Repository: ambari Updated Branches: refs/heads/branch-feature-AMBARI-20859 f5ca11451 -> 8f03fd044
AMBARI-21259 Need to use provided password when usersync sync source and authentication method are different (mugdha) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/8df01a8f Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/8df01a8f Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/8df01a8f Branch: refs/heads/branch-feature-AMBARI-20859 Commit: 8df01a8f84f9b404be9248f36484baebc7de582f Parents: df21f9c Author: Mugdha Varadkar <[email protected]> Authored: Thu Jun 15 18:41:24 2017 +0530 Committer: Mugdha Varadkar <[email protected]> Committed: Tue Jun 20 10:38:08 2017 +0530 ---------------------------------------------------------------------- .../RANGER/0.4.0/package/scripts/params.py | 4 +++- .../RANGER/0.4.0/package/scripts/setup_ranger_xml.py | 12 ++++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/8df01a8f/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py index 094d239..3789358 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/params.py @@ -445,4 +445,6 @@ https_keystore_password = config['configurations']['ranger-admin-site']['ranger. truststore_password = config['configurations']['ranger-admin-site']['ranger.truststore.password'] # need this to capture cluster name for ranger tagsync -cluster_name = config['clusterName'] \ No newline at end of file +cluster_name = config['clusterName'] +ranger_ldap_bind_auth_password = config['configurations']['ranger-admin-site']['ranger.ldap.bind.password'] +ranger_ad_bind_auth_password = config['configurations']['ranger-admin-site']['ranger.ldap.ad.bind.password'] \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/8df01a8f/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py index 85eb796..ba21494 100644 --- a/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py +++ b/ambari-server/src/main/resources/common-services/RANGER/0.4.0/package/scripts/setup_ranger_xml.py @@ -336,7 +336,11 @@ def do_keystore_setup(upgrade_type=None): ) if params.ranger_auth_method.upper() == "LDAP": - ranger_credential_helper(params.cred_lib_path, params.ranger_ldap_password_alias, params.ranger_usersync_ldap_ldapbindpassword, params.ranger_credential_provider_path) + ranger_ldap_auth_password = params.ranger_usersync_ldap_ldapbindpassword + if params.ranger_ldap_bind_auth_password != "{{ranger_usersync_ldap_ldapbindpassword}}": + ranger_ldap_auth_password = params.ranger_ldap_bind_auth_password + + ranger_credential_helper(params.cred_lib_path, params.ranger_ldap_password_alias, ranger_ldap_auth_password, params.ranger_credential_provider_path) File(params.ranger_credential_provider_path, owner = params.unix_user, @@ -345,7 +349,11 @@ def do_keystore_setup(upgrade_type=None): ) if params.ranger_auth_method.upper() == "ACTIVE_DIRECTORY": - ranger_credential_helper(params.cred_lib_path, params.ranger_ad_password_alias, params.ranger_usersync_ldap_ldapbindpassword, params.ranger_credential_provider_path) + ranger_ad_auth_password = params.ranger_usersync_ldap_ldapbindpassword + if params.ranger_ad_bind_auth_password != "{{ranger_usersync_ldap_ldapbindpassword}}": + ranger_ad_auth_password = params.ranger_ad_bind_auth_password + + ranger_credential_helper(params.cred_lib_path, params.ranger_ad_password_alias, ranger_ad_auth_password, params.ranger_credential_provider_path) File(params.ranger_credential_provider_path, owner = params.unix_user,
