Sandor Molnar created AMBARI-22560: -------------------------------------- Summary: Remove obsolete hack to set KDC admin credentials via Cluster session API Key: AMBARI-22560 URL: https://issues.apache.org/jira/browse/AMBARI-22560 Project: Ambari Issue Type: Bug Components: ambari-server Affects Versions: 2.2.0 Reporter: Sandor Molnar Assignee: Sandor Molnar Priority: Minor Fix For: trunk
Remove hack to set KDC admin credential via the API to set session attribute via the Cluster resource. Near *org/apache/ambari/server/controller/AmbariManagementControllerImpl.java:1469* {code:java} // TODO: Once the UI uses the Credential Resource API, remove this block to _clean_ the // TODO: session attributes and store any KDC administrator credentials in the secure // TODO: credential provider facility. // For now, to keep things backwards compatible, get and remove the KDC administrator credentials // from the session attributes and store them in the CredentialsProvider. The KDC administrator // credentials are prefixed with kdc_admin/. The following attributes are expected, if setting // the KDC administrator credentials: // kerberos_admin/principal // kerberos_admin/password if((sessionAttributes != null) && !sessionAttributes.isEmpty()) { Map<String, Object> cleanedSessionAttributes = new HashMap<>(); String principal = null; char[] password = null; for(Map.Entry<String,Object> entry: sessionAttributes.entrySet()) { String name = entry.getKey(); Object value = entry.getValue(); if ("kerberos_admin/principal".equals(name)) { if(value instanceof String) { principal = (String)value; } } else if ("kerberos_admin/password".equals(name)) { if(value instanceof String) { password = ((String) value).toCharArray(); } } else { cleanedSessionAttributes.put(name, value); } } if(principal != null) { // The KDC admin principal exists... set the credentials in the credentials store credentialStoreService.setCredential(cluster.getClusterName(), KerberosHelper.KDC_ADMINISTRATOR_CREDENTIAL_ALIAS, new PrincipalKeyCredential(principal, password), CredentialStoreType.TEMPORARY); } sessionAttributes = cleanedSessionAttributes; } // TODO: END {code} This is no longer needed once the UI uses the new Credential Resource REST API - see AMBARI-13292 -- This message was sent by Atlassian JIRA (v6.4.14#64029)