[jira] [Updated] (AMBARI-21919) Kerberos identity references should use the "reference" attribute

Thu, 21 Sep 2017 09:48:31 -0700 

     [ 
https://issues.apache.org/jira/browse/AMBARI-21919?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Robert Levas updated AMBARI-21919:
----------------------------------
    Resolution: Fixed
        Status: Resolved  (was: Patch Available)

Committed to trunk
{noformat}
commit 2a0602104f719d8dec7cc34f9a10fe885d55a551
Author: Robert Levas <[email protected]>
Date:   Thu Sep 21 12:01:15 2017 -0400
{noformat}

Committed to branch-2.6
{noformat}
commit 30a046adb2e3e62a8f18abe4d00af91441a4cd64
Author: Robert Levas <[email protected]>
Date:   Thu Sep 21 12:46:30 2017 -0400
{noformat}

> Kerberos identity references should use the "reference" attribute
> -----------------------------------------------------------------
>
>                 Key: AMBARI-21919
>                 URL: https://issues.apache.org/jira/browse/AMBARI-21919
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.4.0
>            Reporter: Robert Levas
>            Assignee: Robert Levas
>              Labels: kerberos_descriptor
>             Fix For: 2.6.0
>
>         Attachments: AMBARI-21919_branch-2.6_01.patch, 
> AMBARI-21919_branch-2.6_02.patch, AMBARI-21919_trunk_01.patch, 
> AMBARI-21919_trunk_02.patch
>
>
> Kerberos identity references should use the "reference" attribute rather than 
> rely on the "name" attribute to indicate the identity descriptor references 
> some other identity descriptor.  
> Either method should work on the backend, however the UI appears to not fully 
> handle the "named" reference properly. 
> The solution is to change 
> {code}
>             {
>               "name": "/HDFS/NAMENODE/namenode_nn",
>               "principal": {
>                 "configuration": 
> "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal"
>               },
>               "keytab": {
>                 "configuration": 
> "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab"
>               }
>             }
> {code}
> by changing the "name" attribute to "reference" and adding a new "name" 
> reference with a unique name relative to the scope of the identity 
> descriptor. For example:
> {code}
>             {
>               "name":"ranger_hdfs_audit"
>               "reference": "/HDFS/NAMENODE/namenode_nn",
>               "principal": {
>                 "configuration": 
> "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.principal"
>               },
>               "keytab": {
>                 "configuration": 
> "ranger-hdfs-audit/xasecure.audit.jaas.Client.option.keyTab"
>               }
>             }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to