[
https://issues.apache.org/jira/browse/AMBARI-22560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274693#comment-16274693
]
Hudson commented on AMBARI-22560:
---------------------------------
FAILURE: Integrated in Jenkins build Ambari-trunk-Commit #8479 (See
[https://builds.apache.org/job/Ambari-trunk-Commit/8479/])
AMBARI-22560. Remove obsolete hack to set KDC admin credentials via (rlevas:
[http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=943aa715d81301077b469c64551231169b525f50])
* (edit)
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
* (edit)
ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
> Remove obsolete hack to set KDC admin credentials via Cluster session API
> -------------------------------------------------------------------------
>
> Key: AMBARI-22560
> URL: https://issues.apache.org/jira/browse/AMBARI-22560
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.2.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Minor
> Labels: kdc_credentials, kerberos
> Fix For: trunk
>
> Attachments: AMBARI_22560_patch, AMBARI_22560_trunk_02.patch
>
>
> Remove hack to set KDC admin credential via the API to set session attribute
> via the Cluster resource.
> Near
> *org/apache/ambari/server/controller/AmbariManagementControllerImpl.java:1469*
> {code:java}
> // TODO: Once the UI uses the Credential Resource API, remove this
> block to _clean_ the
> // TODO: session attributes and store any KDC administrator credentials
> in the secure
> // TODO: credential provider facility.
> // For now, to keep things backwards compatible, get and remove the KDC
> administrator credentials
> // from the session attributes and store them in the
> CredentialsProvider. The KDC administrator
> // credentials are prefixed with kdc_admin/. The following attributes
> are expected, if setting
> // the KDC administrator credentials:
> // kerberos_admin/principal
> // kerberos_admin/password
> if((sessionAttributes != null) && !sessionAttributes.isEmpty()) {
> Map<String, Object> cleanedSessionAttributes = new HashMap<>();
> String principal = null;
> char[] password = null;
> for(Map.Entry<String,Object> entry: sessionAttributes.entrySet()) {
> String name = entry.getKey();
> Object value = entry.getValue();
> if ("kerberos_admin/principal".equals(name)) {
> if(value instanceof String) {
> principal = (String)value;
> }
> }
> else if ("kerberos_admin/password".equals(name)) {
> if(value instanceof String) {
> password = ((String) value).toCharArray();
> }
> } else {
> cleanedSessionAttributes.put(name, value);
> }
> }
> if(principal != null) {
> // The KDC admin principal exists... set the credentials in the
> credentials store
> credentialStoreService.setCredential(cluster.getClusterName(),
> KerberosHelper.KDC_ADMINISTRATOR_CREDENTIAL_ALIAS,
> new PrincipalKeyCredential(principal, password),
> CredentialStoreType.TEMPORARY);
> }
> sessionAttributes = cleanedSessionAttributes;
> }
> // TODO: END
> {code}
> This is no longer needed once the UI uses the new Credential Resource REST
> API - see AMBARI-13292
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
