ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (AMBARI-21919) Kerberos identity references should use the "reference" attribute
Date Wed, 20 Sep 2017 17:27:00 GMT

     [ https://issues.apache.org/jira/browse/AMBARI-21919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Robert Levas updated AMBARI-21919:
----------------------------------
    Status: Patch Available  (was: In Progress)

> Kerberos identity references should use the "reference" attribute
> -----------------------------------------------------------------
>
>                 Key: AMBARI-21919
>                 URL: https://issues.apache.org/jira/browse/AMBARI-21919
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.4.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos_descriptor
>             Fix For: 2.6.0
>
>         Attachments: AMBARI-21919_branch-2.6_01.patch, AMBARI-21919_trunk_01.patch
>
>
> Kerberos identity references should use the "reference" attribute rather than rely on
the "name" attribute to indicate the identity descriptor references some other identity descriptor.
 
> Either method should work on the backend, however the UI appears to not fully handle
the "named" reference properly. 
> The solution is to change 
> {code}
>             {
>               "name": "/HDFS/NAMENODE/namenode_nn",
>               "principal": {
>                 "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal"
>               },
>               "keytab": {
>                 "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab"
>               }
>             }
> {code}
> by changing the "name" attribute to "reference" and adding a new "name" reference with
a unique name relative to the scope of the identity descriptor. For example:
> {code}
>             {
>               "name":"ranger_hdfs_audit"
>               "reference": "/HDFS/NAMENODE/namenode_nn",
>               "principal": {
>                 "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal"
>               },
>               "keytab": {
>                 "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab"
>               }
>             }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message