[jira] [Updated] (AMBARI-9852) Kerberos: Kerberos Service Check needs to generate and destroy it's own unique identity for testing

Robert Levas (JIRA) Sat, 28 Feb 2015 14:12:36 -0800

     [ 
https://issues.apache.org/jira/browse/AMBARI-9852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Robert Levas updated AMBARI-9852:
---------------------------------
    Summary: Kerberos: Kerberos Service Check needs to generate and destroy 
it's own unique identity for testing  (was: Kerberos Service Check needs to 
generate and destroy it's own unique identity for testing)

> Kerberos: Kerberos Service Check needs to generate and destroy it's own 
> unique identity for testing
> ---------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-9852
>                 URL: https://issues.apache.org/jira/browse/AMBARI-9852
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos
>             Fix For: 2.0.0
>
>
> The Kerberos _service check_ needs to generate it's own unique identity to 
> use for testing and then destroy it when complete.  This will ensure that any 
> _known_ identities (such as the smokeuser, usually ambari-qa) does not 
> accidentally get removed if shared between clusters or if the service check 
> is run after Kerberos is enabled. 
> The service check must perform the following steps:
> # Create a unique principal in the relevant KDC (server)
> # Test that the principal can be used to authenticate via kinit (agent)
> # Destroy the principal (server)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (AMBARI-9852) Kerberos: Kerberos Service Check needs to generate and destroy it's own unique identity for testing

Reply via email to