AMBARI-5011. Security Wizard: enable Kerberos setup for Falcon. (jaimin)

ambari-web/app/controllers/main/admin/security.js

@@ -220,7 +220,7 @@ App.MainAdminSecurityController = Em.Controller.extend({
         header: Em.I18n.t('popup.confirmation.commonHeader'),
         primary: Em.I18n.t('ok'),
         onPrimary: function () {
-          App.db.setSecurityDeployStages(undefined);
+          App.db.setSecurityDeployCommands(undefined);
           self.setDisableSecurityStatus("RUNNING");
           App.router.transitionTo('disableSecurity');
           this.hide();
@@ -311,68 +311,35 @@ App.MainAdminSecurityController = Em.Controller.extend({
   },
 
   loadUsers: function (configs) {
+    this.setUserName('hdfs_user',configs, 'hdfs');
+    this.setUserName('yarn_user',configs, 'yarn');
+    this.setUserName('mapred_user',configs, 'mapred');
+    this.setUserName('hbase_user',configs, 'hbase');
+    this.setUserName('hive_user',configs, 'hive');
+    this.setUserName('proxyuser_group',configs, 'users');
+    this.setUserName('smokeuser',configs, 'ambari-qa');
+    this.setUserName('zk_user',configs, 'zookeeper');
+    this.setUserName('oozie_user',configs, 'oozie');
+    this.setUserName('nagios_user',configs, 'nagios');
+    this.setUserName('user_group',configs, 'hadoop');
+    this.setUserName('storm_user',configs, 'storm');
+    this.setUserName('falcon_user',configs,'falcon');
+    App.db.setSecureUserInfo(this.get('serviceUsers'));
+  },
+
+  /**
+   *
+   * @param name
+   * @param configs
+   * @param defaultValue
+   */
+  setUserName: function(name,configs,defaultValue) {
     var serviceUsers = this.get('serviceUsers');
     serviceUsers.pushObject({
       id: 'puppet var',
-      name: 'hdfs_user',
-      value: configs['hdfs_user'] ? configs['hdfs_user'] : 'hdfs'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'yarn_user',
-      value: configs['yarn_user'] ? configs['yarn_user'] : 'yarn'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'mapred_user',
-      value: configs['mapred_user'] ? configs['mapred_user'] : 'mapred'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'hbase_user',
-      value: configs['hbase_user'] ? configs['hbase_user'] : 'hbase'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'hive_user',
-      value: configs['hive_user'] ? configs['hive_user'] : 'hive'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'proxyuser_group',
-      value: configs['proxyuser_group'] ? configs['proxyuser_group'] : 'users'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'smokeuser',
-      value: configs['smokeuser'] ? configs['smokeuser'] : 'ambari-qa'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'zk_user',
-      value: configs['zk_user'] ? configs['zk_user'] : 'zookeeper'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'oozie_user',
-      value: configs['oozie_user'] ? configs['oozie_user'] : 'oozie'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'nagios_user',
-      value: configs['nagios_user'] ? configs['nagios_user'] : 'nagios'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'user_group',
-      value: configs['user_group'] ? configs['user_group'] : 'hadoop'
-    });
-    serviceUsers.pushObject({
-      id: 'puppet var',
-      name: 'storm_user',
-      value: configs['storm_user'] ? configs['storm_user'] : 'storm'
+      name: name,
+      value: configs[name] ? configs[name] : defaultValue
     });
-    App.db.setSecureUserInfo(serviceUsers);
   },
 
   showSecurityErrorPopup: function () {

ambari-web/app/controllers/main/admin/security/add/step2.js

@@ -130,6 +130,27 @@ App.MainAdminSecurityAddStep2Controller = Em.Controller.extend({
     }
   },
 
+  /**
+   * fill principal _HOST part with actual hostname of component
+   * @param service
+   * @param hostConfigName
+   * @param principalConfigName
+   * @param defaultPrimaryName
+   */
+  setHostToPrincipal: function (service, hostConfigName, principalConfigName, defaultPrimaryName) {
+    if (service) {
+      var host = service.configs.findProperty('name', hostConfigName);
+      var principal = service.configs.findProperty('name', principalConfigName);
+      if (host && principal) {
+        if (host.defaultValue instanceof Array) {
+          host.defaultValue = host.defaultValue[0];
+        }
+        principal.defaultValue = defaultPrimaryName + host.defaultValue.toLowerCase();
+      }
+    }
+  },
+
+
   loadUsers: function () {
     var securityUsers = App.router.get('mainAdminSecurityController').get('serviceUsers');
     if (!securityUsers || securityUsers.length < 1) { // Page could be refreshed in middle
@@ -214,79 +235,23 @@ App.MainAdminSecurityAddStep2Controller = Em.Controller.extend({
     var mapReduce2Service = serviceConfigs.findProperty('serviceName', 'MAPREDUCE2');
     var yarnService = serviceConfigs.findProperty('serviceName', 'YARN');
     var stormService = serviceConfigs.findProperty('serviceName', 'STORM');
+    var falconService = serviceConfigs.findProperty('serviceName', 'FALCON');
 
-    if (oozieService) {
-      var oozieServerHost = oozieService.configs.findProperty('name', 'oozie_servername');
-      var oozieServerPrincipal = oozieService.configs.findProperty('name', 'oozie_principal_name');
-      var oozieSpnegoPrincipal = oozieService.configs.findProperty('name', 'oozie_http_principal_name');
-      if (oozieServerHost && oozieServerPrincipal && oozieSpnegoPrincipal) {
-        oozieServerHost.defaultValue = App.Service.find('OOZIE').get('hostComponents').findProperty('componentName', 'OOZIE_SERVER').get('host.hostName');
-        oozieServerPrincipal.defaultValue = 'oozie/' + oozieServerHost.defaultValue.toLowerCase();
-        oozieSpnegoPrincipal.defaultValue = 'HTTP/' + oozieServerHost.defaultValue.toLowerCase();
-      }
-    }
-    if (hiveService) {
-      var hiveServerHost = hiveService.configs.findProperty('name', 'hive_metastore');
-      if (hiveServerHost) {
-        hiveServerHost.defaultValue = App.Service.find('HIVE').get('hostComponents').findProperty('componentName', 'HIVE_SERVER').get('host.hostName');
-      }
-    }
-    if (webHcatService) {
-      var webHcatHost = webHcatService.configs.findProperty('name', 'webhcatserver_host');
-      var webHcatSpnegoPrincipal = webHcatService.configs.findProperty('name', 'webHCat_http_principal_name');
-      if (webHcatHost && webHcatSpnegoPrincipal) {
-        webHcatHost.defaultValue = App.Service.find('WEBHCAT').get('hostComponents').findProperty('componentName', 'WEBHCAT_SERVER').get('host.hostName');
-        webHcatSpnegoPrincipal.defaultValue = 'HTTP/' + webHcatHost.defaultValue.toLowerCase();
-      }
-    }
-
-    if (nagiosService) {
-      var nagiosServerHost = nagiosService.configs.findProperty('name', 'nagios_server');
-      var nagiosServerPrincipal = nagiosService.configs.findProperty('name', 'nagios_principal_name');
-      if (nagiosServerHost && nagiosServerPrincipal) {
-        nagiosServerHost.defaultValue = App.Service.find('NAGIOS').get('hostComponents').findProperty('componentName', 'NAGIOS_SERVER').get('host.hostName');
-        nagiosServerPrincipal.defaultValue = 'nagios/' + nagiosServerHost.defaultValue.toLowerCase();
-      }
-    }
-    if (hdfsService) {
-      var namenodeHost = hdfsService.configs.findProperty('name', 'namenode_host');
-      var sNamenodeHost = hdfsService.configs.findProperty('name', 'snamenode_host');
-      var jnHosts = hdfsService.configs.findProperty('name', 'journalnode_hosts');
-      var snComponent = App.Service.find('HDFS').get('hostComponents').findProperty('componentName', 'SECONDARY_NAMENODE');
-      var jnComponent = App.Service.find('HDFS').get('hostComponents').findProperty('componentName', 'JOURNALNODE');
-      if (namenodeHost) {
-        namenodeHost.defaultValue = App.Service.find('HDFS').get('hostComponents').filterProperty('componentName', 'NAMENODE').mapProperty('host.hostName');
-      }
-      if(sNamenodeHost && snComponent) {
-        sNamenodeHost.defaultValue = snComponent.get('host.hostName');
-      }
-      if(jnHosts && jnComponent) {
-        this.setHostsToConfig(hdfsService, 'journalnode_hosts', 'JOURNALNODE');
-      }
-    }
-    if (mapReduceService) {
-      var jobTrackerHost = mapReduceService.configs.findProperty('name', 'jobtracker_host');
-      if (jobTrackerHost) {
-        jobTrackerHost.defaultValue = App.Service.find('MAPREDUCE').get('hostComponents').findProperty('componentName', 'JOBTRACKER').get('host.hostName');
-      }
-      var jobHistoryServerHost = mapReduceService.configs.findProperty('name', 'jobhistoryserver_host');
-      if (jobHistoryServerHost) {
-        jobHistoryServerHost.defaultValue = App.Service.find('MAPREDUCE').get('hostComponents').findProperty('componentName', 'HISTORYSERVER').get('host.hostName');
-      }
-    }
-    if (mapReduce2Service) {
-      var jobHistoryServerHost = mapReduce2Service.configs.findProperty('name', 'jobhistoryserver_host');
-      if (jobHistoryServerHost) {
-        jobHistoryServerHost.defaultValue = App.Service.find('MAPREDUCE2').get('hostComponents').findProperty('componentName', 'HISTORYSERVER').get('host.hostName');
-      }
-    }
-    if (yarnService) {
-      var resourceManagerHost = yarnService.configs.findProperty('name', 'resourcemanager_host');
-      if (resourceManagerHost) {
-        resourceManagerHost.defaultValue = App.Service.find('YARN').get('hostComponents').findProperty('componentName', 'RESOURCEMANAGER').get('host.hostName');
-      }
-    }
 
+    this.setHostsToConfig(oozieService, 'oozie_servername', 'OOZIE_SERVER');
+    this.setHostsToConfig(hiveService, 'hive_metastore', 'HIVE_SERVER');
+    this.setHostsToConfig(webHcatService, 'webhcatserver_host', 'WEBHCAT_SERVER');
+    this.setHostsToConfig(nagiosService, 'nagios_server', 'NAGIOS_SERVER');
+    this.setHostsToConfig(hdfsService, 'namenode_host', 'NAMENODE');
+    this.setHostsToConfig(hdfsService, 'snamenode_host', 'SECONDARY_NAMENODE');
+    this.setHostsToConfig(hdfsService, 'journalnode_hosts', 'JOURNALNODE');
+    this.setHostsToConfig(mapReduceService, 'jobtracker_host', 'JOBTRACKER');
+    this.setHostsToConfig(mapReduceService, 'jobhistoryserver_host', 'HISTORYSERVER');
+    this.setHostsToConfig(mapReduce2Service, 'jobhistoryserver_host', 'HISTORYSERVER');
+    this.setHostsToConfig(yarnService, 'resourcemanager_host', 'RESOURCEMANAGER');
+    this.setHostsToConfig(hbaseService, 'hbasemaster_host', 'HBASE_MASTER');
+    this.setHostsToConfig(zooKeeperService, 'zookeeperserver_hosts', 'ZOOKEEPER_SERVER');
+    this.setHostsToConfig(falconService, 'falcon_server_host', 'FALCON_SERVER');
     if (stormService) {
       var stormMasterComponents = [
         {
@@ -302,8 +267,13 @@ App.MainAdminSecurityAddStep2Controller = Em.Controller.extend({
         this.setHostsToConfig(stormService, masterComponent.configName, masterComponent.componentName);
       }, this);
     }
-    this.setHostsToConfig(hbaseService, 'hbasemaster_host', 'HBASE_MASTER');
-    this.setHostsToConfig(zooKeeperService, 'zookeeperserver_hosts', 'ZOOKEEPER_SERVER');
+
+    // Oozie, webhcat and nagios does not support _HOST in the principal name. Actual hostname should be set instead of _HOST
+
+    this.setHostToPrincipal(oozieService, 'oozie_servername','oozie_principal_name','oozie/');
+    this.setHostToPrincipal(oozieService, 'oozie_servername','oozie_http_principal_name','HTTP/');
+    this.setHostToPrincipal(oozieService, 'webhcatserver_host','webHCat_http_principal_name','HTTP/');
+    this.setHostToPrincipal(oozieService, 'nagios_server','nagios_principal_name','nagios/');
   },
 
   changeCategoryOnHa: function (serviceConfigs, stepConfigs) {

ambari-web/app/controllers/main/admin/security/add/step3.js

@@ -46,7 +46,7 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
     var result = [];
     var componentsToDisplay = ['NAMENODE', 'SECONDARY_NAMENODE', 'DATANODE', 'JOBTRACKER', 'ZOOKEEPER_SERVER', 'HIVE_SERVER', 'TASKTRACKER',
       'OOZIE_SERVER', 'NAGIOS_SERVER', 'HBASE_MASTER', 'HBASE_REGIONSERVER','HISTORYSERVER','RESOURCEMANAGER','NODEMANAGER','JOURNALNODE',
-      'SUPERVISOR', 'NIMBUS', 'STORM_UI_SERVER'];
+      'SUPERVISOR', 'NIMBUS', 'STORM_UI_SERVER','FALCON_SERVER'];
     var securityUsers = [];
     if (!securityUsers || securityUsers.length < 1) { // Page could be refreshed in middle
       securityUsers = this.getSecurityUsers();
@@ -67,6 +67,7 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
     var nagiosUserId = securityUsers.findProperty('name', 'nagios_user').value;
     var hadoopGroupId = securityUsers.findProperty('name', 'user_group').value;
     var stormUserId = securityUsers.findProperty('name', 'storm_user').value;
+    var falconUserId =  securityUsers.findProperty('name', 'falcon_user').value;
 
     var smokeUser = smokeUserId + '@' + realm;
     var hdfsUser = hdfsUserId + '@' + realm;
@@ -98,7 +99,8 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
       'HBASE_REGIONSERVER': hbaseUserId,
       'SUPERVISOR': stormUserId,
       'NIMBUS': stormUserId,
-      'STORM_UI_SERVER': stormUserId
+      'STORM_UI_SERVER': stormUserId,
+      'FALCON_SERVER': falconUserId
     };
 
     var addedPrincipalsHost = {}; //Keys = host_principal, Value = 'true'
@@ -154,6 +156,7 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
       this.setComponentConfig(result,host,'JOURNALNODE','HDFS','hadoop_http_principal_name','hadoop_http_keytab',Em.I18n.t('admin.addSecurity.hdfs.user.httpUser'),hadoopGroupId);
       this.setComponentConfig(result,host,'WEBHCAT_SERVER','WEBHCAT','webHCat_http_principal_name','webhcat_http_keytab',Em.I18n.t('admin.addSecurity.webhcat.user.httpUser'),hadoopGroupId);
       this.setComponentConfig(result,host,'OOZIE_SERVER','OOZIE','oozie_http_principal_name','oozie_http_keytab',Em.I18n.t('admin.addSecurity.oozie.user.httpUser'),hadoopGroupId);
+      this.setComponentConfig(result,host,'FALCON_SERVER','FALCON','falcon_http_principal_name','falcon_http_keytab',Em.I18n.t('admin.addSecurity.falcon.user.httpUser'),hadoopGroupId);
       //Derive Principal name and Keytabs only if its HDP-2 stack
       if (App.get('isHadoop2Stack')) {
         this.setComponentConfig(result,host,'HISTORYSERVER','MAPREDUCE2','jobhistory_http_principal_name','jobhistory_http_keytab',Em.I18n.t('admin.addSecurity.historyServer.user.httpUser'),hadoopGroupId);
@@ -213,6 +216,7 @@ App.MainAdminSecurityAddStep3Controller = Em.Controller.extend({
       securityUsers.pushObject({id: 'puppet var', name: 'yarn_user', value: 'yarn'});
       securityUsers.pushObject({id: 'puppet var', name: 'hbase_user', value: 'hbase'});
       securityUsers.pushObject({id: 'puppet var', name: 'hive_user', value: 'hive'});
+      securityUsers.pushObject({id: 'puppet var', name: 'falcon_user', value: 'falcon'});
       securityUsers.pushObject({id: 'puppet var', name: 'smokeuser', value: 'ambari-qa'});
       securityUsers.pushObject({id: 'puppet var', name: 'zk_user', value: 'zookeeper'});
       securityUsers.pushObject({id: 'puppet var', name: 'oozie_user', value: 'oozie'});

ambari-web/app/controllers/main/admin/security/add/step4.js

@@ -22,15 +22,14 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle
   name: 'mainAdminSecurityAddStep4Controller',
 
   serviceUsersBinding: 'App.router.mainAdminSecurityController.serviceUsers',
-  totalSteps: 3,
 
   secureServices: function() {
     return  this.get('content.services');
   }.property('content.services'),
 
   isBackBtnDisabled: function () {
-    return !this.get('stages').someProperty('isError', true);
-  }.property('stages.@each.isCompleted'),
+    return !this.get('commands').someProperty('isError', true);
+  }.property('commands.@each.isCompleted'),
 
   isOozieSelected: function () {
     return this.get('secureServices').someProperty('serviceName', 'OOZIE');
@@ -54,76 +53,71 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle
   },
 
   isSecurityApplied: function () {
-    return this.get('stages').someProperty('stage', 'stage3') && this.get('stages').findProperty('stage', 'stage3').get('isSuccess');
-  }.property('stages.@each.isCompleted'),
+    return this.get('commands').someProperty('name', 'START_SERVICES') && this.get('commands').findProperty('name', 'START_SERVICES').get('isSuccess');
+  }.property('commands.@each.isCompleted'),
 
   clearStep: function () {
-    this.get('stages').clear();
+    this.set('commands',[]);
     this.set('isSubmitDisabled', true);
     this.set('isBackBtnDisabled', true);
     this.get('serviceConfigTags').clear();
   },
 
-  loadStages: function () {
-    var stages = [
-      App.Poll.create({stage: 'stage2', label: Em.I18n.translations['admin.addSecurity.apply.stage2'], isPolling: true, name: 'STOP_SERVICES', isVisible: true}),
-      App.Poll.create({stage: 'stage3', label: Em.I18n.translations['admin.addSecurity.apply.stage3'], isPolling: false, name: 'APPLY_CONFIGURATIONS', isVisible: true}),
-      App.Poll.create({stage: 'stage4', label: Em.I18n.translations['admin.addSecurity.apply.stage4'], isPolling: true, name: 'START_SERVICES', isVisible: true})
-    ];
+  loadCommands: function () {
+    this._super();
     // no need to remove ATS component if YARN and ATS are not installed
-    if (this.get('secureServices').findProperty('serviceName', 'YARN') && !App.get('stackDependedComponents').findProperty('componentName', 'APP_TIMELINE_SERVER')) {
-      stages.splice(2, 0, App.Poll.create({stage: 'stage5', label: Em.I18n.translations['admin.addSecurity.apply.delete.ats'], isPolling: false, name: 'DELETE_ATS', isVisible: false}));
+    if (this.get('secureServices').findProperty('serviceName', 'YARN') && App.Service.find('YARN').get('hostComponents').someProperty('componentName', 'APP_TIMELINE_SERVER')) {
+      this.get('commands').splice(2, 0, App.Poll.create({name: 'DELETE_ATS', label: Em.I18n.translations['admin.addSecurity.apply.delete.ats'], isPolling: false, isVisible: false}));
       this.set('totalSteps', 4);
     }
-    this.get('stages').pushObjects(stages);
   },
 
   loadStep: function () {
     this.set('secureMapping', require('data/secure_mapping').slice(0));
     this.clearStep();
-    var stages = App.db.getSecurityDeployStages();
+    var commands = App.db.getSecurityDeployCommands();
     this.prepareSecureConfigs();
-    if (stages && stages.length > 0) {
-      stages.forEach(function (_stage, index) {
-        stages[index] = App.Poll.create(_stage);
+    if (commands && commands.length > 0) {
+      commands.forEach(function (_command, index) {
+        commands[index] = App.Poll.create(_command);
       }, this);
-      if (stages.someProperty('isError', true)) {
-        this.get('stages').pushObjects(stages);
-        this.addObserver('stages.@each.isSuccess', this, 'onCompleteStage');
+      if (commands.someProperty('isError', true)) {
+        this.get('commands').pushObjects(commands);
+        this.addObserver('commands.@each.isSuccess', this, 'onCompleteCommand');
         return;
-      } else if (stages.filterProperty('isStarted', true).someProperty('isCompleted', false)) {
-        var runningStage = stages.filterProperty('isStarted', true).findProperty('isCompleted', false);
-        runningStage.set('isStarted', false);
-        this.get('stages').pushObjects(stages);
+      } else if (commands.filterProperty('isStarted', true).someProperty('isCompleted', false)) {
+        var runningCommand = commands.filterProperty('isStarted', true).findProperty('isCompleted', false);
+        runningCommand.set('isStarted', false);
+        this.get('commands').pushObjects(commands);
       } else {
-        this.get('stages').pushObjects(stages);
+        this.get('commands').pushObjects(commands);
       }
     } else {
-      this.loadStages();
-      this.addInfoToStages();
+      this.loadCommands();
+      this.addInfoToCommands();
       var runningOperations = App.router.get('backgroundOperationsController.services').filterProperty('isRunning');
       var stopAllOperation = runningOperations.findProperty('name', 'Stop All Services');
-      var stopStage = this.get('stages').findProperty('name', 'STOP_SERVICES');
-      if (stopStage.get('name') === 'STOP_SERVICES' && stopAllOperation) {
-        stopStage.set('requestId', stopAllOperation.get('id'));
+      var stopCommand = this.get('commands').findProperty('name', 'STOP_SERVICES');
+      if (stopCommand.get('name') === 'STOP_SERVICES' && stopAllOperation) {
+        stopCommand.set('requestId', stopAllOperation.get('id'));
       }
     }
-    this.addObserver('stages.@each.isSuccess', this, 'onCompleteStage');
-    this.moveToNextStage();
+    this.addObserver('commands.@each.isSuccess', this, 'onCompleteCommand');
+    this.moveToNextCommand();
   },
 
   enableSubmit: function () {
     var addSecurityController = App.router.get('addSecurityController');
-    if (this.get('stages').someProperty('isError', true) || this.get('stages').everyProperty('isSuccess', true)) {
+    if (this.get('commands').someProperty('isError', true) || this.get('commands').everyProperty('isSuccess', true)) {
       this.set('isSubmitDisabled', false);
-      if (this.get('stages').someProperty('isError', true)) {
+      if (this.get('commands').someProperty('isError', true)) {
         addSecurityController.setStepsEnable();
       }
     } else {
       this.set('isSubmitDisabled', true);
       addSecurityController.setLowerStepsDisable(4);
     }
-  }.observes('stages.@each.isCompleted'),
+  }.observes('commands.@each.isCompleted'),
 
   loadUiSideConfigs: function () {
     var uiConfig = [];
@@ -372,11 +366,9 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle
         }
       }, this);
     } catch (err) {
-      var stage3 = this.get('stages').findProperty('stage', 'stage3');
-      if (stage3) {
-        stage3.set('isSuccess', false);
-        stage3.set('isError', true);
-      }
+      var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+      command.set('isSuccess', false);
+      command.set('isError', true);
       if (err) {
         console.log("Error: Error occurred while applying secure configs to the server. Error message: " + err);
       }
@@ -400,10 +392,10 @@ App.MainAdminSecurityAddStep4Controller = App.MainAdminSecurityProgressControlle
   },
 
   onDeleteComplete: function () {
-    var deleteAtsStage = this.get('stages').findProperty('name', 'DELETE_ATS');
+    var deleteAtsCommand = this.get('commands').findProperty('name', 'DELETE_ATS');
     console.warn('APP_TIMELINE_SERVER doesn\'t support security mode. It has been removed from YARN service ');
-    deleteAtsStage.set('isError', false);
-    deleteAtsStage.set('isSuccess', true);
+    deleteAtsCommand.set('isError', false);
+    deleteAtsCommand.set('isSuccess', true);
   },
 
   onDeleteError: function () {

ambari-web/app/controllers/main/admin/security/disable.js

@@ -23,53 +23,53 @@ App.MainAdminSecurityDisableController = App.MainAdminSecurityProgressController
   secureServices: [],
 
   clearStep: function () {
-    this.get('stages').clear();
+    this.get('commands').clear();
     this.get('secureServices').clear();
     this.get('serviceConfigTags').clear();
   },
 
   loadStep: function () {
     this.clearStep();
-    var stages = App.db.getSecurityDeployStages();
-    if (stages && stages.length > 0) {
-      stages.forEach(function (_stage, index) {
-        stages[index] = App.Poll.create(_stage);
+    var commands = App.db.getSecurityDeployCommands();
+    if (commands && commands.length > 0) {
+      commands.forEach(function (_command, index) {
+        commands[index] = App.Poll.create(_command);
       }, this);
-      if (stages.someProperty('isError', true)) {
-        this.get('stages').pushObjects(stages);
+      if (commands.someProperty('isError', true)) {
+        this.get('commands').pushObjects(commands);
         this.loadSecureServices();
-        this.addObserver('stages.@each.isSuccess', this, 'onCompleteStage');
+        this.addObserver('commands.@each.isSuccess', this, 'onCompleteCommand');
         return;
-      } else if (stages.filterProperty('isStarted', true).someProperty('isCompleted', false)) {
-        var runningStage = stages.filterProperty('isStarted', true).findProperty('isCompleted', false);
-        runningStage.set('isStarted', false);
-        this.get('stages').pushObjects(stages);
+      } else if (commands.filterProperty('isStarted', true).someProperty('isCompleted', false)) {
+        var runningCommand = commands.filterProperty('isStarted', true).findProperty('isCompleted', false);
+        runningCommand.set('isStarted', false);
+        this.get('commands').pushObjects(commands);
       } else {
-        this.get('stages').pushObjects(stages);
+        this.get('commands').pushObjects(commands);
       }
     } else {
-      this.loadStages();
-      this.addInfoToStages();
+      this.loadCommands();
+      this.addInfoToCommands();
       var runningOperations = App.router.get('backgroundOperationsController.services').filterProperty('isRunning');
       var stopAllOperation = runningOperations.findProperty('name', 'Stop All Services');
-      var stopStage = this.get('stages').findProperty('name', 'STOP_SERVICES');
-      if (stopStage.get('name') === 'STOP_SERVICES' && stopAllOperation) {
-        stopStage.set('requestId', stopAllOperation.get('id'));
+      var stopCommand = this.get('commands').findProperty('name', 'STOP_SERVICES');
+      if (stopCommand.get('name') === 'STOP_SERVICES' && stopAllOperation) {
+        stopCommand.set('requestId', stopAllOperation.get('id'));
       }
     }
     this.loadSecureServices();
-    this.addObserver('stages.@each.isSuccess', this, 'onCompleteStage');
-    this.moveToNextStage();
+    this.addObserver('commands.@each.isSuccess', this, 'onCompleteCommand');
+    this.moveToNextCommand();
   },
 
 
   enableSubmit: function () {
-    if (this.get('stages').someProperty('isError', true) || this.get('stages').everyProperty('isSuccess', true)) {
+    if (this.get('commands').someProperty('isError', true) || this.get('commands').everyProperty('isSuccess', true)) {
       this.set('isSubmitDisabled', false);
     } else {
       this.set('isSubmitDisabled', true);
     }
-  }.observes('stages.@each.isCompleted'),
+  }.observes('commands.@each.isCompleted'),
 
 
   loadSecureServices: function () {
@@ -138,11 +138,9 @@ App.MainAdminSecurityDisableController = App.MainAdminSecurityProgressController
         }
       }, this);
     } catch (err) {
-      var stage3 = this.get('stages').findProperty('stage', 'stage3');
-      if (stage3) {
-        stage3.set('isSuccess', false);
-        stage3.set('isError', true);
-      }
+      var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+      command.set('isSuccess', false);
+      command.set('isError', true);
       if (err) {
         console.log("Error: Error occurred while applying secure configs to the server. Error message: " + err);
       }

ambari-web/app/controllers/main/admin/security/security_progress_controller.js

@@ -34,7 +34,7 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
       return require('data/secure_properties').configProperties;
     }
   }.property(App.isHadoop2Stack),
-  stages: [],
+  commands: [],
   configs: [],
   serviceConfigTags: [],
   globalProperties: [],
@@ -48,120 +48,118 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
 
 
   retry: function () {
-    var failedStage = this.get('stages').findProperty('isError', true);
-    if (failedStage) {
-      failedStage.set('isStarted', false);
-      failedStage.set('isError', false);
-      this.startStage(failedStage);
+    var failedCommand = this.get('commands').findProperty('isError', true);
+    if (failedCommand) {
+      failedCommand.set('isStarted', false);
+      failedCommand.set('isError', false);
+      this.startCommand(failedCommand);
     }
   },
 
   updateServices: function () {
     this.services.clear();
     var services = this.get("services");
-    this.get("stages").forEach(function (stage) {
+    this.get("commands").forEach(function (command) {
       var newService = Ember.Object.create({
-        name: stage.label,
+        name: command.label,
         hosts: []
       });
-      if (stage && stage.get("polledData")) {
-        var hostNames = stage.get("polledData").mapProperty('Tasks.host_name').uniq();
+      if (command && command.get("polledData")) {
+        var hostNames = command.get("polledData").mapProperty('Tasks.host_name').uniq();
         hostNames.forEach(function (name) {
           newService.hosts.push({
             name: name,
             publicName: name,
-            logTasks: stage.polledData.filterProperty("Tasks.host_name", name)
+            logTasks: command.polledData.filterProperty("Tasks.host_name", name)
           });
         });
         services.push(newService);
       }
     });
     this.set('serviceTimestamp', App.dateTime());
-  }.observes('stages.@each.polledData'),
+  }.observes('commands.@each.polledData'),
 
-  loadStages: function () {
-    this.get('stages').pushObjects([
-      App.Poll.create({stage: 'stage2', label: Em.I18n.translations['admin.addSecurity.apply.stage2'], isPolling: true, name: 'STOP_SERVICES'}),
-      App.Poll.create({stage: 'stage3', label: Em.I18n.translations['admin.addSecurity.apply.stage3'], isPolling: false, name: 'APPLY_CONFIGURATIONS'}),
-      App.Poll.create({stage: 'stage4', label: Em.I18n.translations['admin.addSecurity.apply.stage4'], isPolling: true, name: 'START_SERVICES'})
+  loadCommands: function () {
+    this.get('commands').pushObjects([
+      App.Poll.create({name: 'STOP_SERVICES', label: Em.I18n.translations['admin.addSecurity.apply.stage2'], isPolling: true }),
+      App.Poll.create({name: 'APPLY_CONFIGURATIONS', label: Em.I18n.translations['admin.addSecurity.apply.stage3'], isPolling: false }),
+      App.Poll.create({name: 'START_SERVICES', label: Em.I18n.translations['admin.addSecurity.apply.stage4'], isPolling: true })
     ]);
   },
 
-  startStage: function (currentStage) {
-    if (this.get('stages').length === this.totalSteps) {
-      if (!currentStage) {
-        var startedStages = this.get('stages').filterProperty('isStarted', true);
-        currentStage = startedStages.findProperty('isCompleted', false);
+  startCommand: function (commnad) {
+    if (this.get('commands').length === this.totalSteps) {
+      if (!commnad) {
+        var startedCommand = this.get('commands').filterProperty('isStarted', true);
+        commnad = startedCommand.findProperty('isCompleted', false);
       }
-      if (currentStage && currentStage.get('isPolling') === true) {
-        currentStage.set('isStarted', true);
-        currentStage.start();
-      } else if (currentStage && currentStage.get('name') === 'APPLY_CONFIGURATIONS') {
-        currentStage.set('isStarted', true);
+      if (commnad && commnad.get('isPolling') === true) {
+        commnad.set('isStarted', true);
+        commnad.start();
+      } else if (commnad && commnad.get('name') === 'APPLY_CONFIGURATIONS') {
+        commnad.set('isStarted', true);
         if (App.testMode) {
-          currentStage.set('isError', false);
-          currentStage.set('isSuccess', true);
+          commnad.set('isError', false);
+          commnad.set('isSuccess', true);
         } else {
           this.loadClusterConfigs();
         }
-      } else if (currentStage && currentStage.get('name') === 'DELETE_ATS') {
-        currentStage.set('isStarted', true);
+      } else if (commnad && commnad.get('name') === 'DELETE_ATS') {
+        commnad.set('isStarted', true);
         if (App.testMode) {
-          currentStage.set('isError', false);
-          currentStage.set('isSuccess', true);
+          commnad.set('isError', false);
+          commnad.set('isSuccess', true);
         } else {
           var timeLineServer = App.Service.find('YARN').get('hostComponents').findProperty('componentName', 'APP_TIMELINE_SERVER');
-          if (timeLineServer && !App.router.get('mainAdminSecurityController.securityEnabled')) {
-            this.deleteComponents('APP_TIMELINE_SERVER', timeLineServer.get('host.hostName'));
-          }
+          this.deleteComponents('APP_TIMELINE_SERVER', timeLineServer.get('host.hostName'));
         }
       }
     }
   },
 
 
-  onCompleteStage: function () {
-    if (this.get('stages').length === this.totalSteps) {
-      var index = this.get('stages').filterProperty('isSuccess', true).length;
+  onCompleteCommand: function () {
+    if (this.get('commands').length === this.totalSteps) {
+      var index = this.get('commands').filterProperty('isSuccess', true).length;
       if (index > 0) {
-        var lastCompletedStageResult = this.get('stages').objectAt(index - 1).get('isSuccess');
-        if (lastCompletedStageResult) {
-          var nextStage = this.get('stages').objectAt(index);
-          this.moveToNextStage(nextStage);
+        var lastCompletedCommandResult = this.get('commands').objectAt(index - 1).get('isSuccess');
+        if (lastCompletedCommandResult) {
+          var nextCommand = this.get('commands').objectAt(index);
+          this.moveToNextCommand(nextCommand);
         }
       }
     }
   },
 
-  moveToNextStage: function (nextStage) {
-    if (!nextStage) {
-      nextStage = this.get('stages').findProperty('isStarted', false);
+  moveToNextCommand: function (nextCommand) {
+    if (!nextCommand) {
+      nextCommand = this.get('commands').findProperty('isStarted', false);
     }
-    if (nextStage) {
-      this.startStage(nextStage);
+    if (nextCommand) {
+      this.startCommand(nextCommand);
     }
   },
 
-  addInfoToStages: function () {
-    this.addInfoToStage2();
-    this.addInfoToStage4();
+  addInfoToCommands: function () {
+    this.addInfoToStopService();
+    this.addInfoToStartServices();
   },
 
 
-  addInfoToStage2: function () {
-    var stage2 = this.get('stages').findProperty('stage', 'stage2');
+  addInfoToStopService: function () {
+    var command = this.get('commands').findProperty('name', 'STOP_SERVICES');
     var url = (App.testMode) ? '/data/wizard/deploy/2_hosts/poll_1.json' : App.apiPrefix + '/clusters/' + App.router.getClusterName() + '/services';
     var data = '{"RequestInfo": {"context" :"' + Em.I18n.t('requestInfo.stopAllServices') + '"}, "Body": {"ServiceInfo": {"state": "INSTALLED"}}}';
-    stage2.set('url', url);
-    stage2.set('data', data);
+    command.set('url', url);
+    command.set('data', data);
   },
 
-  addInfoToStage4: function () {
-    var stage4 = this.get('stages').findProperty('stage', 'stage4');
+  addInfoToStartServices: function () {
+    var command = this.get('commands').findProperty('name', 'START_SERVICES');
     var url = (App.testMode) ? '/data/wizard/deploy/2_hosts/poll_1.json' : App.apiPrefix + '/clusters/' + App.router.getClusterName() + '/services?params/run_smoke_test=true';
     var data = '{"RequestInfo": {"context": "' + Em.I18n.t('requestInfo.startAllServices') + '"}, "Body": {"ServiceInfo": {"state": "STARTED"}}}';
-    stage4.set('url', url);
-    stage4.set('data', data);
+    command.set('url', url);
+    command.set('data', data);
   },
 
   loadClusterConfigs: function () {
@@ -183,11 +181,9 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
   },
 
   loadClusterConfigsErrorCallback: function (request, ajaxOptions, error) {
-    var stage3 = this.get('stages').findProperty('stage', 'stage3');
-    if (stage3) {
-      stage3.set('isSuccess', false);
-      stage3.set('isError', true);
-    }
+    var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+    command .set('isSuccess', false);
+    command .set('isError', true);
     console.log("TRACE: error code status is: " + request.status);
   },
 
@@ -239,17 +235,15 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
   },
 
   applyConfigurationToClusterSuccessCallback: function (data) {
-    var currentStage = this.get('stages').findProperty('stage', 'stage3');
-    currentStage.set('isSuccess', true);
-    currentStage.set('isError', false);
+    var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+    command.set('isSuccess', true);
+    command.set('isError', false);
   },
 
   applyConfigurationToClusterErrorCallback: function (request, ajaxOptions, error) {
-    var stage3 = this.get('stages').findProperty('stage', 'stage3');
-    if (stage3) {
-      stage3.set('isSuccess', false);
-      stage3.set('isError', true);
-    }
+    var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+    command.set('isSuccess', false);
+    command.set('isError', true);
   },
 
   /**
@@ -275,14 +269,12 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
 
   getAllConfigurationsSuccessCallback: function (data) {
     console.log("TRACE: In success function for the GET getServiceConfigsFromServer call");
-    var stage3 = this.get('stages').findProperty('stage', 'stage3');
+    var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
     this.get('serviceConfigTags').forEach(function (_tag) {
       if (!data.items.someProperty('type', _tag.siteName)) {
         console.log("Error: Metadata for secure services (secure_configs.js) is having config tags that are not being retrieved from server");
-        if (stage3) {
-          stage3.set('isSuccess', false);
-          stage3.set('isError', true);
-        }
+        command.set('isSuccess', false);
+        command.set('isError', true);
       }
       _tag.configs = data.items.findProperty('type', _tag.siteName).properties;
     }, this);
@@ -293,11 +285,9 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
   },
 
   getAllConfigurationsErrorCallback: function (request, ajaxOptions, error) {
-    var stage3 = this.get('stages').findProperty('stage', 'stage3');
-    if (stage3) {
-      stage3.set('isSuccess', false);
-      stage3.set('isError', true);
-    }
+    var command = this.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+    command.set('isSuccess', false);
+    command.set('isError', true);
     console.log("TRACE: In error function for the getServiceConfigsFromServer call");
     console.log("TRACE: error code status is: " + request.status);
   },
@@ -323,35 +313,34 @@ App.MainAdminSecurityProgressController = Em.Controller.extend({
     }
   },
 
-  saveStagesOnRequestId: function () {
-    this.saveStages();
-  }.observes('stages.@each.requestId'),
-
-  saveStagesOnCompleted: function () {
-    this.saveStages();
-  }.observes('stages.@each.isCompleted'),
-
-  saveStages: function () {
-    var stages = [];
-    if (this.get('stages').length === this.totalSteps) {
-      this.get('stages').forEach(function (_stage) {
-        var stage = {
-          name: _stage.get('name'),
-          stage: _stage.get('stage'),
-          label: _stage.get('label'),
-          isPolling: _stage.get('isPolling'),
-          isVisible:  _stage.get('isVisible'),
-          isStarted: _stage.get('isStarted'),
-          requestId: _stage.get('requestId'),
-          isSuccess: _stage.get('isSuccess'),
-          isError: _stage.get('isError'),
-          url: _stage.get('url'),
-          polledData: _stage.get('polledData'),
-          data: _stage.get('data')
+  saveCommandsOnRequestId: function () {
+    this.saveCommands();
+  }.observes('commands.@each.requestId'),
+
+  saveCommandsOnCompleted: function () {
+    this.saveCommands();
+  }.observes('commands.@each.isCompleted'),
+
+  saveCommands: function () {
+    var commands = [];
+    if (this.get('commands').length === this.totalSteps) {
+      this.get('commands').forEach(function (_command) {
+        var command = {
+          name: _command.get('name'),
+          label: _command.get('label'),
+          isPolling: _command.get('isPolling'),
+          isVisible:  _command.get('isVisible'),
+          isStarted: _command.get('isStarted'),
+          requestId: _command.get('requestId'),
+          isSuccess: _command.get('isSuccess'),
+          isError: _command.get('isError'),
+          url: _command.get('url'),
+          polledData: _command.get('polledData'),
+          data: _command.get('data')
         };
-        stages.pushObject(stage);
+        commands.pushObject(command);
       }, this);
-      App.db.setSecurityDeployStages(stages);
+      App.db.setSecurityDeployCommands(commands);
       if (!App.testMode) {
         App.clusterStatus.setClusterStatus({
           clusterName: this.get('clusterName'),

ambari-web/app/data/HDP2/secure_configs.js

@@ -138,6 +138,16 @@ module.exports = [
     ],
     sites: ['storm-site'],
     configs: configProperties.filterProperty('serviceName', 'STORM')
+  },
+  {
+    serviceName: 'FALCON',
+    displayName: 'Falcon',
+    filename: 'falcon-startup.properties',
+    configCategories: [
+      App.ServiceConfigCategory.create({ name: 'Falcon Server', displayName:  'Falcon Server startup properties'})
+    ],
+    sites: ['falcon-startup.properties'],
+    configs: configProperties.filterProperty('serviceName', 'FALCON')
   }
 
 

ambari-web/app/data/HDP2/secure_mapping.js

@@ -35,9 +35,9 @@ module.exports = [
   },
   {
     "name": "hadoop.security.auth_to_local",
-    "templateName": ["resourcemanager_primary_name", "kerberos_domain", "yarn_user", "nodemanager_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_master_primary_name", "hbase_user","hbase_regionserver_primary_name","oozie_primary_name","oozie_user","jobhistory_primary_name","mapred_user","journalnode_principal_name"],
+    "templateName": ["resourcemanager_primary_name", "kerberos_domain", "yarn_user", "nodemanager_primary_name", "namenode_primary_name", "hdfs_user", "datanode_primary_name", "hbase_master_primary_name", "hbase_user","hbase_regionserver_primary_name","oozie_primary_name","oozie_user","jobhistory_primary_name","mapred_user","journalnode_principal_name","falcon_primary_name","falcon_user"],
     "foreignKey": null,
-    "value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[11]>/\nRULE:[2:$1@$0](<templateName[12]>@.*<templateName[1]>)s/.*/<templateName[13]>/\nRULE:[2:$1@$0](<templateName[14]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nDEFAULT",
+    "value": "RULE:[2:$1@$0](<templateName[0]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[3]>@.*<templateName[1]>)s/.*/<templateName[2]>/\nRULE:[2:$1@$0](<templateName[4]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[6]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[11]>/\nRULE:[2:$1@$0](<templateName[12]>@.*<templateName[1]>)s/.*/<templateName[13]>/\nRULE:[2:$1@$0](<templateName[14]>@.*<templateName[1]>)s/.*/<templateName[5]>/\nRULE:[2:$1@$0](<templateName[15]>@.*<templateName[1]>)s/.*/<templateName[16]>/\nDEFAULT",
     "filename": "core-site.xml",
     "serviceName": "HDFS",
     "dependedServiceName": [{name: "HBASE", replace: "\nRULE:[2:$1@$0](<templateName[7]>@.*<templateName[1]>)s/.*/<templateName[8]>/\nRULE:[2:$1@$0](<templateName[9]>@.*<templateName[1]>)s/.*/<templateName[8]>/"},{name: "OOZIE",replace: "\nRULE:[2:$1@$0](<templateName[10]>@.*<templateName[1]>)s/.*/<templateName[11]>/"},{name: "MAPREDUCE2",replace: "\nRULE:[2:$1@$0](<templateName[12]>@.*<templateName[1]>)s/.*/<templateName[13]>/"}]
@@ -514,6 +514,57 @@ module.exports = [
     "filename": "hbase-site.xml",
     "serviceName": "HBASE"
   },
+
+  /***************************************FALCON***********************************************/
+  {
+    "name": "*.falcon.http.authentication.type",
+    "templateName": [],
+    "foreignKey": null,
+    "value": "kerberos",
+    "filename": "falcon-startup.properties.xml",
+    "serviceName": "FALCON"
+  },
+  {
+    "name": "*.falcon.service.authentication.kerberos.principal",
+    "templateName": ["falcon_principal_name", "kerberos_domain"],
+    "foreignKey": null,
+    "value": "<templateName[0]>@<templateName[1]>",
+    "filename": "falcon-startup.properties.xml",
+    "serviceName": "FALCON"
+  },
+  {
+    "name": "*.falcon.service.authentication.kerberos.keytab",
+    "templateName": ["falcon_keytab"],
+    "foreignKey": null,
+    "value": "<templateName[0]>",
+    "filename": "falcon-startup.properties.xml",
+    "serviceName": "FALCON"
+  },
+  {
+    "name": "*.falcon.http.authentication.kerberos.principal",
+    "templateName": ["falcon_http_principal_name", "kerberos_domain"],
+    "foreignKey": null,
+    "value": "<templateName[0]>@<templateName[1]>",
+    "filename": "falcon-startup.properties.xml",
+    "serviceName": "FALCON"
+  },
+  {
+    "name": "*.falcon.http.authentication.kerberos.keytab",
+    "templateName": ["falcon_http_keytab"],
+    "foreignKey": null,
+    "value": "<templateName[0]>",
+    "filename": "falcon-startup.properties.xml",
+    "serviceName": "FALCON"
+  },
+  {
+    "name": "*.dfs.namenode.kerberos.principal",
+    "templateName": ["namenode_principal_name_falcon", "kerberos_domain"],
+    "foreignKey": null,
+    "value": "<templateName[0]>@<templateName[1]>",
+    "filename": "falcon-startup.properties.xml",
+    "serviceName": "FALCON"
+  },
+  /******************************************************************************************/
   {
     "name": "hadoop.proxyuser.<foreignKey[0]>.groups",
     "templateName": ["proxyuser_group"],

ambari-web/app/data/HDP2/secure_properties.js

@@ -1074,6 +1074,88 @@ module.exports =
       "isOverridable": false,
       "serviceName": "GENERAL",
       "category": "AMBARI"
+    },
+
+  /**********************************************Falcon***************************************/
+    {
+      "id": "puppet var",
+      "name": "falcon_server_host",
+      "displayName": "Falcon server host",
+      "value": "",
+      "defaultValue": "",
+      "description": "Falcon Server host",
+      "displayType": "masterHost",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "FALCON",
+      "category": "Falcon Server"
+    },
+    {
+      "id": "puppet var",
+      "name": "falcon_principal_name",
+      "displayName": "Falcon principal name",
+      "value": "",
+      "defaultValue": "falcon/_HOST",
+      "description": "This is the principal name for Falcon Server",
+      "displayType": "principal",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "FALCON",
+      "category": "Falcon Server",
+      "component": "FALCON_SERVER"
+    },
+    {
+      "id": "puppet var",
+      "name": "falcon_keytab",
+      "displayName": "Path to Falcon server keytab file",
+      "value": "",
+      "defaultValue": "/etc/security/keytabs/falcon.service.keytab",
+      "description": "Path to the Falcon Server keytab file",
+      "displayType": "directory",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "FALCON",
+      "category": "Falcon Server",
+      "component": "FALCON_SERVER"
+    },
+    {
+      "id": "puppet var",
+      "name": "falcon_http_principal_name",
+      "displayName": "Web principal name",
+      "value": "",
+      "defaultValue": "HTTP/_HOST",
+      "description": "Principal name for SPNEGO access to Falcon",
+      "displayType": "principal",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "FALCON",
+      "category": "Falcon Server"
+    },
+    {
+      "id": "puppet var",
+      "name": "falcon_http_keytab",
+      "displayName": "Path to SPNEGO keytab file",
+      "value": "",
+      "defaultValue": "/etc/security/keytabs/spnego.service.keytab",
+      "description": "Path to SPNEGO keytab file for Falcon",
+      "displayType": "directory",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "FALCON",
+      "category": "Falcon Server"
+    },
+    {
+      "id": "puppet var",
+      "name": "namenode_principal_name_falcon",
+      "displayName": "NameNode principal name",
+      "value": "",
+      "defaultValue": "nn/_HOST",
+      "description": "NameNode principal to talk to config store",
+      "displayType": "principal",
+      "isVisible": true,
+      "isOverridable": false,
+      "serviceName": "FALCON",
+      "category": "Falcon Server"
     }
   ]
 };

ambari-web/app/messages.js

@@ -948,6 +948,7 @@ Em.I18n.translations = {
   'admin.addSecurity.historyServer.user.httpUser': 'History server SPNEGO User',
   'admin.addSecurity.webhcat.user.httpUser': 'WebHCat SPNEGO User',
   'admin.addSecurity.oozie.user.httpUser': 'Oozie SPNEGO User',
+  'admin.addSecurity.falcon.user.httpUser': 'Falcon SPNEGO User',
   'admin.addSecurity.enable.onClose': 'You are in the process of enabling security on your cluster. ' +
     'Are you sure you want to quit? If you quit, ' +
     'you may have to re-run the security wizard from the beginning to enable security.',

ambari-web/app/routes/add_security.js

@@ -48,10 +48,10 @@ module.exports = App.WizardRoute.extend({
                   self.proceedOnClose();
                   return;
                 }
-                var applyingConfigStage = router.get('mainAdminSecurityAddStep4Controller.stages').findProperty('stage', 'stage3');
-                if (applyingConfigStage) {
-                  if (!applyingConfigStage.get('isCompleted')) {
-                    if (applyingConfigStage.get('isStarted')) {
+                var applyingConfigCommand = router.get('mainAdminSecurityAddStep4Controller.commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+                if (applyingConfigCommand) {
+                  if (!applyingConfigCommand.get('isCompleted')) {
+                    if (applyingConfigCommand.get('isStarted')) {
                       App.showAlertPopup(Em.I18n.t('admin.security.applying.config.header'), Em.I18n.t('admin.security.applying.config.body'));
                     } else {
                       App.showConfirmationPopup(function () {
@@ -69,7 +69,7 @@ module.exports = App.WizardRoute.extend({
                 }
               }
               router.get('mainAdminSecurityAddStep4Controller').clearStep();
-              App.db.setSecurityDeployStages(undefined);
+              App.db.setSecurityDeployCommands(undefined);
               self.proceedOnClose();
             },
             proceedOnClose: function () {
@@ -79,7 +79,7 @@ module.exports = App.WizardRoute.extend({
               router.set('addSecurityController.content.serviceConfigProperties', null);
               App.router.get('updateController').set('isWorking', true);
               mainAdminSecurityController.setAddSecurityWizardStatus(null);
-              App.db.setSecurityDeployStages(undefined);
+              App.db.setSecurityDeployCommands(undefined);
               router.get('addSecurityController').setCurrentStep(1);
               App.clusterStatus.setClusterStatus({
                 clusterName: router.get('content.cluster.name'),
@@ -196,7 +196,7 @@ module.exports = App.WizardRoute.extend({
     },
     back: Em.Router.transitionTo('step2'),
     next: function (router) {
-      App.db.setSecurityDeployStages(undefined);
+      App.db.setSecurityDeployCommands(undefined);
       router.transitionTo('step4');
     }
   }),

ambari-web/app/routes/main.js

@@ -477,9 +477,9 @@ module.exports = Em.Route.extend({
                     self.proceedOnClose();
                     return;
                   }
-                  var applyingConfigStage = controller.get('stages').findProperty('stage', 'stage3');
-                  if (applyingConfigStage && !applyingConfigStage.get('isCompleted')) {
-                    if (applyingConfigStage.get('isStarted')) {
+                  var applyingConfigCommand = controller.get('commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+                  if (applyingConfigCommand && !applyingConfigCommand.get('isCompleted')) {
+                    if (applyingConfigCommand.get('isStarted')) {
                       App.showAlertPopup(Em.I18n.t('admin.security.applying.config.header'), Em.I18n.t('admin.security.applying.config.body'));
                     } else {
                       App.showConfirmationPopup(function () {
@@ -492,7 +492,7 @@ module.exports = Em.Route.extend({
                 },
                 proceedOnClose: function () {
                   router.get('mainAdminSecurityDisableController').clearStep();
-                  App.db.setSecurityDeployStages(undefined);
+                  App.db.setSecurityDeployCommands(undefined);
                   App.router.get('updateController').set('isWorking', true);
                   router.get('mainAdminSecurityController').setDisableSecurityStatus(undefined);
                   App.clusterStatus.setClusterStatus({

ambari-web/app/templates/main/service/reconfigure.hbs

@@ -18,36 +18,36 @@
 
 <table id="security-stages" class="table no-borders">
   <tbody>
-  {{#each stage in controller.stages}}
-    {{#if stage.isVisible}}
+  {{#each command in controller.commands}}
+    {{#if command.isVisible}}
       <tr>
         <td>
-          {{#view App.StageLabelView stageBinding="stage"}}
-            <p {{bindAttr class="view.isStarted::faintText"}}>{{stage.label}}</p>
+          {{#view App.StageLabelView commandBinding="command"}}
+            <p {{bindAttr class="view.isStarted::faintText"}}>{{command.label}}</p>
           {{/view}}
         </td>
         <td>
-          {{#if stage.isCompleted}}
-            {{#if stage.isSuccess}}
+          {{#if command.isCompleted}}
+            {{#if command.isSuccess}}
               {{view App.StageSuccessView}}
             {{else}}
-              {{#if stage.isError}}
+              {{#if command.isError}}
                 {{view App.StageFailureView}}
               {{/if}}
             {{/if}}
           {{else}}
-            {{#if stage.isStarted}}
-              {{#if stage.isPolling}}
+            {{#if command.isStarted}}
+              {{#if command.isPolling}}
                 <div class="progress-bar pull-left">
-                  {{view App.StageInProgressView stageBinding=stage}}
+                  {{view App.StageInProgressView commandBinding=command}}
                 </div>
-                <div class="progress-percentage pull-left">{{stage.progress}}%</div>
+                <div class="progress-percentage pull-left">{{command.progress}}%</div>
               {{/if}}
             {{/if}}
           {{/if}}
         </td>
         <td>
-          {{#if stage.isError}}
+          {{#if command.isError}}
             <a class="btn btn-primary"
                href="javascript:void(null)" {{action retry target = "controller"}}><i
                     class="icon-repeat icon-white"></i>

ambari-web/app/utils/db.js

@@ -369,12 +369,12 @@ App.db.setDisableSecurityStatus = function (status) {
   localStorage.setObject('ambari', App.db.data);
 };
 
-App.db.setSecurityDeployStages = function (securityStages) {
+App.db.setSecurityDeployCommands = function (commands) {
   App.db.data = localStorage.getObject('ambari');
   if (!App.db.data.AddSecurity) {
     App.db.data.AddSecurity = {};
   }
-  App.db.data.AddSecurity.securityDeployStages = securityStages;
+  App.db.data.AddSecurity.securityDeployCommands = commands;
   localStorage.setObject('ambari', App.db.data);
 };
 
@@ -716,9 +716,9 @@ App.db.getDisableSecurityStatus = function () {
   return App.db.data.AddSecurity.disableSecurityStatus;
 };
 
-App.db.getSecurityDeployStages = function () {
+App.db.getSecurityDeployCommands = function () {
   App.db.data = localStorage.getObject('ambari');
-  return App.db.data.AddSecurity.securityDeployStages;
+  return App.db.data.AddSecurity.securityDeployCommands;
 };
 
 App.db.getSecureConfigProperties = function () {

ambari-web/app/views/main/admin/security/add/step2.js

@@ -41,7 +41,7 @@ App.MainAdminSecurityAddStep2View = Em.View.extend({
 
   onRealmNameChange: function () {
     this.get('configProperties').forEach(function (_globalProperty) {
-      if (/principal_name?$/.test(_globalProperty.get('name'))) {
+      if (/principal_name?$/.test(_globalProperty.get('name')) || _globalProperty.get('name') == 'namenode_principal_name_falcon') {
         _globalProperty.set('unit', '@' + this.get('realmName.value'));
       }
     }, this);

ambari-web/app/views/main/admin/security/add/step4.js

@@ -27,20 +27,19 @@ App.MainAdminSecurityAddStep4View = Em.View.extend({
   msgColor: 'alert-info',
   message: Em.I18n.t('admin.security.step4.body.header'),
   onResult: function () {
-    var stage1 = this.get('controller.stages').findProperty('stage', 'stage2');
-    var stage2 = this.get('controller.stages').findProperty('stage', 'stage3');
-    var stage3 = this.get('controller.stages').findProperty('stage', 'stage4');
-      if (stage2 && stage2.get('isSuccess') === true ) {
+    var stopServiceCommand = this.get('controller.commands').findProperty('name', 'STOP_SERVICES');
+    var applyConfigCommand = this.get('controller.commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+      if (applyConfigCommand && applyConfigCommand.get('isSuccess') === true ) {
         this.set('message', Em.I18n.t('admin.security.step4.body.success.header'));
         this.set('msgColor','alert-success');
-      } else if ((stage1 && stage1.get('isError') === true) || (stage2 && stage2.get('isError') === true)) {
+      } else if ((stopServiceCommand && stopServiceCommand.get('isError') === true) || (applyConfigCommand && applyConfigCommand.get('isError') === true)) {
         this.set('message', Em.I18n.t('admin.security.step4.body.failure.header'));
         this.set('msgColor','alert-error');
       } else {
         this.set('message', Em.I18n.t('admin.security.step4.body.header'));
         this.set('msgColor','alert-info');
       }
-  }.observes('controller.stages.@each.isCompleted')
+  }.observes('controller.commands.@each.isCompleted')
 
 });
 
@@ -49,23 +48,3 @@ App.StageStatusView = Em.View.extend({
   hasStarted: null,
   classNameBindings: ['faintText']
 });
-
-App.StageSuccessView = Em.View.extend({
-  template: Ember.Handlebars.compile('<i class="icon-ok icon-large"></i> {{t common.done}}')
-});
-
-App.StageFailureView = Em.View.extend({
-  template: Ember.Handlebars.compile('<i class="icon-remove icon-large"></i> {{t comomn.failed}}')
-});
-
-App.StageInProgressView = Em.View.extend({
-  stage: null,
-  classNames: ['progress-striped', 'active', 'progress'],
-  template: Ember.Handlebars.compile('<div class="bar" {{bindAttr style="stage.barWidth"}}></div>'),
-
-  isStageCompleted: function () {
-    return this.get('obj.progress') == 100 || this.get('controller.isStepCompleted');
-  }.property('controller.isStepCompleted', 'obj.progress')
-
-});
-

ambari-web/app/views/main/admin/security/disable.js

@@ -28,18 +28,17 @@ App.MainAdminSecurityDisableView = Em.View.extend({
   msgColor: 'alert-info',
   message: Em.I18n.t('admin.security.disable.body.header'),
   onResult: function () {
-    var stage1 = this.get('controller.stages').findProperty('stage', 'stage2');
-    var stage2 = this.get('controller.stages').findProperty('stage', 'stage3');
-    var stage3 = this.get('controller.stages').findProperty('stage', 'stage4');
-    if (stage2 && stage2.get('isSuccess') === true ) {
+    var stopServiceCommand = this.get('controller.commands').findProperty('name', 'STOP_SERVICES');
+    var applyConfigCommand = this.get('controller.commands').findProperty('name', 'APPLY_CONFIGURATIONS');
+    if (applyConfigCommand && applyConfigCommand.get('isSuccess') === true ) {
       this.set('message', Em.I18n.t('admin.security.disable.body.success.header'));
       this.set('msgColor', 'alert-success');
-    } else if ((stage1 && stage1.get('isError') === true) || (stage2 && stage2.get('isError') === true)) {
+    } else if ((stopServiceCommand && stopServiceCommand.get('isError') === true) || (applyConfigCommand && applyConfigCommand.get('isError') === true)) {
       this.set('message', Em.I18n.t('admin.security.disable.body.failure.header'));
       this.set('msgColor', 'alert-error');
     } else {
       this.set('message', Em.I18n.t('admin.security.disable.body.header'));
       this.set('msgColor', 'alert-info');
     }
-  }.observes('controller.stages.@each.isCompleted')
+  }.observes('controller.commands.@each.isCompleted')
 });

ambari-web/app/views/main/service/reconfigure.js

@@ -39,10 +39,10 @@ App.StageLabelView = Em.View.extend({
      this.set('removeLink','remove-link');
    }
   }.observes('showLink'),
-  stage: null,
+  command: null,
   click: function () {
-    if (this.get('stage') && this.get('showLink')) {
-      this.showHostPopup(this.get('stage.label'));
+    if (this.get('command') && this.get('showLink')) {
+      this.showHostPopup(this.get('command.label'));
     }
   },
 
@@ -56,12 +56,12 @@ App.StageLabelView = Em.View.extend({
   },
 
   isStarted: function () {
-    return  (this.get('stage') && this.get('stage.isStarted'));
-  }.property('stage.isStarted'),
+    return  (this.get('command') && this.get('command.isStarted'));
+  }.property('command.isStarted'),
 
   showLink: function () {
-    return (this.get('stage') && this.get('stage.showLink'));
-  }.property('stage.showLink')
+    return (this.get('command') && this.get('command.showLink'));
+  }.property('command.showLink')
 });
 
 App.StageSuccessView = Em.View.extend({
@@ -73,9 +73,9 @@ App.StageFailureView = Em.View.extend({
 });
 
 App.StageInProgressView = Em.View.extend({
-  stage: null,
+  command: null,
   classNames: ['progress-striped', 'active', 'progress'],
-  template: Ember.Handlebars.compile('<div class="bar" {{bindAttr style="stage.barWidth"}}></div>'),
+  template: Ember.Handlebars.compile('<div class="bar" {{bindAttr style="command.barWidth"}}></div>'),
 
   isStageCompleted: function () {
     return this.get('obj.progress') == 100 || this.get('controller.isStepCompleted');