Repository: oozie Updated Branches: refs/heads/master 09cd6042a -> 2b8842a04
OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter) Project: http://git-wip-us.apache.org/repos/asf/oozie/repo Commit: http://git-wip-us.apache.org/repos/asf/oozie/commit/2b8842a0 Tree: http://git-wip-us.apache.org/repos/asf/oozie/tree/2b8842a0 Diff: http://git-wip-us.apache.org/repos/asf/oozie/diff/2b8842a0 Branch: refs/heads/master Commit: 2b8842a047bade3297f1cd1104598349c0bc52b2 Parents: 09cd604 Author: Robert Kanter <[email protected]> Authored: Tue Aug 2 13:28:00 2016 -0700 Committer: Robert Kanter <[email protected]> Committed: Tue Aug 2 13:28:00 2016 -0700 ---------------------------------------------------------------------- .../org/apache/oozie/util/JaasConfiguration.java | 16 ++++++++++++---- .../apache/oozie/util/TestJaasConfiguration.java | 19 +++++++++++++------ release-log.txt | 1 + 3 files changed, 26 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java ---------------------------------------------------------------------- diff --git a/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java b/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java index 0dbc947..cb9dd17 100644 --- a/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java +++ b/core/src/main/java/org/apache/oozie/util/JaasConfiguration.java @@ -75,11 +75,19 @@ public class JaasConfiguration extends Configuration { */ public static void addEntry(String name, String principal, String keytab) { Map<String, String> options = new HashMap<String, String>(); - options.put("keyTab", keytab); options.put("principal", principal); - options.put("useKeyTab", "true"); - options.put("storeKey", "true"); - options.put("useTicketCache", "false"); + if (System.getProperty("java.vendor").contains("IBM")) { + // IBM JAVA's UseKeytab covers both keyTab and useKeyTab options + options.put("useKeytab",keytab.startsWith("file://") ? keytab : "file://" + keytab); + + // Both "initiator" and "acceptor" + options.put("credsType", "both"); + } else { + options.put("keyTab", keytab); + options.put("useKeyTab", "true"); + options.put("storeKey", "true"); + options.put("useTicketCache", "false"); + } AppConfigurationEntry entry = new AppConfigurationEntry(krb5LoginModuleName, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); entries.put(name, entry); http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java ---------------------------------------------------------------------- diff --git a/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java b/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java index 2e4e9b0..e36a6c3 100644 --- a/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java +++ b/core/src/test/java/org/apache/oozie/util/TestJaasConfiguration.java @@ -72,11 +72,18 @@ public class TestJaasConfiguration extends XTestCase { assertEquals(loginModuleName, entry.getLoginModuleName()); assertEquals(AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, entry.getControlFlag()); Map<String, ?> options = entry.getOptions(); - assertEquals(keytab, options.get("keyTab")); - assertEquals(principal, options.get("principal")); - assertEquals("true", options.get("useKeyTab")); - assertEquals("true", options.get("storeKey")); - assertEquals("false", options.get("useTicketCache")); - assertEquals(5, options.size()); + assertEquals(principal, options.get("principal")); + if (loginModuleName.equals("com.ibm.security.auth.module.Krb5LoginModule")){ + assertEquals(keytab.startsWith("file://") ? keytab : "file://" + keytab, options.get("useKeytab")); + assertEquals("both",options.get("credsType")); + assertEquals(3, options.size()); + } + else{ + assertEquals("true", options.get("useKeyTab")); + assertEquals(keytab, options.get("keyTab")); + assertEquals("true", options.get("storeKey")); + assertEquals("false", options.get("useTicketCache")); + assertEquals(5, options.size()); + } } } http://git-wip-us.apache.org/repos/asf/oozie/blob/2b8842a0/release-log.txt ---------------------------------------------------------------------- diff --git a/release-log.txt b/release-log.txt index 0e2cf86..e6776a0 100644 --- a/release-log.txt +++ b/release-log.txt @@ -1,5 +1,6 @@ -- Oozie 4.3.0 release (trunk - unreleased) +OOZIE-2172 ZooKeeper Security Tests failed with JVM IBM JAVA (GauravPande via rkanter) OOZIE-2555 Oozie SSL enable setup does not return port for admin -servers (abhishekbafna via rkanter) OOZIE-2440 Exponential re-try policy for workflow action (satishsaley via jaydeepvishwakarma) OOZIE-2539 Incorrect property key is used for 'hive log4j configuration file for execution mode' (abhishekbafna via jaydeepvishwakarma)
