Short Description:

This article will describe on how to disable CSRF protection in Ambari.

Article

Adding service through ambari gives error as shown below -

[root@sandbox ~]# curl -u admin:admin -i -X POST -d '{"ServiceInfo":{"service_name":"STORM"}}' http://192.168.123.129:8080/api/v1/clusters/Sandbox/services

HTTP/1.1 400 Bad Request

Set-Cookie: AMBARISESSIONID=qraouzksi4vktobhob5heqml;Path=/

Expires: Thu, 01 Jan 1970 00:00:00 GMT

Content-Type: text/plain

Content-Length: 107

Server: Jetty(7.6.7.v20120910)

{

  "status" : 400,

  "message" : "CSRF protection is turned on. X-Requested-By HTTP header is required."

You need to disable CSRF protection as mentioned below -

1.Login to ambari server using cli [superuser credentials]

vi /etc/ambari-server/conf/ambari.properties

2. Add below line at the bottom of the file

api.csrfPrevention.enabled=false

3. Restart ambari server

ambari-server restart

4. Try executing POST command again to add service and it should work

[root@sandbox ~]# curl -u admin:admin -i -X POST -d '{"ServiceInfo":{"service_name":"STORM"}}' http://192.168.123.129:8080/api/v1/clusters/Sandbox/services

HTTP/1.1 201 Created

Set-Cookie: AMBARISESSIONID=1t4c7yfbu64nw1nenrgplco7sd;Path=/

Expires: Thu, 01 Jan 1970 00:00:00 GMT

Content-Type: text/plain

Content-Length: 0

Server: Jetty(7.6.7.v20120910)

Thanks.

How to resolve CSRF protection error while adding service through Ambari api的更多相关文章

  1. Creating a CSRF protection with Spring 3.x--reference

    reference from:http://info.michael-simons.eu/2012/01/11/creating-a-csrf-protection-with-spring-3-1/ ...

  2. "cni0" already has an IP address different from 10.244.2.1/24。 Error while adding to cni network: failed to allocate for range 0: no IP addresses available in range set: 10.244.2.1-10.244.2.254

    "cni0" already has an IP address different from 10.244.2.1/24. Error while adding to cni n ...

  3. How do I resolve the CodeSign error: CSSMERR_TP_NOT_TRUSTED?

    How do I resolve the CodeSign error: CSSMERR_TP_NOT_TRUSTED? The Xcode build error titled "CSSM ...

  4. HTML form without CSRF protection,HTML表单没有CSRF保护

    HTML form without CSRF protection =HTML表单没有CSRF保护 CSRF是伪造客户端请求的一种攻击,CSRF的英文全称是Cross Site Request For ...

  5. E-Business Suite 12.2 startCD 50 Install Fails with Fatal Error: TXK Install Service oracle.apps.fnd.txk.config.ProcessStateException: OUI process failed Cannot install Web Tier Utilities

    在rhel7.2上,使用startCD 50安装ebs r12.2的使用,安装到38%的时候就报错,遇到了和以下文章类似的问题: http://www.cnblogs.com/abclife/p/49 ...

  6. WIN7 + IIS7 Service Unavailable HTTP Error 503. The service is unavailable.

    在win7上开启IIS功能,进行网站发布. 但是开启IIS之后,打开默认网站都打不开,显示 Service Unavailable HTTP Error 503. The service is una ...

  7. adb shell出错“error: unknown host service”

    已经测试,可用: 在命令行输入adb shell后输出如下错误: adb server is out of date.  killing... ADB server didn't ACK * fail ...

  8. HTTP Error 503. The service is unavailable

    网站运行一段时间后,突然所有的页面都报告以下错误: HTTP Error 503. The service is unavailable 经检查,应用程序池自动停止,可能是工作进程抛出的异常数超出限制 ...

  9. Adding Swagger to Web API project

    Adding Swagger to Web API project. All source code for this series can be found here. When you creat ...

随机推荐

  1. FPGA学习笔记(三)—— 数字逻辑设计基础(抽象的艺术)

    FPGA设计的是数字逻辑,在开始用HDL设计之前,需要先了解一下基本的数字逻辑设计-- 一门抽象的艺术. 现实世界是一个模拟的世界,有很多模拟量,比如温度,声音······都是模拟信号,通过对模拟信号 ...

  2. 某校高中生利用Python,巧妙获取考试成绩,看到成绩后无言以对!

    Python是非常有吸引力的编程语言,学习Python的不是帅哥就是美女.为什么这么说呢?因为我和我的女朋友都是学习Python认识的,小编肯定是帅哥,不用去怀疑,而且我眼光特高. 给大伙讲一个故事, ...

  3. Python集合set

    集合 set 集合是无序的 集合的值是唯一的 求两个集合的关系: list1 = [1,4,5,7,3,6,7,9] list2 = set([2,6,0,66,22,8,4]) list3 = se ...

  4. 模块(相当于Java里的包)

    Python提供丰富和强大的标准库和第三方库. sys库 在命令窗口中可以输入参数 若想将参数打印出来, 可以这样写: print(sys.argv[2]) os库 可以创建文件夹. 类似于Java里 ...

  5. HashMap浅入理解

    HashMap不能保证元素的顺序,HashMap能够将键设为null,也可以将值设为null,与之对应的是Hashtable,(注意大小写:不是HashTable),Hashtable不能将键和值设为 ...

  6. monitor.go 源码阅读

    package main import (     "fmt"     "net/http" ) // 查询监控信息的接口 func statsHandler( ...

  7. Instrumentation(3)

    摘要: Instrumentation  类加载过程  Instrumentation与Transformer  Instrumentation与Transformer的关系  Instrumenta ...

  8. JUC中AQS简介

    AQS,在java.util.concurrent.locks包中,AbstractQueuedSynchronizer这个类是并发包中的核心,了解其他类之前,需要先弄清楚AQS.在JUC的很多类中都 ...

  9. 第三方库API接口

    第三方库API接口 InfluxDB提供了各种语言的Http API接口的封装.具体可以看这里: https://docs.influxdata.com/influxdb/v0.10/clients/ ...

  10. 【BZOJ2339】【HNOI2011】卡农

    题解: 首先用二进制表示每个音阶是否使用,那么共有$2^{n}-1$(空集不可行)种片段,用$a_{i}$来表示每个片段,问题就是求满足$a_{1}\left (xor\right)a_{2}\lef ...