ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rle...@apache.org
Subject ambari git commit: AMBARI-16009. Regenerating keytabs on re-imaged hosts results in error during 'Creating Principals' (rlevas)
Date Thu, 21 Apr 2016 17:59:24 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 5b5bf1a34 -> 783b4d392


AMBARI-16009. Regenerating keytabs on re-imaged hosts results in error during 'Creating Principals'
(rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/783b4d39
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/783b4d39
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/783b4d39

Branch: refs/heads/trunk
Commit: 783b4d39213b5819037f4eb707754a32eb722b71
Parents: 5b5bf1a
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Thu Apr 21 13:59:18 2016 -0400
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Thu Apr 21 13:59:18 2016 -0400

----------------------------------------------------------------------
 .../kerberos/MITKerberosOperationHandler.java   |  6 +-
 .../MITKerberosOperationHandlerTest.java        | 66 ++++++++++++++++++++
 2 files changed, 70 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/783b4d39/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandler.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandler.java
b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandler.java
index f48052f..57a36d9 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandler.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandler.java
@@ -192,9 +192,10 @@ public class MITKerberosOperationHandler extends KerberosOperationHandler
{
       // If there is data from STDOUT, see if the following string exists:
       //    Principal "<principal>" created
       String stdOut = result.getStdout();
+      String stdErr = result.getStderr();
       if ((stdOut != null) && stdOut.contains(String.format("Principal \"%s\" created",
principal))) {
         return getKeyNumber(principal);
-      } else if ((stdOut != null) && stdOut.contains(String.format("Principal or
policy already exists while creating \"%s\"", principal))) {
+      } else if ((stdErr != null) && stdErr.contains(String.format("Principal or
policy already exists while creating \"%s\"", principal))) {
         throw new KerberosPrincipalAlreadyExistsException(principal);
       } else {
         LOG.error("Failed to execute kadmin query: add_principal -pw \"********\" {} {}\nSTDOUT:
{}\nSTDERR: {}",
@@ -235,9 +236,10 @@ public class MITKerberosOperationHandler extends KerberosOperationHandler
{
       ShellCommandUtil.Result result = invokeKAdmin(String.format("change_password -pw \"%s\"
%s", password, principal));
 
       String stdOut = result.getStdout();
+      String stdErr = result.getStderr();
       if ((stdOut != null) && stdOut.contains(String.format("Password for \"%s\"
changed", principal))) {
         return getKeyNumber(principal);
-      } else if ((stdOut != null) && stdOut.contains("Principal does not exist"))
{
+      } else if ((stdErr != null) && stdErr.contains("Principal does not exist"))
{
         throw new KerberosPrincipalDoesNotExistException(principal);
       } else {
         LOG.error("Failed to execute kadmin query: change_password -pw \"********\" {} \nSTDOUT:
{}\nSTDERR: {}",

http://git-wip-us.apache.org/repos/asf/ambari/blob/783b4d39/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java
index d15db17..36a4381 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java
@@ -117,6 +117,39 @@ public class MITKerberosOperationHandlerTest extends KerberosOperationHandlerTes
     }
   }
 
+  @Test(expected = KerberosPrincipalDoesNotExistException.class)
+  public void testSetPrincipalPasswordPrincipalDoesNotExist() throws Exception {
+    MITKerberosOperationHandler handler = createMockBuilder(MITKerberosOperationHandler.class)
+        .addMockedMethod(KerberosOperationHandler.class.getDeclaredMethod("executeCommand",
String[].class))
+        .createNiceMock();
+
+    expect(handler.executeCommand(anyObject(String[].class)))
+        .andAnswer(new IAnswer<ShellCommandUtil.Result>() {
+          @Override
+          public ShellCommandUtil.Result answer() throws Throwable {
+            ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class);
+
+            expect(result.getExitCode()).andReturn(0).anyTimes();
+            expect(result.isSuccessful()).andReturn(true).anyTimes();
+            expect(result.getStderr())
+                .andReturn("change_password: Principal does not exist while changing password
for \"nonexistant@EXAMPLE.COM\".")
+                .anyTimes();
+            expect(result.getStdout())
+                .andReturn("Authenticating as principal admin/admin with password.")
+                .anyTimes();
+
+            replay(result);
+            return result;
+          }
+        });
+
+    replayAll();
+
+    handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD),
DEFAULT_REALM, KERBEROS_ENV_MAP);
+    handler.setPrincipalPassword("nonexistant@EXAMPLE.COM", "password");
+    handler.close();
+  }
+
   @Test
   public void testCreateServicePrincipal_AdditionalAttributes() throws Exception {
     Method invokeKAdmin = MITKerberosOperationHandler.class.getDeclaredMethod("invokeKAdmin",
String.class);
@@ -148,6 +181,39 @@ public class MITKerberosOperationHandlerTest extends KerberosOperationHandlerTes
     Assert.assertTrue(query.getValue().contains(" " + KERBEROS_ENV_MAP.get(MITKerberosOperationHandler.KERBEROS_ENV_KDC_CREATE_ATTRIBUTES)
+ " "));
   }
 
+  @Test(expected = KerberosPrincipalAlreadyExistsException.class)
+  public void testCreatePrincipalPrincipalAlreadyNotExists() throws Exception {
+    MITKerberosOperationHandler handler = createMockBuilder(MITKerberosOperationHandler.class)
+        .addMockedMethod(KerberosOperationHandler.class.getDeclaredMethod("executeCommand",
String[].class))
+        .createNiceMock();
+
+    expect(handler.executeCommand(anyObject(String[].class)))
+        .andAnswer(new IAnswer<ShellCommandUtil.Result>() {
+          @Override
+          public ShellCommandUtil.Result answer() throws Throwable {
+            ShellCommandUtil.Result result = createMock(ShellCommandUtil.Result.class);
+
+            expect(result.getExitCode()).andReturn(0).anyTimes();
+            expect(result.isSuccessful()).andReturn(true).anyTimes();
+            expect(result.getStderr())
+                .andReturn("add_principal: Principal or policy already exists while creating
\"existing@EXAMPLE.COM\".")
+                .anyTimes();
+            expect(result.getStdout())
+                .andReturn("Authenticating as principal admin/admin with password.")
+                .anyTimes();
+
+            replay(result);
+            return result;
+          }
+        });
+
+    replayAll();
+
+    handler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD),
DEFAULT_REALM, KERBEROS_ENV_MAP);
+    handler.createPrincipal("existing@EXAMPLE.COM", "password", false);
+    handler.close();
+  }
+
   @Test
   public void testCreateServicePrincipal_Exceptions() throws Exception {
     MITKerberosOperationHandler handler = new MITKerberosOperationHandler();


Mime
View raw message