[AMBARI-9852] Kerberos: Kerberos Service Check needs to generate and destroy it's own unique identity for testing - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.0
Fix Version/s: 2.0.0
Component/s: ambari-server
Labels:
- kerberos

Epic Link:
Ambari Automated Kerberization

Description

The Kerberos service check needs to generate it's own unique identity to use for testing and then destroy it when complete. This will ensure that any known identities (such as the smokeuser, usually ambari-qa) does not accidentally get removed if shared between clusters or if the service check is run after Kerberos is enabled.

The service check must perform the following steps:

Create a unique principal in the relevant KDC (server)
Test that the principal can be used to authenticate via kinit (agent)
Destroy the principal (server)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBARI-9852_01.patch
02/Mar/15 23:31
70 kB
Robert Levas

Issue Links

links to

ReviewBoard

Activity

People

Assignee:: Robert Levas

Reporter:: Robert Levas

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Feb/15 22:07

Updated:: 03/Mar/15 16:36

Resolved:: 03/Mar/15 15:38