-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/49803/#review141268
-----------------------------------------------------------


Ship it!




Ship It!

- Dmytro Sen


On Июль 8, 2016, 10:32 д.п., Andrew Onischuk wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/49803/
> -----------------------------------------------------------
> 
> (Updated Июль 8, 2016, 10:32 д.п.)
> 
> 
> Review request for Ambari and Dmytro Sen.
> 
> 
> Bugs: AMBARI-17621
>     https://issues.apache.org/jira/browse/AMBARI-17621
> 
> 
> Repository: ambari
> 
> 
> Description
> -------
> 
> Currently Atlas does not support kerberized Solr communication.  
> To make kerberized Solr client work:  
> 1\. Set `java.security.auth.login.config` property, which points to a jaas-
> file (with Client block)  
> 2\. Use Kerberos http client configurer.
> 
> This option should be bind to a new property (e.g.:
> "atlas.solr.kerberos.enable")
> 
> call this before creating CloudSolrClient instance: (most likely
> Solr5Index.java)
> 
>     
>     
>     
>     boolean securityEnabled = 
> PropertiesUtil.getBooleanProperty("atlas.solr.kerberos.enable", false);
>     if (securityEnabled) {
>       System.setProperty("java.security.auth.login.config", 
> "/etc/atlas/conf/atlas-jaas.conf");
>       HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
>     }
>     
> 
> some useful documentation from Ranger:  
> <https://cwiki.apache.org/confluence/display/RANGER/How+to+configure+Solr+Clou
> d+with+Kerberos+for+Ranger+0.5>
> 
> On ambari side: we should handle this property if kerberos is enabled. The new
> property should be added only if Solr is used for Atlas
> 
> 
> Diffs
> -----
> 
>   
> ambari-server/src/main/resources/stacks/HDP/2.5/services/ATLAS/configuration/application-properties.xml
>  57b31a7 
>   
> ambari-server/src/main/resources/stacks/HDP/2.5/services/ATLAS/kerberos.json 
> fd05edf 
> 
> Diff: https://reviews.apache.org/r/49803/diff/
> 
> 
> Testing
> -------
> 
> mvn clean test
> 
> 
> Thanks,
> 
> Andrew Onischuk
> 
>

Reply via email to