You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@curator.apache.org by Arpit Jain <ja...@gmail.com> on 2020/01/06 12:10:44 UTC
Curator- Zookeeper SASL authentication
Hi,
I am trying to do SASL authentication between ZK and curator. Principal for
curator is added in Kerberos server. While starting up curator, I see below
message in logs even though JAAS file has "Client" section
*2020-01-06 11:38:06.443+0000 [L: WARN] [O: o.a.z.ClientCnxn] [I: ] [U: ]
[S: ] [P: platform] [T: localhost-startStop-1-SendThread(localhost:2181)]
SASL configuration failed: javax.security.auth.login.LoginException: No
JAAS configuration section named 'Client' was found in specified JAAS
configuration file: '/<path to>/jaas.conf'. Will continue connection to
Zookeeper server without SASL authentication, if Zookeeper server allows
it.*
I am using Curator version 4.2.0 and ZK version 3.5.5.
Thanks
Re: Curator- Zookeeper SASL authentication
Posted by Arpit Jain <ja...@gmail.com>.
Client {
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab=true
keyTab="/krb5kdc-data/zkclient.keytab"
storeKey=true
useTicketCache=false
principal="zkclient@EXAMPLE.COM";
};
On Mon, Jan 6, 2020 at 3:56 PM Enrico Olivelli <eo...@gmail.com> wrote:
> Can you paste your jaas.conf file ?
>
> Enrico
>
> Il giorno lun 6 gen 2020 alle ore 13:17 Arpit Jain <ja...@gmail.com>
> ha scritto:
>
>> Just to add, this is how I am creating curator client:
>>
>> System.setProperty("java.security.auth.login.config", "/<path
>> to>/jaas.conf");
>>
>> final CuratorFramework curatorFramework =
>>
>> CuratorFrameworkFactory.newClient(coordinatorHosts,
>> coordinatorSessionTimeout, coordinatorConnectionTimeout, retryPolicy);
>>
>>
>>
>> On Mon, Jan 6, 2020 at 12:10 PM Arpit Jain <ja...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I am trying to do SASL authentication between ZK and curator. Principal
>>> for curator is added in Kerberos server. While starting up curator, I see
>>> below message in logs even though JAAS file has "Client" section
>>>
>>> *2020-01-06 11:38:06.443+0000 [L: WARN] [O: o.a.z.ClientCnxn] [I: ] [U:
>>> ] [S: ] [P: platform] [T: localhost-startStop-1-SendThread(localhost:2181)]
>>> SASL configuration failed: javax.security.auth.login.LoginException: No
>>> JAAS configuration section named 'Client' was found in specified JAAS
>>> configuration file: '/<path to>/jaas.conf'. Will continue connection to
>>> Zookeeper server without SASL authentication, if Zookeeper server allows
>>> it.*
>>>
>>> I am using Curator version 4.2.0 and ZK version 3.5.5.
>>>
>>> Thanks
>>>
>>
Re: Curator- Zookeeper SASL authentication
Posted by Enrico Olivelli <eo...@gmail.com>.
Can you paste your jaas.conf file ?
Enrico
Il giorno lun 6 gen 2020 alle ore 13:17 Arpit Jain <ja...@gmail.com>
ha scritto:
> Just to add, this is how I am creating curator client:
>
> System.setProperty("java.security.auth.login.config", "/<path
> to>/jaas.conf");
>
> final CuratorFramework curatorFramework =
>
> CuratorFrameworkFactory.newClient(coordinatorHosts,
> coordinatorSessionTimeout, coordinatorConnectionTimeout, retryPolicy);
>
>
>
> On Mon, Jan 6, 2020 at 12:10 PM Arpit Jain <ja...@gmail.com> wrote:
>
>> Hi,
>>
>> I am trying to do SASL authentication between ZK and curator. Principal
>> for curator is added in Kerberos server. While starting up curator, I see
>> below message in logs even though JAAS file has "Client" section
>>
>> *2020-01-06 11:38:06.443+0000 [L: WARN] [O: o.a.z.ClientCnxn] [I: ] [U: ]
>> [S: ] [P: platform] [T: localhost-startStop-1-SendThread(localhost:2181)]
>> SASL configuration failed: javax.security.auth.login.LoginException: No
>> JAAS configuration section named 'Client' was found in specified JAAS
>> configuration file: '/<path to>/jaas.conf'. Will continue connection to
>> Zookeeper server without SASL authentication, if Zookeeper server allows
>> it.*
>>
>> I am using Curator version 4.2.0 and ZK version 3.5.5.
>>
>> Thanks
>>
>
Re: Curator- Zookeeper SASL authentication
Posted by Arpit Jain <ja...@gmail.com>.
Just to add, this is how I am creating curator client:
System.setProperty("java.security.auth.login.config", "/<path
to>/jaas.conf");
final CuratorFramework curatorFramework =
CuratorFrameworkFactory.newClient(coordinatorHosts,
coordinatorSessionTimeout, coordinatorConnectionTimeout, retryPolicy);
On Mon, Jan 6, 2020 at 12:10 PM Arpit Jain <ja...@gmail.com> wrote:
> Hi,
>
> I am trying to do SASL authentication between ZK and curator. Principal
> for curator is added in Kerberos server. While starting up curator, I see
> below message in logs even though JAAS file has "Client" section
>
> *2020-01-06 11:38:06.443+0000 [L: WARN] [O: o.a.z.ClientCnxn] [I: ] [U: ]
> [S: ] [P: platform] [T: localhost-startStop-1-SendThread(localhost:2181)]
> SASL configuration failed: javax.security.auth.login.LoginException: No
> JAAS configuration section named 'Client' was found in specified JAAS
> configuration file: '/<path to>/jaas.conf'. Will continue connection to
> Zookeeper server without SASL authentication, if Zookeeper server allows
> it.*
>
> I am using Curator version 4.2.0 and ZK version 3.5.5.
>
> Thanks
>