YARN-8571. Validate service principal format prior to launching yarn service. Contributed by Eric Yang

This commit is contained in:
Billie Rinaldi 2018-07-27 11:30:19 -07:00
parent 1c40bc2836
commit b429f19d32
3 changed files with 39 additions and 0 deletions

View File

@ -125,4 +125,8 @@ public interface RestApiErrorMessages {
String ERROR_COMP_DOES_NOT_NEED_UPGRADE = "The component (%s) does not need" +
" an upgrade.";
String ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT = "Kerberos principal (%s) does " +
" not contain a hostname.";
String ERROR_KERBEROS_PRINCIPAL_MISSING = "Kerberos principal or keytab is" +
" missing.";
}

View File

@ -243,6 +243,16 @@ public static void validateAndResolveService(Service service,
public static void validateKerberosPrincipal(
KerberosPrincipal kerberosPrincipal) throws IOException {
try {
if (!kerberosPrincipal.getPrincipalName().contains("/")) {
throw new IllegalArgumentException(String.format(
RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT,
kerberosPrincipal.getPrincipalName()));
}
} catch (NullPointerException e) {
throw new IllegalArgumentException(
RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_MISSING);
}
if (!StringUtils.isEmpty(kerberosPrincipal.getKeytab())) {
try {
// validate URI format

View File

@ -625,4 +625,29 @@ public void testKerberosPrincipal() throws IOException {
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
}
}
@Test
public void testKerberosPrincipalNameFormat() throws IOException {
Service app = createValidApplication("comp-a");
KerberosPrincipal kp = new KerberosPrincipal();
kp.setPrincipalName("user@domain.com");
app.setKerberosPrincipal(kp);
try {
ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
Assert.fail(EXCEPTION_PREFIX + "service with invalid principal name format.");
} catch (IllegalArgumentException e) {
assertEquals(
String.format(RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT,
kp.getPrincipalName()),
e.getMessage());
}
kp.setPrincipalName("user/_HOST@domain.com");
try {
ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
} catch (IllegalArgumentException e) {
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
}
}
}