You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oozie.apache.org by "Dénes Bodó (Jira)" <ji...@apache.org> on 2021/06/22 14:03:00 UTC

[jira] [Resolved] (OOZIE-730) oozie does not recognize admin user

     [ https://issues.apache.org/jira/browse/OOZIE-730?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Dénes Bodó resolved OOZIE-730.
------------------------------
    Resolution: Cannot Reproduce

> oozie does not recognize admin user 
> ------------------------------------
>
>                 Key: OOZIE-730
>                 URL: https://issues.apache.org/jira/browse/OOZIE-730
>             Project: Oozie
>          Issue Type: Bug
>            Reporter: Mohammad Islam
>            Priority: Major
>
> therefore $ cat /home/y/conf/yoozie/adminusers.txt 
> wrkflow
> oozie
> mchiang
> kamrul
> hadoopqa
> but admin command failed.
> $ oozie admin -systemmode NORMAL
> Error: E0503 : E0503: User [?] does not have admin privileges
> 2012-01-24 00:03:43,778  WARN V1AdminServlet:542 - USER[?] GROUP[-] TOKEN[-]
> APP[-] JOB[-] ACTION[-] URL[PUT
> http://<HOST>:4080/oozie/v1/admin/status?systemmode=NORMAL]
> error[E0503], E0503: User [?] does not have admin privileges
> org.apache.oozie.servlet.XServletException: E0503: User [?] does not have admin
> privileges
>         at
> org.apache.oozie.servlet.BaseAdminServlet.doPut(BaseAdminServlet.java:62)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:640)
>         at
> org.apache.oozie.servlet.JsonRestServlet.service(JsonRestServlet.java:284)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>         at
> com.yahoo.oozie.security.authentication.filter.AuthFilter$2.doFilter(AuthFilter.java:132)
>         at
> org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:372)
>         at
> com.yahoo.oozie.security.authentication.filter.AuthFilter.doFilter(AuthFilter.java:144)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>         at yjava.cookie.CookieDataFilter.doFilter(CookieDataFilter.java:371)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>         at yjava.remote.ip.RemoteIPFilter.doFilter(RemoteIPFilter.java:154)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>         at
> yjava.security.yiv.servlet.InputValidationFilter.doFilter(InputValidationFilter.java:193)
>         at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>         at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>         at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>         at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>         at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>         at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>         at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>         at
> yjava.tomcat.valves.YahooConnectionValve.invoke(YahooConnectionValve.java:165)
>         at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
>         at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
>         at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
>         at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
>         at java.lang.Thread.run(Thread.java:662)
> Caused by: org.apache.oozie.service.AuthorizationException: E0503: User [?]
> does not have admin privileges
>         at
> org.apache.oozie.service.AuthorizationService.authorizeForAdmin(AuthorizationService.java:217)
>         at
> org.apache.oozie.servlet.BaseAdminServlet.doPut(BaseAdminServlet.java:59)
>         ... 30 more
> it's ok in 3.1.3. for example,
> [oozie ~]$ /home/y/var/yoozieclient/bin/oozie admin -version -oozie
> http://gsbl90116.blue.ygrid.yahoo.com:4080/oozie -auth kerberos
> Oozie server build version: 3.1.3
> [oozie@gsbl90116 ~]$ /home/y/var/yoozieclient/bin/oozie admin -systemmode
> NORMAL -oozie http://gsbl90116.blue.ygrid.yahoo.com:4080/oozie -auth kerberos
> System mode: NORMAL
> 2012-01-24 00:10:37,237  INFO KerberosAuthenticationProvider:68 - Successfully
> validated oozie/gsbl90116.blue.ygrid.yahoo.com@DEV.YGRID.YAHOO.COM
> 2012-01-24 00:10:37,242  INFO AuthenticationHelper:30 - Proxying as oozie
> 2012-01-24 00:10:37,292  INFO KerberosAuthenticationProvider:68 - Successfully
> validated oozie/gsbl90116.blue.ygrid.yahoo.com@DEV.YGRID.YAHOO.COM
> 2012-01-24 00:10:37,297  INFO AuthenticationHelper:30 - Proxying as oozie



--
This message was sent by Atlassian Jira
(v8.3.4#803005)