-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/40099/
-----------------------------------------------------------
(Updated Nov. 10, 2015, 1:03 p.m.)
Review request for Ambari, Alejandro Fernandez, Gautam Borad, Jonathan Hurley,
and Velmurugan Periasamy.
Changes
-------
Updated with final input from Ranger team
Bugs: AMBARI-13797
https://issues.apache.org/jira/browse/AMBARI-13797
Repository: ambari
Description
-------
Need a prereq check to confirm that Ambari's password for Ranger will work
against the Ranger server. It's possible to change the password using the
Ranger UI, so this check attempts to verify that.
The Ranger access points are still under investigation, but shouldn't impact
the logic of the code. The general rules are:
- Try to access Ranger using admin credentials. 401=FAIL, 200=PASS, other or
IOException: WARN.
- If PASS, check to load the users JSON and look for Ranger Admin User. Do not
fail if user doesn't exist (not sync'ed).
- If Ranger Admin User is found, access Ranger with credentials. 401=FAIL,
200=PASS, other or IOException=WARN.
We only want to FAIL when it's truly known that the credentials are bad. Only
PASS when it's truly known the credentials are good. WARNING every other case.
Diffs (updated)
-----
ambari-server/src/main/java/org/apache/ambari/server/checks/CheckDescription.java
1908c06
ambari-server/src/main/java/org/apache/ambari/server/checks/RangerPasswordCheck.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/checks/RangerPasswordCheckTest.java
PRE-CREATION
Diff: https://reviews.apache.org/r/40099/diff/
Testing
-------
Manual. Automated pending.
Thanks,
Nate Cole
