You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "Robert Levas (JIRA)" <ji...@apache.org> on 2017/09/20 17:27:00 UTC
[jira] [Updated] (AMBARI-21919) Kerberos identity references should
use the "reference" attribute
[ https://issues.apache.org/jira/browse/AMBARI-21919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-21919:
----------------------------------
Status: Patch Available (was: In Progress)
> Kerberos identity references should use the "reference" attribute
> -----------------------------------------------------------------
>
> Key: AMBARI-21919
> URL: https://issues.apache.org/jira/browse/AMBARI-21919
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.4.0
> Reporter: Robert Levas
> Assignee: Robert Levas
> Labels: kerberos_descriptor
> Fix For: 2.6.0
>
> Attachments: AMBARI-21919_branch-2.6_01.patch, AMBARI-21919_trunk_01.patch
>
>
> Kerberos identity references should use the "reference" attribute rather than rely on the "name" attribute to indicate the identity descriptor references some other identity descriptor.
> Either method should work on the backend, however the UI appears to not fully handle the "named" reference properly.
> The solution is to change
> {code}
> {
> "name": "/HDFS/NAMENODE/namenode_nn",
> "principal": {
> "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal"
> },
> "keytab": {
> "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab"
> }
> }
> {code}
> by changing the "name" attribute to "reference" and adding a new "name" reference with a unique name relative to the scope of the identity descriptor. For example:
> {code}
> {
> "name":"ranger_hdfs_audit"
> "reference": "/HDFS/NAMENODE/namenode_nn",
> "principal": {
> "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal"
> },
> "keytab": {
> "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab"
> }
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)