Robert Levas created AMBARI-21919: ------------------------------------- Summary: Kerberos identity references should use the "reference" attribute Key: AMBARI-21919 URL: https://issues.apache.org/jira/browse/AMBARI-21919 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.4.0 Reporter: Robert Levas Assignee: Robert Levas Fix For: 2.6.0
Kerberos identity references should use the "reference" attribute rather than rely on the "name" attribute to indicate the identity descriptor references some other identity descriptor. Either method should work on the backend, however the UI appears to not fully handle the "named" reference properly. The solution is to change {code} { "name": "/HDFS/NAMENODE/namenode_nn", "principal": { "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal" }, "keytab": { "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab" } } {code} by changing the "name" attribute to "reference" and adding a new "name" reference with a unique name relative to the scope of the identity descriptor. For example: {code} { "name":"ranger_hdfs_audit" "reference": "/HDFS/NAMENODE/namenode_nn", "principal": { "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal" }, "keytab": { "configuration": "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab" } } {code} -- This message was sent by Atlassian JIRA (v6.4.14#64029)