[jira] [Created] (OOZIE-2972) Server goes inconsistent when prepare war called with secure without SSL

Tue, 27 Jun 2017 21:53:58 -0700 

Prabhu Joseph created OOZIE-2972:
------------------------------------

             Summary: Server goes inconsistent when prepare war called with 
secure without SSL
                 Key: OOZIE-2972
                 URL: https://issues.apache.org/jira/browse/OOZIE-2972
             Project: Oozie
          Issue Type: Bug
          Components: security
    Affects Versions: 4.3.0
            Reporter: Prabhu Joseph


When prepare-war with secure is called by some user by mistake on a Oozie 
Server which is not configured with SSL causes inconsistent state. Oozie Server 
runs fine but the oozie clients are failed with Authentication failure status 
302. Checking curl verbose, Oozie Server redirects client to https port even 
though it is not listening. We need to validate the prepare-war command when 
SSL is not configured instead of going to inconsistent state.

Repro:
{code}
Oozie Server without SSL

/usr/hdp/current/oozie-server/bin/oozie-setup.sh prepare-war -secure

 curl -ikv -L --negotiate -u: 
http://prabhuzeppelin2.openstacklocal:11000/oozie/v1/admin/status
* About to connect() to prabhuzeppelin2.openstacklocal port 11000 (#0)
*   Trying 172.26.93.73... connected
* Connected to prabhuzeppelin2.openstacklocal (172.26.93.73) port 11000 (#0)
> GET /oozie/v1/admin/status HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 
> zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: prabhuzeppelin2.openstacklocal:11000
> Accept: */*
> 
< HTTP/1.1 302 Found
HTTP/1.1 302 Found
< Server: Apache-Coyote/1.1
Server: Apache-Coyote/1.1
< Pragma: No-cache
Pragma: No-cache
< Cache-Control: no-cache
Cache-Control: no-cache
< Expires: Thu, 01 Jan 1970 00:00:00 UTC
Expires: Thu, 01 Jan 1970 00:00:00 UTC
< Location: https://prabhuzeppelin2.openstacklocal:11443/oozie/v1/admin/status
Location: https://prabhuzeppelin2.openstacklocal:11443/oozie/v1/admin/status
< Content-Length: 0
Content-Length: 0
< Date: Tue, 27 Jun 2017 11:05:45 GMT
Date: Tue, 27 Jun 2017 11:05:45 GMT

< 
* Connection #0 to host prabhuzeppelin2.openstacklocal left intact
* Issue another request to this URL: 
'https://prabhuzeppelin2.openstacklocal:11443/oozie/v1/admin/status'
* About to connect() to prabhuzeppelin2.openstacklocal port 11443 (#1)
*   Trying 172.26.93.73... Connection refused
* couldn't connect to host
* Closing connection #1
curl: (7) couldn't connect to host
* Closing connection #0

{code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to