ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nc...@apache.org
Subject [49/50] [abbrv] ambari git commit: AMBARI-14516. Failed to deploy Kerberized cluster via blueprint with custom principal name (rlevas)
Date Mon, 04 Jan 2016 21:38:42 GMT
AMBARI-14516. Failed to deploy Kerberized cluster via blueprint with custom principal name
(rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7a9e6243
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7a9e6243
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7a9e6243

Branch: refs/heads/branch-dev-patch-upgrade
Commit: 7a9e6243bdbd1deca16c447ce48701a3be3adde3
Parents: 32c8cfa
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Mon Jan 4 15:16:46 2016 -0500
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Mon Jan 4 15:16:46 2016 -0500

----------------------------------------------------------------------
 .../server/controller/KerberosHelperImpl.java   | 11 ++-
 .../HostKerberosIdentityResourceProvider.java   |  9 ++-
 .../kerberos/KerberosPrincipalDescriptor.java   | 13 ++--
 .../state/kerberos/KerberosPrincipalType.java   | 22 +++++-
 .../KerberosPrincipalDescriptorTest.java        | 73 ++++++++++++++++++++
 5 files changed, 116 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/7a9e6243/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
index ef9cab6..566e83c 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
@@ -823,7 +823,7 @@ public class KerberosHelperImpl implements KerberosHelper {
 
           if (principalDescriptor != null) {
             principal = variableReplacementHelper.replaceVariables(principalDescriptor.getValue(),
configurations);
-            principalType = principalDescriptor.getType().name().toLowerCase();
+            principalType = KerberosPrincipalType.translate(principalDescriptor.getType());
             principalConfiguration = variableReplacementHelper.replaceVariables(principalDescriptor.getConfiguration(),
configurations);
           }
 
@@ -956,9 +956,16 @@ public class KerberosHelperImpl implements KerberosHelper {
                 String uniqueKey = String.format("%s|%s", principal, (keytabFile == null)
? "" : keytabFile);
 
                 if (!hostActiveIdentities.containsKey(uniqueKey)) {
+                  KerberosPrincipalType principalType = principalDescriptor.getType();
+
+                  // Assume the principal is a service principal if not specified
+                  if(principalType == null) {
+                    principalType = KerberosPrincipalType.SERVICE;
+                  }
+
                   KerberosPrincipalDescriptor resolvedPrincipalDescriptor =
                       new KerberosPrincipalDescriptor(principal,
-                          principalDescriptor.getType(),
+                          principalType,
                           variableReplacementHelper.replaceVariables(principalDescriptor.getConfiguration(),
configurations),
                           variableReplacementHelper.replaceVariables(principalDescriptor.getLocalUsername(),
configurations));
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/7a9e6243/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProvider.java
index c76ae6c..5ed5f35 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProvider.java
@@ -37,6 +37,7 @@ import org.apache.ambari.server.orm.entities.HostEntity;
 import org.apache.ambari.server.state.kerberos.KerberosIdentityDescriptor;
 import org.apache.ambari.server.state.kerberos.KerberosKeytabDescriptor;
 import org.apache.ambari.server.state.kerberos.KerberosPrincipalDescriptor;
+import org.apache.ambari.server.state.kerberos.KerberosPrincipalType;
 
 import java.text.DecimalFormat;
 import java.util.Collection;
@@ -178,12 +179,18 @@ public class HostKerberosIdentityResourceProvider extends ReadOnlyResourceProvid
 
                   if ((principal != null) && !principal.isEmpty()) {
                     Resource resource = new ResourceImpl(Resource.Type.HostKerberosIdentity);
+                    KerberosPrincipalType principalType = principalDescriptor.getType();
+
+                    // Assume the principal is a service principal if not specified
+                    if(principalType == null) {
+                      principalType = KerberosPrincipalType.SERVICE;
+                    }
 
                     setResourceProperty(resource, KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID,
clusterName, requestPropertyIds);
                     setResourceProperty(resource, KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID,
currentHostName, requestPropertyIds);
 
                     setResourceProperty(resource, KERBEROS_IDENTITY_PRINCIPAL_NAME_PROPERTY_ID,
principal, requestPropertyIds);
-                    setResourceProperty(resource, KERBEROS_IDENTITY_PRINCIPAL_TYPE_PROPERTY_ID,
principalDescriptor.getType(), requestPropertyIds);
+                    setResourceProperty(resource, KERBEROS_IDENTITY_PRINCIPAL_TYPE_PROPERTY_ID,
principalType, requestPropertyIds);
                     setResourceProperty(resource, KERBEROS_IDENTITY_PRINCIPAL_LOCAL_USERNAME_PROPERTY_ID,
principalDescriptor.getLocalUsername(), requestPropertyIds);
 
                     String installedStatus;

http://git-wip-us.apache.org/repos/asf/ambari/blob/7a9e6243/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
index 09f6872..0156e4a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptor.java
@@ -73,7 +73,7 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor
{
    * <p/>
    * Expecting either "service" or "user"
    */
-  private KerberosPrincipalType type = KerberosPrincipalType.SERVICE;
+  private KerberosPrincipalType type = null;
 
   /**
    * A string declaring configuration type and property name indicating the property to be
updated
@@ -109,7 +109,7 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor
{
     // The name for this KerberosPrincipalDescriptor is stored in the "value" entry in the
map
     // This is not automatically set by the super classes.
     setName(principal);
-    setType((type == null) ? KerberosPrincipalType.SERVICE : type);
+    setType(type);
     setConfiguration(configuration);
     setLocalUsername(localUsername);
   }
@@ -270,7 +270,7 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor
{
     Map<String, Object> map = new HashMap<String, Object>();
 
     map.put("value", getValue());
-    map.put("type", getType().name().toLowerCase());
+    map.put("type", KerberosPrincipalType.translate(getType()));
     map.put("configuration", getConfiguration());
     map.put("local_username", getLocalUsername());
 
@@ -314,19 +314,16 @@ public class KerberosPrincipalDescriptor extends AbstractKerberosDescriptor
{
 
   /**
    * Translates a string value representing a principal type to a KerberosPrincipalType.
-   * <p/>
-   * If no value is supplied for the key or a translation cannot be made then KerberosPrincipalType.SERVICE
-   * is assumed.
    *
    * @param map a Map containing the relevant data
    * @param key a String declaring the item to retrieve
-   * @return a KerberosPrincipalType
+   * @return a KerberosPrincipalType, or null is not specified in the map
    * @throws IllegalArgumentException if the principal type value is not one of the expected
types.
    */
   private static KerberosPrincipalType getKerberosPrincipalTypeValue(Map<?, ?> map,
String key) {
     String type = getStringValue(map, key);
     if ((type == null) || type.isEmpty()) {
-      return KerberosPrincipalType.SERVICE;
+      return null;
     } else {
       return KerberosPrincipalType.valueOf(type.toUpperCase());
     }

http://git-wip-us.apache.org/repos/asf/ambari/blob/7a9e6243/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalType.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalType.java
b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalType.java
index e192be0..677be82 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalType.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalType.java
@@ -35,5 +35,25 @@ public enum KerberosPrincipalType {
    * <p/>
    * Typically in the form <code>service/host@REALM</code>.
    */
-  SERVICE
+  SERVICE;
+
+  public static KerberosPrincipalType translate(String string) {
+    if(string == null)
+      return null;
+    else {
+      string = string.trim();
+
+      if(string.isEmpty())
+        return null;
+      else {
+        return valueOf(string.toUpperCase());
+      }
+    }
+  }
+
+  public static String translate(KerberosPrincipalType type) {
+    return (type == null)
+        ? null
+        : type.name().toLowerCase();
+  }
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/7a9e6243/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
index 9a4a042..5c249e2 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/kerberos/KerberosPrincipalDescriptorTest.java
@@ -34,6 +34,11 @@ public class KerberosPrincipalDescriptorTest {
           "\"local_username\": \"localUser\"" +
           "}";
 
+  public static final String JSON_VALUE_SPARSE =
+      "{" +
+          "\"value\": \"serviceOther/_HOST@_REALM\"" +
+          "}";
+
   public static final Map<String, Object> MAP_VALUE =
       new HashMap<String, Object>() {
         {
@@ -44,6 +49,13 @@ public class KerberosPrincipalDescriptorTest {
         }
       };
 
+  public static final Map<String, Object> MAP_VALUE_SPARSE =
+      new HashMap<String, Object>() {
+        {
+          put("value", "userOther@_REALM");
+        }
+      };
+
   public static void validateFromJSON(KerberosPrincipalDescriptor principalDescriptor) {
     Assert.assertNotNull(principalDescriptor);
     Assert.assertFalse(principalDescriptor.isContainer());
@@ -77,10 +89,21 @@ public class KerberosPrincipalDescriptorTest {
     return new KerberosPrincipalDescriptor(map);
   }
 
+  private static KerberosPrincipalDescriptor createFromJSONSparse() {
+    Map<?, ?> map = new Gson().fromJson(JSON_VALUE_SPARSE,
+        new TypeToken<Map<?, ?>>() {
+        }.getType());
+    return new KerberosPrincipalDescriptor(map);
+  }
+
   private static KerberosPrincipalDescriptor createFromMap() {
     return new KerberosPrincipalDescriptor(MAP_VALUE);
   }
 
+  private static KerberosPrincipalDescriptor createFromMapSparse() {
+    return new KerberosPrincipalDescriptor(MAP_VALUE_SPARSE);
+  }
+
   @Test
   public void testJSONDeserialize() {
     validateFromJSON(createFromJSON());
@@ -116,4 +139,54 @@ public class KerberosPrincipalDescriptorTest {
 
     validateUpdatedData(principalDescriptor);
   }
+
+  @Test
+  public void testUpdateSparse() {
+    KerberosPrincipalDescriptor principalDescriptor;
+    KerberosPrincipalDescriptor updatedPrincipalDescriptor;
+
+    /* ****************************************
+     * Test updating a service principal
+     * **************************************** */
+    principalDescriptor = createFromJSON();
+    updatedPrincipalDescriptor = createFromJSONSparse();
+
+    Assert.assertNotNull(principalDescriptor);
+    Assert.assertNotNull(updatedPrincipalDescriptor);
+
+    // The original value
+    Assert.assertEquals("service/_HOST@_REALM", principalDescriptor.getValue());
+    Assert.assertEquals("service-site/service.component.kerberos.principal", principalDescriptor.getConfiguration());
+    Assert.assertEquals(KerberosPrincipalType.SERVICE, principalDescriptor.getType());
+    Assert.assertEquals("localUser", principalDescriptor.getLocalUsername());
+
+    principalDescriptor.update(updatedPrincipalDescriptor);
+
+    // The updated value
+    Assert.assertEquals("serviceOther/_HOST@_REALM", principalDescriptor.getValue());
+    Assert.assertEquals("service-site/service.component.kerberos.principal", principalDescriptor.getConfiguration());
+    Assert.assertEquals(KerberosPrincipalType.SERVICE, principalDescriptor.getType());
+    Assert.assertEquals("localUser", principalDescriptor.getLocalUsername());
+
+    /* ****************************************
+     * Test updating a user principal
+     * **************************************** */
+    principalDescriptor = createFromMap();
+    updatedPrincipalDescriptor = createFromMapSparse();
+
+    Assert.assertNotNull(principalDescriptor);
+    Assert.assertNotNull(updatedPrincipalDescriptor);
+
+    Assert.assertEquals("user@_REALM", principalDescriptor.getValue());
+    Assert.assertEquals("service-site/service.component.kerberos.https.principal", principalDescriptor.getConfiguration());
+    Assert.assertEquals(KerberosPrincipalType.USER, principalDescriptor.getType());
+    Assert.assertNull(principalDescriptor.getLocalUsername());
+
+    principalDescriptor.update(updatedPrincipalDescriptor);
+
+    Assert.assertEquals("userOther@_REALM", principalDescriptor.getValue());
+    Assert.assertEquals("service-site/service.component.kerberos.https.principal", principalDescriptor.getConfiguration());
+    Assert.assertEquals(KerberosPrincipalType.USER, principalDescriptor.getType());
+    Assert.assertNull(principalDescriptor.getLocalUsername());
+  }
 }
\ No newline at end of file


Mime
View raw message