You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ambari.apache.org by "Hudson (Jira)" <ji...@apache.org> on 2019/08/28 00:54:00 UTC

[jira] [Commented] (AMBARI-25368) CLONE - Ambari audit log shows "null" user when executing an API call as admin - Ambari 2.6.2

    [ https://issues.apache.org/jira/browse/AMBARI-25368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16917326#comment-16917326 ] 

Hudson commented on AMBARI-25368:
---------------------------------

FAILURE: Integrated in Jenkins build Ambari-branch-2.6 #754 (See [https://builds.apache.org/job/Ambari-branch-2.6/754/])
AMBARI-25368. CLONE - Ambari audit log shows "null" user when executing (github: [https://gitbox.apache.org/repos/asf?p=ambari.git&a=commit&h=f620ba66aae4d6890cfb2a3f0b62ba3669da587c])
* (edit) ambari-server/src/main/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilter.java
* (edit) ambari-server/src/test/java/org/apache/ambari/server/security/authentication/AmbariBasicAuthenticationFilterTest.java


> CLONE - Ambari audit log shows "null" user when executing an API call as admin - Ambari 2.6.2
> ---------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-25368
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25368
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.6.2
>         Environment: RHEL 7.x
>            Reporter: Myroslav Papirkovskyi
>            Assignee: Myroslav Papirkovskyi
>            Priority: Minor
>              Labels: newbie, pull-request-available
>             Fix For: 2.6.2
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> When running a simple REST API call from CLI, I could see two entries in ambari-audit.log file.
>  
> Following is my API call:
> {{curl -k -i -u admin:<passwd> -H "X-Requested-By: ambari" -X GET [http://<ambari-host>:8080/api/v1/clusters|http://saurabh-ambari:8080/api/v1/clusters]}}
>  
> Following are the 2 entries in ambari-audit.log:
> {quote}2019-04-08T10:19:04.991Z, User(null), RemoteIp(x.x.x.x), Operation(User login), Roles(
>  ), Status(Failed), Reason(Authentication required), Consecutive failures(UNKNOWN USER)
>  2019-04-08T10:19:04.999Z, User(admin), RemoteIp(x.x.x.x), Operation(User login), Roles(
>      Ambari: Ambari Administrator
>  ), Status(Success)
> {quote}
>  
> The second line seems to be valid. However, the first line (with the null user) shouldn't be there.
> Note: I'm not sure if it helps, but the cluster is Kerberized and Knox isn't involved.
>  
> Edit: This issue could be seen on both Ambari 2.5.2 and 2.7.3. Also, 2.5.2 version cluster is Kerberized, the 2.7.3 version is NOT Kerberized. 



--
This message was sent by Atlassian Jira
(v8.3.2#803003)