You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@phoenix.apache.org by st...@apache.org on 2020/05/28 06:51:19 UTC
[phoenix-queryserver] branch master updated: PHOENIX-5904 Add log
if the configed kerberos principal login failed
This is an automated email from the ASF dual-hosted git repository.
stoty pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/phoenix-queryserver.git
The following commit(s) were added to refs/heads/master by this push:
new e2e007f PHOENIX-5904 Add log if the configed kerberos principal login failed
e2e007f is described below
commit e2e007fca32011229042d88f566711b517870c20
Author: Guanghao Zhang <zh...@xiaomi.com>
AuthorDate: Tue May 19 19:44:11 2020 +0800
PHOENIX-5904 Add log if the configed kerberos principal login failed
---
.../apache/phoenix/queryserver/QueryServerProperties.java | 2 ++
.../org/apache/phoenix/queryserver/server/QueryServer.java | 13 +++++++++++--
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/queryserver/src/main/java/org/apache/phoenix/queryserver/QueryServerProperties.java b/queryserver/src/main/java/org/apache/phoenix/queryserver/QueryServerProperties.java
index 562ca13..35a6dec 100644
--- a/queryserver/src/main/java/org/apache/phoenix/queryserver/QueryServerProperties.java
+++ b/queryserver/src/main/java/org/apache/phoenix/queryserver/QueryServerProperties.java
@@ -38,6 +38,8 @@ public class QueryServerProperties {
"phoenix.queryserver.dns.interface";
public static final String QUERY_SERVER_HBASE_SECURITY_CONF_ATTRIB =
"hbase.security.authentication";
+ public static final String QUERY_SERVER_HADOOP_SECURITY_CONF_ATTRIB =
+ "hadoop.security.authentication";
public static final String QUERY_SERVER_UGI_CACHE_MAX_SIZE =
"phoenix.queryserver.ugi.cache.max.size";
public static final String QUERY_SERVER_UGI_CACHE_INITIAL_SIZE =
diff --git a/queryserver/src/main/java/org/apache/phoenix/queryserver/server/QueryServer.java b/queryserver/src/main/java/org/apache/phoenix/queryserver/server/QueryServer.java
index b50a44f..d39427a 100644
--- a/queryserver/src/main/java/org/apache/phoenix/queryserver/server/QueryServer.java
+++ b/queryserver/src/main/java/org/apache/phoenix/queryserver/server/QueryServer.java
@@ -191,6 +191,8 @@ public final class QueryServer extends Configured implements Tool, Runnable {
try {
final boolean isKerberos = "kerberos".equalsIgnoreCase(getConf().get(
QueryServerProperties.QUERY_SERVER_HBASE_SECURITY_CONF_ATTRIB));
+ final boolean isHadoopKerberos = "kerberos".equalsIgnoreCase(getConf().get(
+ QueryServerProperties.QUERY_SERVER_HADOOP_SECURITY_CONF_ATTRIB));
final boolean disableSpnego = getConf().getBoolean(QueryServerProperties.QUERY_SERVER_SPNEGO_AUTH_DISABLED_ATTRIB,
QueryServerOptions.DEFAULT_QUERY_SERVER_SPNEGO_AUTH_DISABLED);
String hostname;
@@ -199,6 +201,13 @@ public final class QueryServer extends Configured implements Tool, Runnable {
// handle secure cluster credentials
if (isKerberos && !disableLogin) {
+ if(!isHadoopKerberos) {
+ LOG.error("HBase and Hadoop security config inconsistent, "
+ + QueryServerProperties.QUERY_SERVER_HBASE_SECURITY_CONF_ATTRIB
+ + " was configured as kerberos, but "
+ + QueryServerProperties.QUERY_SERVER_HADOOP_SECURITY_CONF_ATTRIB + " not!");
+ return -1;
+ }
hostname = Strings.domainNamePointerToHostName(DNS.getDefaultHost(
getConf().get(QueryServerProperties.QUERY_SERVER_DNS_INTERFACE_ATTRIB, "default"),
getConf().get(QueryServerProperties.QUERY_SERVER_DNS_NAMESERVER_ATTRIB, "default")));
@@ -210,10 +219,10 @@ public final class QueryServer extends Configured implements Tool, Runnable {
}
SecurityUtil.login(getConf(), QueryServerProperties.QUERY_SERVER_KEYTAB_FILENAME_ATTRIB,
QueryServerProperties.QUERY_SERVER_KERBEROS_PRINCIPAL_ATTRIB, hostname);
- LOG.info("Login successful.");
+ LOG.info("Kerberos login successful.");
} else {
hostname = InetAddress.getLocalHost().getHostName();
- LOG.info(" Kerberos is off and hostname is : "+hostname);
+ LOG.info("Kerberos is off and hostname is : " + hostname);
}
int port = getConf().getInt(QueryServerProperties.QUERY_SERVER_HTTP_PORT_ATTRIB,