You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Dénes Bodó (Jira)" <ji...@apache.org> on 2021/06/22 14:03:00 UTC
[jira] [Resolved] (OOZIE-730) oozie does not recognize admin user
[ https://issues.apache.org/jira/browse/OOZIE-730?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dénes Bodó resolved OOZIE-730.
------------------------------
Resolution: Cannot Reproduce
> oozie does not recognize admin user
> ------------------------------------
>
> Key: OOZIE-730
> URL: https://issues.apache.org/jira/browse/OOZIE-730
> Project: Oozie
> Issue Type: Bug
> Reporter: Mohammad Islam
> Priority: Major
>
> therefore $ cat /home/y/conf/yoozie/adminusers.txt
> wrkflow
> oozie
> mchiang
> kamrul
> hadoopqa
> but admin command failed.
> $ oozie admin -systemmode NORMAL
> Error: E0503 : E0503: User [?] does not have admin privileges
> 2012-01-24 00:03:43,778 WARN V1AdminServlet:542 - USER[?] GROUP[-] TOKEN[-]
> APP[-] JOB[-] ACTION[-] URL[PUT
> http://<HOST>:4080/oozie/v1/admin/status?systemmode=NORMAL]
> error[E0503], E0503: User [?] does not have admin privileges
> org.apache.oozie.servlet.XServletException: E0503: User [?] does not have admin
> privileges
> at
> org.apache.oozie.servlet.BaseAdminServlet.doPut(BaseAdminServlet.java:62)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:640)
> at
> org.apache.oozie.servlet.JsonRestServlet.service(JsonRestServlet.java:284)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> com.yahoo.oozie.security.authentication.filter.AuthFilter$2.doFilter(AuthFilter.java:132)
> at
> org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:372)
> at
> com.yahoo.oozie.security.authentication.filter.AuthFilter.doFilter(AuthFilter.java:144)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at yjava.cookie.CookieDataFilter.doFilter(CookieDataFilter.java:371)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at yjava.remote.ip.RemoteIPFilter.doFilter(RemoteIPFilter.java:154)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> yjava.security.yiv.servlet.InputValidationFilter.doFilter(InputValidationFilter.java:193)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
> at
> yjava.tomcat.valves.YahooConnectionValve.invoke(YahooConnectionValve.java:165)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
> at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
> at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
> at java.lang.Thread.run(Thread.java:662)
> Caused by: org.apache.oozie.service.AuthorizationException: E0503: User [?]
> does not have admin privileges
> at
> org.apache.oozie.service.AuthorizationService.authorizeForAdmin(AuthorizationService.java:217)
> at
> org.apache.oozie.servlet.BaseAdminServlet.doPut(BaseAdminServlet.java:59)
> ... 30 more
> it's ok in 3.1.3. for example,
> [oozie ~]$ /home/y/var/yoozieclient/bin/oozie admin -version -oozie
> http://gsbl90116.blue.ygrid.yahoo.com:4080/oozie -auth kerberos
> Oozie server build version: 3.1.3
> [oozie@gsbl90116 ~]$ /home/y/var/yoozieclient/bin/oozie admin -systemmode
> NORMAL -oozie http://gsbl90116.blue.ygrid.yahoo.com:4080/oozie -auth kerberos
> System mode: NORMAL
> 2012-01-24 00:10:37,237 INFO KerberosAuthenticationProvider:68 - Successfully
> validated oozie/gsbl90116.blue.ygrid.yahoo.com@DEV.YGRID.YAHOO.COM
> 2012-01-24 00:10:37,242 INFO AuthenticationHelper:30 - Proxying as oozie
> 2012-01-24 00:10:37,292 INFO KerberosAuthenticationProvider:68 - Successfully
> validated oozie/gsbl90116.blue.ygrid.yahoo.com@DEV.YGRID.YAHOO.COM
> 2012-01-24 00:10:37,297 INFO AuthenticationHelper:30 - Proxying as oozie
--
This message was sent by Atlassian Jira
(v8.3.4#803005)