You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2015/11/25 02:01:10 UTC
ambari git commit: AMBARI-14044. Change Anonymous API Authentication
To A Declared User (rlevas)
Repository: ambari
Updated Branches:
refs/heads/trunk 6a36a14de -> d5a661aa2
AMBARI-14044. Change Anonymous API Authentication To A Declared User (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/d5a661aa
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/d5a661aa
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/d5a661aa
Branch: refs/heads/trunk
Commit: d5a661aa228f4b35f6033a02711b283c46337a49
Parents: 6a36a14
Author: Robert Levas <rl...@hortonworks.com>
Authored: Tue Nov 24 20:00:51 2015 -0500
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Tue Nov 24 20:00:59 2015 -0500
----------------------------------------------------------------------
ambari-server/conf/unix/ambari.properties | 3 +-
ambari-server/conf/windows/ambari.properties | 3 +-
.../server/configuration/Configuration.java | 14 ++-
.../ambari/server/controller/AmbariServer.java | 7 +-
.../AmbariAuthorizationFilter.java | 102 +++++++++++++++----
.../server/state/cluster/ClustersImpl.java | 3 +-
.../apache/ambari/server/view/ViewRegistry.java | 3 +-
.../ambari/server/view/ViewRegistryTest.java | 16 ---
.../stacks/2.3/common/services-hawq-1-host.json | 1 -
.../2.3/common/services-hawq-3-hosts.json | 1 -
.../services-master_ambari_colo-3-hosts.json | 1 -
.../services-master_standby_colo-3-hosts.json | 1 -
.../2.3/common/services-nohawq-3-hosts.json | 1 -
.../common/services-normal-hawq-3-hosts.json | 1 -
.../common/services-normal-nohawq-3-hosts.json | 1 -
.../services-standby_ambari_colo-3-hosts.json | 1 -
ambari-web/app/assets/data/services/ambari.json | 1 -
.../ambari-scom-server/conf/ambari.properties | 1 -
.../src/test/resources/ambari.properties | 3 +-
19 files changed, 96 insertions(+), 68 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/conf/unix/ambari.properties
----------------------------------------------------------------------
diff --git a/ambari-server/conf/unix/ambari.properties b/ambari-server/conf/unix/ambari.properties
index ed45ffe..8f2978c 100644
--- a/ambari-server/conf/unix/ambari.properties
+++ b/ambari-server/conf/unix/ambari.properties
@@ -54,7 +54,6 @@ server.tmp.dir=/var/lib/ambari-server/data/tmp
ambari.python.wrap=ambari-python-wrap
ambari-server.user=root
-api.authenticate=true
server.connection.max.idle.millis=900000
server.fqdn.service.url=http://169.254.169.254/latest/meta-data/public-hostname
server.stages.parallel=true
@@ -110,4 +109,4 @@ views.http.x-frame-options=SAMEORIGIN
# Enable Metrics Collector auto-restart
recovery.type=AUTO_START
-recovery.enabled_components=METRICS_COLLECTOR
\ No newline at end of file
+recovery.enabled_components=METRICS_COLLECTOR
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/conf/windows/ambari.properties
----------------------------------------------------------------------
diff --git a/ambari-server/conf/windows/ambari.properties b/ambari-server/conf/windows/ambari.properties
index 570e904..1dbc28a 100644
--- a/ambari-server/conf/windows/ambari.properties
+++ b/ambari-server/conf/windows/ambari.properties
@@ -41,7 +41,6 @@ webapp.dir=web
bootstrap.dir=bootstrap
bootstrap.script=sbin\\bootstrap.py
bootstrap.setup_agent.script=resources\\bootstrap.zip
-api.authenticate=true
server.connection.max.idle.millis=900000
server.fqdn.service.url=http://127.0.0.1/latest/meta-data/public-hostname
server.stages.parallel=true
@@ -95,4 +94,4 @@ http.x-frame-options=DENY
# HTTP Header settings for Ambari Views
views.http.strict-transport-security=max-age=31536000
views.http.x-xss-protection=1; mode=block
-views.http.x-frame-options=SAMEORIGIN
\ No newline at end of file
+views.http.x-frame-options=SAMEORIGIN
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java b/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
index ee26264..63cff01 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
@@ -99,7 +99,7 @@ public class Configuration {
public static final String STACK_ADVISOR_SCRIPT_DEFAULT = "/var/lib/ambari-server/resources/scripts/stack_advisor.py";
public static final String AMBARI_PYTHON_WRAP_KEY = "ambari.python.wrap";
public static final String AMBARI_PYTHON_WRAP_DEFAULT = "ambari-python-wrap";
- public static final String API_AUTHENTICATE = "api.authenticate";
+ public static final String API_AUTHENTICATED_USER = "api.authenticated.user";
public static final String API_USE_SSL = "api.ssl";
public static final String API_CSRF_PREVENTION_KEY = "api.csrfPrevention.enabled";
public static final String API_GZIP_COMPRESSION_ENABLED_KEY = "api.gzip.compression.enabled";
@@ -1126,11 +1126,15 @@ public class Configuration {
}
/**
- * Check to see if the API should be authenticated or not
- * @return false if not, true if the authentication is enabled.
+ * Gets the username of the default user assumed to be executing API calls.
+ * <p/>
+ * If this value is <code>null</code> or empty then no default user is set and one must be
+ * specified when issuing API calls.
+ *
+ * @return the username of a user.
*/
- public boolean getApiAuthentication() {
- return ("true".equals(properties.getProperty(API_AUTHENTICATE, "false")));
+ public String getDefaultApiAuthenticatedUser() {
+ return properties.getProperty(API_AUTHENTICATED_USER);
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
index bd7ac48..2909c31 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
@@ -335,15 +335,12 @@ public class AmbariServer {
// register listener to capture request context
root.addEventListener(new RequestContextListener());
+ root.addFilter(new FilterHolder(springSecurityFilter), "/api/*", DISPATCHER_TYPES);
+
// session-per-request strategy for agents
agentroot.addFilter(new FilterHolder(injector.getInstance(AmbariPersistFilter.class)), "/agent/*", DISPATCHER_TYPES);
agentroot.addFilter(SecurityFilter.class, "/*", DISPATCHER_TYPES);
- if (configs.getApiAuthentication()) {
- root.addFilter(new FilterHolder(springSecurityFilter), "/api/*", DISPATCHER_TYPES);
- // root.addFilter(new FilterHolder(springSecurityFilter), "/proxy/*", DISPATCHER_TYPES);
- }
-
Map<String, String> configsMap = configs.getConfigsMap();
if (configs.getAgentSSLAuthentication()) {
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
index 7a2f7d2..7f88286 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilter.java
@@ -19,6 +19,7 @@
package org.apache.ambari.server.security.authorization;
import java.io.IOException;
+import java.security.Principal;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -31,11 +32,16 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import com.google.inject.Inject;
+import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.orm.entities.PermissionEntity;
import org.apache.ambari.server.orm.entities.PrivilegeEntity;
import org.apache.ambari.server.orm.entities.ViewInstanceEntity.ViewInstanceVersionDTO;
import org.apache.ambari.server.security.authorization.internal.InternalAuthenticationToken;
import org.apache.ambari.server.view.ViewRegistry;
+import org.apache.commons.lang.StringUtils;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
@@ -50,24 +56,36 @@ public class AmbariAuthorizationFilter implements Filter {
private static final Pattern STACK_ADVISOR_REGEX = Pattern.compile("/api/v[0-9]+/stacks/[^/]+/versions/[^/]+/(validations|recommendations).*");
- public static final String API_VERSION_PREFIX = "/api/v[0-9]+";
+ public static final String API_VERSION_PREFIX = "/api/v[0-9]+";
public static final String VIEWS_CONTEXT_PATH_PREFIX = "/views/";
- private static final String VIEWS_CONTEXT_PATH_PATTERN = VIEWS_CONTEXT_PATH_PREFIX + "([^/]+)/([^/]+)/([^/]+)(.*)";
- private static final String VIEWS_CONTEXT_ALL_PATTERN = VIEWS_CONTEXT_PATH_PREFIX + ".*";
- private static final String API_USERS_ALL_PATTERN = API_VERSION_PREFIX + "/users.*";
- private static final String API_PRIVILEGES_ALL_PATTERN = API_VERSION_PREFIX + "/privileges.*";
- private static final String API_GROUPS_ALL_PATTERN = API_VERSION_PREFIX + "/groups.*";
- private static final String API_CLUSTERS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters.*";
- private static final String API_VIEWS_ALL_PATTERN = API_VERSION_PREFIX + "/views.*";
- private static final String API_PERSIST_ALL_PATTERN = API_VERSION_PREFIX + "/persist.*";
+ private static final String VIEWS_CONTEXT_PATH_PATTERN = VIEWS_CONTEXT_PATH_PREFIX + "([^/]+)/([^/]+)/([^/]+)(.*)";
+ private static final String VIEWS_CONTEXT_ALL_PATTERN = VIEWS_CONTEXT_PATH_PREFIX + ".*";
+ private static final String API_USERS_ALL_PATTERN = API_VERSION_PREFIX + "/users.*";
+ private static final String API_PRIVILEGES_ALL_PATTERN = API_VERSION_PREFIX + "/privileges.*";
+ private static final String API_GROUPS_ALL_PATTERN = API_VERSION_PREFIX + "/groups.*";
+ private static final String API_CLUSTERS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters.*";
+ private static final String API_VIEWS_ALL_PATTERN = API_VERSION_PREFIX + "/views.*";
+ private static final String API_PERSIST_ALL_PATTERN = API_VERSION_PREFIX + "/persist.*";
private static final String API_LDAP_SYNC_EVENTS_ALL_PATTERN = API_VERSION_PREFIX + "/ldap_sync_events.*";
- private static final String API_CREDENTIALS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/credentials.*";
- private static final String API_CREDENTIALS_AMBARI_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/credentials/ambari\\..*";
+ private static final String API_CREDENTIALS_ALL_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/credentials.*";
+ private static final String API_CREDENTIALS_AMBARI_PATTERN = API_VERSION_PREFIX + "/clusters/.*?/credentials/ambari\\..*";
protected static final String LOGIN_REDIRECT_BASE = "/#/login?targetURI=";
/**
+ * Access to Ambari configuration data
+ */
+ @Inject
+ private Configuration configuration;
+
+ /**
+ * Access to user information
+ */
+ @Inject
+ private Users users;
+
+ /**
* The realm to use for the basic http auth
*/
private String realm;
@@ -79,7 +97,7 @@ public class AmbariAuthorizationFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String requestURI = httpRequest.getRequestURI();
@@ -87,6 +105,16 @@ public class AmbariAuthorizationFilter implements Filter {
SecurityContext context = getSecurityContext();
Authentication authentication = context.getAuthentication();
+
+ // If no explicit authenticated user is set, set it to the default user (if one is specified)
+ if (authentication == null || authentication instanceof AnonymousAuthenticationToken) {
+ Authentication defaultAuthentication = getDefaultAuthentication();
+ if (defaultAuthentication != null) {
+ context.setAuthentication(authentication);
+ authentication = defaultAuthentication;
+ }
+ }
+
if (authentication == null || !authentication.isAuthenticated()) {
String token = httpRequest.getHeader(INTERNAL_TOKEN_HEADER);
if (token != null) {
@@ -104,7 +132,7 @@ public class AmbariAuthorizationFilter implements Filter {
httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Authentication required");
}
}
- } else if(!authorizationPerformedInternally(requestURI)) {
+ } else if (!authorizationPerformedInternally(requestURI)) {
boolean authorized = false;
for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
@@ -135,7 +163,7 @@ public class AmbariAuthorizationFilter implements Filter {
}
} else if (requestURI.matches(API_CLUSTERS_ALL_PATTERN)) {
if (permissionId.equals(PermissionEntity.CLUSTER_USER_PERMISSION) ||
- permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
+ permissionId.equals(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION)) {
authorized = true;
break;
}
@@ -170,10 +198,10 @@ public class AmbariAuthorizationFilter implements Filter {
// allow GET for everything except /views, /api/v1/users, /api/v1/groups, /api/v1/ldap_sync_events
if (!authorized &&
(!httpRequest.getMethod().equals("GET")
- || requestURI.matches(VIEWS_CONTEXT_ALL_PATTERN)
- || requestURI.matches(API_GROUPS_ALL_PATTERN)
- || requestURI.matches(API_CREDENTIALS_ALL_PATTERN)
- || requestURI.matches(API_LDAP_SYNC_EVENTS_ALL_PATTERN))) {
+ || requestURI.matches(VIEWS_CONTEXT_ALL_PATTERN)
+ || requestURI.matches(API_GROUPS_ALL_PATTERN)
+ || requestURI.matches(API_CREDENTIALS_ALL_PATTERN)
+ || requestURI.matches(API_LDAP_SYNC_EVENTS_ALL_PATTERN))) {
httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "You do not have permissions to access this resource.");
@@ -189,6 +217,37 @@ public class AmbariAuthorizationFilter implements Filter {
}
/**
+ * Creates the default Authentication if a default user is configured
+ *
+ * @return an Authentication representing the default user
+ */
+ private Authentication getDefaultAuthentication() {
+ Authentication defaultUser = null;
+
+ if ((configuration != null) && (users != null)) {
+ String username = configuration.getDefaultApiAuthenticatedUser();
+
+ if (!StringUtils.isEmpty(username)) {
+ final User user = users.getAnyUser(username);
+
+ if (user != null) {
+ Principal principal = new Principal() {
+ @Override
+ public String getName() {
+ return user.getUserName();
+ }
+ };
+
+ defaultUser = new UsernamePasswordAuthenticationToken(principal, null,
+ users.getUserAuthorities(user.getUserName(), user.getUserType()));
+ }
+ }
+ }
+
+ return defaultUser;
+ }
+
+ /**
* Tests the URI to determine if authorization checks are performed internally or should be
* performed in the filter.
*
@@ -211,10 +270,9 @@ public class AmbariAuthorizationFilter implements Filter {
/**
* Get the parameter value from the given servlet filter configuration.
*
- * @param filterConfig the servlet configuration
- * @param parameterName the parameter name
- * @param defaultValue the default value
- *
+ * @param filterConfig the servlet configuration
+ * @param parameterName the parameter name
+ * @param defaultValue the default value
* @return the parameter value or the default value if not set
*/
private static String getParameterValue(
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
index f735a3c..e332d23 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/cluster/ClustersImpl.java
@@ -893,8 +893,7 @@ public class ClustersImpl implements Clusters {
Cluster cluster = findCluster(clusterName);
- return (cluster == null && readOnly) || !configuration.getApiAuthentication()
- || checkPermission(cluster, readOnly);
+ return (cluster == null && readOnly) || checkPermission(cluster, readOnly);
}
@Override
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
index d4ceb23..a99c90e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/view/ViewRegistry.java
@@ -755,8 +755,7 @@ public class ViewRegistry {
ResourceEntity resourceEntity = instanceEntity == null ? null : instanceEntity.getResource();
- return !configuration.getApiAuthentication() ||
- (resourceEntity == null && readOnly) || checkAuthorization(resourceEntity);
+ return (resourceEntity == null && readOnly) || checkAuthorization(resourceEntity);
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java b/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
index bac556e..f94cb25 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/view/ViewRegistryTest.java
@@ -1249,7 +1249,6 @@ public class ViewRegistryTest {
expect(privilegeEntity.getPermission()).andReturn(permissionEntity);
expect(permissionEntity.getId()).andReturn(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION);
- expect(configuration.getApiAuthentication()).andReturn(true);
replay(securityHelper, adminAuthority, privilegeEntity, permissionEntity, configuration);
Assert.assertTrue(registry.includeDefinition(viewEntity));
@@ -1270,7 +1269,6 @@ public class ViewRegistryTest {
EasyMock.expectLastCall().andReturn(authorities);
expect(viewEntity.getInstances()).andReturn(instances);
- expect(configuration.getApiAuthentication()).andReturn(true);
replay(securityHelper, viewEntity, configuration);
Assert.assertFalse(registry.includeDefinition(viewEntity));
@@ -1302,7 +1300,6 @@ public class ViewRegistryTest {
expect(permissionEntity.getId()).andReturn(PermissionEntity.VIEW_USER_PERMISSION).anyTimes();
securityHelper.getCurrentAuthorities();
EasyMock.expectLastCall().andReturn(authorities).anyTimes();
- expect(configuration.getApiAuthentication()).andReturn(true);
replay(securityHelper, viewEntity, instanceEntity, viewUseAuthority, privilegeEntity, permissionEntity, configuration);
Assert.assertTrue(registry.includeDefinition(viewEntity));
@@ -1347,19 +1344,6 @@ public class ViewRegistryTest {
}
@Test
- public void testIncludeDefinitionForNoApiAuthentication() {
- ViewRegistry registry = ViewRegistry.getInstance();
- ViewEntity viewEntity = createNiceMock(ViewEntity.class);
-
- expect(configuration.getApiAuthentication()).andReturn(false);
- replay(securityHelper, viewEntity, configuration);
-
- Assert.assertTrue(registry.includeDefinition(viewEntity));
-
- verify(securityHelper, viewEntity, configuration);
- }
-
- @Test
public void testCheckViewVersions() {
ViewRegistry registry = ViewRegistry.getInstance();
ViewEntity viewEntity = createNiceMock(ViewEntity.class);
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-hawq-1-host.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-hawq-1-host.json b/ambari-server/src/test/python/stacks/2.3/common/services-hawq-1-host.json
index 53b3e08..09e305f 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-hawq-1-host.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-hawq-1-host.json
@@ -2553,7 +2553,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-hawq-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-hawq-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-hawq-3-hosts.json
index 53b3e08..09e305f 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-hawq-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-hawq-3-hosts.json
@@ -2553,7 +2553,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-master_ambari_colo-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-master_ambari_colo-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-master_ambari_colo-3-hosts.json
index 876f577..560e1db 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-master_ambari_colo-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-master_ambari_colo-3-hosts.json
@@ -2553,7 +2553,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-master_standby_colo-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-master_standby_colo-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-master_standby_colo-3-hosts.json
index f600e9b..93d6ec1 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-master_standby_colo-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-master_standby_colo-3-hosts.json
@@ -2553,7 +2553,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-nohawq-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-nohawq-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-nohawq-3-hosts.json
index a5fc45d..beeb62d 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-nohawq-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-nohawq-3-hosts.json
@@ -2203,7 +2203,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-normal-hawq-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-normal-hawq-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-normal-hawq-3-hosts.json
index 9fab56d..a16ab32 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-normal-hawq-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-normal-hawq-3-hosts.json
@@ -2553,7 +2553,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-normal-nohawq-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-normal-nohawq-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-normal-nohawq-3-hosts.json
index aec23c8..2149317 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-normal-nohawq-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-normal-nohawq-3-hosts.json
@@ -2203,7 +2203,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-server/src/test/python/stacks/2.3/common/services-standby_ambari_colo-3-hosts.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.3/common/services-standby_ambari_colo-3-hosts.json b/ambari-server/src/test/python/stacks/2.3/common/services-standby_ambari_colo-3-hosts.json
index ca0637c..170c740 100644
--- a/ambari-server/src/test/python/stacks/2.3/common/services-standby_ambari_colo-3-hosts.json
+++ b/ambari-server/src/test/python/stacks/2.3/common/services-standby_ambari_colo-3-hosts.json
@@ -2553,7 +2553,6 @@
"jdk1.8.desc" : "Oracle JDK 1.8 + Java Cryptography Extension (JCE) Policy Files 8",
"server.fqdn.service.url" : "http://169.254.169.254/latest/meta-data/public-hostname",
"metadata.path" : "/var/lib/ambari-server/resources/stacks",
- "api.authenticate" : "true",
"views.request.connect.timeout.millis" : "5000",
"skip.service.checks" : "false",
"stackadvisor.script" : "/var/lib/ambari-server/resources/scripts/stack_advisor.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/ambari-web/app/assets/data/services/ambari.json
----------------------------------------------------------------------
diff --git a/ambari-web/app/assets/data/services/ambari.json b/ambari-web/app/assets/data/services/ambari.json
index 0d54fc8..602f351 100644
--- a/ambari-web/app/assets/data/services/ambari.json
+++ b/ambari-web/app/assets/data/services/ambari.json
@@ -25,7 +25,6 @@
"agent.task.timeout" : "600",
"agent.threadpool.size.max" : "25",
"ambari-server.user" : "root",
- "api.authenticate" : "true",
"bootstrap.dir" : "/var/run/ambari-server/bootstrap",
"bootstrap.script" : "/usr/lib/python2.6/site-packages/ambari_server/bootstrap.py",
"bootstrap.setup_agent.script" : "/usr/lib/python2.6/site-packages/ambari_server/setupAgent.py",
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/contrib/ambari-scom/ambari-scom-server/conf/ambari.properties
----------------------------------------------------------------------
diff --git a/contrib/ambari-scom/ambari-scom-server/conf/ambari.properties b/contrib/ambari-scom/ambari-scom-server/conf/ambari.properties
index c734b71..e31c896 100644
--- a/contrib/ambari-scom/ambari-scom-server/conf/ambari.properties
+++ b/contrib/ambari-scom/ambari-scom-server/conf/ambari.properties
@@ -19,7 +19,6 @@
#
server.connection.max.idle.millis=900000
-api.authenticate=false
server.os_type=windows2012
server.persistence.type=in-memory
security.passwords.encryption.enabled=false
http://git-wip-us.apache.org/repos/asf/ambari/blob/d5a661aa/contrib/ambari-scom/ambari-scom-server/src/test/resources/ambari.properties
----------------------------------------------------------------------
diff --git a/contrib/ambari-scom/ambari-scom-server/src/test/resources/ambari.properties b/contrib/ambari-scom/ambari-scom-server/src/test/resources/ambari.properties
index 67dbf7f..a78fb5e 100644
--- a/contrib/ambari-scom/ambari-scom-server/src/test/resources/ambari.properties
+++ b/contrib/ambari-scom/ambari-scom-server/src/test/resources/ambari.properties
@@ -26,9 +26,8 @@ webapp.dir=/usr/lib/ambari-server/web
bootstrap.dir=/var/run/ambari-server/bootstrap
bootstrap.script=/usr/lib/python2.6/site-packages/ambari_server/bootstrap.py
bootstrap.setup_agent.script=/usr/lib/python2.6/site-packages/ambari_server/setupAgent.py
-api.authenticate=true
server.connection.max.idle.millis=900000
server.fqdn.service.url=http://169.254.169.254/latest/meta-data/public-hostname
scom.sink.db.url=jdbc:sqlserver://10.0.2.2:2301;databaseName=HadoopMonitoring;user=sink
-scom.sink.db.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver
\ No newline at end of file
+scom.sink.db.driver=com.microsoft.sqlserver.jdbc.SQLServerDriver