Yes, that worked. Thanks for the fast reply! -Chris
On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <[email protected]>wrote: > Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT calls > you make. > This change in the API behavior was made to prevent CSRF (Cross-Site > Request Forgery). > > Yusaku > > > On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt <[email protected] > > wrote: > >> Hey, >> >> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38 >> today and I'm not able to create a cluster using the REST services. Here's >> the call I expected to work: >> >> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user >> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1 >> >> I get the following response: >> >> <title>Error 400 Bad Request</title> >> </head> >> <body> >> <h2>HTTP ERROR: 400</h2> >> <p>Problem accessing /api/v1/clusters/cl1. Reason: >> <pre> Bad Request</pre></p> >> <hr /><i><small>Powered by Jetty://</small></i> >> >> However, I'm able to create the cluster from the web UI. Here are the >> relevant log entries from the POST: >> >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 - >> REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751 >> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1 >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @ >> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/} >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ContextHandler:966 - context=||/api/v1/clusters/cl1 @ >> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/} >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 - >> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 - >> session=null >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 -> >> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125 >> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ServletHandler:422 - >> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125 >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ServletHandler:1297 - call filter >> org.apache.ambari.server.api.AmbariPersistFilter-452688583 >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ServletHandler:1297 - call filter >> org.springframework.web.filter.DelegatingFilterProxy-1399975832 >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in >> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> HttpSessionSecurityContextRepository:85 - No SecurityContext was available >> from the HttpSession: null. A new one will be created. >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in >> additional filter chain; firing Filter: 'BasicAuthenticationFilter' >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> BasicAuthenticationFilter:161 - Basic Authentication Authorization header >> found for user 'admin' >> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ProviderManager:152 - Authentication attempt using >> org.springframework.security.authentication.dao.DaoAuthenticationProvider >> 11:47:59,603 INFO [qtp139607202-15 - /api/v1/clusters/cl1] >> AmbariLocalUserDetailsService:62 - Loading user by name: admin >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> BasicAuthenticationFilter:171 - Authentication success: >> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >> Principal: org.springframework.security.core.userdetails.User@586034f: >> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in >> additional filter chain; firing Filter: 'RequestCacheAwareFilter' >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in >> additional filter chain; firing Filter: >> 'SecurityContextHolderAwareRequestFilter' >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in >> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated >> with anonymous token, as it already contained: >> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >> Principal: org.springframework.security.core.userdetails.User@586034f: >> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN' >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in >> additional filter chain; firing Filter: 'SessionManagementFilter' >> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> HttpSessionSecurityContextRepository:336 - HttpSession being created as >> SecurityContext is non-default >> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 - >> new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6 >> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> HttpSessionSecurityContextRepository:292 - SecurityContext stored to >> HttpSession: >> 'org.springframework.security.core.context.SecurityContextImpl@63215be: >> Authentication: >> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >> Principal: org.springframework.security.core.userdetails.User@586034f: >> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN' >> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in >> additional filter chain; firing Filter: 'ExceptionTranslationFilter' >> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in >> additional filter chain; firing Filter: 'FilterSecurityInterceptor' >> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't >> match 'GET /** >> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL: >> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')] >> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterSecurityInterceptor:310 - Previously Authenticated: >> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >> Principal: org.springframework.security.core.userdetails.User@586034f: >> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN >> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> AffirmativeBased:65 - Voter: >> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541, >> returned: 1 >> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterSecurityInterceptor:215 - Authorization successful >> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication >> object >> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional >> filter chain; proceeding with original chain >> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ServletHandler:1328 - call servlet >> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125 >> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> HttpSessionSecurityContextRepository:292 - SecurityContext stored to >> HttpSession: >> 'org.springframework.security.core.context.SecurityContextImpl@63215be: >> Authentication: >> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >> Principal: org.springframework.security.core.userdetails.User@586034f: >> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN' >> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> ExceptionTranslationFilter:115 - Chain processed normally >> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as >> request processing completed >> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 - >> RESPONSE /api/v1/clusters/cl1 400 handled=true >> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled >> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080 >> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1} >> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut >> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080 >> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1} >> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0 >> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled >> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434 >> )<->r(/10.7.200.1:8080 >> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1} >> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close >> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080 >> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1} >> >> >> Any ideas? >> >> Thanks, >> -Chris >> > > > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity > to which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You.
