[ambari] branch trunk updated: AMBARI-22697. Throw exception when keytab creation fails due to wrong configuration of key encryption types

[rl...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

rlevas pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new b434663  AMBARI-22697. Throw exception when keytab creation fails due to wrong configuration of key encryption types
b434663 is described below

commit b434663cc8f15852b11b8e8607b105f71c360832
Author: Akira Ajisaka <aa...@apache.org>
AuthorDate: Tue Jan 16 14:50:31 2018 +0900

    AMBARI-22697. Throw exception when keytab creation fails due to wrong configuration of key encryption types
---
 .../serveraction/kerberos/KerberosOperationHandler.java    | 14 ++++++++++++--
 .../kerberos/KerberosOperationHandlerTest.java             |  6 ++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java
index 948fd60..a159880 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java
@@ -800,7 +800,12 @@ public abstract class KerberosOperationHandler {
       encryptionTypes = ENCRYPTION_TYPE_TRANSLATION_MAP.get(name.toLowerCase());
     }
 
-    return (encryptionTypes == null) ? Collections.emptySet() : encryptionTypes;
+    if (encryptionTypes == null) {
+      LOG.warn("The given encryption type name ({}) is not supported.", name);
+      return Collections.emptySet();
+    }
+
+    return encryptionTypes;
   }
 
   /**
@@ -810,8 +815,10 @@ public abstract class KerberosOperationHandler {
    * @param names     a String containing a delimited list of encryption type names
    * @param delimiter a String declaring the delimiter to use to split names, if null, " " is used.
    * @return a Set of EncryptionType values
+   * @throws KerberosOperationException When all the encryption type names are not supported
    */
-  protected Set<EncryptionType> translateEncryptionTypes(String names, String delimiter) {
+  protected Set<EncryptionType> translateEncryptionTypes(String names, String delimiter)
+      throws KerberosOperationException {
     Set<EncryptionType> encryptionTypes = new HashSet<>();
 
     if (!StringUtils.isEmpty(names)) {
@@ -820,6 +827,9 @@ public abstract class KerberosOperationHandler {
       }
     }
 
+    if (encryptionTypes.isEmpty()) {
+      throw new KerberosOperationException("All the encryption type names you set are not supported. Aborting.");
+    }
     return encryptionTypes;
   }
 
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.java
index 9d1e8e0..5a0ca79 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.java
@@ -351,6 +351,12 @@ public abstract class KerberosOperationHandlerTest extends EasyMockSupport {
     );
   }
 
+  @Test(expected = KerberosOperationException.class)
+  public void testTranslateWrongEncryptionTypes() throws Exception {
+    KerberosOperationHandler handler = createHandler();
+    handler.translateEncryptionTypes("aes-255", " ");
+  }
+
   @Test
   public void testEscapeCharacters() throws KerberosOperationException {
     KerberosOperationHandler handler = createHandler();

-- 
To stop receiving notification emails like this one, please contact
['"commits@ambari.apache.org" <co...@ambari.apache.org>'].