[
https://issues.apache.org/jira/browse/AMBARI-14036?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15027645#comment-15027645
]
Hudson commented on AMBARI-14036:
---------------------------------
FAILURE: Integrated in Ambari-branch-2.1 #941 (See
[https://builds.apache.org/job/Ambari-branch-2.1/941/])
AMBARI-14036. Add recommendations for authorization provider(upgrade
(vbrodetskyi:
[http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=9591921d61214e02e007a73646775c3eaf88bcad])
*
ambari-server/src/main/java/org/apache/ambari/server/upgrade/AbstractUpgradeCatalog.java
*
ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog213Test.java
*
ambari-server/src/main/java/org/apache/ambari/server/upgrade/UpgradeCatalog213.java
* ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
* ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
> Add recommendations for authorization provider(upgrade ambari 1.7.0 -> ambari
> 2.1.3)
> ------------------------------------------------------------------------------------
>
> Key: AMBARI-14036
> URL: https://issues.apache.org/jira/browse/AMBARI-14036
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.1.3
> Reporter: Vitaly Brodetskyi
> Assignee: Vitaly Brodetskyi
> Priority: Critical
> Fix For: 2.1.3
>
> Attachments: AMBARI-14036.patch
>
>
> Basic implementation AMBARI-9587
> *1st task:*
> While upgrading a cluster above 2.0.0 Ambari version, if knox topology file
> is present without authorization provider then add correct authorization
> provider i.e
> # If Ranger plugin is not enabled for Knox then
> {code}
> <provider> <role>authorization</role> <name>AclsAuthz</name>
> <enabled>true</enabled> </provider>
> {code}
> # If Ranger plugin for knox is enabled then
> {code}
> <provider> <role>authorization</role> <name>XASecurePDPKnox</name>
> <enabled>true</enabled> </provider>
> {code}
> NOTE: If this logic is going in upgrade catalog for 2.0.0 then we can simply
> modify knox topology to add "<provider> <role>authorization</role>
> <name>AclsAuthz</name> <enabled>true</enabled> </provider>" as Ranger service
> itself was added in 2.0.0
> *2nd task:*
> Stack advisor right now recommends the value of authorization provider in
> topology file when ranger plugin is enabled or disabled. But this will happen
> only if authorization provider tag is present in topology file or else the
> recommendation logic will be skipped. Stack advisor code needs to be changed
> so that while enabling or disabling ranger plugin for knox if authorization
> provider tag does not exist then the corresponding authorization provider tag
> should be added while sending back recommendation to ambari-web.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
