You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by yu...@apache.org on 2013/06/10 04:38:02 UTC
svn commit: r1491328 - in /incubator/ambari/trunk/ambari-web/app:
controllers/main/admin/security/add/step3.js data/secure_configs.js
data/secure_mapping.js data/secure_properties.js
Author: yusaku
Date: Mon Jun 10 02:38:02 2013
New Revision: 1491328
URL: http://svn.apache.org/r1491328
Log:
AMBARI-2338. Security Wizard: HTTP principal is repeated in various services and can have distinct keytabs, which would cause failure. (jaimin via yusaku)
Modified:
incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js
incubator/ambari/trunk/ambari-web/app/data/secure_configs.js
incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js
incubator/ambari/trunk/ambari-web/app/data/secure_properties.js
Modified: incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js?rev=1491328&r1=1491327&r2=1491328&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js (original)
+++ incubator/ambari/trunk/ambari-web/app/controllers/main/admin/security/add/step3.js Mon Jun 10 02:38:02 2013
@@ -317,9 +317,7 @@ App.MainAdminSecurityAddStep3Controller
var self = this;
//prepare tags to fetch all configuration for a service
this.get('content.services').forEach(function (_secureService) {
- if (_secureService.serviceName !== 'GENERAL') {
self.setServiceTagNames(_secureService, data.Clusters.desired_configs);
- }
});
this.getAllConfigurations();
},
@@ -333,7 +331,6 @@ App.MainAdminSecurityAddStep3Controller
* set tagnames for configuration of the *-site.xml
*/
setServiceTagNames: function (secureService, configs) {
- console.log("TRACE: In setServiceTagNames function:");
//var serviceConfigTags = this.get('serviceConfigTags');
for (var index in configs) {
if (secureService.sites && secureService.sites.contains(index)) {
Modified: incubator/ambari/trunk/ambari-web/app/data/secure_configs.js
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-web/app/data/secure_configs.js?rev=1491328&r1=1491327&r2=1491328&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-web/app/data/secure_configs.js (original)
+++ incubator/ambari/trunk/ambari-web/app/data/secure_configs.js Mon Jun 10 02:38:02 2013
@@ -30,6 +30,7 @@ module.exports = [
configCategories: [
App.ServiceConfigCategory.create({ name: 'KERBEROS', displayName: 'General'})
],
+ sites: ['global','webhcat-site'],
configs: configProperties.filterProperty('serviceName', 'GENERAL')
},
{
@@ -41,7 +42,7 @@ module.exports = [
App.ServiceConfigCategory.create({ name: 'NameNode', displayName: 'NameNode'}),
App.ServiceConfigCategory.create({ name: 'DataNode', displayName: 'DataNode'})
],
- sites: ['global', 'core-site', 'hdfs-site'],
+ sites: ['core-site', 'hdfs-site'],
configs: configProperties.filterProperty('serviceName', 'HDFS')
},
@@ -67,18 +68,6 @@ module.exports = [
sites: ['hive-site'],
configs: configProperties.filterProperty('serviceName', 'HIVE')
},
-
- {
- serviceName: 'WEBHCAT',
- displayName: 'WebHCat',
- filename: 'webhcat-site',
- configCategories: [
- App.ServiceConfigCategory.create({ name: 'WebHCat', displayName: 'WebHCat'})
- ],
- sites: ['webhcat-site'],
- configs: configProperties.filterProperty('serviceName', 'WEBHCAT')
- },
-
{
serviceName: 'HBASE',
displayName: 'HBase',
Modified: incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js?rev=1491328&r1=1491327&r2=1491328&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js (original)
+++ incubator/ambari/trunk/ambari-web/app/data/secure_mapping.js Mon Jun 10 02:38:02 2013
@@ -265,14 +265,14 @@ module.exports = [
},
{
"name": "oozie.authentication.kerberos.principal",
- "templateName": ["oozie_http_primary_name", "kerberos_domain"],
+ "templateName": ["hadoop_http_primary_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
"filename": "oozie-site.xml"
},
{
"name": "oozie.authentication.kerberos.keytab",
- "templateName": ["oozie_http_keytab"],
+ "templateName": ["hadoop_http_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
"filename": "oozie-site.xml"
@@ -286,14 +286,14 @@ module.exports = [
},
{
"name": "templeton.kerberos.principal",
- "templateName": ["webhcat_http_primary_name", "kerberos_domain"],
+ "templateName": ["hadoop_http_primary_name", "kerberos_domain"],
"foreignKey": null,
"value": "<templateName[0]>@<templateName[1]>",
"filename": "webhcat-site.xml"
},
{
"name": "templeton.kerberos.keytab",
- "templateName": ["webhcat_http_keytab"],
+ "templateName": ["hadoop_http_keytab"],
"foreignKey": null,
"value": "<templateName[0]>",
"filename": "webhcat-site.xml"
Modified: incubator/ambari/trunk/ambari-web/app/data/secure_properties.js
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-web/app/data/secure_properties.js?rev=1491328&r1=1491327&r2=1491328&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-web/app/data/secure_properties.js (original)
+++ incubator/ambari/trunk/ambari-web/app/data/secure_properties.js Mon Jun 10 02:38:02 2013
@@ -94,60 +94,60 @@ module.exports =
"serviceName": "GENERAL",
"category": "KERBEROS"
},
-
- //HDFS
{
"id": "puppet var",
- "name": "namenode_primary_name",
- "displayName": "Primary name",
+ "name": "hadoop_http_primary_name",
+ "displayName": "HTTP Primary name",
"value": "",
- "defaultValue": "nn",
- "description": "Primary name for NameNode",
+ "defaultValue": "HTTP",
+ "isReconfigurable": false,
+ "description": "Primary name for spnego access for NameNode, SNameNode, Oozie and WebHCat",
"displayType": "principal",
"isVisible": true,
"isOverridable": false,
- "serviceName": "HDFS",
- "category": "NameNode"
+ "serviceName": "GENERAL",
+ "category": "KERBEROS"
},
{
"id": "puppet var",
- "name": "namenode_keytab",
- "displayName": "Path to Keytab File",
+ "name": "hadoop_http_keytab",
+ "displayName": "Path to HTTP keytab file",
"value": "",
- "defaultValue": "/etc/security/keytabs/nn.service.keytab",
- "description": "Keytab for NameNode",
+ "defaultValue": "/etc/security/keytabs/spnego.service.keytab",
+ "description": "Path to HTTP keytab file for NameNode, SNameNode, Oozie and WebHCat",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
- "serviceName": "HDFS",
- "category": "NameNode"
+ "serviceName": "GENERAL",
+ "category": "KERBEROS"
},
+
+ //HDFS
{
"id": "puppet var",
- "name": "hadoop_http_primary_name",
- "displayName": "HTTP Primary name",
+ "name": "namenode_primary_name",
+ "displayName": "Primary name",
"value": "",
- "defaultValue": "HTTP",
- "isReconfigurable": false,
- "description": "Primary name for spnego access for NameNode",
+ "defaultValue": "nn",
+ "description": "Primary name for NameNode and SNameNode",
"displayType": "principal",
"isVisible": true,
"isOverridable": false,
"serviceName": "HDFS",
- "category": "General"
+ "category": "NameNode"
},
{
"id": "puppet var",
- "name": "hadoop_http_keytab",
- "displayName": "Path to HTTP keytab file",
+ "name": "namenode_keytab",
+ "displayName": "Path to Keytab File",
"value": "",
- "defaultValue": "/etc/security/keytabs/spnego.service.keytab",
- "description": "Keytab for http NameNode and SNameNode",
+ "defaultValue": "/etc/security/keytabs/nn.service.keytab",
+ "description": "Path to NameNode and SNameNode keytab file",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
"serviceName": "HDFS",
- "category": "General"
+ "category": "NameNode"
},
{
"id": "puppet var",
@@ -247,7 +247,7 @@ module.exports =
"displayName": "Path to keytab file",
"value": "",
"defaultValue": "/etc/security/keytabs/tt.service.keytab",
- "description": "keytab for TaskTracker",
+ "description": "Path to TaskTracker keytab file",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
@@ -262,12 +262,12 @@ module.exports =
"displayName": "Primary name",
"value": "",
"defaultValue": "hbase",
- "description": "Primary name for HBase",
+ "description": "Primary name for HBase master and RegionServer",
"displayType": "principal",
"isVisible": true,
"isOverridable": false,
"serviceName": "HBASE",
- "category": "HBase Master"
+ "category": "HBase"
},
{
"id": "puppet var",
@@ -275,7 +275,7 @@ module.exports =
"displayName": "Path to Keytab file",
"value": "",
"defaultValue": "/etc/security/keytabs/hbase.service.keytab",
- "description": "keytab for HBase master",
+ "description": "Path to HBase master and RegionServer keytab file",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
@@ -303,7 +303,7 @@ module.exports =
"displayName": "Path to Keytab file",
"value": "",
"defaultValue": "/etc/security/keytabs/hive.service.keytab",
- "description": "keytab for Hive Metastore",
+ "description": "Path to Hive Metastore keytab file",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
@@ -332,72 +332,13 @@ module.exports =
"displayName": "Path to keytab file",
"value": "",
"defaultValue": "/etc/security/keytabs/oozie.service.keytab",
- "description": "Keytab for Oozie server",
+ "description": "Path to Oozie server keytab file",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
"serviceName": "OOZIE",
"category": "Oozie Server"
},
- {
- "id": "puppet var",
- "name": "oozie_http_primary_name",
- "displayName": "HTTP Primary name",
- "value": "",
- "defaultValue": "HTTP",
- "description": "Primary name for spnego access for Oozie server",
- "isReconfigurable": false,
- "displayType": "principal",
- "isVisible": true,
- "isOverridable": false,
- "serviceName": "OOZIE",
- "category": "Oozie Server"
- },
- {
- "id": "puppet var",
- "name": "oozie_http_keytab",
- "displayName": "Path to HTTP Keytab file",
- "value": "",
- "defaultValue": "/etc/security/keytabs/spnego.service.keytab",
- "description": "Keytab for http Oozie server",
- "displayType": "directory",
- "isVisible": true,
- "isOverridable": false,
- "serviceName": "OOZIE",
- "category": "Oozie Server"
- },
-
-
- //WEBHCAT
- {
- "id": "puppet var",
- "name": "webhcat_http_primary_name",
- "displayName": "HTTP Primary name",
- "value": "",
- "defaultValue": "HTTP",
- "description": "Primary name for spnego access for webHCat",
- "displayType": "principal",
- "isReconfigurable": false,
- "isVisible": true,
- "isOverridable": false,
- "serviceName": "WEBHCAT",
- "category": "WebHCat"
- },
- {
- "id": "puppet var",
- "name": "webhcat_http_keytab",
- "displayName": "Path to HTTP Keytab file",
- "value": "",
- "defaultValue": "/etc/security/keytabs/spnego.service.keytab",
- "description": "Keytab for http webHCat",
- "displayType": "directory",
- "isVisible": true,
- "isOverridable": false,
- "serviceName": "WEBHCAT",
- "category": "WebHCat"
- },
- //HUE
-
//NAGIOS
{
@@ -432,7 +373,7 @@ module.exports =
"displayName": " Path to keytab file",
"value": "",
"defaultValue": "/etc/security/keytabs",
- "description": "Keytab for nagios",
+ "description": "Path to the directory that contains nagios keytab",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,
@@ -461,7 +402,7 @@ module.exports =
"displayName": "Path to keytab file",
"value": "",
"defaultValue": "/etc/security/keytabs/zk.service.keytab",
- "description": "Keytab for ZooKeeper",
+ "description": "Path to ZooKeeper keytab file",
"displayType": "directory",
"isVisible": true,
"isOverridable": false,