You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "李远锋 (Jira)" <ji...@apache.org> on 2020/11/23 13:23:00 UTC
[jira] [Updated] (KNOX-2473) Problem with using KNOX to proxy
Tomcat
[ https://issues.apache.org/jira/browse/KNOX-2473?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
李远锋 updated KNOX-2473:
----------------------
Description:
When I plan to use Knox proxying Tomcat,I met a error in browser:
{code:java}
// code placeholder
https://localhost:8443/gateway/tomcat/tomcatui/index.jsp
{code}
{code:java}
// code placeholder
HTTP ERROR 500 javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.URI:/gateway/tomcat/tomcatui/index.jspSTATUS:500MESSAGE:javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.SERVLET:tomcat-knox-gateway-servletCAUSED BY:javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:java.io.IOException: Service connectivity error.
{code}
the service.xml is:
{code:java}
// code placeholder
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<service role="TOMCAT" name="tomcat" version="9.0">
<routes>
<route path="/tomcatui/">
</route> <route path="/tomcatui/**">
</route> <route path="/tomcatui/**?**">
</route> </routes>
</service>
{code}
the rewriete.xml is:
{code:java}
// code placeholder
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<rules>
<!-- Inbound rewrite rules -->
<rule dir="IN" name="TOMCAT/root/inbound" pattern="*://*:*/**/tomcatui/">
<rewrite template="{$serviceUrl[TOMCAT]}/"/>
</rule>
<rule dir="IN" name="TOMCAT/root/inbound" pattern="*://*:*/**/tomcatui/index.jsp">
<rewrite template="{$serviceUrl[TOMCAT]}/index.jsp"/>
</rule>
<rule dir="IN" name="TOMCAT/path/inbound" pattern="*://*:*/**/tomcatui/{**}">
<rewrite template="{$serviceUrl[TOMCAT]}/{**}"/>
</rule> <rule dir="IN" name="TOMCAT/full/inbound" pattern="*://*:*/**/tomcatui/{**}?{**}">
<rewrite template="{$serviceUrl[TOMCAT]}/{**}?{**}"/>
</rule> <rule dir="IN" name="TOMCAT/full/inbound" pattern="*://*:*/**/tomcatui/{path=**}?{**}">
<rewrite template="{$serviceUrl[TOMCAT]}/{path=**}?{**}"/>
</rule>
<rules>
{code}
the $KNOX_HOME/conf/topologies/tomcat.xml is:
{code:java}
// code placeholder
<topology>
<gateway>
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
<param>
<name>sessionTimeout</name>
<value>30</value>
</param>
<param>
<name>main.ldapRealm</name>
<value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
</param>
<param>
<name>main.ldapRealm.userDnTemplate</name>
<value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>
</param>
<param>
<name>main.ldapRealm.contextFactory.url</name>
<value>ldap://localhost:33389</value>
</param>
<param>
<name>main.ldapRealm.contextFactory.authenticationMechanism</name>
<value>simple</value>
</param>
<param>
<name>urls./**</name>
<value>authcBasic</value>
</param>
</provider>
<provider>
<role>identity-assertion</role>
<name>Default</name>
<enabled>true</enabled>
</provider>
</gateway> <service>
<role>TOMCAT</role>
<url>http://hdp24.bigdata.zll.360es.cn:8080</url>
</service>
</topology>
{code}
was:
When I plan to use Knox proxying Tomcat,I met a error in browser:
{code:java}
// code placeholder
HTTP ERROR 500 javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.URI:/gateway/tomcat/tomcatui/index.jspSTATUS:500MESSAGE:javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.SERVLET:tomcat-knox-gateway-servletCAUSED BY:javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:java.io.IOException: Service connectivity error.
{code}
the service.xml is:
{code:java}
// code placeholder
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<service role="TOMCAT" name="tomcat" version="9.0">
<routes>
<route path="/tomcatui/">
</route> <route path="/tomcatui/**">
</route> <route path="/tomcatui/**?**">
</route> </routes>
</service>
{code}
the rewriete.xml is:
{code:java}
// code placeholder
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<rules>
<!-- Inbound rewrite rules -->
<rule dir="IN" name="TOMCAT/root/inbound" pattern="*://*:*/**/tomcatui/">
<rewrite template="{$serviceUrl[TOMCAT]}/"/>
</rule>
<rule dir="IN" name="TOMCAT/root/inbound" pattern="*://*:*/**/tomcatui/index.jsp">
<rewrite template="{$serviceUrl[TOMCAT]}/index.jsp"/>
</rule>
<rule dir="IN" name="TOMCAT/path/inbound" pattern="*://*:*/**/tomcatui/{**}">
<rewrite template="{$serviceUrl[TOMCAT]}/{**}"/>
</rule> <rule dir="IN" name="TOMCAT/full/inbound" pattern="*://*:*/**/tomcatui/{**}?{**}">
<rewrite template="{$serviceUrl[TOMCAT]}/{**}?{**}"/>
</rule> <rule dir="IN" name="TOMCAT/full/inbound" pattern="*://*:*/**/tomcatui/{path=**}?{**}">
<rewrite template="{$serviceUrl[TOMCAT]}/{path=**}?{**}"/>
</rule>
<rules>
{code}
the $KNOX_HOME/conf/topologies/tomcat.xml is:
{code:java}
// code placeholder
<topology>
<gateway>
<provider>
<role>authentication</role>
<name>ShiroProvider</name>
<enabled>true</enabled>
<param>
<name>sessionTimeout</name>
<value>30</value>
</param>
<param>
<name>main.ldapRealm</name>
<value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
</param>
<param>
<name>main.ldapRealm.userDnTemplate</name>
<value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>
</param>
<param>
<name>main.ldapRealm.contextFactory.url</name>
<value>ldap://localhost:33389</value>
</param>
<param>
<name>main.ldapRealm.contextFactory.authenticationMechanism</name>
<value>simple</value>
</param>
<param>
<name>urls./**</name>
<value>authcBasic</value>
</param>
</provider>
<provider>
<role>identity-assertion</role>
<name>Default</name>
<enabled>true</enabled>
</provider>
</gateway> <service>
<role>TOMCAT</role>
<url>http://hdp24.bigdata.zll.360es.cn:8080</url>
</service>
</topology>
{code}
> Problem with using KNOX to proxy Tomcat
> ---------------------------------------
>
> Key: KNOX-2473
> URL: https://issues.apache.org/jira/browse/KNOX-2473
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.4.0
> Reporter: 李远锋
> Priority: Major
>
> When I plan to use Knox proxying Tomcat,I met a error in browser:
> {code:java}
> // code placeholder
> https://localhost:8443/gateway/tomcat/tomcatui/index.jsp
> {code}
> {code:java}
> // code placeholder
> HTTP ERROR 500 javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.URI:/gateway/tomcat/tomcatui/index.jspSTATUS:500MESSAGE:javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.SERVLET:tomcat-knox-gateway-servletCAUSED BY:javax.servlet.ServletException: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.CAUSED BY:java.io.IOException: Service connectivity error.
> {code}
> the service.xml is:
> {code:java}
> // code placeholder
> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
> <service role="TOMCAT" name="tomcat" version="9.0">
> <routes>
> <route path="/tomcatui/">
> </route> <route path="/tomcatui/**">
> </route> <route path="/tomcatui/**?**">
> </route> </routes>
> </service>
> {code}
> the rewriete.xml is:
> {code:java}
> // code placeholder
> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
> <rules>
> <!-- Inbound rewrite rules -->
> <rule dir="IN" name="TOMCAT/root/inbound" pattern="*://*:*/**/tomcatui/">
> <rewrite template="{$serviceUrl[TOMCAT]}/"/>
> </rule>
> <rule dir="IN" name="TOMCAT/root/inbound" pattern="*://*:*/**/tomcatui/index.jsp">
> <rewrite template="{$serviceUrl[TOMCAT]}/index.jsp"/>
> </rule>
> <rule dir="IN" name="TOMCAT/path/inbound" pattern="*://*:*/**/tomcatui/{**}">
> <rewrite template="{$serviceUrl[TOMCAT]}/{**}"/>
> </rule> <rule dir="IN" name="TOMCAT/full/inbound" pattern="*://*:*/**/tomcatui/{**}?{**}">
> <rewrite template="{$serviceUrl[TOMCAT]}/{**}?{**}"/>
> </rule> <rule dir="IN" name="TOMCAT/full/inbound" pattern="*://*:*/**/tomcatui/{path=**}?{**}">
> <rewrite template="{$serviceUrl[TOMCAT]}/{path=**}?{**}"/>
> </rule>
> <rules>
> {code}
> the $KNOX_HOME/conf/topologies/tomcat.xml is:
> {code:java}
> // code placeholder
> <topology>
> <gateway>
> <provider>
> <role>authentication</role>
> <name>ShiroProvider</name>
> <enabled>true</enabled>
> <param>
> <name>sessionTimeout</name>
> <value>30</value>
> </param>
> <param>
> <name>main.ldapRealm</name>
> <value>org.apache.hadoop.gateway.shirorealm.KnoxLdapRealm</value>
> </param>
> <param>
> <name>main.ldapRealm.userDnTemplate</name>
> <value>uid={0},ou=people,dc=hadoop,dc=apache,dc=org</value>
> </param>
> <param>
> <name>main.ldapRealm.contextFactory.url</name>
> <value>ldap://localhost:33389</value>
> </param>
> <param>
> <name>main.ldapRealm.contextFactory.authenticationMechanism</name>
> <value>simple</value>
> </param>
> <param>
> <name>urls./**</name>
> <value>authcBasic</value>
> </param>
> </provider>
> <provider>
> <role>identity-assertion</role>
> <name>Default</name>
> <enabled>true</enabled>
> </provider>
> </gateway> <service>
> <role>TOMCAT</role>
> <url>http://hdp24.bigdata.zll.360es.cn:8080</url>
> </service>
> </topology>
> {code}
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)