YARN-8571. Validate service principal format prior to launching yarn service. Contributed by Eric Yang
This commit is contained in:
parent
1c40bc2836
commit
b429f19d32
@ -125,4 +125,8 @@ public interface RestApiErrorMessages {
|
||||
|
||||
String ERROR_COMP_DOES_NOT_NEED_UPGRADE = "The component (%s) does not need" +
|
||||
" an upgrade.";
|
||||
String ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT = "Kerberos principal (%s) does " +
|
||||
" not contain a hostname.";
|
||||
String ERROR_KERBEROS_PRINCIPAL_MISSING = "Kerberos principal or keytab is" +
|
||||
" missing.";
|
||||
}
|
||||
|
@ -243,6 +243,16 @@ public static void validateAndResolveService(Service service,
|
||||
|
||||
public static void validateKerberosPrincipal(
|
||||
KerberosPrincipal kerberosPrincipal) throws IOException {
|
||||
try {
|
||||
if (!kerberosPrincipal.getPrincipalName().contains("/")) {
|
||||
throw new IllegalArgumentException(String.format(
|
||||
RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT,
|
||||
kerberosPrincipal.getPrincipalName()));
|
||||
}
|
||||
} catch (NullPointerException e) {
|
||||
throw new IllegalArgumentException(
|
||||
RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_MISSING);
|
||||
}
|
||||
if (!StringUtils.isEmpty(kerberosPrincipal.getKeytab())) {
|
||||
try {
|
||||
// validate URI format
|
||||
|
@ -625,4 +625,29 @@ public void testKerberosPrincipal() throws IOException {
|
||||
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testKerberosPrincipalNameFormat() throws IOException {
|
||||
Service app = createValidApplication("comp-a");
|
||||
KerberosPrincipal kp = new KerberosPrincipal();
|
||||
kp.setPrincipalName("user@domain.com");
|
||||
app.setKerberosPrincipal(kp);
|
||||
|
||||
try {
|
||||
ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
|
||||
Assert.fail(EXCEPTION_PREFIX + "service with invalid principal name format.");
|
||||
} catch (IllegalArgumentException e) {
|
||||
assertEquals(
|
||||
String.format(RestApiErrorMessages.ERROR_KERBEROS_PRINCIPAL_NAME_FORMAT,
|
||||
kp.getPrincipalName()),
|
||||
e.getMessage());
|
||||
}
|
||||
|
||||
kp.setPrincipalName("user/_HOST@domain.com");
|
||||
try {
|
||||
ServiceApiUtil.validateKerberosPrincipal(app.getKerberosPrincipal());
|
||||
} catch (IllegalArgumentException e) {
|
||||
Assert.fail(NO_EXCEPTION_PREFIX + e.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user