You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sm...@apache.org on 2015/10/23 18:05:47 UTC

ambari git commit: AMBARI-13435. Ambari to support three topology config files for Knox (Sumit Gupta via smohanty)

Repository: ambari
Updated Branches:
  refs/heads/trunk 2ac17444b -> bf0e3db8e


AMBARI-13435. Ambari to support three topology config files for Knox (Sumit Gupta via smohanty)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/bf0e3db8
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/bf0e3db8
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/bf0e3db8

Branch: refs/heads/trunk
Commit: bf0e3db8ea16de66b447822fd86ad4ff0a12ca79
Parents: 2ac1744
Author: Sumit Mohanty <sm...@hortonworks.com>
Authored: Fri Oct 23 09:05:30 2015 -0700
Committer: Sumit Mohanty <sm...@hortonworks.com>
Committed: Fri Oct 23 09:05:30 2015 -0700

----------------------------------------------------------------------
 .../0.5.0.2.2/configuration/admin-topology.xml  | 96 ++++++++++++++++++++
 .../common-services/KNOX/0.5.0.2.2/metainfo.xml |  2 +
 .../KNOX/0.5.0.2.2/package/scripts/knox.py      | 17 ++++
 .../0.5.0.2.2/package/scripts/params_linux.py   |  2 +
 .../0.5.0.2.2/package/scripts/params_windows.py |  2 +
 .../KNOX/configuration/knoxsso-topology.xml     | 93 +++++++++++++++++++
 .../python/stacks/2.2/KNOX/test_knox_gateway.py | 10 ++
 .../test/python/stacks/2.2/configs/default.json |  4 +
 ambari-web/app/models/stack_service.js          |  2 +-
 9 files changed, 227 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/admin-topology.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/admin-topology.xml b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/admin-topology.xml
new file mode 100644
index 0000000..b6b09ed
--- /dev/null
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/configuration/admin-topology.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+
+<configuration supports_final="false" supports_adding_forbidden="true">
+    <!-- topology file -->
+
+    <property>
+    <name>content</name>
+    <value>
+    &lt;topology&gt;
+
+        &lt;gateway&gt;
+
+             &lt;provider&gt;
+                &lt;role&gt;authentication&lt;/role&gt;
+                &lt;name&gt;ShiroProvider&lt;/name&gt;
+                &lt;enabled&gt;true&lt;/enabled&gt;
+                &lt;param&gt;
+                    &lt;name&gt;sessionTimeout&lt;/name&gt;
+                    &lt;value&gt;30&lt;/value&gt;
+                &lt;/param&gt;
+                &lt;param&gt;
+                    &lt;name&gt;main.ldapRealm&lt;/name&gt;
+                    &lt;value&gt;org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm&lt;/value&gt;
+                &lt;/param&gt;
+                &lt;param&gt;
+                    &lt;name&gt;main.ldapRealm.userDnTemplate&lt;/name&gt;
+                    &lt;value&gt;uid={0},ou=people,dc=hadoop,dc=apache,dc=org&lt;/value&gt;
+                &lt;/param&gt;
+                &lt;param&gt;
+                    &lt;name&gt;main.ldapRealm.contextFactory.url&lt;/name&gt;
+                    &lt;value&gt;ldap://{{knox_host_name}}:33389&lt;/value&gt;
+                &lt;/param&gt;
+                &lt;param&gt;
+                    &lt;name&gt;main.ldapRealm.contextFactory.authenticationMechanism&lt;/name&gt;
+                    &lt;value&gt;simple&lt;/value&gt;
+                &lt;/param&gt;
+                &lt;param&gt;
+                    &lt;name&gt;urls./**&lt;/name&gt;
+                    &lt;value&gt;authcBasic&lt;/value&gt;
+                &lt;/param&gt;
+            &lt;/provider&gt;
+
+            &lt;provider&gt;
+                &lt;role&gt;authorization&lt;/role&gt;
+                &lt;name&gt;AclsAuthz&lt;/name&gt;
+                &lt;enabled&gt;true&lt;/enabled&gt;
+                &lt;param&gt;
+                    &lt;name&gt;knox.acl&lt;/name&gt;
+                    &lt;value&gt;admin;*;*&lt;/value&gt;
+                &lt;/param&gt;
+            &lt;/provider&gt;
+
+            &lt;provider&gt;
+                &lt;role&gt;identity-assertion&lt;/role&gt;
+                &lt;name&gt;Default&lt;/name&gt;
+                &lt;enabled&gt;true&lt;/enabled&gt;
+            &lt;/provider&gt;
+
+        &lt;/gateway&gt;
+
+        &lt;service&gt;
+            &lt;role&gt;KNOX&lt;/role&gt;
+        &lt;/service&gt;
+
+    &lt;/topology&gt;
+
+    </value>
+    <description>
+        The configuration specifies the Knox admin API configuration and access details. The authentication provider should be configured to match your deployment details.
+    </description>
+    <value-attributes>
+       <empty-value-valid>true</empty-value-valid>
+       <show-property-name>false</show-property-name>
+    </value-attributes>
+    </property>
+</configuration>

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/metainfo.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/metainfo.xml b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/metainfo.xml
index 34f55ff..657a300 100644
--- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/metainfo.xml
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/metainfo.xml
@@ -64,6 +64,8 @@
         <config-type>gateway-site</config-type>
         <config-type>gateway-log4j</config-type>
         <config-type>topology</config-type>
+        <config-type>admin-topology</config-type>
+        <config-type>knoxsso-topology</config-type>
         <config-type>ranger-knox-plugin-properties</config-type>
         <config-type>ranger-knox-audit</config-type>
         <config-type>ranger-knox-policymgr-ssl</config-type>

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py
index 055b76e..bb0bbfe 100644
--- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox.py
@@ -60,6 +60,18 @@ def knox():
        content=InlineTemplate(params.topology_template)
   )
 
+  File(os.path.join(params.knox_conf_dir, "topologies", "admin.xml"),
+     group=params.knox_group,
+     owner=params.knox_user,
+     content=InlineTemplate(params.admin_topology_template)
+  )
+
+  File(os.path.join(params.knox_conf_dir, "topologies", "knoxsso.xml"),
+     group=params.knox_group,
+     owner=params.knox_user,
+     content=InlineTemplate(params.knoxsso_topology_template)
+  )
+
   if params.security_enabled:
     TemplateConfig( os.path.join(params.knox_conf_dir, "krb5JAASLogin.conf"),
         owner = params.knox_user,
@@ -104,6 +116,11 @@ def knox():
          owner=params.knox_user,
          content=InlineTemplate(params.topology_template)
     )
+    File(format("{params.knox_conf_dir}/topologies/admin.xml"),
+         group=params.knox_group,
+         owner=params.knox_user,
+         content=InlineTemplate(params.admin_topology_template)
+    )
     if params.security_enabled:
       TemplateConfig( format("{knox_conf_dir}/krb5JAASLogin.conf"),
                       owner = params.knox_user,

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py
index 5d4ff69..36d542f 100644
--- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_linux.py
@@ -216,6 +216,8 @@ knox_host_name = config['clusterHostInfo']['knox_gateway_hosts'][0]
 knox_host_name_in_cluster = config['hostname']
 knox_host_port = config['configurations']['gateway-site']['gateway.port']
 topology_template = config['configurations']['topology']['content']
+admin_topology_template = config['configurations']['admin-topology']['content']
+knoxsso_topology_template = config['configurations']['knoxsso-topology']['content']
 gateway_log4j = config['configurations']['gateway-log4j']['content']
 ldap_log4j = config['configurations']['ldap-log4j']['content']
 users_ldif = config['configurations']['users-ldif']['content']

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_windows.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_windows.py b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_windows.py
index 50acbe7..e044d9a 100644
--- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_windows.py
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/params_windows.py
@@ -57,6 +57,8 @@ knox_host_name = config['clusterHostInfo']['knox_gateway_hosts'][0]
 knox_host_name_in_cluster = config['hostname']
 knox_master_secret = config['configurations']['knox-env']['knox_master_secret']
 topology_template = config['configurations']['topology']['content']
+admin_topology_template = config['configurations']['admin-topology']['content']
+knoxsso_topology_template = config['configurations']['knoxsso-topology']['content']
 gateway_log4j = config['configurations']['gateway-log4j']['content']
 security_enabled = config['configurations']['cluster-env']['security_enabled']
 ldap_log4j = config['configurations']['ldap-log4j']['content']

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/main/resources/stacks/HDP/2.4/services/KNOX/configuration/knoxsso-topology.xml
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/HDP/2.4/services/KNOX/configuration/knoxsso-topology.xml b/ambari-server/src/main/resources/stacks/HDP/2.4/services/KNOX/configuration/knoxsso-topology.xml
new file mode 100644
index 0000000..0a617ad
--- /dev/null
+++ b/ambari-server/src/main/resources/stacks/HDP/2.4/services/KNOX/configuration/knoxsso-topology.xml
@@ -0,0 +1,93 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="configuration.xsl"?>
+<!--
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+-->
+
+<configuration supports_final="false" supports_adding_forbidden="true">
+    <!-- topology file -->
+
+    <property>
+    <name>content</name>
+    <value>
+      &lt;topology&gt;
+      
+          &lt;gateway&gt;
+      
+              &lt;provider&gt;
+                  &lt;role&gt;federation&lt;/role&gt;
+                  &lt;name&gt;Picketlink&lt;/name&gt;
+                  &lt;enabled&gt;true&lt;/enabled&gt;
+                  &lt;param&gt;
+                      &lt;name&gt;identity.url&lt;/name&gt;
+                      &lt;value&gt;https://SSO_PROVIDER_HOST_NAME:SSO_PROVIDER_PORT/idp/profile/SAML2/POST/SSO&lt;/value&gt;
+                  &lt;/param&gt;
+                  &lt;param&gt;
+                      &lt;name&gt;service.url&lt;/name&gt;
+                      &lt;value&gt;http://{{knox_host_name}}:{{knox_port}}/gateway/idp/knoxsso/api/v1/websso&lt;/value&gt;
+                  &lt;/param&gt;
+                  &lt;param&gt;
+                      &lt;name&gt;keystore.url&lt;/name&gt;
+                      &lt;value&gt;{{knox_cert_store_path}}&lt;/value&gt;
+                  &lt;/param&gt;
+                  &lt;param&gt;
+                      &lt;name&gt;validating.alias.key&lt;/name&gt;
+                      &lt;value&gt;SSO_PROVIDER_DOMAIN&lt;/value&gt;
+                  &lt;/param&gt;
+                  &lt;param&gt;
+                      &lt;name&gt;validating.alias.value&lt;/name&gt;
+                      &lt;value&gt;SSO_PROVIDER_CERT_ALIAS&lt;/value&gt;
+                  &lt;/param&gt;
+                  &lt;param&gt;
+                      &lt;name&gt;clock.skew.milis&lt;/name&gt;
+                      &lt;value&gt;2000&lt;/value&gt;
+                  &lt;/param&gt;
+              &lt;/provider&gt;
+              
+              &lt;provider&gt;
+                  &lt;role&gt;identity-assertion&lt;/role&gt;
+                  &lt;name&gt;Default&lt;/name&gt;
+                  &lt;enabled&gt;true&lt;/enabled&gt;
+              &lt;/provider&gt;
+      
+          &lt;/gateway&gt;
+      
+          &lt;service&gt;
+              &lt;role&gt;KNOXSSO&lt;/role&gt;
+              &lt;param&gt;
+                &lt;name&gt;knoxsso.cookie.secure.only&lt;/name&gt;
+                &lt;value&gt;true&lt;/value&gt;
+              &lt;/param&gt;
+              &lt;param&gt;
+                &lt;name&gt;knoxsso.cookie.max.age&lt;/name&gt;
+                &lt;value&gt;600&lt;/value&gt;
+              &lt;/param&gt;
+          &lt;/service&gt;
+      
+      &lt;/topology&gt;
+    </value>
+    <description>
+        The configuration specifies the KnoxSSO provider integration, cookie and token management details.
+    </description>
+    <value-attributes>
+       <empty-value-valid>true</empty-value-valid>
+       <show-property-name>false</show-property-name>
+    </value-attributes>
+    </property>
+</configuration>

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py b/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
index 817b87d..6f72038 100644
--- a/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
+++ b/ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py
@@ -84,6 +84,11 @@ class TestKnoxGateway(RMFTestCase):
                               owner = 'knox',
                               content = InlineTemplate(self.getConfig()['configurations']['topology']['content'])
     )
+    self.assertResourceCalled('File', '/usr/hdp/current/knox-server/conf/topologies/admin.xml',
+                              group='knox',
+                              owner = 'knox',
+                              content = InlineTemplate(self.getConfig()['configurations']['admin-topology']['content'])
+    )
     self.assertResourceCalled('Execute', ('chown',
      '-R',
      'knox:knox',
@@ -525,6 +530,11 @@ class TestKnoxGateway(RMFTestCase):
                               owner = 'knox',
                               content = InlineTemplate(self.getConfig()['configurations']['topology']['content'])
     )
+    self.assertResourceCalled('File', '/usr/hdp/current/knox-server/conf/topologies/admin.xml',
+                              group='knox',
+                              owner = 'knox',
+                              content = InlineTemplate(self.getConfig()['configurations']['admin-topology']['content'])
+    )
     self.assertResourceCalled('Execute', ('chown',
                                           '-R',
                                           'knox:knox',

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-server/src/test/python/stacks/2.2/configs/default.json
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.2/configs/default.json b/ambari-server/src/test/python/stacks/2.2/configs/default.json
index 5a5554e..f759f49 100644
--- a/ambari-server/src/test/python/stacks/2.2/configs/default.json
+++ b/ambari-server/src/test/python/stacks/2.2/configs/default.json
@@ -255,6 +255,10 @@
         "content": "\n        <topology>\n\n            <gateway>\n\n                <provider>\n                    <role>authentication</role>\n                    <name>ShiroProvider</name>\n                    <enabled>true</enabled>\n                    <param>\n                        <name>sessionTimeout</name>\n                        <value>30</value>\n                    </param>\n                    <param>\n                        <name>main.ldapRealm</name>\n                        <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>\n                    </param>\n                    <param>\n                        <name>main.ldapRealm.userDnTemplate</name>\n                        <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>\n                    </param>\n                    <param>\n                        <name>main.ldapRealm.contextFactory.url</name>\n                        <value>ldap://{{knox_host_name}}:33389</value>\n               
      </param>\n                    <param>\n                        <name>main.ldapRealm.contextFactory.authenticationMechanism</name>\n                        <value>simple</value>\n                    </param>\n                    <param>\n                        <name>urls./**</name>\n                        <value>authcBasic</value>\n                    </param>\n                </provider>\n\n                <provider>\n                    <role>identity-assertion</role>\n                    <name>Default</name>\n                    <enabled>true</enabled>\n                </provider>\n\n            </gateway>\n\n            <service>\n                <role>NAMENODE</role>\n                <url>hdfs://{{namenode_host}}:{{namenode_rpc_port}}</url>\n            </service>\n\n            <service>\n                <role>JOBTRACKER</role>\n                <url>rpc://{{rm_host}}:{{jt_rpc_port}}</url>\n            </service>\n\n            <service>\n                <role>WEBHDFS</ro
 le>\n                <url>http://{{namenode_host}}:{{namenode_http_port}}/webhdfs</url>\n            </service>\n\n            <service>\n                <role>WEBHCAT</role>\n                <url>http://{{webhcat_server_host}}:{{templeton_port}}/templeton</url>\n            </service>\n\n            <service>\n                <role>OOZIE</role>\n                <url>http://{{oozie_server_host}}:{{oozie_server_port}}/oozie</url>\n            </service>\n\n            <service>\n                <role>WEBHBASE</role>\n                <url>http://{{hbase_master_host}}:{{hbase_master_port}}</url>\n            </service>\n\n            <service>\n                <role>HIVE</role>\n                <url>http://{{hive_server_host}}:{{hive_http_port}}/{{hive_http_path}}</url>\n            </service>\n\n            <service>\n                <role>RESOURCEMANAGER</role>\n                <url>http://{{rm_host}}:{{rm_port}}/ws</url>\n            </service>\n        </topology>"
       },
 
+      "admin-topology": {
+        "content": "\n        <topology>\n\n            <gateway>\n\n                <provider>\n                    <role>authentication</role>\n                    <name>ShiroProvider</name>\n                    <enabled>true</enabled>\n                    <param>\n                        <name>sessionTimeout</name>\n                        <value>30</value>\n                    </param>\n                    <param>\n                        <name>main.ldapRealm</name>\n                        <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>\n                    </param>\n                    <param>\n                        <name>main.ldapRealm.userDnTemplate</name>\n                        <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>\n                    </param>\n                    <param>\n                        <name>main.ldapRealm.contextFactory.url</name>\n                        <value>ldap://{{knox_host_name}}:33389</value>\n               
      </param>\n                    <param>\n                        <name>main.ldapRealm.contextFactory.authenticationMechanism</name>\n                        <value>simple</value>\n                    </param>\n                    <param>\n                        <name>urls./**</name>\n                        <value>authcBasic</value>\n                    </param>\n                </provider>\n\n                <provider>\n                    <role>identity-assertion</role>\n                    <name>Default</name>\n                    <enabled>true</enabled>\n                </provider>\n\n            </gateway>\n\n            <service>\n                <role>NAMENODE</role>\n                <url>hdfs://{{namenode_host}}:{{namenode_rpc_port}}</url>\n            </service>\n\n            <service>\n                <role>JOBTRACKER</role>\n                <url>rpc://{{rm_host}}:{{jt_rpc_port}}</url>\n            </service>\n\n            <service>\n                <role>WEBHDFS</ro
 le>\n                <url>http://{{namenode_host}}:{{namenode_http_port}}/webhdfs</url>\n            </service>\n\n            <service>\n                <role>WEBHCAT</role>\n                <url>http://{{webhcat_server_host}}:{{templeton_port}}/templeton</url>\n            </service>\n\n            <service>\n                <role>OOZIE</role>\n                <url>http://{{oozie_server_host}}:{{oozie_server_port}}/oozie</url>\n            </service>\n\n            <service>\n                <role>WEBHBASE</role>\n                <url>http://{{hbase_master_host}}:{{hbase_master_port}}</url>\n            </service>\n\n            <service>\n                <role>HIVE</role>\n                <url>http://{{hive_server_host}}:{{hive_http_port}}/{{hive_http_path}}</url>\n            </service>\n\n            <service>\n                <role>RESOURCEMANAGER</role>\n                <url>http://{{rm_host}}:{{rm_port}}/ws</url>\n            </service>\n        </topology>"
+      },
+
       "ldap-log4j": {
         "content": "\n        # Licensed to the Apache Software Foundation (ASF) under one\n        # or more contributor license agreements.  See the NOTICE file\n        # distributed with this work for additional information\n        # regarding copyright ownership.  The ASF licenses this file\n        # to you under the Apache License, Version 2.0 (the\n        # \"License\"); you may not use this file except in compliance\n        # with the License.  You may obtain a copy of the License at\n        #\n        #     http://www.apache.org/licenses/LICENSE-2.0\n        #\n        # Unless required by applicable law or agreed to in writing, software\n        # distributed under the License is distributed on an \"AS IS\" BASIS,\n        # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n        # See the License for the specific language governing permissions and\n        # limitations under the License.\n        #testing\n\n        app.log.dir=${launcher.d
 ir}/../logs\n        app.log.file=${launcher.name}.log\n\n        log4j.rootLogger=ERROR, drfa\n        log4j.logger.org.apache.directory.server.ldap.LdapServer=INFO\n        log4j.logger.org.apache.directory=WARN\n\n        log4j.appender.stdout=org.apache.log4j.ConsoleAppender\n        log4j.appender.stdout.layout=org.apache.log4j.PatternLayout\n        log4j.appender.stdout.layout.ConversionPattern=%d{yy/MM/dd HH:mm:ss} %p %c{2}: %m%n\n\n        log4j.appender.drfa=org.apache.log4j.DailyRollingFileAppender\n        log4j.appender.drfa.File=${app.log.dir}/${app.log.file}\n        log4j.appender.drfa.DatePattern=.yyyy-MM-dd\n        log4j.appender.drfa.layout=org.apache.log4j.PatternLayout\n        log4j.appender.drfa.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n"
       },

http://git-wip-us.apache.org/repos/asf/ambari/blob/bf0e3db8/ambari-web/app/models/stack_service.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/models/stack_service.js b/ambari-web/app/models/stack_service.js
index ce4278e..3d5e795 100644
--- a/ambari-web/app/models/stack_service.js
+++ b/ambari-web/app/models/stack_service.js
@@ -397,7 +397,7 @@ App.StackService.configCategories = function () {
 
   // Add custom section for every configType to all the services
   configTypes.forEach(function (type) {
-    var configTypesWithNoCustomSection = ['capacity-scheduler','mapred-queue-acls','flume-conf', 'pig-properties','topology','users-ldif'];
+    var configTypesWithNoCustomSection = ['capacity-scheduler','mapred-queue-acls','flume-conf', 'pig-properties','topology','users-ldif', 'admin-topology', 'knoxsso-topology'];
     if (type.endsWith('-env') || type.endsWith('-log4j') || configTypesWithNoCustomSection.contains(type)) {
       return;
     }