You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Prabhu Joseph (JIRA)" <ji...@apache.org> on 2017/06/28 04:53:00 UTC
[jira] [Created] (OOZIE-2972) Server goes inconsistent when prepare
war called with secure without SSL
Prabhu Joseph created OOZIE-2972:
------------------------------------
Summary: Server goes inconsistent when prepare war called with secure without SSL
Key: OOZIE-2972
URL: https://issues.apache.org/jira/browse/OOZIE-2972
Project: Oozie
Issue Type: Bug
Components: security
Affects Versions: 4.3.0
Reporter: Prabhu Joseph
When prepare-war with secure is called by some user by mistake on a Oozie Server which is not configured with SSL causes inconsistent state. Oozie Server runs fine but the oozie clients are failed with Authentication failure status 302. Checking curl verbose, Oozie Server redirects client to https port even though it is not listening. We need to validate the prepare-war command when SSL is not configured instead of going to inconsistent state.
Repro:
{code}
Oozie Server without SSL
/usr/hdp/current/oozie-server/bin/oozie-setup.sh prepare-war -secure
curl -ikv -L --negotiate -u: http://prabhuzeppelin2.openstacklocal:11000/oozie/v1/admin/status
* About to connect() to prabhuzeppelin2.openstacklocal port 11000 (#0)
* Trying 172.26.93.73... connected
* Connected to prabhuzeppelin2.openstacklocal (172.26.93.73) port 11000 (#0)
> GET /oozie/v1/admin/status HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: prabhuzeppelin2.openstacklocal:11000
> Accept: */*
>
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
< Server: Apache-Coyote/1.1
Server: Apache-Coyote/1.1
< Pragma: No-cache
Pragma: No-cache
< Cache-Control: no-cache
Cache-Control: no-cache
< Expires: Thu, 01 Jan 1970 00:00:00 UTC
Expires: Thu, 01 Jan 1970 00:00:00 UTC
< Location: https://prabhuzeppelin2.openstacklocal:11443/oozie/v1/admin/status
Location: https://prabhuzeppelin2.openstacklocal:11443/oozie/v1/admin/status
< Content-Length: 0
Content-Length: 0
< Date: Tue, 27 Jun 2017 11:05:45 GMT
Date: Tue, 27 Jun 2017 11:05:45 GMT
<
* Connection #0 to host prabhuzeppelin2.openstacklocal left intact
* Issue another request to this URL: 'https://prabhuzeppelin2.openstacklocal:11443/oozie/v1/admin/status'
* About to connect() to prabhuzeppelin2.openstacklocal port 11443 (#1)
* Trying 172.26.93.73... Connection refused
* couldn't connect to host
* Closing connection #1
curl: (7) couldn't connect to host
* Closing connection #0
{code}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)