我正在尝试使用Java从我的本地计算机上获取kerberos安全的Hadoop集群。
这是我尝试过的事情:
public static void hbase() throws IOException {
System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
final Configuration hBaseConfig = HBaseConfiguration.create();
hBaseConfig.setInt("timeout", 120000);
hBaseConfig.set("hbase.zookeeper.quorum", <zookeeper_quorum_address>);
hBaseConfig.set("hbase.zookeeper.property.clientPort", "2181");
hBaseConfig.set("hadoop.security.authentication", "kerberos");
hBaseConfig.set("hbase.security.authentication", "kerberos");
hBaseConfig.set("hbase.master.kerberos.principal", <kerberos.hbase.principal>);
hBaseConfig.set("hbase.regionserver.kerberos.principal", <kerberos.hbase.principal>);
hBaseConfig.set("hbase.master.keytab.file", "hbase.keytab");
hBaseConfig.set("hbase.regionserver.keytab.file", "hbase.keytab");
UserGroupInformation.setConfiguration(hBaseConfig);
UserGroupInformation ugi = UserGroupInformation.loginUserFromKeytabAndReturnUGI(<principalName>,
path_to_keytab_on_local_fs);
}
我从集群管理员那里获得了zookeeper quorum,hbase principal等的值,所以我相当确定它们是准确的。我还使用它来验证我的密钥表,以便在集群上使用kinit获取票证
这是错误跟踪:
Exception in thread "main" java.io.IOException: Login failure for <principal> from keytab <path_to_keytab_on_local_fs>
at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytabAndReturnUGI(UserGroupInformation.java:1008)
at Kerberos.KerberosAuthentication.App.hbase(App.java:32)
at Kerberos.KerberosAuthentication.App.main(App.java:15)
Caused by: javax.security.auth.login.LoginException: null (68)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:763)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytabAndReturnUGI(UserGroupInformation.java:997)
... 2 more
Caused by: KrbException: null (68)
at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:76)
at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:319)
at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:364)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:735)
... 15 more
Caused by: KrbException: Identifier doesn't match expected value (906)
at sun.security.krb5.internal.KDCRep.init(KDCRep.java:143)
at sun.security.krb5.internal.ASRep.init(ASRep.java:65)
at sun.security.krb5.internal.ASRep.<init>(ASRep.java:60)
at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:60)
... 18 more
我还尝试了另一种方法,将UserGroupInformation与SecurityUtil
SecurityUtil.login(hBaseConfig, <keytab>, <principal name>);
SecurityUtil.doAsCurrentUser(new PrivilegedExceptionAction<Void>() {
.............
}
使用这种方法,控制台输出显示Session Established,但除此之外,执行只是继续,没有任何日志/控制台输出,我必须强制终止它。
我非常感谢有助于解决此问题的一些见解。
答案 0 :(得分:0)
你可以试试像
这样的东西 var $buttonWidth = parseInt($(this).outerWidth(true));
console.log($.isNumeric($buttonWidth));
console.log(isNaN($buttonWidth));
console.log($buttonWidth);
$buttonWidth / 2;
console.log($buttonWidth);