This is an automated email from the ASF dual-hosted git repository.

rlevas pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 77b5319  [AMBARI-25088] Enable Kerberos fails when Ambari server is 
not on a registered host
77b5319 is described below

commit 77b5319381fd083f4f9774581b1fad082bb71e4a
Author: Robert Levas <rle...@apache.org>
AuthorDate: Thu Jan 3 15:09:02 2019 -0500

    [AMBARI-25088] Enable Kerberos fails when Ambari server is not on a 
registered host
---
 .../ambari/server/controller/KerberosHelperImpl.java | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
index 9f6b17a..4f4763a 100644
--- 
a/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
+++ 
b/ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java
@@ -1763,6 +1763,7 @@ public class KerberosHelperImpl implements KerberosHelper 
{
     } else {
       Collection<String> hosts;
       String ambariServerHostname = StageUtils.getHostName();
+      boolean ambariServerHostnameIsForced = false;
 
       if (hostName == null) {
         Map<String, Host> hostMap = clusters.getHostsForCluster(clusterName);
@@ -1777,6 +1778,7 @@ public class KerberosHelperImpl implements KerberosHelper 
{
           extendedHosts.addAll(hosts);
           extendedHosts.add(ambariServerHostname);
           hosts = extendedHosts;
+          ambariServerHostnameIsForced = true;
         }
       } else {
         hosts = Collections.singleton(hostName);
@@ -1788,14 +1790,14 @@ public class KerberosHelperImpl implements 
KerberosHelper {
         if (kerberosDescriptor != null) {
           Set<String> existingServices = cluster.getServices().keySet();
 
-          for (String hostname : hosts) {
+          for (String host : hosts) {
             // Calculate the current host-specific configurations. These will 
be used to replace
             // variables within the Kerberos descriptor data
             Map<String, Map<String, String>> configurations = 
calculateConfigurations(cluster,
-              hostname,
-              kerberosDescriptor,
-              false,
-              false);
+                (ambariServerHostnameIsForced && 
ambariServerHostname.equals(host)) ? null : host,
+                kerberosDescriptor,
+                false,
+                false);
 
             // Create the context to use for filtering Kerberos Identities 
based on the state of the cluster
             Map<String, Object> filterContext = new HashMap<>();
@@ -1804,10 +1806,10 @@ public class KerberosHelperImpl implements 
KerberosHelper {
 
 
             Map<String, KerberosIdentityDescriptor> hostActiveIdentities = new 
HashMap<>();
-            List<KerberosIdentityDescriptor> identities = 
getActiveIdentities(cluster, hostname,
+            List<KerberosIdentityDescriptor> identities = 
getActiveIdentities(cluster, host,
               serviceName, componentName, kerberosDescriptor, filterContext);
 
-            if (hostname.equals(ambariServerHostname)) {
+            if (host.equals(ambariServerHostname)) {
               // Determine if we should _calculate_ the Ambari service 
identities.
               // If kerberos-env/create_ambari_principal is not set to false 
the identity should be calculated.
               if (createAmbariIdentities(kerberosEnvConfig.getProperties())) {
@@ -1836,7 +1838,7 @@ public class KerberosHelperImpl implements KerberosHelper 
{
                   }
 
                   if (replaceHostNames) {
-                    principal = principal.replace("_HOST", hostname);
+                    principal = principal.replace("_HOST", host);
                   }
 
                   String uniqueKey = String.format("%s|%s", principal, 
(keytabFile == null) ? "" : keytabFile);
@@ -1883,7 +1885,7 @@ public class KerberosHelperImpl implements KerberosHelper 
{
               }
             }
 
-            activeIdentities.put(hostname, hostActiveIdentities.values());
+            activeIdentities.put(host, hostActiveIdentities.values());
           }
         }
       }

Reply via email to