> On Dec. 16, 2014, 11:17 a.m., John Speidel wrote: > > I am ok with the patch under the condition that prior to GA that we > > re-address how we are dealing with the admin credentials. > > The mechanism used here should only be a temporary step as it isn't secure > > and it would be very easy to obtain the credeintials in clear text using > > the hash of the cluster as the key. > > Please file a new Jira for this and note the Jira in the Jira associated > > with this patch.
See https://issues.apache.org/jira/browse/AMBARI-8734 to track a solution to the security issue. - Robert ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/29080/#review65206 ----------------------------------------------------------- On Dec. 15, 2014, 9:38 p.m., Robert Levas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/29080/ > ----------------------------------------------------------- > > (Updated Dec. 15, 2014, 9:38 p.m.) > > > Review request for Ambari, dilli dorai, John Speidel, Robert Nettleton, and > Yusaku Sako. > > > Bugs: AMBARI-8725 > https://issues.apache.org/jira/browse/AMBARI-8725 > > > Repository: ambari > > > Description > ------- > > Add _injected_ 'org.apache.ambari.server.state.Clusters' into > 'org.apache.ambari.server.serveraction.kerberos.KerberosServerAction' so that > the relevant cluster object ('org.apache.ambari.server.state.Cluster') may be > retrieved and used to help get access to the KDC administrative credentials. > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java > 832602f > > ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java > 65e5cd6 > > Diff: https://reviews.apache.org/r/29080/diff/ > > > Testing > ------- > > Updated to inject `org.apache.ambari.server.state.Clusters` object into > `org.apache.ambari.server.serveraction.kerberos.KerberosServerAction` > Running > org.apache.ambari.server.serveraction.kerberos.KerberosServerActionTest > Tests run: 11, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.727 sec > > Full Test Suite > Tests run: 2427, Failures: 0, Errors: 0, Skipped: 13 > > > Thanks, > > Robert Levas > >
