[ https://issues.apache.org/jira/browse/AMBARI-22560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274693#comment-16274693 ]
Hudson commented on AMBARI-22560: --------------------------------- FAILURE: Integrated in Jenkins build Ambari-trunk-Commit #8479 (See [https://builds.apache.org/job/Ambari-trunk-Commit/8479/]) AMBARI-22560. Remove obsolete hack to set KDC admin credentials via (rlevas: [http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=943aa715d81301077b469c64551231169b525f50]) * (edit) ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java * (edit) ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java > Remove obsolete hack to set KDC admin credentials via Cluster session API > ------------------------------------------------------------------------- > > Key: AMBARI-22560 > URL: https://issues.apache.org/jira/browse/AMBARI-22560 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 2.2.0 > Reporter: Sandor Molnar > Assignee: Sandor Molnar > Priority: Minor > Labels: kdc_credentials, kerberos > Fix For: trunk > > Attachments: AMBARI_22560_patch, AMBARI_22560_trunk_02.patch > > > Remove hack to set KDC admin credential via the API to set session attribute > via the Cluster resource. > Near > *org/apache/ambari/server/controller/AmbariManagementControllerImpl.java:1469* > {code:java} > // TODO: Once the UI uses the Credential Resource API, remove this > block to _clean_ the > // TODO: session attributes and store any KDC administrator credentials > in the secure > // TODO: credential provider facility. > // For now, to keep things backwards compatible, get and remove the KDC > administrator credentials > // from the session attributes and store them in the > CredentialsProvider. The KDC administrator > // credentials are prefixed with kdc_admin/. The following attributes > are expected, if setting > // the KDC administrator credentials: > // kerberos_admin/principal > // kerberos_admin/password > if((sessionAttributes != null) && !sessionAttributes.isEmpty()) { > Map<String, Object> cleanedSessionAttributes = new HashMap<>(); > String principal = null; > char[] password = null; > for(Map.Entry<String,Object> entry: sessionAttributes.entrySet()) { > String name = entry.getKey(); > Object value = entry.getValue(); > if ("kerberos_admin/principal".equals(name)) { > if(value instanceof String) { > principal = (String)value; > } > } > else if ("kerberos_admin/password".equals(name)) { > if(value instanceof String) { > password = ((String) value).toCharArray(); > } > } else { > cleanedSessionAttributes.put(name, value); > } > } > if(principal != null) { > // The KDC admin principal exists... set the credentials in the > credentials store > credentialStoreService.setCredential(cluster.getClusterName(), > KerberosHelper.KDC_ADMINISTRATOR_CREDENTIAL_ALIAS, > new PrincipalKeyCredential(principal, password), > CredentialStoreType.TEMPORARY); > } > sessionAttributes = cleanedSessionAttributes; > } > // TODO: END > {code} > This is no longer needed once the UI uses the new Credential Resource REST > API - see AMBARI-13292 -- This message was sent by Atlassian JIRA (v6.4.14#64029)