ambari-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Mildebrandt <ch...@woodenrhino.com>
Subject Re: HTTP error 400 (Bed Request) when trying to create a cluster through REST services
Date Fri, 17 Jan 2014 20:52:03 GMT
Another related question.....is there something I missed in the log file
that would have pointed me to the missing header, or do we need another
JIRA opened to that?

Thanks,
-Chris


On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <yusaku@hortonworks.com>wrote:

> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls
> you make.
> This change in the API behavior was made to prevent CSRF (Cross-Site
> Request Forgery).
>
> Yusaku
>
>
> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <chris@woodenrhino.com
> > wrote:
>
>> Hey,
>>
>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38
>> today and I'm not able to create a cluster using the REST services. Here's
>> the call I expected to work:
>>
>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user
>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1
>>
>> I get the following response:
>>
>> <title>Error 400 Bad Request</title>
>> </head>
>> <body>
>> <h2>HTTP ERROR: 400</h2>
>> <p>Problem accessing /api/v1/clusters/cl1. Reason:
>> <pre>    Bad Request</pre></p>
>> <hr /><i><small>Powered by Jetty://</small></i>
>>
>> However, I'm able to create the cluster from the web UI. Here are the
>> relevant log entries from the POST:
>>
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 -
>> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @
>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @
>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/}
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 -
>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 -
>> session=null
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 ->
>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:422 -
>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1297 - call filter
>> org.apache.ambari.server.api.AmbariPersistFilter-452688583
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1297 - call filter
>> org.springframework.web.filter.DelegatingFilterProxy-1399975832
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in
>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available
>> from the HttpSession: null. A new one will be created.
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in
>> additional filter chain; firing Filter: 'BasicAuthenticationFilter'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header
>> found for user 'admin'
>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ProviderManager:152 - Authentication attempt using
>> org.springframework.security.authentication.dao.DaoAuthenticationProvider
>> 11:47:59,603  INFO [qtp139607202-15 - /api/v1/clusters/cl1]
>> AmbariLocalUserDetailsService:62 - Loading user by name: admin
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> BasicAuthenticationFilter:171 - Authentication success:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in
>> additional filter chain; firing Filter: 'RequestCacheAwareFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in
>> additional filter chain; firing Filter:
>> 'SecurityContextHolderAwareRequestFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in
>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated
>> with anonymous token, as it already contained:
>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in
>> additional filter chain; firing Filter: 'SessionManagementFilter'
>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:336 - HttpSession being created as
>> SecurityContext is non-default
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 -
>> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>> HttpSession:
>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>> Authentication:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in
>> additional filter chain; firing Filter: 'ExceptionTranslationFilter'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in
>> additional filter chain; firing Filter: 'FilterSecurityInterceptor'
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't
>> match 'GET /**
>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL:
>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')]
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:310 - Previously Authenticated:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> AffirmativeBased:65 - Voter:
>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541,
>> returned: 1
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:215 - Authorization successful
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication
>> object
>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional
>> filter chain; proceeding with original chain
>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ServletHandler:1328 - call servlet
>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125
>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to
>> HttpSession:
>> 'org.springframework.security.core.context.SecurityContextImpl@63215be:
>> Authentication:
>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be:
>> Principal: org.springframework.security.core.userdetails.User@586034f:
>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired:
>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted
>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details:
>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a:
>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN'
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> ExceptionTranslationFilter:115 - Chain processed normally
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1]
>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as
>> request processing completed
>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 -
>> RESPONSE /api/v1/clusters/cl1  400 handled=true
>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled
>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut
>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0
>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled
>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434
>> )<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close
>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080
>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751
>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1}
>>
>>
>> Any ideas?
>>
>> Thanks,
>> -Chris
>>
>
>
> CONFIDENTIALITY NOTICE
> NOTICE: This message is intended for the use of the individual or entity
> to which it is addressed and may contain information that is confidential,
> privileged and exempt from disclosure under applicable law. If the reader
> of this message is not the intended recipient, you are hereby notified that
> any printing, copying, dissemination, distribution, disclosure or
> forwarding of this communication is strictly prohibited. If you have
> received this communication in error, please contact the sender immediately
> and delete it from your system. Thank You.

Mime
View raw message