Return-Path: X-Original-To: apmail-ambari-commits-archive@www.apache.org Delivered-To: apmail-ambari-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C1B2D18AAB for ; Tue, 21 Jul 2015 12:35:39 +0000 (UTC) Received: (qmail 49785 invoked by uid 500); 21 Jul 2015 12:35:33 -0000 Delivered-To: apmail-ambari-commits-archive@ambari.apache.org Received: (qmail 49757 invoked by uid 500); 21 Jul 2015 12:35:33 -0000 Mailing-List: contact commits-help@ambari.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ambari-dev@ambari.apache.org Delivered-To: mailing list commits@ambari.apache.org Received: (qmail 49748 invoked by uid 99); 21 Jul 2015 12:35:33 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 21 Jul 2015 12:35:33 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 45A3EE0009; Tue, 21 Jul 2015 12:35:33 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: rlevas@apache.org To: commits@ambari.apache.org Message-Id: <25cf0e740cf54769baf5ce11ffd0677c@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: ambari git commit: AMBARI-12450. Kerberos: ServiceResourceProvider queries for KDC connectivity when not needed (rlevas) Date: Tue, 21 Jul 2015 12:35:33 +0000 (UTC) Repository: ambari Updated Branches: refs/heads/trunk e6ada901a -> 78286e21a AMBARI-12450. Kerberos: ServiceResourceProvider queries for KDC connectivity when not needed (rlevas) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/78286e21 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/78286e21 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/78286e21 Branch: refs/heads/trunk Commit: 78286e21aa35e13e05ecc3a552579c42842cc800 Parents: e6ada90 Author: Robert Levas Authored: Tue Jul 21 08:35:17 2015 -0400 Committer: Robert Levas Committed: Tue Jul 21 08:35:17 2015 -0400 ---------------------------------------------------------------------- .../controller/internal/BaseProvider.java | 4 +- .../internal/ServiceResourceProvider.java | 60 ++++++++++------- .../internal/ServiceResourceProviderTest.java | 71 ++++++++++++++++++++ 3 files changed, 107 insertions(+), 28 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/78286e21/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BaseProvider.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BaseProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BaseProvider.java index ca5e70e..9024a7e 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BaseProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/BaseProvider.java @@ -384,7 +384,7 @@ public abstract class BaseProvider { * * @return true if the given property is a category for any of the requested ids */ - private static boolean isPropertyEntryRequested(String propertyId, Set requestedIds) { + protected static boolean isPropertyEntryRequested(String propertyId, Set requestedIds) { for (String requestedId : requestedIds) { if (requestedId.startsWith(propertyId)) { return true; @@ -403,7 +403,7 @@ public abstract class BaseProvider { * * @return true if the given property's category is part of the given set of requested ids */ - private static boolean isPropertyCategoryRequested(String propertyId, Set requestedIds) { + protected static boolean isPropertyCategoryRequested(String propertyId, Set requestedIds) { String category = PropertyHelper.getPropertyCategory(propertyId); while (category != null ) { if (requestedIds.contains(category)) { http://git-wip-us.apache.org/repos/asf/ambari/blob/78286e21/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java index a13bbd3..a79c04b 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/ServiceResourceProvider.java @@ -89,6 +89,8 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider public static final String SERVICE_SERVICE_STATE_PROPERTY_ID = PropertyHelper.getPropertyId("ServiceInfo", "state"); public static final String SERVICE_MAINTENANCE_STATE_PROPERTY_ID = PropertyHelper.getPropertyId("ServiceInfo", "maintenance_state"); + public static final String SERVICE_ATTRIBUTES_PROPERTY_ID = PropertyHelper.getPropertyId("Services", "attributes"); + //Parameters from the predicate private static final String QUERY_PARAMETERS_RUN_SMOKE_TEST_ID = "params/run_smoke_test"; @@ -200,7 +202,7 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider response.getMaintenanceState(), requestedIds); Map serviceSpecificProperties = getServiceSpecificProperties( - response.getClusterName(), response.getServiceName()); + response.getClusterName(), response.getServiceName(), requestedIds); for (Map.Entry entry : serviceSpecificProperties.entrySet()) { setResourceProperty(resource, entry.getKey(), entry.getValue(), requestedIds); @@ -1387,35 +1389,41 @@ public class ServiceResourceProvider extends AbstractControllerResourceProvider * * @param clusterName cluster name * @param serviceName service name + * @param requestedIds relevant request property ids */ - private Map getServiceSpecificProperties(String clusterName, String serviceName) { + private Map getServiceSpecificProperties(String clusterName, String serviceName, Set requestedIds) { Map serviceSpecificProperties = new HashMap(); if (serviceName.equals("KERBEROS")) { - Map kerberosAttributes = new HashMap(); - String kdcValidationResult = "OK"; - String failureDetails = ""; - try { - kerberosHelper.validateKDCCredentials( - getManagementController().getClusters().getCluster(clusterName)); - - } catch (KerberosInvalidConfigurationException e) { - kdcValidationResult = "INVALID_CONFIGURATION"; - failureDetails = e.getMessage(); - } catch (KerberosAdminAuthenticationException e) { - kdcValidationResult = "INVALID_CREDENTIALS"; - failureDetails = e.getMessage(); - } catch (KerberosMissingAdminCredentialsException e) { - kdcValidationResult = "MISSING_CREDENTIALS"; - failureDetails = e.getMessage(); - } catch (AmbariException e) { - kdcValidationResult = "VALIDATION_ERROR"; - failureDetails = e.getMessage(); - } + // Only include details on whether the KDC administrator credentials are set and correct if + // implicitly (Service/attributes) or explicitly (Service/attributes/kdc_...) queried + if (requestedIds.contains(SERVICE_ATTRIBUTES_PROPERTY_ID) || + isPropertyCategoryRequested(SERVICE_ATTRIBUTES_PROPERTY_ID, requestedIds) || + isPropertyEntryRequested(SERVICE_ATTRIBUTES_PROPERTY_ID, requestedIds)) { + Map kerberosAttributes = new HashMap(); + String kdcValidationResult = "OK"; + String failureDetails = ""; + try { + kerberosHelper.validateKDCCredentials( + getManagementController().getClusters().getCluster(clusterName)); + + } catch (KerberosInvalidConfigurationException e) { + kdcValidationResult = "INVALID_CONFIGURATION"; + failureDetails = e.getMessage(); + } catch (KerberosAdminAuthenticationException e) { + kdcValidationResult = "INVALID_CREDENTIALS"; + failureDetails = e.getMessage(); + } catch (KerberosMissingAdminCredentialsException e) { + kdcValidationResult = "MISSING_CREDENTIALS"; + failureDetails = e.getMessage(); + } catch (AmbariException e) { + kdcValidationResult = "VALIDATION_ERROR"; + failureDetails = e.getMessage(); + } - kerberosAttributes.put("kdc_validation_result", kdcValidationResult); - kerberosAttributes.put("kdc_validation_failure_details", failureDetails); - serviceSpecificProperties.put(PropertyHelper.getPropertyId( - "Services", "attributes"), kerberosAttributes); + kerberosAttributes.put("kdc_validation_result", kdcValidationResult); + kerberosAttributes.put("kdc_validation_failure_details", failureDetails); + serviceSpecificProperties.put(SERVICE_ATTRIBUTES_PROPERTY_ID, kerberosAttributes); + } } return serviceSpecificProperties; http://git-wip-us.apache.org/repos/asf/ambari/blob/78286e21/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ServiceResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ServiceResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ServiceResourceProviderTest.java index 9ec1610..2460789 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ServiceResourceProviderTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/ServiceResourceProviderTest.java @@ -334,6 +334,77 @@ public class ServiceResourceProviderTest { } @Test + public void testGetResources_KerberosSpecificProperties_NoKDCValidation() throws Exception{ + AmbariManagementController managementController = createMock(AmbariManagementController.class); + Clusters clusters = createNiceMock(Clusters.class); + Cluster cluster = createNiceMock(Cluster.class); + Service service0 = createNiceMock(Service.class); + ServiceResponse serviceResponse0 = createNiceMock(ServiceResponse.class); + + StackId stackId = createNiceMock(StackId.class); + ServiceFactory serviceFactory = createNiceMock(ServiceFactory.class); + AmbariMetaInfo ambariMetaInfo = createNiceMock(AmbariMetaInfo.class); + KerberosHelper kerberosHelper = createStrictMock(KerberosHelper.class); + + Map allResponseMap = new HashMap(); + allResponseMap.put("KERBEROS", service0); + + // set expectations + expect(managementController.getClusters()).andReturn(clusters).anyTimes(); + expect(managementController.getAmbariMetaInfo()).andReturn(ambariMetaInfo).anyTimes(); + expect(managementController.getServiceFactory()).andReturn(serviceFactory).anyTimes(); + expect(managementController.getHostComponents((Set) anyObject())). + andReturn(Collections.emptySet()).anyTimes(); + + expect(clusters.getCluster("Cluster100")).andReturn(cluster).anyTimes(); + + expect(cluster.getServices()).andReturn(allResponseMap).anyTimes(); + expect(cluster.getService("KERBEROS")).andReturn(service0); + + expect(service0.convertToResponse()).andReturn(serviceResponse0).anyTimes(); + + expect(service0.getName()).andReturn("Service100").anyTimes(); + + expect(serviceResponse0.getClusterName()).andReturn("Cluster100").anyTimes(); + expect(serviceResponse0.getServiceName()).andReturn("KERBEROS").anyTimes(); + + // The following call should NOT be made + // kerberosHelper.validateKDCCredentials(cluster); + + // replay + replay(managementController, clusters, cluster, service0, serviceResponse0, + ambariMetaInfo, stackId, serviceFactory, kerberosHelper); + + ResourceProvider provider = getServiceProvider(managementController); + // set kerberos helper on provider + Class c = provider.getClass(); + Field f = c.getDeclaredField("kerberosHelper"); + f.setAccessible(true); + f.set(provider, kerberosHelper); + + Set propertyIds = new HashSet(); + + propertyIds.add(ServiceResourceProvider.SERVICE_CLUSTER_NAME_PROPERTY_ID); + propertyIds.add(ServiceResourceProvider.SERVICE_SERVICE_NAME_PROPERTY_ID); + + // create the request + Predicate predicate = new PredicateBuilder().property(ServiceResourceProvider.SERVICE_CLUSTER_NAME_PROPERTY_ID).equals("Cluster100").and(). + property(ServiceResourceProvider.SERVICE_SERVICE_NAME_PROPERTY_ID).equals("KERBEROS").toPredicate(); + Request request = PropertyHelper.getReadRequest("ServiceInfo"); + Set resources = provider.getResources(request, predicate); + + Assert.assertEquals(1, resources.size()); + for (Resource resource : resources) { + Assert.assertEquals("Cluster100", resource.getPropertyValue(ServiceResourceProvider.SERVICE_CLUSTER_NAME_PROPERTY_ID)); + Assert.assertEquals("KERBEROS", resource.getPropertyValue(ServiceResourceProvider.SERVICE_SERVICE_NAME_PROPERTY_ID)); + } + + // verify + verify(managementController, clusters, cluster, service0, serviceResponse0, + ambariMetaInfo, stackId, serviceFactory, kerberosHelper); + } + + @Test public void testGetResources_KerberosSpecificProperties_KDCInvalidCredentials() throws Exception{ AmbariManagementController managementController = createMock(AmbariManagementController.class); Clusters clusters = createNiceMock(Clusters.class);