AMBARI-10875. Kerberos Identity data is empty when Cluster.security_type != KERBEROS (rlevas)

ambari-server/src/main/java/org/apache/ambari/server/controller/KerberosHelper.java

@@ -2039,83 +2039,81 @@ public class KerberosHelper {
 
     Map<String, Collection<KerberosIdentityDescriptor>> activeIdentities = new HashMap<String, Collection<KerberosIdentityDescriptor>>();
 
-    if (isClusterKerberosEnabled(cluster)) {
-      Collection<String> hosts;
+    Collection<String> hosts;
 
-      if (hostName == null) {
-        Map<String, Host> hostMap = clusters.getHostsForCluster(clusterName);
-        if (hostMap == null) {
-          hosts = null;
-        } else {
-          hosts = hostMap.keySet();
-        }
+    if (hostName == null) {
+      Map<String, Host> hostMap = clusters.getHostsForCluster(clusterName);
+      if (hostMap == null) {
+        hosts = null;
       } else {
-        hosts = Collections.singleton(hostName);
+        hosts = hostMap.keySet();
       }
+    } else {
+      hosts = Collections.singleton(hostName);
+    }
 
-      if ((hosts != null) && !hosts.isEmpty()) {
-        KerberosDescriptor kerberosDescriptor = getKerberosDescriptor(cluster);
+    if ((hosts != null) && !hosts.isEmpty()) {
+      KerberosDescriptor kerberosDescriptor = getKerberosDescriptor(cluster);
 
-        if (kerberosDescriptor != null) {
-          Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties();
+      if (kerberosDescriptor != null) {
+        Map<String, String> kerberosDescriptorProperties = kerberosDescriptor.getProperties();
 
-          for (String hostname : hosts) {
-            Map<String, KerberosIdentityDescriptor> hostActiveIdentities = new HashMap<String, KerberosIdentityDescriptor>();
-            List<KerberosIdentityDescriptor> identities = getActiveIdentities(cluster, hostname, serviceName, componentName, kerberosDescriptor);
+        for (String hostname : hosts) {
+          Map<String, KerberosIdentityDescriptor> hostActiveIdentities = new HashMap<String, KerberosIdentityDescriptor>();
+          List<KerberosIdentityDescriptor> identities = getActiveIdentities(cluster, hostname, serviceName, componentName, kerberosDescriptor);
 
-            if (!identities.isEmpty()) {
-              // Calculate the current host-specific configurations. These will be used to replace
-              // variables within the Kerberos descriptor data
-              Map<String, Map<String, String>> configurations = calculateConfigurations(cluster, hostname, kerberosDescriptorProperties);
+          if (!identities.isEmpty()) {
+            // Calculate the current host-specific configurations. These will be used to replace
+            // variables within the Kerberos descriptor data
+            Map<String, Map<String, String>> configurations = calculateConfigurations(cluster, hostname, kerberosDescriptorProperties);
 
-              for (KerberosIdentityDescriptor identity : identities) {
-                KerberosPrincipalDescriptor principalDescriptor = identity.getPrincipalDescriptor();
-                String principal = null;
+            for (KerberosIdentityDescriptor identity : identities) {
+              KerberosPrincipalDescriptor principalDescriptor = identity.getPrincipalDescriptor();
+              String principal = null;
 
-                if (principalDescriptor != null) {
-                  principal = KerberosDescriptor.replaceVariables(principalDescriptor.getValue(), configurations);
+              if (principalDescriptor != null) {
+                principal = KerberosDescriptor.replaceVariables(principalDescriptor.getValue(), configurations);
+              }
+
+              if (principal != null) {
+                if (replaceHostNames) {
+                  principal = principal.replace("_HOST", hostname);
                 }
 
-                if (principal != null) {
-                  if (replaceHostNames) {
-                    principal = principal.replace("_HOST", hostname);
+                if (!hostActiveIdentities.containsKey(principal)) {
+                  KerberosPrincipalDescriptor resolvedPrincipalDescriptor =
+                      new KerberosPrincipalDescriptor(principal,
+                          principalDescriptor.getType(),
+                          KerberosDescriptor.replaceVariables(principalDescriptor.getConfiguration(), configurations),
+                          KerberosDescriptor.replaceVariables(principalDescriptor.getLocalUsername(), configurations));
+
+                  KerberosKeytabDescriptor resolvedKeytabDescriptor;
+
+                  KerberosKeytabDescriptor keytabDescriptor = identity.getKeytabDescriptor();
+                  if (keytabDescriptor == null) {
+                    resolvedKeytabDescriptor = null;
+                  } else {
+                    resolvedKeytabDescriptor =
+                        new KerberosKeytabDescriptor(
+                            KerberosDescriptor.replaceVariables(keytabDescriptor.getFile(), configurations),
+                            KerberosDescriptor.replaceVariables(keytabDescriptor.getOwnerName(), configurations),
+                            KerberosDescriptor.replaceVariables(keytabDescriptor.getOwnerAccess(), configurations),
+                            KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupName(), configurations),
+                            KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupAccess(), configurations),
+                            KerberosDescriptor.replaceVariables(keytabDescriptor.getConfiguration(), configurations),
+                            keytabDescriptor.isCachable());
                   }
 
-                  if (!hostActiveIdentities.containsKey(principal)) {
-                    KerberosPrincipalDescriptor resolvedPrincipalDescriptor =
-                        new KerberosPrincipalDescriptor(principal,
-                            principalDescriptor.getType(),
-                            KerberosDescriptor.replaceVariables(principalDescriptor.getConfiguration(), configurations),
-                            KerberosDescriptor.replaceVariables(principalDescriptor.getLocalUsername(), configurations));
-
-                    KerberosKeytabDescriptor resolvedKeytabDescriptor;
-
-                    KerberosKeytabDescriptor keytabDescriptor = identity.getKeytabDescriptor();
-                    if (keytabDescriptor == null) {
-                      resolvedKeytabDescriptor = null;
-                    } else {
-                      resolvedKeytabDescriptor =
-                          new KerberosKeytabDescriptor(
-                              KerberosDescriptor.replaceVariables(keytabDescriptor.getFile(), configurations),
-                              KerberosDescriptor.replaceVariables(keytabDescriptor.getOwnerName(), configurations),
-                              KerberosDescriptor.replaceVariables(keytabDescriptor.getOwnerAccess(), configurations),
-                              KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupName(), configurations),
-                              KerberosDescriptor.replaceVariables(keytabDescriptor.getGroupAccess(), configurations),
-                              KerberosDescriptor.replaceVariables(keytabDescriptor.getConfiguration(), configurations),
-                              keytabDescriptor.isCachable());
-                    }
-
-                    hostActiveIdentities.put(principal, new KerberosIdentityDescriptor(
-                        identity.getName(),
-                        resolvedPrincipalDescriptor,
-                        resolvedKeytabDescriptor));
-                  }
+                  hostActiveIdentities.put(principal, new KerberosIdentityDescriptor(
+                      identity.getName(),
+                      resolvedPrincipalDescriptor,
+                      resolvedKeytabDescriptor));
                 }
               }
             }
-
-            activeIdentities.put(hostname, hostActiveIdentities.values());
           }
+
+          activeIdentities.put(hostname, hostActiveIdentities.values());
         }
       }
     }

ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java

@@ -417,15 +417,25 @@ public class KerberosHelperTest extends EasyMockSupport {
 
   @Test(expected = IllegalArgumentException.class)
   public void testGetActiveIdentities_MissingCluster() throws Exception {
-    testGetActiveIdentities(null, null, null, null, true);
+    testGetActiveIdentities(null, null, null, null, true, SecurityType.KERBEROS);
   }
 
   @Test
-  public void testGetActiveIdentities_All() throws Exception {
-    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, null, null, true);
+  public void testGetActiveIdentities_SecurityTypeKerberos_All() throws Exception {
+    testGetActiveIdentities_All(SecurityType.KERBEROS);
+  }
+
+  @Test
+  public void testGetActiveIdentities_SecurityTypeNone_All() throws Exception {
+    testGetActiveIdentities_All(SecurityType.NONE);
+  }
+
+  @Test
+  public void testGetActiveIdentities_SingleHost() throws Exception {
+    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", "host1", null, null, true, SecurityType.KERBEROS);
 
     Assert.assertNotNull(identities);
-    Assert.assertEquals(2, identities.size());
+    Assert.assertEquals(1, identities.size());
 
     Collection<KerberosIdentityDescriptor> hostIdentities;
 
@@ -482,15 +492,25 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
     }});
-    
-    hostIdentities = identities.get("host2");
+  }
+
+  @Test
+  public void testGetActiveIdentities_SingleService() throws Exception {
+    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, "SERVICE1", null, true, SecurityType.KERBEROS);
+
+    Assert.assertNotNull(identities);
+    Assert.assertEquals(2, identities.size());
+
+    Collection<KerberosIdentityDescriptor> hostIdentities;
+
+    hostIdentities = identities.get("host1");
     Assert.assertNotNull(hostIdentities);
-    Assert.assertEquals(3, hostIdentities.size());
+    Assert.assertEquals(2, hostIdentities.size());
 
     validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
       put("identity1", new HashMap<String, Object>() {
         {
-          put("principal_name", "component1/host2@EXAMPLE.COM");
+          put("principal_name", "component1/host1@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/component1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -504,25 +524,9 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
 
-      put("identity2", new HashMap<String, Object>() {
-        {
-          put("principal_name", "component2/host2@EXAMPLE.COM");
-          put("principal_type", KerberosPrincipalType.SERVICE);
-          put("principal_configuration", "service2-site/component2.kerberos.principal");
-          put("principal_local_username", "service2");
-          put("keytab_file", "${keytab_dir}/service2.keytab");
-          put("keytab_owner_name", "service2");
-          put("keytab_owner_access", "rw");
-          put("keytab_group_name", "hadoop");
-          put("keytab_group_access", "");
-          put("keytab_configuration", "service2-site/component2.keytab.file");
-          put("keytab_cachable", false);
-        }
-      });
-
       put("identity3", new HashMap<String, Object>() {
         {
-          put("principal_name", "service1/host2@EXAMPLE.COM");
+          put("principal_name", "service1/host1@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/service1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -536,25 +540,15 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
     }});
-  }
-
-  @Test
-  public void testGetActiveIdentities_SingleHost() throws Exception {
-    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", "host1", null, null, true);
-
-    Assert.assertNotNull(identities);
-    Assert.assertEquals(1, identities.size());
-
-    Collection<KerberosIdentityDescriptor> hostIdentities;
-
-    hostIdentities = identities.get("host1");
+    
+    hostIdentities = identities.get("host2");
     Assert.assertNotNull(hostIdentities);
-    Assert.assertEquals(3, hostIdentities.size());
+    Assert.assertEquals(2, hostIdentities.size());
 
     validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
       put("identity1", new HashMap<String, Object>() {
         {
-          put("principal_name", "component1/host1@EXAMPLE.COM");
+          put("principal_name", "component1/host2@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/component1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -568,25 +562,9 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
 
-      put("identity2", new HashMap<String, Object>() {
-        {
-          put("principal_name", "component2/host1@EXAMPLE.COM");
-          put("principal_type", KerberosPrincipalType.SERVICE);
-          put("principal_configuration", "service2-site/component2.kerberos.principal");
-          put("principal_local_username", "service2");
-          put("keytab_file", "${keytab_dir}/service2.keytab");
-          put("keytab_owner_name", "service2");
-          put("keytab_owner_access", "rw");
-          put("keytab_group_name", "hadoop");
-          put("keytab_group_access", "");
-          put("keytab_configuration", "service2-site/component2.keytab.file");
-          put("keytab_cachable", false);
-        }
-      });
-
       put("identity3", new HashMap<String, Object>() {
         {
-          put("principal_name", "service1/host1@EXAMPLE.COM");
+          put("principal_name", "service1/host2@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/service1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -599,26 +577,25 @@ public class KerberosHelperTest extends EasyMockSupport {
           put("keytab_cachable", false);
         }
       });
-    }});
-  }
+    }});  }
 
   @Test
-  public void testGetActiveIdentities_SingleService() throws Exception {
-    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, "SERVICE1", null, true);
+  public void testGetActiveIdentities_SingleServiceSingleHost() throws Exception {
+    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", "host2", "SERVICE1", null, true, SecurityType.KERBEROS);
 
     Assert.assertNotNull(identities);
-    Assert.assertEquals(2, identities.size());
+    Assert.assertEquals(1, identities.size());
 
     Collection<KerberosIdentityDescriptor> hostIdentities;
 
-    hostIdentities = identities.get("host1");
+    hostIdentities = identities.get("host2");
     Assert.assertNotNull(hostIdentities);
     Assert.assertEquals(2, hostIdentities.size());
 
     validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
       put("identity1", new HashMap<String, Object>() {
         {
-          put("principal_name", "component1/host1@EXAMPLE.COM");
+          put("principal_name", "component1/host2@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/component1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -634,7 +611,7 @@ public class KerberosHelperTest extends EasyMockSupport {
 
       put("identity3", new HashMap<String, Object>() {
         {
-          put("principal_name", "service1/host1@EXAMPLE.COM");
+          put("principal_name", "service1/host2@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/service1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -648,62 +625,78 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
     }});
-    
-    hostIdentities = identities.get("host2");
+  }
+
+  @Test
+  public void testGetActiveIdentities_SingleComponent() throws Exception {
+    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, null, "COMPONENT2", true, SecurityType.KERBEROS);
+
+    Assert.assertNotNull(identities);
+    Assert.assertEquals(2, identities.size());
+
+    Collection<KerberosIdentityDescriptor> hostIdentities;
+
+    hostIdentities = identities.get("host1");
     Assert.assertNotNull(hostIdentities);
-    Assert.assertEquals(2, hostIdentities.size());
+    Assert.assertEquals(1, hostIdentities.size());
 
     validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
-      put("identity1", new HashMap<String, Object>() {
+      put("identity2", new HashMap<String, Object>() {
         {
-          put("principal_name", "component1/host2@EXAMPLE.COM");
+          put("principal_name", "component2/host1@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
-          put("principal_configuration", "service1-site/component1.kerberos.principal");
-          put("principal_local_username", "service1");
-          put("keytab_file", "${keytab_dir}/service1.keytab");
-          put("keytab_owner_name", "service1");
+          put("principal_configuration", "service2-site/component2.kerberos.principal");
+          put("principal_local_username", "service2");
+          put("keytab_file", "${keytab_dir}/service2.keytab");
+          put("keytab_owner_name", "service2");
           put("keytab_owner_access", "rw");
           put("keytab_group_name", "hadoop");
           put("keytab_group_access", "");
-          put("keytab_configuration", "service1-site/component1.keytab.file");
+          put("keytab_configuration", "service2-site/component2.keytab.file");
           put("keytab_cachable", false);
         }
       });
+    }});
 
-      put("identity3", new HashMap<String, Object>() {
+    hostIdentities = identities.get("host2");
+    Assert.assertNotNull(hostIdentities);
+    Assert.assertEquals(1, hostIdentities.size());
+
+    validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
+      put("identity2", new HashMap<String, Object>() {
         {
-          put("principal_name", "service1/host2@EXAMPLE.COM");
+          put("principal_name", "component2/host2@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
-          put("principal_configuration", "service1-site/service1.kerberos.principal");
-          put("principal_local_username", "service1");
-          put("keytab_file", "${keytab_dir}/service1.service.keytab");
-          put("keytab_owner_name", "service1");
+          put("principal_configuration", "service2-site/component2.kerberos.principal");
+          put("principal_local_username", "service2");
+          put("keytab_file", "${keytab_dir}/service2.keytab");
+          put("keytab_owner_name", "service2");
           put("keytab_owner_access", "rw");
           put("keytab_group_name", "hadoop");
           put("keytab_group_access", "");
-          put("keytab_configuration", "service1-site/service1.keytab.file");
+          put("keytab_configuration", "service2-site/component2.keytab.file");
           put("keytab_cachable", false);
         }
       });
-    }});  }
+    }});
+  }
 
-  @Test
-  public void testGetActiveIdentities_SingleServiceSingleHost() throws Exception {
-    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", "host2", "SERVICE1", null, true);
+  private void testGetActiveIdentities_All(SecurityType clusterSecurityType) throws Exception {
+    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, null, null, true, clusterSecurityType);
 
     Assert.assertNotNull(identities);
-    Assert.assertEquals(1, identities.size());
+    Assert.assertEquals(2, identities.size());
 
     Collection<KerberosIdentityDescriptor> hostIdentities;
 
-    hostIdentities = identities.get("host2");
+    hostIdentities = identities.get("host1");
     Assert.assertNotNull(hostIdentities);
-    Assert.assertEquals(2, hostIdentities.size());
+    Assert.assertEquals(3, hostIdentities.size());
 
     validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
       put("identity1", new HashMap<String, Object>() {
         {
-          put("principal_name", "component1/host2@EXAMPLE.COM");
+          put("principal_name", "component1/host1@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/component1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -717,9 +710,25 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
 
+      put("identity2", new HashMap<String, Object>() {
+        {
+          put("principal_name", "component2/host1@EXAMPLE.COM");
+          put("principal_type", KerberosPrincipalType.SERVICE);
+          put("principal_configuration", "service2-site/component2.kerberos.principal");
+          put("principal_local_username", "service2");
+          put("keytab_file", "${keytab_dir}/service2.keytab");
+          put("keytab_owner_name", "service2");
+          put("keytab_owner_access", "rw");
+          put("keytab_group_name", "hadoop");
+          put("keytab_group_access", "");
+          put("keytab_configuration", "service2-site/component2.keytab.file");
+          put("keytab_cachable", false);
+        }
+      });
+
       put("identity3", new HashMap<String, Object>() {
         {
-          put("principal_name", "service1/host2@EXAMPLE.COM");
+          put("principal_name", "service1/host1@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
           put("principal_configuration", "service1-site/service1.kerberos.principal");
           put("principal_local_username", "service1");
@@ -733,44 +742,28 @@ public class KerberosHelperTest extends EasyMockSupport {
         }
       });
     }});
-  }
-
-  @Test
-  public void testGetActiveIdentities_SingleComponent() throws Exception {
-    Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, null, "COMPONENT2", true);
-
-    Assert.assertNotNull(identities);
-    Assert.assertEquals(2, identities.size());
-
-    Collection<KerberosIdentityDescriptor> hostIdentities;
 
-    hostIdentities = identities.get("host1");
+    hostIdentities = identities.get("host2");
     Assert.assertNotNull(hostIdentities);
-    Assert.assertEquals(1, hostIdentities.size());
+    Assert.assertEquals(3, hostIdentities.size());
 
     validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
-      put("identity2", new HashMap<String, Object>() {
+      put("identity1", new HashMap<String, Object>() {
         {
-          put("principal_name", "component2/host1@EXAMPLE.COM");
+          put("principal_name", "component1/host2@EXAMPLE.COM");
           put("principal_type", KerberosPrincipalType.SERVICE);
-          put("principal_configuration", "service2-site/component2.kerberos.principal");
-          put("principal_local_username", "service2");
-          put("keytab_file", "${keytab_dir}/service2.keytab");
-          put("keytab_owner_name", "service2");
+          put("principal_configuration", "service1-site/component1.kerberos.principal");
+          put("principal_local_username", "service1");
+          put("keytab_file", "${keytab_dir}/service1.keytab");
+          put("keytab_owner_name", "service1");
           put("keytab_owner_access", "rw");
           put("keytab_group_name", "hadoop");
           put("keytab_group_access", "");
-          put("keytab_configuration", "service2-site/component2.keytab.file");
+          put("keytab_configuration", "service1-site/component1.keytab.file");
           put("keytab_cachable", false);
         }
       });
-    }});
-
-    hostIdentities = identities.get("host2");
-    Assert.assertNotNull(hostIdentities);
-    Assert.assertEquals(1, hostIdentities.size());
 
-    validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{
       put("identity2", new HashMap<String, Object>() {
         {
           put("principal_name", "component2/host2@EXAMPLE.COM");
@@ -786,6 +779,22 @@ public class KerberosHelperTest extends EasyMockSupport {
           put("keytab_cachable", false);
         }
       });
+
+      put("identity3", new HashMap<String, Object>() {
+        {
+          put("principal_name", "service1/host2@EXAMPLE.COM");
+          put("principal_type", KerberosPrincipalType.SERVICE);
+          put("principal_configuration", "service1-site/service1.kerberos.principal");
+          put("principal_local_username", "service1");
+          put("keytab_file", "${keytab_dir}/service1.service.keytab");
+          put("keytab_owner_name", "service1");
+          put("keytab_owner_access", "rw");
+          put("keytab_group_name", "hadoop");
+          put("keytab_group_access", "");
+          put("keytab_configuration", "service1-site/service1.keytab.file");
+          put("keytab_cachable", false);
+        }
+      });
     }});
   }
 
@@ -2877,7 +2886,13 @@ public class KerberosHelperTest extends EasyMockSupport {
     verifyAll();
   }
 
-  private Map<String, Collection<KerberosIdentityDescriptor>> testGetActiveIdentities(String clusterName, String hostName, String serviceName, String compnentName, boolean replaceHostnames) throws Exception {
+  private Map<String, Collection<KerberosIdentityDescriptor>> testGetActiveIdentities(String clusterName,
+                                                                                      String hostName,
+                                                                                      String serviceName,
+                                                                                      String componentName,
+                                                                                      boolean replaceHostNames,
+                                                                                      SecurityType clusterSecurityType)
+      throws Exception {
 
     KerberosHelper kerberosHelper = injector.getInstance(KerberosHelper.class);
 
@@ -2936,7 +2951,7 @@ public class KerberosHelperTest extends EasyMockSupport {
         .anyTimes();
 
     final Cluster cluster = createMock(Cluster.class);
-    expect(cluster.getSecurityType()).andReturn(SecurityType.KERBEROS).anyTimes();
+    expect(cluster.getSecurityType()).andReturn(clusterSecurityType).anyTimes();
     expect(cluster.getClusterName()).andReturn(clusterName).anyTimes();
     expect(cluster.getServiceComponentHosts("host1"))
         .andReturn(new ArrayList<ServiceComponentHost>() {
@@ -3097,7 +3112,7 @@ public class KerberosHelperTest extends EasyMockSupport {
     metaInfo.init();
 
     Map<String, Collection<KerberosIdentityDescriptor>> identities;
-    identities = kerberosHelper.getActiveIdentities(clusterName, hostName, serviceName, compnentName, replaceHostnames);
+    identities = kerberosHelper.getActiveIdentities(clusterName, hostName, serviceName, componentName, replaceHostNames);
 
     verifyAll();