[AMBARI-19767] Inconsistent auth-to-local rules processing during Kerberos authentication - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.0
Fix Version/s: 2.5.0
Component/s: ambari-server
Labels:
- authentication
- kerberos

Description

Facing issue with local to auth rules.
ambari-qa-cl1@EXAMPLE.COM is getting converted to ambari-qa-cl1 as well as ambari-qa with same ambari configuration ie authentication.kerberos.auth_to_local.rules=DEFAULT.

1st translation :

28 Jan 2017 11:44:45,529  INFO [ambari-client-thread-3298] AmbariAuthToLocalUserDetailsService:102 - Translated ambari-qa-cl1@EXAMPLE.COM to ambari-qa-cl1 using auth-to-local rules during Kerberos authentication.

2nd translation :

28 Jan 2017 11:47:36,425  INFO [ambari-client-thread-3172] AmbariAuthToLocalUserDetailsService:102 - Translated ambari-qa-cl1@EXAMPLE.COM to ambari-qa using auth-to-local rules during Kerberos authentication.
28 Jan 2017 11:47:36,428  WARN [ambari-client-thread-3172] AmbariAuthToLocalUserDetailsService:136 - Failed find user account for user with username of ambari-qa during Kerberos authentication.
28

Since authentication.kerberos.auth_to_local.rules=DEFAULT , 'ambari-qa-cl1@EXAMPLE.COM' should have been translated to 'ambari-qa-cl1'.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-19767_branch-2.5_01.patch
28/Jan/17 17:12
2 kB
Robert Levas
AMBARI-19767_trunk_01.patch
28/Jan/17 17:12
2 kB
Robert Levas

Issue Links

links to

ReviewBoard

Activity

People

Assignee:: Robert Levas

Reporter:: Supreeth Sharma

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Jan/17 16:10

Updated:: 20/Mar/17 21:40

Resolved:: 29/Jan/17 16:17