YARN-8571. Validate service principal format prior to launching yarn service. Contributed by Eric Yang
(cherry picked from commit b429f19d32
)
This commit is contained in:
parent
0eb187f72b
commit
06166f2255
|
@ -125,4 +125,8 @@ public interface RestApiErrorMessages {
|
||||||
|
|
||||||
String ERROR_COMP_DOES_NOT_NEED_UPGRADE = "The component (%s) does not need" +
|
String ERROR_COMP_DOES_NOT_NEED_UPGRADE = "The component (%s) does not need" +
|
||||||
" an upgrade.";
|
" an upgrade.";
|
||||||
|
String ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT = "Kerberos principal (%s) does " +
|
||||||
|
" not contain a hostname.";
|
||||||
|
String ERROR_KERBEROS_PRINCIPAL_MISSING = "Kerberos principal or keytab is" +
|
||||||
|
" missing.";
|
||||||
}
|
}
|
||||||
|
|
|
@ -234,6 +234,16 @@ public class ServiceApiUtil {
|
||||||
|
|
||||||
public static void validateKerberosPrincipal(
|
public static void validateKerberosPrincipal(
|
||||||
KerberosPrincipal kerberosPrincipal) throws IOException {
|
KerberosPrincipal kerberosPrincipal) throws IOException {
|
||||||
|
try {
|
||||||
|
if (!kerberosPrincipal.getPrincipalName().contains("/")) {
|
||||||
|
throw new IllegalArgumentException(String.format(
|
||||||
|
RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT,
|
||||||
|
kerberosPrincipal.getPrincipalName()));
|
||||||
|
}
|
||||||
|
} catch (NullPointerException e) {
|
||||||
|
throw new IllegalArgumentException(
|
||||||
|
RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_MISSING);
|
||||||
|
}
|
||||||
if (!StringUtils.isEmpty(kerberosPrincipal.getKeytab())) {
|
if (!StringUtils.isEmpty(kerberosPrincipal.getKeytab())) {
|
||||||
try {
|
try {
|
||||||
// validate URI format
|
// validate URI format
|
||||||
|
|
|
@ -625,4 +625,29 @@ public class TestServiceApiUtil {
|
||||||
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
|
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testKerberosPrincipalNameFormat() throws IOException {
|
||||||
|
Service app = createValidApplication("comp-a");
|
||||||
|
KerberosPrincipal kp = new KerberosPrincipal();
|
||||||
|
kp.setPrincipalName("user@domain.com");
|
||||||
|
app.setKerberosPrincipal(kp);
|
||||||
|
|
||||||
|
try {
|
||||||
|
ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
|
||||||
|
Assert.fail(EXCEPTION_PREFIX + "service with invalid principal name format.");
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
assertEquals(
|
||||||
|
String.format(RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT,
|
||||||
|
kp.getPrincipalName()),
|
||||||
|
e.getMessage());
|
||||||
|
}
|
||||||
|
|
||||||
|
kp.setPrincipalName("user/_HOST@domain.com");
|
||||||
|
try {
|
||||||
|
ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue