Thanks for filing the JIRA too.
On Fri, Jan 17, 2014 at 12:35 PM, Yusaku Sako <[email protected]>wrote: > No problem. > Glad it worked for you. > > Filed https://issues.apache.org/jira/browse/AMBARI-4337 to update the API > Reference. > > Yusaku > > > On Fri, Jan 17, 2014 at 12:29 PM, Chris Mildebrandt <[email protected] > > wrote: > >> Yes, that worked. Thanks for the fast reply! >> >> -Chris >> >> >> On Fri, Jan 17, 2014 at 12:28 PM, Yusaku Sako <[email protected]>wrote: >> >>> Please add the HTTP header "X-Requested-By: ambari" to any POST/PUT >>> calls you make. >>> This change in the API behavior was made to prevent CSRF (Cross-Site >>> Request Forgery). >>> >>> Yusaku >>> >>> >>> On Fri, Jan 17, 2014 at 12:17 PM, Chris Mildebrandt < >>> [email protected]> wrote: >>> >>>> Hey, >>>> >>>> I've been using Ambari 1.4.1.25 for a while. I tried Ambari 1.4.3.38 >>>> today and I'm not able to create a cluster using the REST services. Here's >>>> the call I expected to work: >>>> >>>> curl -i -X POST -d '{"Clusters": {"version": "HDP-2.0.6"}}' --user >>>> admin:admin http://hadoop1.robinsystems.com:8080/api/v1/clusters/cl1 >>>> >>>> I get the following response: >>>> >>>> <title>Error 400 Bad Request</title> >>>> </head> >>>> <body> >>>> <h2>HTTP ERROR: 400</h2> >>>> <p>Problem accessing /api/v1/clusters/cl1. Reason: >>>> <pre> Bad Request</pre></p> >>>> <hr /><i><small>Powered by Jetty://</small></i> >>>> >>>> However, I'm able to create the cluster from the web UI. Here are the >>>> relevant log entries from the POST: >>>> >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:358 >>>> - REQUEST /api/v1/clusters/cl1 on AsyncHttpConnection@a42a751 >>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=2,l=33,c=38},r=1 >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ContextHandler:894 - scope null||/api/v1/clusters/cl1 @ >>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/} >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ContextHandler:966 - context=||/api/v1/clusters/cl1 @ >>>> o.e.j.s.ServletContextHandler{/,file:/usr/lib/ambari-server/web/} >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:183 >>>> - >>>> sessionManager=org.eclipse.jetty.server.session.HashSessionManager@775c024c >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:184 >>>> - session=null >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ServletHandler:360 - servlet |/api/v1|/clusters/cl1 -> >>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125 >>>> 11:47:59,601 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ServletHandler:422 - >>>> chain=org.apache.ambari.server.api.AmbariPersistFilter-452688583->org.springframework.web.filter.DelegatingFilterProxy-1399975832->com.sun.jersey.spi.container.servlet.ServletContainer-1821413125 >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ServletHandler:1297 - call filter >>>> org.apache.ambari.server.api.AmbariPersistFilter-452688583 >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ServletHandler:1297 - call filter >>>> org.springframework.web.filter.DelegatingFilterProxy-1399975832 >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 1 of 8 in >>>> additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> HttpSessionSecurityContextRepository:127 - No HttpSession currently exists >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> HttpSessionSecurityContextRepository:85 - No SecurityContext was available >>>> from the HttpSession: null. A new one will be created. >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 2 of 8 in >>>> additional filter chain; firing Filter: 'BasicAuthenticationFilter' >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> BasicAuthenticationFilter:161 - Basic Authentication Authorization header >>>> found for user 'admin' >>>> 11:47:59,602 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ProviderManager:152 - Authentication attempt using >>>> org.springframework.security.authentication.dao.DaoAuthenticationProvider >>>> 11:47:59,603 INFO [qtp139607202-15 - /api/v1/clusters/cl1] >>>> AmbariLocalUserDetailsService:62 - Loading user by name: admin >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> BasicAuthenticationFilter:171 - Authentication success: >>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >>>> Principal: org.springframework.security.core.userdetails.User@586034f: >>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 3 of 8 in >>>> additional filter chain; firing Filter: 'RequestCacheAwareFilter' >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 4 of 8 in >>>> additional filter chain; firing Filter: >>>> 'SecurityContextHolderAwareRequestFilter' >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 5 of 8 in >>>> additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> AnonymousAuthenticationFilter:107 - SecurityContextHolder not populated >>>> with anonymous token, as it already contained: >>>> 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >>>> Principal: org.springframework.security.core.userdetails.User@586034f: >>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN' >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 6 of 8 in >>>> additional filter chain; firing Filter: 'SessionManagementFilter' >>>> 11:47:59,607 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> HttpSessionSecurityContextRepository:336 - HttpSession being created as >>>> SecurityContext is non-default >>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] session:85 >>>> - new session & id 1n12cpwlh9zb143govwif9ub6 1n12cpwlh9zb143govwif9ub6 >>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to >>>> HttpSession: >>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be: >>>> Authentication: >>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >>>> Principal: org.springframework.security.core.userdetails.User@586034f: >>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN' >>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 7 of 8 in >>>> additional filter chain; firing Filter: 'ExceptionTranslationFilter' >>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:337 - /api/v1/clusters/cl1 at position 8 of 8 in >>>> additional filter chain; firing Filter: 'FilterSecurityInterceptor' >>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> AntPathRequestMatcher:85 - Request 'POST /api/v1/clusters/cl1' doesn't >>>> match 'GET /** >>>> 11:47:59,608 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterSecurityInterceptor:194 - Secure object: FilterInvocation: URL: >>>> /api/v1/clusters/cl1; Attributes: [hasRole('ADMIN')] >>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterSecurityInterceptor:310 - Previously Authenticated: >>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >>>> Principal: org.springframework.security.core.userdetails.User@586034f: >>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN >>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> AffirmativeBased:65 - Voter: >>>> org.springframework.security.web.access.expression.WebExpressionVoter@2844a541, >>>> returned: 1 >>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterSecurityInterceptor:215 - Authorization successful >>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterSecurityInterceptor:227 - RunAsManager did not change Authentication >>>> object >>>> 11:47:59,609 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> FilterChainProxy:323 - /api/v1/clusters/cl1 reached end of additional >>>> filter chain; proceeding with original chain >>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ServletHandler:1328 - call servlet >>>> com.sun.jersey.spi.container.servlet.ServletContainer-1821413125 >>>> 11:47:59,610 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> HttpSessionSecurityContextRepository:292 - SecurityContext stored to >>>> HttpSession: >>>> 'org.springframework.security.core.context.SecurityContextImpl@63215be: >>>> Authentication: >>>> org.springframework.security.authentication.UsernamePasswordAuthenticationToken@63215be: >>>> Principal: org.springframework.security.core.userdetails.User@586034f: >>>> Username: admin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: >>>> true; credentialsNonExpired: true; AccountNonLocked: true; Granted >>>> Authorities: ADMIN; Credentials: [PROTECTED]; Authenticated: true; Details: >>>> org.springframework.security.web.authentication.WebAuthenticationDetails@ffffe21a: >>>> RemoteIpAddress: 10.7.200.2; SessionId: null; Granted Authorities: ADMIN' >>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> ExceptionTranslationFilter:115 - Chain processed normally >>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] >>>> SecurityContextPersistenceFilter:97 - SecurityContextHolder now cleared, as >>>> request processing completed >>>> 11:47:59,613 DEBUG [qtp139607202-15 - /api/v1/clusters/cl1] Server:360 >>>> - RESPONSE /api/v1/clusters/cl1 400 handled=true >>>> 11:47:59,613 DEBUG [qtp139607202-15] AsyncHttpConnection:211 - Enabled >>>> read interest SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080 >>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >>>> ,g=HttpGenerator{s=4,h=0,b=0,c=-1},p=HttpParser{s=0,l=33,c=38},r=1} >>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:118 - ishut >>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080 >>>> ),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-14,l=0,c=-3},r=1} >>>> 11:47:59,614 DEBUG [qtp139607202-15] HttpParser:281 - filled -1/0 >>>> 11:47:59,614 DEBUG [qtp139607202-15] AsyncHttpConnection:145 - Disabled >>>> read interest while writing response SCEP@5511e6b9{l(/10.7.200.2:33434 >>>> )<->r(/10.7.200.1:8080 >>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1} >>>> 11:47:59,614 DEBUG [qtp139607202-15] ChannelEndPoint:209 - close >>>> SCEP@5511e6b9{l(/10.7.200.2:33434)<->r(/10.7.200.1:8080 >>>> ),d=true,open=true,ishut=true,oshut=false,rb=false,wb=false,w=true,i=0r}-{AsyncHttpConnection@a42a751 >>>> ,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=0,l=0,c=-3},r=1} >>>> >>>> >>>> Any ideas? >>>> >>>> Thanks, >>>> -Chris >>>> >>> >>> >>> CONFIDENTIALITY NOTICE >>> NOTICE: This message is intended for the use of the individual or entity >>> to which it is addressed and may contain information that is confidential, >>> privileged and exempt from disclosure under applicable law. If the reader >>> of this message is not the intended recipient, you are hereby notified that >>> any printing, copying, dissemination, distribution, disclosure or >>> forwarding of this communication is strictly prohibited. If you have >>> received this communication in error, please contact the sender immediately >>> and delete it from your system. Thank You. >> >> >> > > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity > to which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You. >
