This is an automated email from the ASF dual-hosted git repository.
vishalsuvagia pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ambari.git
The following commit(s) were added to refs/heads/trunk by this push:
new 9ea678128c AMBARI-26304 : User authentication fails for previously
sync'd LDAP / AD based users
9ea678128c is described below
commit 9ea678128c59d1fc3627e106713ede8b39cba326
Author: Vishal Suvagia <[email protected]>
AuthorDate: Mon Feb 3 11:34:21 2025 +0530
AMBARI-26304 : User authentication fails for previously sync'd LDAP / AD
based users
Issue: User authentication fails for previously sync'd LDAP / AD based
users.
Cause: the authentication-key was being split before checking if the
authentication type required is local or remote based, hence it fails with a
NullPointerException.
Changes made: Updated the implementation to add a check for auth type
before adding split for authentication-key
---
.../ambari/server/orm/entities/UserAuthenticationEntity.java | 8 +++++---
.../org/apache/ambari/server/security/authorization/Users.java | 2 +-
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
index a2324ea588..0795655cf3 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/UserAuthenticationEntity.java
@@ -105,9 +105,11 @@ public class UserAuthenticationEntity {
}
public String getAuthenticationKey() {
- int firstCommaIndex = authenticationKey.indexOf(",");
- if (firstCommaIndex != -1) {
- return authenticationKey.substring(0, firstCommaIndex);
+ if (getAuthenticationType().equals(UserAuthenticationType.LOCAL)) {
+ int firstCommaIndex = authenticationKey.indexOf(",");
+ if (firstCommaIndex != -1) {
+ return authenticationKey.substring(0, firstCommaIndex);
+ }
}
return authenticationKey;
}
diff --git
a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
index 9e0650bb58..52368a6281 100644
---
a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
+++
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
@@ -1266,7 +1266,7 @@ public class Users {
userAuthenticationEntity.updateAuthenticationKey(passwordEncoder.encode(newKey),
configuration.getPasswordPolicyHistoryCount());
} else {
// If we get here the authenticated user is authorized to change the
key for the subject.
- userAuthenticationEntity.updateAuthenticationKey(newKey,
configuration.getPasswordPolicyHistoryCount());
+ userAuthenticationEntity.setAuthenticationKey(newKey);
}
userAuthenticationDAO.merge(userAuthenticationEntity);
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
