You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "李远锋 (Jira)" <ji...@apache.org> on 2021/01/28 15:46:00 UTC
[jira] [Issue Comment Deleted] (KNOX-2526) Knox can not access the
Secure Hadoop
[ https://issues.apache.org/jira/browse/KNOX-2526?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
李远锋 updated KNOX-2526:
----------------------
Comment: was deleted
(was: Yes, kerberos is enabled in the hadoop cluster.When the browser visits knox, there is no error in hadoop,gateway.out has some logs
{code:java}
// code placeholder
default etypes for default_tkt_enctypes: 17 16 23.
>>> KrbAsReq creating message
>>>KinitOptions cache name is KEYRING:persistent:387800250
Looking for keys for: HTTP/hdp11.bigdata.bjzt.qianxin-inc.cn@HADOOP.COM
Found unsupported keytype (3) for HTTP/hdp11.bigdata.bjzt.qianxin-inc.cn@HADOOP.COM
Found unsupported keytype (8) for HTTP/hdp11.bigdata.bjzt.qianxin-inc.cn@HADOOP.COM
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
Looking for keys for: HTTP/hdp11.bigdata.bjzt.qianxin-inc.cn@HADOOP.COM
Found unsupported keytype (3) for HTTP/hdp11.bigdata.bjzt.qianxin-inc.cn@HADOOP.COM
Found unsupported keytype (8) for HTTP/hdp11.bigdata.bjzt.qianxin-inc.cn@HADOOP.COM
Added key: 23version: 1
Added key: 16version: 1
Added key: 17version: 1
default etypes for default_tkt_enctypes: 17 16 23.
>>> KrbAsReq creating message
{code}
These are config below.
[^krb5.conf]
[^krb5JAASLogin.conf]
)
> Knox can not access the Secure Hadoop
> -------------------------------------
>
> Key: KNOX-2526
> URL: https://issues.apache.org/jira/browse/KNOX-2526
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.5.0
> Reporter: 李远锋
> Priority: Blocker
> Fix For: 1.5.0
>
> Attachments: image-2020-12-27-22-24-45-419.png
>
>
> @[~smore] First of all, thank you for answering my question in jira last time, today I encountered a new problem, I hope you can help me, thank you a lot.
> I think this is not a bug, but my poor understanding of Knox's kerberos configuration. I have read the User Guide and Wiki on the official website several times, but I can't understand them well.I am confused about Kerberos configuration in the following two chapters and want to know the difference of two chapters:
> [Secure+Clusters|https://knox.apache.org/books/knox-1-4-0/user-guide.html#Secure+Clusters]
> [HadoopAuth+Authentication+Provider|https://knox.apache.org/books/knox-1-4-0/user-guide.html#HadoopAuth+Authentication+Provider]
>
> Although I followed these two configurations of the two chapters, I still encountered an error
> {code:java}
> // code placeholder
> curl -k -i --negotiate -u admin:admin-password https://localhost:8443/gateway/sandbox/webhdfs/v1/tmp?op=LISTSTATUS
> HTTP/1.1 401 Unauthorized
> Date: Sun, 27 Dec 2020 13:53:49 GMT
> WWW-Authenticate: BASIC realm="application"
> Content-Length: 0{code}
>
> I want to use a browser to access HadoopUI through Knox, but I also encountered a similar error。
> !image-2020-12-27-22-24-45-419.png!
> Finally, if Hadoop does not enable Kerberos, it is normal to access HadoopUI through Knox.
> Please help me,Thanks a lot.
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)