ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas" <rle...@hortonworks.com>
Subject Review Request 34643: Kerberos: Creating principals in AD when special characters are involved causes failures
Date Sun, 24 May 2015 14:23:39 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34643/
-----------------------------------------------------------

Review request for Ambari, Emil Anca, Robert Nettleton, and Tom Beerbower.


Bugs: AMBARI-11362
    https://issues.apache.org/jira/browse/AMBARI-11362


Repository: ambari


Description
-------

Creating principals in AD when special characters are involved causes failures.

The following characters in the CN need to be escaped:
```
/ , \ # + < > ; " =
```

*Note:* javax.naming.ldap.Rdn will properly escape relative distinguished name parts.


The following characters in the sAMAccountName need to be removed or replaced:
```
[ ] : ; | = + * ? < > / \
```

*Note:* This needs to be done explicitly within the attributes set if a relevant entry exists.
```
// Replace the following _illegal_ characters: [ ] : ; | = + * ? < > / \
value = value.toString().replaceAll("\[|\]|\:|\;|\||\=|\+|\*|\?|\<|\>|\/|\\", "_");
```


Diffs
-----

  ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandler.java
38a7563 
  ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java
48bf473 

Diff: https://reviews.apache.org/r/34643/diff/


Testing
-------

Manually tested using different special characters in the CN and spaces in the container DN.


Thanks,

Robert Levas


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message