[jira] [Updated] (AMBARI-25234) Ambari audit log shows "null" user when executing an API call as admin - Ambari 2.7.3

Thu, 03 Nov 2022 20:20:38 -0700 


     [ 
https://issues.apache.org/jira/browse/AMBARI-25234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Zhiguo Wu updated AMBARI-25234:
-------------------------------
    Fix Version/s: 2.8.0

> Ambari audit log shows "null" user when executing an API call as admin - 
> Ambari 2.7.3
> -------------------------------------------------------------------------------------
>
>                 Key: AMBARI-25234
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25234
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.5.2, 2.7.3
>         Environment: RHEL 7.x
>            Reporter: Saurabh Lambe
>            Assignee: Krisztian Kasa
>            Priority: Minor
>              Labels: newbie, pull-request-available
>             Fix For: 2.8.0, 2.7.4
>
>          Time Spent: 1h 40m
>  Remaining Estimate: 0h
>
> When running a simple REST API call from CLI, I could see two entries in 
> ambari-audit.log file.
>  
> Following is my API call:
> {{curl -k -i -u admin:<passwd> -H "X-Requested-By: ambari" -X GET 
> [http://<ambari-host>:8080/api/v1/clusters|http://saurabh-ambari:8080/api/v1/clusters]}}
>  
> Following are the 2 entries in ambari-audit.log:
> {quote}2019-04-08T10:19:04.991Z, User(null), RemoteIp(x.x.x.x), 
> Operation(User login), Roles(
>  ), Status(Failed), Reason(Authentication required), Consecutive 
> failures(UNKNOWN USER)
>  2019-04-08T10:19:04.999Z, User(admin), RemoteIp(x.x.x.x), Operation(User 
> login), Roles(
>      Ambari: Ambari Administrator
>  ), Status(Success)
> {quote}
>  
> The second line seems to be valid. However, the first line (with the null 
> user) shouldn't be there.
> Note: I'm not sure if it helps, but the cluster is Kerberized and Knox isn't 
> involved.
>  
> Edit: This issue could be seen on both Ambari 2.5.2 and 2.7.3. Also, 2.5.2 
> version cluster is Kerberized, the 2.7.3 version is NOT Kerberized. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ambari.apache.org
For additional commands, e-mail: issues-h...@ambari.apache.org

Reply via email to