Mailing-List: contact issues-help@ambari.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@ambari.apache.org
Date: Thu, 1 Sep 2016 01:35:20 +0000 (UTC)
From: "Hadoop QA (JIRA)" <jira@apache.org>
To: issues@ambari.apache.org
Message-ID: <JIRA.12995791.1470699516000.464940.1472693720569@Atlassian.JIRA>
In-Reply-To: <JIRA.12995791.1470699516000@Atlassian.JIRA>
References: <JIRA.12995791.1470699516000@Atlassian.JIRA> <JIRA.12995791.1470699516859@arcas>
Subject: [jira] [Commented] (AMBARI-18071) Ambari Files View needs to have
 ability to load security configurations
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
archived-at: Thu, 01 Sep 2016 01:35:37 -0000


    [ https://issues.apache.org/jira/browse/AMBARI-18071?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15453977#comment-15453977 ] 

Hadoop QA commented on AMBARI-18071:
------------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12826526/AMBARI-18071.patch
  against trunk revision .

    {color:red}-1 patch{color}.  Top-level trunk compilation may be broken.

Console output: https://builds.apache.org/job/Ambari-trunk-test-patch/8547//console

This message is automatically generated.

> Ambari Files View needs to have ability to load security configurations
> -----------------------------------------------------------------------
>
>                 Key: AMBARI-18071
>                 URL: https://issues.apache.org/jira/browse/AMBARI-18071
>             Project: Ambari
>          Issue Type: Improvement
>          Components: contrib
>    Affects Versions: trunk
>            Reporter: Keta Patel
>            Assignee: Keta Patel
>         Attachments: AMBARI-18071.patch, NoKeyProvider.png
>
>
> When HDFS is configured with Encryption Zones, Files View to browser files will give "No KeyProvider" error.
> Steps to reproduce this issue:
> 1. Configure an encrypted zone in HDFS (Transparent Data Encryption). You can follow the link https://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.3.0/bk_hdfs_admin_tools/content/ch_configuring_hdfs_encryption.html
> I have used Hadoop's KMS (installed tar manually).
> 2. Create a Files View instance and provide a user/group the privilege to use the instance.
> 3. Log into the Ambari console as the user with the Files View permission.
> 4. Open the Files View instance.
> 5. Go to the folder which is configured as an encrypted zone.
> 6. Try to open an existing file in this folder.
> 7. This throws an error - java.io.IOException: No KeyProvider is configured, cannot access an encrypted file. 
> 8. When trying through the shell, opening this file works.
> This happens because Files View doesn't have enough configuration set to browse secured zone. Files view doesn't even provide an option to add these configurations.This is why we see errors "No KeyProvider is configured, cannot access an encrypted file", to work around this, you could download client configuration from HDFS service tab, and copy the core-site.xml and hdfs-site.xml files to /etc/ambari-server/conf, then restart ambari-server. After this, the user is able to open the file in the encrypted zone.


--
This message was sent by Atlassian JIRA
(v6.3.4#6332)