Ambari
  1. Ambari
  2. AMBARI-2528

Setup-ldap with invalid master key allows LDAP reconfiguration

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Blocker Blocker
    • Resolution: Fixed
    • Affects Version/s: 1.2.5
    • Fix Version/s: 1.2.5
    • Component/s: controller
    • Labels:
      None

      Description

      Choose not to persist master key, so next time I ran setup-ldap it prompted me for the key. I just entered garbage and it still let me continue to enter the ldap credentials.

      1. AMBARI-2528.patch
        51 kB
        Siddharth Wagle

        Activity

        Hide
        Siddharth Wagle added a comment -

        Changed the flow of enable encryption, setup and setup-ldap will not be concerned with encrypting passwords. Instead added a new action, encrypt-passwords.

        {start|stop|restart|setup|upgrade|status|upgradestack|setup-ldap|setup-https|encrypt-passwords}
        
        Show
        Siddharth Wagle added a comment - Changed the flow of enable encryption, setup and setup-ldap will not be concerned with encrypting passwords. Instead added a new action, encrypt-passwords. {start|stop|restart|setup|upgrade|status|upgradestack|setup-ldap|setup-https|encrypt-passwords}
        Hide
        Siddharth Wagle added a comment -

        ----------------------------------------------------------------------
        Ran 140 tests in 17.751s

        OK
        [INFO] ------------------------------------------------------------------------
        [INFO] Reactor Summary:
        [INFO]
        [INFO] Ambari Main ....................................... SUCCESS [0.125s]
        [INFO] Apache Ambari Project POM ......................... SUCCESS [0.026s]
        [INFO] Ambari Web ........................................ SUCCESS [6.777s]
        [INFO] Ambari Server ..................................... SUCCESS [6:12.357s]
        [INFO] Ambari Agent ...................................... SUCCESS [21.993s]
        [INFO] ------------------------------------------------------------------------
        [INFO] BUILD SUCCESS
        [INFO] ------------------------------------------------------------------------

        Show
        Siddharth Wagle added a comment - ---------------------------------------------------------------------- Ran 140 tests in 17.751s OK [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary: [INFO] [INFO] Ambari Main ....................................... SUCCESS [0.125s] [INFO] Apache Ambari Project POM ......................... SUCCESS [0.026s] [INFO] Ambari Web ........................................ SUCCESS [6.777s] [INFO] Ambari Server ..................................... SUCCESS [6:12.357s] [INFO] Ambari Agent ...................................... SUCCESS [21.993s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------
        Hide
        Nate Cole added a comment -

        +1, the following testing scenarios were performed:

        • setup -> encrypt (persist master) -> setup-ldap -> encrypt (don't persist master) -> start
        • setup -> setup-ldap -> encrypt (don't persist master) -> start
        • setup -> setup-ldap -> encrypt (persist master) -> encrypt (reset master key) -> start
        • setup -> encrypt (don't persist) -> setup-ldap -> encrypt (reset master key) -> start
        Show
        Nate Cole added a comment - +1, the following testing scenarios were performed: setup -> encrypt (persist master) -> setup-ldap -> encrypt (don't persist master) -> start setup -> setup-ldap -> encrypt (don't persist master) -> start setup -> setup-ldap -> encrypt (persist master) -> encrypt (reset master key) -> start setup -> encrypt (don't persist) -> setup-ldap -> encrypt (reset master key) -> start
        Hide
        Siddharth Wagle added a comment -

        Added a invalid input error messsage.

        get_validated_string_input(ldap_properties_map_reqd[key][1],
        ldap_properties_map_reqd[key][0], pattern,
        "Invalid characters in the input!", False, ldap_properties_map_reqd[key][2])

        Show
        Siddharth Wagle added a comment - Added a invalid input error messsage. get_validated_string_input(ldap_properties_map_reqd [key] [1] , ldap_properties_map_reqd [key] [0] , pattern, "Invalid characters in the input!", False, ldap_properties_map_reqd [key] [2] )
        Hide
        Siddharth Wagle added a comment -

        Fixed - configure_database_username_password:

        Assigning filename as password string.

        Show
        Siddharth Wagle added a comment - Fixed - configure_database_username_password: Assigning filename as password string.
        Hide
        Sumit Mohanty added a comment -

        LGTM, +1.

        Show
        Sumit Mohanty added a comment - LGTM, +1.
        Hide
        Siddharth Wagle added a comment -

        Committed to trunk.

        Show
        Siddharth Wagle added a comment - Committed to trunk.

          People

          • Assignee:
            Siddharth Wagle
            Reporter:
            Siddharth Wagle
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development