You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2015/03/31 16:40:59 UTC
[2/2] ambari git commit: AMBARI-10236. Principal and Keytab
configuration specifications are ignored when disabling Kerberos (rlevas)
AMBARI-10236. Principal and Keytab configuration specifications are ignored when disabling Kerberos (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/fe39b646
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/fe39b646
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/fe39b646
Branch: refs/heads/trunk
Commit: fe39b6460b1f0ad50ece5a5cdc8bfede688956fa
Parents: 3508f08
Author: Robert Levas <rl...@hortonworks.com>
Authored: Tue Mar 31 10:40:36 2015 -0400
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Tue Mar 31 10:40:36 2015 -0400
----------------------------------------------------------------------
.../ambari/server/agent/HeartBeatHandler.java | 54 ++---
.../server/controller/KerberosHelper.java | 190 +++++++++++------
.../AbstractKerberosDataFileBuilder.java | 124 -----------
.../AbstractKerberosDataFileReader.java | 2 +-
.../AbstractKerberosDataFileWriter.java | 124 +++++++++++
.../kerberos/CreateKeytabFilesServerAction.java | 14 +-
.../kerberos/CreatePrincipalsServerAction.java | 2 +-
.../kerberos/KerberosActionDataFile.java | 41 ----
.../kerberos/KerberosActionDataFileBuilder.java | 115 ----------
.../kerberos/KerberosActionDataFileReader.java | 44 ----
.../kerberos/KerberosConfigDataFile.java | 2 +-
.../kerberos/KerberosConfigDataFileBuilder.java | 66 ------
.../kerberos/KerberosConfigDataFileReader.java | 6 +-
.../KerberosConfigDataFileReaderFactory.java | 44 ++++
.../kerberos/KerberosConfigDataFileWriter.java | 64 ++++++
.../KerberosConfigDataFileWriterFactory.java | 44 ++++
.../serveraction/kerberos/KerberosDataFile.java | 48 +++++
.../kerberos/KerberosIdentityDataFile.java | 41 ++++
.../KerberosIdentityDataFileReader.java | 44 ++++
.../KerberosIdentityDataFileReaderFactory.java | 45 ++++
.../KerberosIdentityDataFileWriter.java | 100 +++++++++
.../KerberosIdentityDataFileWriterFactory.java | 44 ++++
.../kerberos/KerberosServerAction.java | 39 ++--
.../UpdateKerberosConfigsServerAction.java | 69 ++----
.../server/agent/TestHeartbeatHandler.java | 56 +++--
.../server/controller/KerberosHelperTest.java | 43 ++++
.../kerberos/KerberosActionDataFileTest.java | 212 -------------------
.../kerberos/KerberosConfigDataFileTest.java | 57 ++---
.../kerberos/KerberosIdentityDataFileTest.java | 207 ++++++++++++++++++
.../kerberos/KerberosServerActionTest.java | 16 +-
.../UpdateKerberosConfigsServerActionTest.java | 96 +++------
31 files changed, 1154 insertions(+), 899 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java b/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java
index 9f39049..51d6bc1 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/agent/HeartBeatHandler.java
@@ -53,8 +53,8 @@ import org.apache.ambari.server.events.publishers.AmbariEventPublisher;
import org.apache.ambari.server.events.publishers.VersionEventPublisher;
import org.apache.ambari.server.metadata.ActionMetadata;
import org.apache.ambari.server.orm.dao.KerberosPrincipalHostDAO;
-import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile;
-import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFileReader;
+import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReader;
+import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReaderFactory;
import org.apache.ambari.server.serveraction.kerberos.KerberosServerAction;
import org.apache.ambari.server.state.AgentVersion;
import org.apache.ambari.server.state.Alert;
@@ -162,6 +162,12 @@ public class HeartBeatHandler {
@Inject
private KerberosPrincipalHostDAO kerberosPrincipalHostDAO;
+ /**
+ * KerberosIdentityDataFileReaderFactory used to create KerberosIdentityDataFileReader instances
+ */
+ @Inject
+ private KerberosIdentityDataFileReaderFactory kerberosIdentityDataFileReaderFactory;
+
private Map<String, Long> hostResponseIds = new ConcurrentHashMap<String, Long>();
private Map<String, HeartBeatResponse> hostResponses = new ConcurrentHashMap<String, HeartBeatResponse>();
@@ -1050,18 +1056,18 @@ public class HeartBeatHandler {
void injectKeytab(ExecutionCommand ec, String command, String targetHost) throws AmbariException {
List<Map<String, String>> kcp = ec.getKerberosCommandParams();
String dataDir = ec.getCommandParams().get(KerberosServerAction.DATA_DIRECTORY);
- KerberosActionDataFileReader reader = null;
+ KerberosIdentityDataFileReader reader = null;
try {
- reader = new KerberosActionDataFileReader(new File(dataDir, KerberosActionDataFile.DATA_FILE_NAME));
+ reader = kerberosIdentityDataFileReaderFactory.createKerberosIdentityDataFileReader(new File(dataDir, KerberosIdentityDataFileReader.DATA_FILE_NAME));
for (Map<String, String> record : reader) {
- String hostName = record.get(KerberosActionDataFile.HOSTNAME);
+ String hostName = record.get(KerberosIdentityDataFileReader.HOSTNAME);
if (targetHost.equalsIgnoreCase(hostName)) {
if ("SET_KEYTAB".equalsIgnoreCase(command)) {
- String keytabFilePath = record.get(KerberosActionDataFile.KEYTAB_FILE_PATH);
+ String keytabFilePath = record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH);
if (keytabFilePath != null) {
@@ -1070,20 +1076,18 @@ public class HeartBeatHandler {
if (keytabFile.canRead()) {
Map<String, String> keytabMap = new HashMap<String, String>();
- String principal = record.get(KerberosActionDataFile.PRINCIPAL);
- String isService = record.get(KerberosActionDataFile.SERVICE);
-
- keytabMap.put(KerberosActionDataFile.HOSTNAME, hostName);
- keytabMap.put(KerberosActionDataFile.SERVICE, isService);
- keytabMap.put(KerberosActionDataFile.COMPONENT, record.get(KerberosActionDataFile.COMPONENT));
- keytabMap.put(KerberosActionDataFile.PRINCIPAL, principal);
- keytabMap.put(KerberosActionDataFile.PRINCIPAL_CONFIGURATION, record.get(KerberosActionDataFile.PRINCIPAL_CONFIGURATION));
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_PATH, keytabFilePath);
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_OWNER_NAME, record.get(KerberosActionDataFile.KEYTAB_FILE_OWNER_NAME));
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_OWNER_ACCESS, record.get(KerberosActionDataFile.KEYTAB_FILE_OWNER_ACCESS));
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_GROUP_NAME, record.get(KerberosActionDataFile.KEYTAB_FILE_GROUP_NAME));
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_GROUP_ACCESS, record.get(KerberosActionDataFile.KEYTAB_FILE_GROUP_ACCESS));
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_CONFIGURATION, record.get(KerberosActionDataFile.KEYTAB_FILE_CONFIGURATION));
+ String principal = record.get(KerberosIdentityDataFileReader.PRINCIPAL);
+ String isService = record.get(KerberosIdentityDataFileReader.SERVICE);
+
+ keytabMap.put(KerberosIdentityDataFileReader.HOSTNAME, hostName);
+ keytabMap.put(KerberosIdentityDataFileReader.SERVICE, isService);
+ keytabMap.put(KerberosIdentityDataFileReader.COMPONENT, record.get(KerberosIdentityDataFileReader.COMPONENT));
+ keytabMap.put(KerberosIdentityDataFileReader.PRINCIPAL, principal);
+ keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH, keytabFilePath);
+ keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_NAME, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_NAME));
+ keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_ACCESS, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_OWNER_ACCESS));
+ keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_NAME, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_NAME));
+ keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_ACCESS, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_GROUP_ACCESS));
BufferedInputStream bufferedIn = new BufferedInputStream(new FileInputStream(keytabFile));
byte[] keytabContent = IOUtils.toByteArray(bufferedIn);
@@ -1096,11 +1100,11 @@ public class HeartBeatHandler {
} else if ("REMOVE_KEYTAB".equalsIgnoreCase(command)) {
Map<String, String> keytabMap = new HashMap<String, String>();
- keytabMap.put(KerberosActionDataFile.HOSTNAME, hostName);
- keytabMap.put(KerberosActionDataFile.SERVICE, record.get(KerberosActionDataFile.SERVICE));
- keytabMap.put(KerberosActionDataFile.COMPONENT, record.get(KerberosActionDataFile.COMPONENT));
- keytabMap.put(KerberosActionDataFile.PRINCIPAL, record.get(KerberosActionDataFile.PRINCIPAL));
- keytabMap.put(KerberosActionDataFile.KEYTAB_FILE_PATH, record.get(KerberosActionDataFile.KEYTAB_FILE_PATH));
+ keytabMap.put(KerberosIdentityDataFileReader.HOSTNAME, hostName);
+ keytabMap.put(KerberosIdentityDataFileReader.SERVICE, record.get(KerberosIdentityDataFileReader.SERVICE));
+ keytabMap.put(KerberosIdentityDataFileReader.COMPONENT, record.get(KerberosIdentityDataFileReader.COMPONENT));
+ keytabMap.put(KerberosIdentityDataFileReader.PRINCIPAL, record.get(KerberosIdentityDataFileReader.PRINCIPAL));
+ keytabMap.put(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH, record.get(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH));
kcp.add(keytabMap);
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java
index 75062a1..e8a6c0a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java
@@ -51,12 +51,12 @@ import org.apache.ambari.server.serveraction.kerberos.CreatePrincipalsServerActi
import org.apache.ambari.server.serveraction.kerberos.DestroyPrincipalsServerAction;
import org.apache.ambari.server.serveraction.kerberos.FinalizeKerberosServerAction;
import org.apache.ambari.server.serveraction.kerberos.KDCType;
-import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile;
-import org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFileBuilder;
+import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileWriter;
+import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileWriterFactory;
+import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileWriter;
import org.apache.ambari.server.serveraction.kerberos.KerberosAdminAuthenticationException;
-import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFile;
-import org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFileBuilder;
import org.apache.ambari.server.serveraction.kerberos.KerberosCredential;
+import org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileWriterFactory;
import org.apache.ambari.server.serveraction.kerberos.KerberosInvalidConfigurationException;
import org.apache.ambari.server.serveraction.kerberos.KerberosKDCConnectionException;
import org.apache.ambari.server.serveraction.kerberos.KerberosLDAPContainerException;
@@ -164,6 +164,12 @@ public class KerberosHelper {
@Inject
private KerberosDescriptorFactory kerberosDescriptorFactory;
+ @Inject
+ private KerberosIdentityDataFileWriterFactory kerberosIdentityDataFileWriterFactory;
+
+ @Inject
+ private KerberosConfigDataFileWriterFactory kerberosConfigDataFileWriterFactory;
+
/**
* Used to get kerberos descriptors associated with the cluster or stack.
* Currently not available via injection.
@@ -686,7 +692,7 @@ public class KerberosHelper {
if ((hosts != null) && !hosts.isEmpty()) {
List<ServiceComponentHost> serviceComponentHostsToProcess = new ArrayList<ServiceComponentHost>();
KerberosDescriptor kerberosDescriptor = getKerberosDescriptor(cluster);
- KerberosActionDataFileBuilder kerberosActionDataFileBuilder = null;
+ KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter = null;
Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties();
Map<String, Map<String, String>> kerberosConfigurations = new HashMap<String, Map<String, String>>();
@@ -708,7 +714,7 @@ public class KerberosHelper {
File dataDirectory = createTemporaryDirectory();
// Create the file used to store details about principals and keytabs to create
- File indexFile = new File(dataDirectory, KerberosActionDataFile.DATA_FILE_NAME);
+ File identityDataFile = new File(dataDirectory, KerberosIdentityDataFileWriter.DATA_FILE_NAME);
try {
// Iterate over the hosts in the cluster to find the components installed in each. For each
@@ -750,14 +756,14 @@ public class KerberosHelper {
int identitiesAdded = 0;
List<KerberosIdentityDescriptor> serviceIdentities = serviceDescriptor.getIdentities(true);
- // Lazily create the KerberosActionDataFileBuilder instance...
- if (kerberosActionDataFileBuilder == null) {
- kerberosActionDataFileBuilder = new KerberosActionDataFileBuilder(indexFile);
+ // Lazily create the KerberosIdentityDataFileWriter instance...
+ if (kerberosIdentityDataFileWriter == null) {
+ kerberosIdentityDataFileWriter = kerberosIdentityDataFileWriterFactory.createKerberosIdentityDataFileWriter(identityDataFile);
}
// Add service-level principals (and keytabs)
- identitiesAdded += addIdentities(kerberosActionDataFileBuilder, serviceIdentities,
- identityFilter, hostname, serviceName, componentName, configurations);
+ identitiesAdded += addIdentities(kerberosIdentityDataFileWriter, serviceIdentities,
+ identityFilter, hostname, serviceName, componentName, kerberosConfigurations, configurations);
// If there is no filter or the filter contains the current component name,
// test to see if this component should be process by querying the handler...
@@ -773,8 +779,8 @@ public class KerberosHelper {
componentDescriptor.getConfigurations(true), configurations);
// Add component-level principals (and keytabs)
- identitiesAdded += addIdentities(kerberosActionDataFileBuilder, componentIdentities,
- identityFilter, hostname, serviceName, componentName, configurations);
+ identitiesAdded += addIdentities(kerberosIdentityDataFileWriter, componentIdentities,
+ identityFilter, hostname, serviceName, componentName, kerberosConfigurations, configurations);
}
}
@@ -787,14 +793,14 @@ public class KerberosHelper {
}
}
} catch (IOException e) {
- String message = String.format("Failed to write index file - %s", indexFile.getAbsolutePath());
+ String message = String.format("Failed to write index file - %s", identityDataFile.getAbsolutePath());
LOG.error(message);
throw new AmbariException(message, e);
} finally {
- if (kerberosActionDataFileBuilder != null) {
+ if (kerberosIdentityDataFileWriter != null) {
// Make sure the data file is closed
try {
- kerberosActionDataFileBuilder.close();
+ kerberosIdentityDataFileWriter.close();
} catch (IOException e) {
LOG.warn("Failed to close the index file writer", e);
}
@@ -930,7 +936,7 @@ public class KerberosHelper {
if ((hosts != null) && !hosts.isEmpty()) {
List<ServiceComponentHost> serviceComponentHostsToProcess = new ArrayList<ServiceComponentHost>();
KerberosDescriptor kerberosDescriptor = getKerberosDescriptor(cluster);
- KerberosActionDataFileBuilder kerberosActionDataFileBuilder = null;
+ KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter = null;
Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties();
// While iterating over all the ServiceComponentHosts find hosts that have KERBEROS_CLIENT
@@ -945,7 +951,7 @@ public class KerberosHelper {
File dataDirectory = createTemporaryDirectory();
// Create the file used to store details about principals and keytabs to create
- File indexFile = new File(dataDirectory, KerberosActionDataFile.DATA_FILE_NAME);
+ File identityDataFile = new File(dataDirectory, KerberosIdentityDataFileWriter.DATA_FILE_NAME);
// Create a special identity for the test user
KerberosIdentityDescriptor identity = new KerberosIdentityDescriptor(new HashMap<String, Object>() {
@@ -1016,14 +1022,14 @@ public class KerberosHelper {
int identitiesAdded = 0;
- // Lazily create the KerberosActionDataFileBuilder instance...
- if (kerberosActionDataFileBuilder == null) {
- kerberosActionDataFileBuilder = new KerberosActionDataFileBuilder(indexFile);
+ // Lazily create the KerberosIdentityDataFileWriter instance...
+ if (kerberosIdentityDataFileWriter == null) {
+ kerberosIdentityDataFileWriter = kerberosIdentityDataFileWriterFactory.createKerberosIdentityDataFileWriter(identityDataFile);
}
// Add service-level principals (and keytabs)
- identitiesAdded += addIdentities(kerberosActionDataFileBuilder, Collections.singleton(identity),
- null, hostname, serviceName, componentName, configurations);
+ identitiesAdded += addIdentities(kerberosIdentityDataFileWriter, Collections.singleton(identity),
+ null, hostname, serviceName, componentName, null, configurations);
if (identitiesAdded > 0) {
// Add the relevant principal name and keytab file data to the command params state
@@ -1041,14 +1047,14 @@ public class KerberosHelper {
}
}
} catch (IOException e) {
- String message = String.format("Failed to write index file - %s", indexFile.getAbsolutePath());
+ String message = String.format("Failed to write index file - %s", identityDataFile.getAbsolutePath());
LOG.error(message);
throw new AmbariException(message, e);
} finally {
- if (kerberosActionDataFileBuilder != null) {
+ if (kerberosIdentityDataFileWriter != null) {
// Make sure the data file is closed
try {
- kerberosActionDataFileBuilder.close();
+ kerberosIdentityDataFileWriter.close();
} catch (IOException e) {
LOG.warn("Failed to close the index file writer", e);
}
@@ -1369,6 +1375,48 @@ public class KerberosHelper {
return configurations;
}
+ /**
+ * Merges the specified configuration property in a map of configuration types.
+ * The supplied property is processed to replace variables using the replacement Map.
+ * <p/>
+ * See {@link org.apache.ambari.server.state.kerberos.KerberosDescriptor#replaceVariables(String, java.util.Map)}
+ * for information on variable replacement.
+ *
+ * @param configurations the Map of configuration types to update
+ * @param configurationSpecification the config-type/property_name value specifying the property to set
+ * @param value the value of the property to set
+ * @param replacements a Map of (grouped) replacement values
+ * @throws AmbariException
+ */
+ private void mergeConfiguration(Map<String, Map<String, String>> configurations,
+ String configurationSpecification,
+ String value,
+ Map<String, Map<String, String>> replacements) throws AmbariException {
+
+ if (configurationSpecification != null) {
+ String[] parts = configurationSpecification.split("/");
+ if (parts.length == 2) {
+ String type = parts[0];
+ String property = parts[1];
+
+ mergeConfigurations(configurations, type, Collections.singletonMap(property, value), replacements);
+ }
+ }
+ }
+
+ /**
+ * Merges configuration from a Map of configuration updates into a main configurations Map. Each
+ * property in the updates Map is processed to replace variables using the replacement Map.
+ * <p/>
+ * See {@link org.apache.ambari.server.state.kerberos.KerberosDescriptor#replaceVariables(String, java.util.Map)}
+ * for information on variable replacement.
+ *
+ * @param configurations a Map of configurations
+ * @param type the configuration type
+ * @param updates a Map of property updates
+ * @param replacements a Map of (grouped) replacement values
+ * @throws AmbariException
+ */
private void mergeConfigurations(Map<String, Map<String, String>> configurations, String type,
Map<String, String> updates,
Map<String, Map<String, String>> replacements) throws AmbariException {
@@ -1389,27 +1437,30 @@ public class KerberosHelper {
}
/**
- * Adds identities to the KerberosActionDataFileBuilder.
+ * Adds identities to the KerberosIdentityDataFileWriter.
*
- * @param kerberosActionDataFileBuilder a KerberosActionDataFileBuilder to use for storing identity
- * records
- * @param identities a List of KerberosIdentityDescriptors to add to the data
- * file
- * @param identityFilter a Collection of identity names indicating the relevant identities -
- * if null, no filter is relevant; if empty, the filter indicates no
- * relevant identities
- * @param hostname the relevant hostname
- * @param serviceName the relevant service name
- * @param componentName the relevant component name
- * @param configurations a Map of configurations to use a replacements for variables
- * in identity fields
+ * @param kerberosIdentityDataFileWriter a KerberosIdentityDataFileWriter to use for storing identity
+ * records
+ * @param identities a List of KerberosIdentityDescriptors to add to the data
+ * file
+ * @param identityFilter a Collection of identity names indicating the relevant identities -
+ * if null, no filter is relevant; if empty, the filter indicates no
+ * relevant identities
+ * @param hostname the relevant hostname
+ * @param serviceName the relevant service name
+ * @param componentName the relevant component name
+ * @param kerberosConfigurations a map of the configurations to update with identity-specific
+ * values
+ * @param configurations a Map of configurations to use a replacements for variables
+ * in identity fields
* @return an integer indicating the number of identities added to the data file
* @throws java.io.IOException if an error occurs while writing a record to the data file
*/
- private int addIdentities(KerberosActionDataFileBuilder kerberosActionDataFileBuilder,
+ private int addIdentities(KerberosIdentityDataFileWriter kerberosIdentityDataFileWriter,
Collection<KerberosIdentityDescriptor> identities,
Collection<String> identityFilter, String hostname, String serviceName,
- String componentName, Map<String, Map<String, String>> configurations)
+ String componentName, Map<String, Map<String, String>> kerberosConfigurations,
+ Map<String, Map<String, String>> configurations)
throws IOException {
int identitiesAdded = 0;
@@ -1436,6 +1487,7 @@ public class KerberosHelper {
String keytabFileGroupName = null;
String keytabFileGroupAccess = null;
String keytabFileConfiguration = null;
+ boolean keytabIsCachable = false;
if (keytabDescriptor != null) {
keytabFilePath = KerberosDescriptor.replaceVariables(keytabDescriptor.getFile(), configurations);
@@ -1444,23 +1496,28 @@ public class KerberosHelper {
keytabFileGroupName = KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupName(), configurations);
keytabFileGroupAccess = KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupAccess(), configurations);
keytabFileConfiguration = KerberosDescriptor.replaceVariables(keytabDescriptor.getConfiguration(), configurations);
+ keytabIsCachable = keytabDescriptor.isCachable();
}
// Append an entry to the action data file builder...
- kerberosActionDataFileBuilder.addRecord(
+ kerberosIdentityDataFileWriter.writeRecord(
hostname,
serviceName,
componentName,
principal,
principalType,
- principalConfiguration,
keytabFilePath,
keytabFileOwnerName,
keytabFileOwnerAccess,
keytabFileGroupName,
keytabFileGroupAccess,
- keytabFileConfiguration,
- (keytabDescriptor.isCachable()) ? "true" : "false");
+ (keytabIsCachable) ? "true" : "false");
+
+ // Add the principal-related configuration to the map of configurations
+ mergeConfiguration(kerberosConfigurations, principalConfiguration, principal, null);
+
+ // Add the keytab-related configuration to the map of configurations
+ mergeConfiguration(kerberosConfigurations, keytabFileConfiguration, keytabFilePath, null);
identitiesAdded++;
}
@@ -2240,10 +2297,10 @@ public class KerberosHelper {
// If there are configurations to set, create a (temporary) data file to store the configuration
// updates and fill it will the relevant configurations.
if (!kerberosConfigurations.isEmpty()) {
- File configFile = new File(dataDirectory, KerberosConfigDataFile.DATA_FILE_NAME);
- KerberosConfigDataFileBuilder kerberosConfDataFileBuilder = null;
+ File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME);
+ KerberosConfigDataFileWriter kerberosConfDataFileWriter = null;
try {
- kerberosConfDataFileBuilder = new KerberosConfigDataFileBuilder(configFile);
+ kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile);
for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) {
String type = entry.getKey();
@@ -2251,10 +2308,10 @@ public class KerberosHelper {
if (properties != null) {
for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) {
- kerberosConfDataFileBuilder.addRecord(type,
+ kerberosConfDataFileWriter.addRecord(type,
configTypeEntry.getKey(),
configTypeEntry.getValue(),
- KerberosConfigDataFile.OPERATION_TYPE_SET);
+ KerberosConfigDataFileWriter.OPERATION_TYPE_SET);
}
}
}
@@ -2263,9 +2320,9 @@ public class KerberosHelper {
LOG.error(message);
throw new AmbariException(message, e);
} finally {
- if (kerberosConfDataFileBuilder != null) {
+ if (kerberosConfDataFileWriter != null) {
try {
- kerberosConfDataFileBuilder.close();
+ kerberosConfDataFileWriter.close();
} catch (IOException e) {
LOG.warn("Failed to close the kerberos configurations file writer", e);
}
@@ -2375,8 +2432,8 @@ public class KerberosHelper {
// updates and fill it will the relevant configurations.
if (!kerberosConfigurations.isEmpty()) {
Map<String, Collection<String>> configurationsToRemove = new HashMap<String, Collection<String>>();
- File configFile = new File(dataDirectory, KerberosConfigDataFile.DATA_FILE_NAME);
- KerberosConfigDataFileBuilder kerberosConfDataFileBuilder = null;
+ File configFile = new File(dataDirectory, KerberosConfigDataFileWriter.DATA_FILE_NAME);
+ KerberosConfigDataFileWriter kerberosConfDataFileWriter = null;
// Fill the configurationsToRemove map with all Kerberos-related configurations. Values
// needed to be kept will have new values from the stack definition and thus pruned from
@@ -2430,21 +2487,26 @@ public class KerberosHelper {
}
try {
- kerberosConfDataFileBuilder = new KerberosConfigDataFileBuilder(configFile);
+ kerberosConfDataFileWriter = kerberosConfigDataFileWriterFactory.createKerberosConfigDataFileWriter(configFile);
for (Map.Entry<String, Map<String, String>> entry : kerberosConfigurations.entrySet()) {
String type = entry.getKey();
Map<String, String> properties = entry.getValue();
+ Collection<String> propertiesToRemove = configurationsToRemove.get(type);
if (properties != null) {
for (Map.Entry<String, String> configTypeEntry : properties.entrySet()) {
- String value = configTypeEntry.getValue();
+ String propertyName = configTypeEntry.getKey();
- kerberosConfDataFileBuilder.addRecord(type,
- configTypeEntry.getKey(),
- value,
- (value == null) ? KerberosConfigDataFile.OPERATION_TYPE_REMOVE : KerberosConfigDataFile.OPERATION_TYPE_SET
- );
+ // Ignore properties that should be removed
+ if ((propertiesToRemove == null) || !propertiesToRemove.contains(propertyName)) {
+ String value = configTypeEntry.getValue();
+ String operation = (value == null)
+ ? KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE
+ : KerberosConfigDataFileWriter.OPERATION_TYPE_SET;
+
+ kerberosConfDataFileWriter.addRecord(type, propertyName, value, operation);
+ }
}
}
}
@@ -2456,7 +2518,7 @@ public class KerberosHelper {
if (properties != null) {
for (String propertyName : properties) {
- kerberosConfDataFileBuilder.addRecord(type, propertyName, null, KerberosConfigDataFile.OPERATION_TYPE_REMOVE);
+ kerberosConfDataFileWriter.addRecord(type, propertyName, null, KerberosConfigDataFileWriter.OPERATION_TYPE_REMOVE);
}
}
}
@@ -2465,9 +2527,9 @@ public class KerberosHelper {
LOG.error(message);
throw new AmbariException(message, e);
} finally {
- if (kerberosConfDataFileBuilder != null) {
+ if (kerberosConfDataFileWriter != null) {
try {
- kerberosConfDataFileBuilder.close();
+ kerberosConfDataFileWriter.close();
} catch (IOException e) {
LOG.warn("Failed to close the kerberos configurations file writer", e);
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java
deleted file mode 100644
index cc2e2ff..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileBuilder.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.serveraction.kerberos;
-
-import org.apache.commons.csv.CSVFormat;
-import org.apache.commons.csv.CSVPrinter;
-
-import java.io.File;
-import java.io.FileWriter;
-import java.io.IOException;
-
-/**
- * AbstractKerberosDataFileBuilder provides a generic facility to write a data file using some
- * underlying record-based file writer.
- * <p/>
- * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file.
- */
-public abstract class AbstractKerberosDataFileBuilder {
-
- private File file;
- private CSVPrinter csvPrinter;
-
- /**
- * Creates a new KerberosConfigDataFileBuilder
- * <p/>
- * The file is opened upon creation, so there is no need to manually open it unless manually
- * closed before using.
- *
- * @param file a File declaring where to write the data
- * @throws java.io.IOException
- */
- public AbstractKerberosDataFileBuilder(File file) throws IOException {
- this.file = file;
- open();
- }
-
-
- /**
- * Opens the data file for writing.
- * <p/>
- * This may be called multiple times and the appropriate action will occur depending on if the
- * file has been previously opened or closed.
- *
- * @throws java.io.IOException
- */
- public void open() throws IOException {
- if (isClosed()) {
- if (file == null) {
- throw new IOException("Missing file path");
- } else {
- csvPrinter = new CSVPrinter(new FileWriter(file, true), CSVFormat.DEFAULT);
-
- // If the file is empty, write the header; else don't write the header.
- if (file.length() == 0) {
- // Write the header....
- Iterable<?> headerRecord = getHeaderRecord();
- csvPrinter.printRecord(headerRecord);
- }
- }
- }
- }
-
- /**
- * Tests this KerberosConfigDataFileBuilder to see if the data file is closed.
- *
- * @return true if closed; otherwise false
- */
- public boolean isClosed() {
- return csvPrinter == null;
- }
-
- /**
- * Closes the data file
- *
- * @throws java.io.IOException
- */
- public void close() throws IOException {
- if (csvPrinter != null) {
- csvPrinter.close();
- csvPrinter = null;
- }
- }
-
- /**
- * Appends a new record to the data file
- *
- * @param record a collection of Strings declaring values for the columns of the file
- * @throws java.io.IOException
- */
- protected void appendRecord(String... record) throws IOException {
-
- if (csvPrinter == null) {
- throw new IOException("Data file is not open");
- }
-
- csvPrinter.printRecord(record);
- }
-
-
- /**
- * Gets the header record for the CSV file
- *
- * @return an Iterable containing the (ordered) list of Strings declaring the columns names
- */
- protected abstract Iterable<String> getHeaderRecord();
-
-
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java
index 2d9f98a..63c53f5 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileReader.java
@@ -58,7 +58,7 @@ public abstract class AbstractKerberosDataFileReader implements Iterable<Map<Str
* This may be called multiple times and the appropriate action will occur depending on if the
* file has been previously opened or closed.
*
- * @throws java.io.IOException
+ * @throws java.io.IOException if an error occurs while accessing the file
*/
public void open() throws IOException {
if (isClosed()) {
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java
new file mode 100644
index 0000000..8f1883f
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/AbstractKerberosDataFileWriter.java
@@ -0,0 +1,124 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import org.apache.commons.csv.CSVFormat;
+import org.apache.commons.csv.CSVPrinter;
+
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+
+/**
+ * AbstractKerberosDataFileWriter provides a generic facility to write a data file using some
+ * underlying record-based file writer.
+ * <p/>
+ * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file.
+ */
+public abstract class AbstractKerberosDataFileWriter {
+
+ private File file;
+ private CSVPrinter csvPrinter;
+
+ /**
+ * Creates a new KerberosConfigDataFileWriter
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @throws java.io.IOException
+ */
+ public AbstractKerberosDataFileWriter(File file) throws IOException {
+ this.file = file;
+ open();
+ }
+
+
+ /**
+ * Opens the data file for writing.
+ * <p/>
+ * This may be called multiple times and the appropriate action will occur depending on if the
+ * file has been previously opened or closed.
+ *
+ * @throws java.io.IOException
+ */
+ public void open() throws IOException {
+ if (isClosed()) {
+ if (file == null) {
+ throw new IOException("Missing file path");
+ } else {
+ csvPrinter = new CSVPrinter(new FileWriter(file, true), CSVFormat.DEFAULT);
+
+ // If the file is empty, write the header; else don't write the header.
+ if (file.length() == 0) {
+ // Write the header....
+ Iterable<?> headerRecord = getHeaderRecord();
+ csvPrinter.printRecord(headerRecord);
+ }
+ }
+ }
+ }
+
+ /**
+ * Tests this KerberosConfigDataFileWriter to see if the data file is closed.
+ *
+ * @return true if closed; otherwise false
+ */
+ public boolean isClosed() {
+ return csvPrinter == null;
+ }
+
+ /**
+ * Closes the data file
+ *
+ * @throws java.io.IOException
+ */
+ public void close() throws IOException {
+ if (csvPrinter != null) {
+ csvPrinter.close();
+ csvPrinter = null;
+ }
+ }
+
+ /**
+ * Appends a new record to the data file
+ *
+ * @param record a collection of Strings declaring values for the columns of the file
+ * @throws java.io.IOException
+ */
+ protected void appendRecord(String... record) throws IOException {
+
+ if (csvPrinter == null) {
+ throw new IOException("Data file is not open");
+ }
+
+ csvPrinter.printRecord(record);
+ }
+
+
+ /**
+ * Gets the header record for the CSV file
+ *
+ * @return an Iterable containing the (ordered) list of Strings declaring the columns names
+ */
+ protected abstract Iterable<String> getHeaderRecord();
+
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
index 3e94cd6..a1ff364 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreateKeytabFilesServerAction.java
@@ -39,10 +39,6 @@ import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentMap;
-import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.HOSTNAME;
-import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.KEYTAB_FILE_IS_CACHABLE;
-import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.KEYTAB_FILE_PATH;
-
/**
* CreateKeytabFilesServerAction is a ServerAction implementation that creates keytab files as
* instructed.
@@ -111,9 +107,9 @@ public class CreateKeytabFilesServerAction extends KerberosServerAction {
* {@link org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandler} to generate
* the keytab file. To help avoid filename collisions and to build a structure that is easy to
* discover, each keytab file is stored in host-specific
- * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile#HOSTNAME})
+ * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReader#HOSTNAME})
* directory using the SHA1 hash of its destination file path
- * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile#KEYTAB_FILE_PATH})
+ * ({@link org.apache.ambari.server.serveraction.kerberos.KerberosIdentityDataFileReader#KEYTAB_FILE_PATH})
* <p/>
* <pre>
* data_directory
@@ -154,8 +150,8 @@ public class CreateKeytabFilesServerAction extends KerberosServerAction {
Map<String, String> principalPasswordMap = getPrincipalPasswordMap(requestSharedDataContext);
Map<String, Integer> principalKeyNumberMap = getPrincipalKeyNumberMap(requestSharedDataContext);
- String host = identityRecord.get(HOSTNAME);
- String keytabFilePath = identityRecord.get(KEYTAB_FILE_PATH);
+ String host = identityRecord.get(KerberosIdentityDataFileReader.HOSTNAME);
+ String keytabFilePath = identityRecord.get(KerberosIdentityDataFileReader.KEYTAB_FILE_PATH);
if ((host != null) && !host.isEmpty() && (keytabFilePath != null) && !keytabFilePath.isEmpty()) {
Set<String> visitedPrincipalKeys = visitedIdentities.get(evaluatedPrincipal);
@@ -246,7 +242,7 @@ public class CreateKeytabFilesServerAction extends KerberosServerAction {
// and store that location so it can be reused rather than recreate it.
KerberosPrincipalEntity principalEntity = kerberosPrincipalDAO.find(evaluatedPrincipal);
if (principalEntity != null) {
- if (!principalEntity.isService() && ("true".equalsIgnoreCase(identityRecord.get(KEYTAB_FILE_IS_CACHABLE)))) {
+ if (!principalEntity.isService() && ("true".equalsIgnoreCase(identityRecord.get(KerberosIdentityDataFileReader.KEYTAB_FILE_IS_CACHABLE)))) {
File cachedKeytabFile = cacheKeytab(evaluatedPrincipal, keytab);
String previousCachedFilePath = principalEntity.getCachedKeytabPath();
String cachedKeytabFilePath = ((cachedKeytabFile == null) || !cachedKeytabFile.exists())
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java
index e8918e1..13fb49b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/CreatePrincipalsServerAction.java
@@ -117,7 +117,7 @@ public class CreatePrincipalsServerAction extends KerberosServerAction {
password = operationHandler.createSecurePassword();
try {
- boolean servicePrincipal = "service".equalsIgnoreCase(identityRecord.get(KerberosActionDataFile.PRINCIPAL_TYPE));
+ boolean servicePrincipal = "service".equalsIgnoreCase(identityRecord.get(KerberosIdentityDataFileReader.PRINCIPAL_TYPE));
if (operationHandler.principalExists(evaluatedPrincipal)) {
// Create a new password since we need to know what it is.
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java
deleted file mode 100644
index e85048d..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFile.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.serveraction.kerberos;
-
-/**
- * KerberosActionDataFile declares the default data file name and the common record column names
- * for the Kerberos action (metadata) data files.
- */
-public class KerberosActionDataFile {
- public static final String DATA_FILE_NAME = "index.dat";
-
- public static final String HOSTNAME = "hostname";
- public static final String SERVICE = "service";
- public static final String COMPONENT = "component";
- public static final String PRINCIPAL = "principal";
- public static final String PRINCIPAL_TYPE = "principal_type";
- public static final String PRINCIPAL_CONFIGURATION = "principal_configuration";
- public static final String KEYTAB_FILE_PATH = "keytab_file_path";
- public static final String KEYTAB_FILE_OWNER_NAME = "keytab_file_owner_name";
- public static final String KEYTAB_FILE_OWNER_ACCESS = "keytab_file_owner_access";
- public static final String KEYTAB_FILE_GROUP_NAME = "keytab_file_group_name";
- public static final String KEYTAB_FILE_GROUP_ACCESS = "keytab_file_group_access";
- public static final String KEYTAB_FILE_CONFIGURATION = "keytab_file_configuration";
- public static final String KEYTAB_FILE_IS_CACHABLE = "keytab_file_is_cachable";
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java
deleted file mode 100644
index 31e62be..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileBuilder.java
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.serveraction.kerberos;
-
-import static org.apache.ambari.server.serveraction.kerberos.KerberosActionDataFile.*;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.Arrays;
-
-/**
- * KerberosActionDataFileBuilder is an implementation of a KerberosActionDataFile that is used to
- * create a new KerberosActionDataFile.
- * <p/>
- * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file.
- */
-public class KerberosActionDataFileBuilder extends AbstractKerberosDataFileBuilder {
-
- /**
- * Creates a new KerberosActionDataFileBuilder
- * <p/>
- * The file is opened upon creation, so there is no need to manually open it unless manually
- * closed before using.
- *
- * @param file a File declaring where to write the data
- * @throws IOException
- */
- public KerberosActionDataFileBuilder(File file) throws IOException {
- super(file);
- }
-
-
- /**
- * Appends a new record to the data file
- *
- * @param hostName a String containing the hostname column data
- * @param serviceName a String containing the service name column data
- * @param serviceComponentName a String containing the component name column data
- * @param principal a String containing the (raw, non-evaluated) principal "pattern"
- * column data
- * @param principalType a String declaring the principal type - expecting "service" or "user"
- * @param principalConfiguration a String containing the principal's configuration property column data
- * (expected to be the type and name of the configuration property
- * to use to store the evaluated principal data in
- * - i.e., config-type/property)
- * @param keytabFilePath a String containing the destination keytab file path column data
- * @param keytabFileOwnerName a String containing the keytab file owner name column data
- * @param keytabFileOwnerAccess a String containing the keytab file owner access column data
- * (expected to be "r" or "rw")
- * @param keytabFileGroupName a String containing the keytab file group name column data
- * @param keytabFileGroupAccess a String containing the keytab file group access column data
- * (expected to be "r", "rw", or "")
- * @param keytabFileConfiguration a String containing the keytab's configuration property column data
- * (expected to be the type and name of the configuration property
- * to use to store the keytab file's absolute path in
- * - i.e., config-type/property)
- * @param keytabFileCanCache a String containing a boolean value (true, false) indicating
- * whether the generated keytab can be cached or not
- * @throws IOException
- */
- public void addRecord(String hostName, String serviceName, String serviceComponentName,
- String principal, String principalType, String principalConfiguration,
- String keytabFilePath, String keytabFileOwnerName,
- String keytabFileOwnerAccess, String keytabFileGroupName,
- String keytabFileGroupAccess, String keytabFileConfiguration,
- String keytabFileCanCache)
- throws IOException {
- super.appendRecord(hostName,
- serviceName,
- serviceComponentName,
- principal,
- principalType,
- principalConfiguration,
- keytabFilePath,
- keytabFileOwnerName,
- keytabFileOwnerAccess,
- keytabFileGroupName,
- keytabFileGroupAccess,
- keytabFileConfiguration,
- keytabFileCanCache);
- }
-
- @Override
- protected Iterable<String> getHeaderRecord() {
- return Arrays.asList(HOSTNAME,
- SERVICE,
- COMPONENT,
- PRINCIPAL,
- PRINCIPAL_TYPE,
- PRINCIPAL_CONFIGURATION,
- KEYTAB_FILE_PATH,
- KEYTAB_FILE_OWNER_NAME,
- KEYTAB_FILE_OWNER_ACCESS,
- KEYTAB_FILE_GROUP_NAME,
- KEYTAB_FILE_GROUP_ACCESS,
- KEYTAB_FILE_CONFIGURATION,
- KEYTAB_FILE_IS_CACHABLE);
- }
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java
deleted file mode 100644
index cf872ca..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosActionDataFileReader.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.serveraction.kerberos;
-
-import java.io.File;
-import java.io.IOException;
-
-/**
- * KerberosActionDataFileReader is an implementation of a KerberosActionDataFile that is used to
- * read existing KerberosActionDataFiles.
- * <p/>
- * This class encapsulates a {@link org.apache.commons.csv.CSVParser} to read a CSV-formatted file.
- */
-public class KerberosActionDataFileReader extends AbstractKerberosDataFileReader {
-
- /**
- * Creates a new KerberosActionDataFileReader
- * <p/>
- * The file is opened upon creation, so there is no need to manually open it unless manually
- * closed before using.
- *
- * @param file a File declaring where to write the data
- * @throws IOException
- */
- public KerberosActionDataFileReader(File file) throws IOException {
- super(file);
- }
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java
index bbd0f66..82b9225 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFile.java
@@ -22,7 +22,7 @@ package org.apache.ambari.server.serveraction.kerberos;
* KerberosConfigDataFile declares the default data file name and the common record column names
* for the Kerberos configuration data files.
*/
-public class KerberosConfigDataFile {
+public interface KerberosConfigDataFile extends KerberosDataFile {
public static final String DATA_FILE_NAME = "configs.dat";
public static final String CONFIGURATION_TYPE = "config";
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java
deleted file mode 100644
index a10f38e..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileBuilder.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.serveraction.kerberos;
-
-import static org.apache.ambari.server.serveraction.kerberos.KerberosConfigDataFile.*;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.Arrays;
-
-/**
- * KerberosConfigDataFileBuilder is an implementation of a KerberosConfigDataFile that is used to
- * create a new KerberosConfigDataFile.
- * <p/>
- * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file.
- */
-public class KerberosConfigDataFileBuilder extends AbstractKerberosDataFileBuilder {
-
- /**
- * Creates a new KerberosConfigDataFileBuilder
- * <p/>
- * The file is opened upon creation, so there is no need to manually open it unless manually
- * closed before using.
- *
- * @param file a File declaring where to write the data
- * @throws java.io.IOException
- */
- public KerberosConfigDataFileBuilder(File file) throws IOException {
- super(file);
- }
-
-
- /**
- * Appends a new record to the data file
- *
- * @param config a String declaring the relevant configuration type for the key and value
- * @param key a String declaring the key (or property name) with in the relevant configuration type
- * @param value a String containing the value of the configuration property
- * @param operation a String containing the operation to perform, expected "SET" or "REMOVE"
- * @throws java.io.IOException
- */
- public void addRecord(String config, String key, String value, String operation) throws IOException {
- super.appendRecord(config, key, value, operation);
- }
-
- @Override
- protected Iterable<String> getHeaderRecord() {
- return Arrays.asList(CONFIGURATION_TYPE, KEY, VALUE, OPERATION);
- }
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java
index a230814..0c57cdc 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReader.java
@@ -27,7 +27,7 @@ import java.io.IOException;
* <p/>
* This class encapsulates a {@link org.apache.commons.csv.CSVParser} to read a CSV-formatted file.
*/
-public class KerberosConfigDataFileReader extends AbstractKerberosDataFileReader {
+public class KerberosConfigDataFileReader extends AbstractKerberosDataFileReader implements KerberosConfigDataFile{
/**
* Creates a new KerberosConfigDataFileReader
@@ -36,9 +36,9 @@ public class KerberosConfigDataFileReader extends AbstractKerberosDataFileReader
* closed before using.
*
* @param file a File declaring where to write the data
- * @throws java.io.IOException
+ * @throws java.io.IOException if an error occurs while accessing the file
*/
- public KerberosConfigDataFileReader(File file) throws IOException {
+ KerberosConfigDataFileReader(File file) throws IOException {
super(file);
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java
new file mode 100644
index 0000000..8abc7f4
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileReaderFactory.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import com.google.inject.Singleton;
+
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * KerberosConfigDataFileReaderFactory creates KerberosConfigDataFileReader instances.
+ */
+@Singleton
+public class KerberosConfigDataFileReaderFactory {
+ /**
+ * Creates a new KerberosConfigDataFileReader
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @return the created KerberosConfigDataFileReader
+ * @throws java.io.IOException if an error occurs while accessing the file
+ */
+ public KerberosConfigDataFileReader createKerberosConfigDataFileReader(File file) throws IOException {
+ return new KerberosConfigDataFileReader(file);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java
new file mode 100644
index 0000000..3b63269
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriter.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Arrays;
+
+/**
+ * KerberosConfigDataFileWriter is an implementation of a KerberosConfigDataFile that is used to
+ * create a new KerberosConfigDataFileWriter.
+ * <p/>
+ * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file.
+ */
+public class KerberosConfigDataFileWriter extends AbstractKerberosDataFileWriter implements KerberosConfigDataFile {
+
+ /**
+ * Creates a new KerberosConfigDataFileWriter
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @throws java.io.IOException
+ */
+ KerberosConfigDataFileWriter(File file) throws IOException {
+ super(file);
+ }
+
+
+ /**
+ * Appends a new record to the data file
+ *
+ * @param config a String declaring the relevant configuration type for the key and value
+ * @param key a String declaring the key (or property name) with in the relevant configuration type
+ * @param value a String containing the value of the configuration property
+ * @param operation a String containing the operation to perform, expected "SET" or "REMOVE"
+ * @throws java.io.IOException
+ */
+ public void addRecord(String config, String key, String value, String operation) throws IOException {
+ super.appendRecord(config, key, value, operation);
+ }
+
+ @Override
+ protected Iterable<String> getHeaderRecord() {
+ return Arrays.asList(CONFIGURATION_TYPE, KEY, VALUE, OPERATION);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java
new file mode 100644
index 0000000..89b5669
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosConfigDataFileWriterFactory.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import com.google.inject.Singleton;
+
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * KerberosConfigDataFileWriterFactory creates KerberosConfigDataFileWriter instances.
+ */
+@Singleton
+public class KerberosConfigDataFileWriterFactory {
+ /**
+ * Creates a new KerberosConfigDataFileWriter
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @return the created KerberosConfigDataFileWriter
+ * @throws java.io.IOException if an error occurs while accessing the file
+ */
+ public KerberosConfigDataFileWriter createKerberosConfigDataFileWriter(File file) throws IOException {
+ return new KerberosConfigDataFileWriter(file);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java
new file mode 100644
index 0000000..0863982
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosDataFile.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import java.io.IOException;
+
+/**
+ * KerberosDataFile is an interfaced expected to be implemented by all Kerberos data file
+ * implementations
+ */
+public interface KerberosDataFile {
+
+ /**
+ * Opens the data file.
+ * <p/>
+ * This may be called multiple times and the appropriate action should occur depending on if the
+ * file has been previously opened or closed.
+ *
+ * @throws java.io.IOException if an error occurs while opening the file
+ */
+ void open() throws IOException;
+
+ /**
+ * Closes the data file.
+ * <p/>
+ * This may be called multiple times and the appropriate action should occur depending on if the
+ * file has been previously opened or closed.
+ *
+ * @throws java.io.IOException if an error occurs while closing the file
+ */
+ void close() throws IOException;
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java
new file mode 100644
index 0000000..3c14627
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFile.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+/**
+ * KerberosIdentityDataFile declares the default data file name and the common record column names
+ * for the Kerberos action (metadata) data files.
+ */
+public interface KerberosIdentityDataFile extends KerberosDataFile {
+ public static final String DATA_FILE_NAME = "identity.dat";
+
+ public static final String HOSTNAME = "hostname";
+ public static final String SERVICE = "service";
+ public static final String COMPONENT = "component";
+ public static final String PRINCIPAL = "principal";
+ public static final String PRINCIPAL_TYPE = "principal_type";
+ public static final String KEYTAB_FILE_PATH = "keytab_file_path";
+ public static final String KEYTAB_FILE_OWNER_NAME = "keytab_file_owner_name";
+ public static final String KEYTAB_FILE_OWNER_ACCESS = "keytab_file_owner_access";
+ public static final String KEYTAB_FILE_GROUP_NAME = "keytab_file_group_name";
+ public static final String KEYTAB_FILE_GROUP_ACCESS = "keytab_file_group_access";
+ public static final String KEYTAB_FILE_IS_CACHABLE = "keytab_file_is_cachable";
+
+
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java
new file mode 100644
index 0000000..0a49407
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReader.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * KerberosIdentityDataFileReader is an implementation of an AbstractKerberosDataFileReader that is
+ * used to read existing Kerberos identity data files.
+ * <p/>
+ * This class encapsulates a {@link org.apache.commons.csv.CSVParser} to read a CSV-formatted file.
+ */
+public class KerberosIdentityDataFileReader extends AbstractKerberosDataFileReader implements KerberosIdentityDataFile {
+
+ /**
+ * Creates a new KerberosIdentityDataFileReader
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @throws java.io.IOException if an error occurs while accessing the file
+ */
+ KerberosIdentityDataFileReader(File file) throws IOException {
+ super(file);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java
new file mode 100644
index 0000000..3c75466
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileReaderFactory.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import com.google.inject.Singleton;
+
+import java.io.File;
+import java.io.IOException;
+
+/**
+ * KerberosIdentityDataFileReaderFactory creates KerberosIdentityDataFileReader instances.
+ */
+@Singleton
+public class KerberosIdentityDataFileReaderFactory {
+
+ /**
+ * Creates a new KerberosIdentityDataFileReader
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @return the created KerberosIdentityDataFileReader
+ * @throws java.io.IOException if an error occurs while accessing the file
+ */
+ public KerberosIdentityDataFileReader createKerberosIdentityDataFileReader(File file) throws IOException {
+ return new KerberosIdentityDataFileReader(file);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/fe39b646/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java
new file mode 100644
index 0000000..f55c6f4
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosIdentityDataFileWriter.java
@@ -0,0 +1,100 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Arrays;
+
+/**
+ * KerberosIdentityDataFileWriter is an implementation of an AbstractKerberosDataFileWriter that
+ * is used to create a new Kerberos identity data file.
+ * <p/>
+ * This class encapsulates a {@link org.apache.commons.csv.CSVPrinter} to create a CSV-formatted file.
+ */
+public class KerberosIdentityDataFileWriter extends AbstractKerberosDataFileWriter implements KerberosIdentityDataFile {
+
+ /**
+ * Creates a new KerberosIdentityDataFileWriter
+ * <p/>
+ * The file is opened upon creation, so there is no need to manually open it unless manually
+ * closed before using.
+ *
+ * @param file a File declaring where to write the data
+ * @throws IOException
+ */
+ KerberosIdentityDataFileWriter(File file) throws IOException {
+ super(file);
+ }
+
+
+ /**
+ * Appends a new record to the data file
+ *
+ * @param hostName a String containing the hostname column data
+ * @param serviceName a String containing the service name column data
+ * @param serviceComponentName a String containing the component name column data
+ * @param principal a String containing the (raw, non-evaluated) principal "pattern"
+ * column data
+ * @param principalType a String declaring the principal type - expecting "service" or "user"
+ * @param keytabFilePath a String containing the destination keytab file path column data
+ * @param keytabFileOwnerName a String containing the keytab file owner name column data
+ * @param keytabFileOwnerAccess a String containing the keytab file owner access column data
+ * (expected to be "r" or "rw")
+ * @param keytabFileGroupName a String containing the keytab file group name column data
+ * @param keytabFileGroupAccess a String containing the keytab file group access column data
+ * (expected to be "r", "rw", or "")
+ * @param keytabFileCanCache a String containing a boolean value (true, false) indicating
+ * whether the generated keytab can be cached or not
+ * @throws IOException
+ */
+ public void writeRecord(String hostName, String serviceName, String serviceComponentName,
+ String principal, String principalType,
+ String keytabFilePath, String keytabFileOwnerName,
+ String keytabFileOwnerAccess, String keytabFileGroupName,
+ String keytabFileGroupAccess, String keytabFileCanCache)
+ throws IOException {
+ super.appendRecord(hostName,
+ serviceName,
+ serviceComponentName,
+ principal,
+ principalType,
+ keytabFilePath,
+ keytabFileOwnerName,
+ keytabFileOwnerAccess,
+ keytabFileGroupName,
+ keytabFileGroupAccess,
+ keytabFileCanCache);
+ }
+
+ @Override
+ protected Iterable<String> getHeaderRecord() {
+ return Arrays.asList(HOSTNAME,
+ SERVICE,
+ COMPONENT,
+ PRINCIPAL,
+ PRINCIPAL_TYPE,
+ KEYTAB_FILE_PATH,
+ KEYTAB_FILE_OWNER_NAME,
+ KEYTAB_FILE_OWNER_ACCESS,
+ KEYTAB_FILE_GROUP_NAME,
+ KEYTAB_FILE_GROUP_ACCESS,
+ KEYTAB_FILE_IS_CACHABLE);
+ }
+}