[jira] [Commented] (AMBARI-9852) Kerberos: Kerberos Service Check needs to generate and destroy it's own unique identity for testing

Tue, 03 Mar 2015 08:37:48 -0800 

    [ 
https://issues.apache.org/jira/browse/AMBARI-9852?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14345297#comment-14345297
 ] 

Hudson commented on AMBARI-9852:
--------------------------------

FAILURE: Integrated in Ambari-trunk-Commit #1933 (See 
[https://builds.apache.org/job/Ambari-trunk-Commit/1933/])
AMBARI-9852. Kerberos: Kerberos Service Check needs to generate and destroy 
it's own unique identity for testing (rlevas) (rlevas: 
http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=954b96e1edf8fc313ce06d57928b3e26e714770a)
* 
ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java
* 
ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java
* 
ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/service_check.py
* 
ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/params.py
* 
ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java


> Kerberos: Kerberos Service Check needs to generate and destroy it's own 
> unique identity for testing
> ---------------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-9852
>                 URL: https://issues.apache.org/jira/browse/AMBARI-9852
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>    Affects Versions: 2.0.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos
>             Fix For: 2.0.0
>
>         Attachments: AMBARI-9852_01.patch
>
>
> The Kerberos _service check_ needs to generate it's own unique identity to 
> use for testing and then destroy it when complete.  This will ensure that any 
> _known_ identities (such as the smokeuser, usually ambari-qa) does not 
> accidentally get removed if shared between clusters or if the service check 
> is run after Kerberos is enabled. 
> The service check must perform the following steps:
> # Create a unique principal in the relevant KDC (server)
> # Test that the principal can be used to authenticate via kinit (agent)
> # Destroy the principal (server)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to