----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/37690/#review97685 -----------------------------------------------------------
Ship it! Ship It! - Robert Nettleton On Sept. 2, 2015, 4:55 p.m., Robert Levas wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/37690/ > ----------------------------------------------------------- > > (Updated Sept. 2, 2015, 4:55 p.m.) > > > Review request for Ambari, Jonathan Hurley, Larry McCay, Robert Nettleton, > and Sid Wagle. > > > Bugs: AMBARI-12772 > https://issues.apache.org/jira/browse/AMBARI-12772 > > > Repository: ambari > > > Description > ------- > > #STR > Install cluster via blueprints > Enable Kerberos security > Add host via blueprints > > #Result > Adding hosts freeze forever > In ambari-server.log: > ``` > The KDC administrator credentials must be set in session by updating the > relevant Cluster resource.This may be done by issuing a PUT to the > api/v1/clusters/(cluster name) API entry point with the following payload: > { > "session_attributes" : { > "kerberos_admin" : {"principal" : "(PRINCIPAL)", "password" : > "(PASSWORD)"} > } > ``` > #Cause > This is caused because the KDC administrative credentials are not available > when needed during the add host process. If set in the HTTP session, the > credentials are not accessible since the Kerberos logic is executed outside > the scope of that HTTP session. > > #Solution > Store the KDC credentials to a _more secure_ global credential store that is > accessible no matter what the context is. This storage facility is in-memory > and has a retention period of 90 minutes. This solution refactors the > current CredentialStoreService and MasterKeyService classes to allow for > file-based and in-memory implementations. It also paves the way for future > changes to allow for the KDC administrative credentials to be persisted > indefinitely. > > *Note:* This patch is rather large due to refactoring the > CredentialStoreService and releated classes in an effort to make way for > future features related to storing sensitive data. > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariManagementControllerImpl.java > 6d98c01 > > ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java > cb9e6ca > > ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelperImpl.java > 708d267 > > ambari-server/src/main/java/org/apache/ambari/server/security/encryption/CredentialProvider.java > 8351a99 > > ambari-server/src/main/java/org/apache/ambari/server/security/encryption/CredentialStoreService.java > 8ea7ca2 > > ambari-server/src/main/java/org/apache/ambari/server/security/encryption/CredentialStoreServiceImpl.java > d93faec > > ambari-server/src/main/java/org/apache/ambari/server/security/encryption/FileBasedCredentialStoreService.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/encryption/InMemoryCredentialStoreService.java > PRE-CREATION > > ambari-server/src/main/java/org/apache/ambari/server/security/encryption/MasterKeyServiceImpl.java > 219c14b > > ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosCredential.java > 19997e7 > > ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandler.java > 425aa06 > > ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerAction.java > 389f1b8 > > ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandler.java > d3e3fa4 > > ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java > 2a1ac3c > > ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java > 5d84fbc > > ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialProviderTest.java > 51f2220 > > ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialStoreServiceTest.java > 0652a52 > > ambari-server/src/test/java/org/apache/ambari/server/security/encryption/MasterKeyServiceTest.java > 993601b > > ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java > 9ad3da6 > > ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosCredentialTest.java > 305b122 > > ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationHandlerTest.java > 44a68ae > > ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/KerberosServerActionTest.java > 8fc5325 > > ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/MITKerberosOperationHandlerTest.java > 8c096b0 > > Diff: https://reviews.apache.org/r/37690/diff/ > > > Testing > ------- > > Manually tested the following on trunk and branch-2.1: > - backwards compatibailiy with storing and retrieving the master key and key > store data > - adding a host on a non-kerberized cluster > - adding a host on a kerberized cluster > - credential retention timeout > > #Local test results: > [INFO] > ------------------------------------------------------------------------ > [INFO] BUILD SUCCESS > [INFO] > ------------------------------------------------------------------------ > [INFO] Total time: 49:19.549s > [INFO] Finished at: Fri Aug 21 15:55:04 EDT 2015 > [INFO] Final Memory: 66M/1436M > [INFO] > ------------------------------------------------------------------------ > > > Thanks, > > Robert Levas > >
