[ https://issues.apache.org/jira/browse/AMBARI-19681?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nahappan Somasundaram updated AMBARI-19681: ------------------------------------------- Status: Patch Available (was: Open) > Credential Store should add hadoop credential provider path property to all > affected configuration types > -------------------------------------------------------------------------------------------------------- > > Key: AMBARI-19681 > URL: https://issues.apache.org/jira/browse/AMBARI-19681 > Project: Ambari > Issue Type: Bug > Components: ambari-agent > Affects Versions: 2.5.0 > Reporter: Nahappan Somasundaram > Assignee: Nahappan Somasundaram > Fix For: 2.5.0 > > Attachments: rb55853.patch > > > CustomServiceOrchestrator.py function generateJceks adds the property > 'hadoop.security.credential.provider.path' only to the last configuration > type that requires it. The function iterates over the configtype_credentials > dictionary, and at each iteration it updates the variable named config (line > 272): > {code} > config = commandJson['configurations'][config_type] > {code} > After the iteration is over, and the provider_paths variable is set the > function adds the provider paths to the dictionary with the key > 'hadoop.security.credential.provider.path' (line 292) > {code} > config[self.CREDENTIAL_PROVIDER_PROPERTY_NAME] = ','.join(provider_paths) > {code} > The problem is that at this point the variable config contains the latest > config type that needs this property to be set up, while all of them should > have it! So if both config_type_1, and config_type_2 have passwords > properties present in configtype_credentials, only config_type_2 will have > the dictionary entry set for the key > 'hadoop.security.credential.provider.path', and it will contain a reference > to both of their jceks files! > Another issue is that there is no reason to collect the provider paths to an > array, each config_type should have a reference only to it's own provider. -- This message was sent by Atlassian JIRA (v6.3.4#6332)