari.server.serveraction.kerberos.stageutils.ResolvedKerbero
import org.apache.ambari.server.serveraction.kerberos.stageutils.ResolvedKerberosPrincipal;
import org.apache.ambari.server.state.Cluster;
import org.apache.ambari.server.state.Clusters;
-import org.apache.ambari.server.state.kerberos.KerberosIdentityDescriptor;
import org.apache.ambari.server.utils.StageUtils;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.StringUtils;
@@ -180,6 +178,12 @@ public abstract class KerberosServerAction extends AbstractServerAction {
private KerberosOperationHandlerFactory kerberosOperationHandlerFactory;
/**
+ * The KerberosIdentityDataFileReaderFactory to use to obtain KerberosIdentityDataFileReader instances
+ */
+ @Inject
+ private KerberosIdentityDataFileReaderFactory kerberosIdentityDataFileReaderFactory;
+
+ /**
* KerberosHelper
*/
@Inject
@@ -451,17 +455,13 @@ public abstract class KerberosServerAction extends AbstractServerAction {
}
try {
- final Map<String, Collection<String>> serviceComponentFilter = (Map<String, Collection<String>>) getServiceComponentFilter();
- final Collection<KerberosIdentityDescriptor> serviceIdentities = serviceComponentFilter == null ? null : calculateServiceIdentities(getClusterName(), serviceComponentFilter);
- for (ResolvedKerberosKeytab rkk : kerberosKeytabController.getFilteredKeytabs(serviceComponentFilter, getHostFilter(), getIdentityFilter())) {
+ for (ResolvedKerberosKeytab rkk : kerberosKeytabController.getFilteredKeytabs((Map<String, Collection<String>>) getServiceComponentFilter(), getHostFilter(), getIdentityFilter())) {
for (ResolvedKerberosPrincipal principal : rkk.getPrincipals()) {
- if (isRelevantIdentity(serviceIdentities, principal)) {
- commandReport = processIdentity(principal, handler, kerberosConfiguration, requestSharedDataContext);
- // If the principal processor returns a CommandReport, than it is time to stop
- // since an error condition has probably occurred, else all is assumed to be well.
- if (commandReport != null) {
- break;
- }
+ commandReport = processIdentity(principal, handler, kerberosConfiguration, requestSharedDataContext);
+ // If the principal processor returns a CommandReport, than it is time to stop since
+ // an error condition has probably occurred, else all is assumed to be well.
+ if (commandReport != null) {
+ break;
}
}
}
@@ -487,32 +487,6 @@ public abstract class KerberosServerAction extends AbstractServerAction {
: commandReport;
}
- private boolean isRelevantIdentity(Collection<KerberosIdentityDescriptor> serviceIdentities, ResolvedKerberosPrincipal principal) {
- if (serviceIdentities != null) {
- boolean hasValidIdentity = false;
- for (KerberosIdentityDescriptor serviceIdentity : serviceIdentities) {
- if (principal.getPrincipal().equals(serviceIdentity.getPrincipalDescriptor().getName()) && StringUtils.isBlank(serviceIdentity.getReference())) {
- hasValidIdentity = true;
- break;
- }
- }
- return hasValidIdentity;
- }
-
- return true;
- }
-
- private Collection<KerberosIdentityDescriptor> calculateServiceIdentities(String clusterName, Map<String, Collection<String>> serviceComponentFilter)
- throws AmbariException {
- final Collection<KerberosIdentityDescriptor> serviceIdentities = new ArrayList<>();
- for (String service : serviceComponentFilter.keySet()) {
- for (Collection<KerberosIdentityDescriptor> activeIdentities : kerberosHelper.getActiveIdentities(clusterName, null, service, null, true).values()) {
- serviceIdentities.addAll(activeIdentities);
- }
- }
- return serviceIdentities;
- }
-
/**
* Processes an identity as necessary.
* <p/>