[jira] [Commented] (AMBARI-22560) Remove obsolete hack to set KDC admin credentials via Cluster session API

[Robert Levas (JIRA)]

    [ 
https://issues.apache.org/jira/browse/AMBARI-22560?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274563#comment-16274563
 ] 

Robert Levas commented on AMBARI-22560:
---------------------------------------

[~smolnar]...  Nope, the error is not related to your patch. It seems like 
something with the front end:

{code}
[INFO] Ambari Web ......................................... FAILURE [ 28.911 s]
{code}

{code}
[ERROR] error 
/home/jenkins/jenkins-slave/workspace/Ambari-trunk-test-patch/ambari/ambari-web/node_modules/phantomjs:
 Command failed.
[ERROR] Exit code: 1
[ERROR] Command: sh
[ERROR] Arguments: -c node install.js
[ERROR] Directory: 
/home/jenkins/jenkins-slave/workspace/Ambari-trunk-test-patch/ambari/ambari-web/node_modules/phantomjs
[ERROR] Output:
[ERROR] PhantomJS not found on PATH
[ERROR] Download already available at 
/tmp/npm_config_tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2
[ERROR] Verified checksum of previously downloaded file
[ERROR] Extracting tar contents (via spawned process)
[ERROR] Removing 
/home/jenkins/jenkins-slave/workspace/Ambari-trunk-test-patch/ambari/ambari-web/node_modules/phantomjs/lib/phantom
[ERROR] Copying extracted folder 
/tmp/npm_config_tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2-extract-1512137434141/phantomjs-2.1.1-linux-x86_64
 -> 
/home/jenkins/jenkins-slave/workspace/Ambari-trunk-test-patch/ambari/ambari-web/node_modules/phantomjs/lib/phantom
[ERROR] Phantom installation failed { [Error: ENOENT: no such file or 
directory, scandir 
'/tmp/npm_config_tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2-extract-1512137434141/phantomjs-2.1.1-linux-x86_64/bin']
[ERROR]   errno: -2,
[INFO] info Visit https://yarnpkg.com/en/docs/cli/install for documentation 
about this command.
[ERROR]   code: 'ENOENT',
[ERROR]   syscall: 'scandir',
[ERROR]   path: 
'/tmp/npm_config_tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2-extract-1512137434141/phantomjs-2.1.1-linux-x86_64/bin'
 } Error: ENOENT: no such file or directory, scandir 
'/tmp/npm_config_tmp/phantomjs/phantomjs-2.1.1-linux-x86_64.tar.bz2-extract-1512137434141/phantomjs-2.1.1-linux-x86_64/bin'
[ERROR]     at Error (native)
{code}

You do not need to do anything. 

+1 for the patch.



> Remove obsolete hack to set KDC admin credentials via Cluster session API
> -------------------------------------------------------------------------
>
>                 Key: AMBARI-22560
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22560
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.2.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Minor
>              Labels: kdc_credentials, kerberos
>             Fix For: trunk
>
>         Attachments: AMBARI_22560_patch, AMBARI_22560_trunk_02.patch
>
>
> Remove hack to set KDC admin credential via the API to set session attribute 
> via the Cluster resource.
> Near 
> *org/apache/ambari/server/controller/AmbariManagementControllerImpl.java:1469*
> {code:java}
>       // TODO: Once the UI uses the Credential Resource API, remove this 
> block to _clean_ the
>       // TODO: session attributes and store any KDC administrator credentials 
> in the secure
>       // TODO: credential provider facility.
>       // For now, to keep things backwards compatible, get and remove the KDC 
> administrator credentials
>       // from the session attributes and store them in the 
> CredentialsProvider. The KDC administrator
>       // credentials are prefixed with kdc_admin/. The following attributes 
> are expected, if setting
>       // the KDC administrator credentials:
>       //    kerberos_admin/principal
>       //    kerberos_admin/password
>       if((sessionAttributes != null) && !sessionAttributes.isEmpty()) {
>         Map<String, Object> cleanedSessionAttributes = new HashMap<>();
>         String principal = null;
>         char[] password = null;
>         for(Map.Entry<String,Object> entry: sessionAttributes.entrySet()) {
>           String name = entry.getKey();
>           Object value = entry.getValue();
>           if ("kerberos_admin/principal".equals(name)) {
>             if(value instanceof String) {
>               principal = (String)value;
>             }
>           }
>           else if ("kerberos_admin/password".equals(name)) {
>             if(value instanceof String) {
>               password = ((String) value).toCharArray();
>             }
>           } else {
>             cleanedSessionAttributes.put(name, value);
>           }
>         }
>         if(principal != null) {
>           // The KDC admin principal exists... set the credentials in the 
> credentials store
>           credentialStoreService.setCredential(cluster.getClusterName(),
>               KerberosHelper.KDC_ADMINISTRATOR_CREDENTIAL_ALIAS,
>               new PrincipalKeyCredential(principal, password), 
> CredentialStoreType.TEMPORARY);
>         }
>         sessionAttributes = cleanedSessionAttributes;
>       }
>       // TODO: END
> {code}
> This is no longer needed once the UI uses the new Credential Resource REST 
> API - see  AMBARI-13292



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)