You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ranger.apache.org by "Michał Wieleba (Jira)" <ji...@apache.org> on 2022/02/11 15:14:00 UTC
[jira] [Commented] (RANGER-1629) Test Connection fails when creating Knox Service from Ranger Admin UI
[ https://issues.apache.org/jira/browse/RANGER-1629?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17490973#comment-17490973 ]
Michał Wieleba commented on RANGER-1629:
----------------------------------------
Guys, any update on this?
> Test Connection fails when creating Knox Service from Ranger Admin UI
> ---------------------------------------------------------------------
>
> Key: RANGER-1629
> URL: https://issues.apache.org/jira/browse/RANGER-1629
> Project: Ranger
> Issue Type: Bug
> Components: admin
> Affects Versions: 0.7.0
> Reporter: Anirudh
> Priority: Blocker
>
> Knox setup with self-signed certificate. When creating service on Ranger Admin UI for Knox, Test Connection gives error.
> I followed the steps mentioned in RANGER-355. I'm using the CN printed from the certificate in the place of <host> in the following https://<host>:8443/gateway/admin/api/v1/topologies/
> However, I'm not sure what values to enter for username and password while creating service. When I click Test-Connection, I'm getting this error
> "Connection Failed.
> Unable to retrieve any topologies/services using given parameters. You can still save the repository and start creating policies, but you would not be able to use autocomplete for resource names. Check ranger_admin.log for more info."
> and the ranger_admin.log contains
> "ERROR org.apache.ranger.plugin.util.PasswordUtils (PasswordUtils.java:156) - Unable to decrypt password due to error
> javax.crypto.IllegalBlockSizeException: Input length must be multiple of 8 when decrypting with padded cipher
> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:922)
> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:833)
> at com.sun.crypto.provider.PBES1Core.doFinal(PBES1Core.java:416)
> at com.sun.crypto.provider.PBEWithMD5AndDESCipher.engineDoFinal(PBEWithMD5AndDESCipher.java:316)
> at javax.crypto.Cipher.doFinal(Cipher.java:2165)
> at org.apache.ranger.plugin.util.PasswordUtils.decryptPassword(PasswordUtils.java:141)
> at org.apache.ranger.services.knox.client.KnoxClient.getTopologyList(KnoxClient.java:79)
> at org.apache.ranger.services.knox.client.KnoxClient$2.call(KnoxClient.java:406)
> at org.apache.ranger.services.knox.client.KnoxClient$2.call(KnoxClient.java:402)
> at org.apache.ranger.services.knox.client.KnoxClient.timedTask(KnoxClient.java:431)
> at org.apache.ranger.services.knox.client.KnoxClient.getKnoxResources(KnoxClient.java:410)
> at org.apache.ranger.services.knox.client.KnoxClient.connectionTest(KnoxClient.java:315)
> at org.apache.ranger.services.knox.client.KnoxResourceMgr.validateConfig(KnoxResourceMgr.java:42)
> at org.apache.ranger.services.knox.RangerServiceKnox.validateConfig(RangerServiceKnox.java:56)
> at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:560)
> at org.apache.ranger.biz.ServiceMgr$ValidateCallable.actualCall(ServiceMgr.java:547)
> at org.apache.ranger.biz.ServiceMgr$TimedCallable.call(ServiceMgr.java:508)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> >>> INFO apache.ranger.services.knox.client.KnoxClient (KnoxClient.java:81) - Password decryption failed; trying knox connection with received password string
> >>> ERROR apache.ranger.services.knox.client.KnoxClient (KnoxClient.java:131) - Got invalid REST response from: https://<host>:8443/gateway/admin/api/v1/topologies/, responseStatus: 401"
--
This message was sent by Atlassian Jira
(v8.20.1#820001)