以下是使用kerberos连接HBase的代码:
Configuration conf = HBaseConfiguration.create();
conf.set("hbase.zookeeper.quorum", "20.20.100.1");
conf.set("hbase.zookeeper.property.clientPort", "2181");
final String USER_KEY = "appuser.principal";
final String KEYTAB_KEY = "appuser.keytab.filename";
final String Key_user = Config.getProperties().getString("kerberos_keyuser");
final String Key_tab = Config.getProperties().getString("kerberos_keytab");
conf.set("hadoop.security.authentication", "kerberos");
conf.set("hbase.security.authentication", "kerberos");
conf.set(USER_KEY, Key_user);
conf.set(KEYTAB_KEY, Key_tab);
SecurityUtil.login(conf, KEYTAB_KEY, USER_KEY);
Connection connection = ConnectionFactory.createConnection(conf);
try (Table table = connection.getTable(TableName.valueOf("newssentiment:test"))) {
Scan scan = new Scan();
ResultScanner scanner = table.getScanner(scan);
Iterator<Result> iterator = scanner.iterator();
System.out.println();
while(iterator.hasNext()) {
System.out.println(iterator.next());
}
}
catch (Exception e){
System.out.print(e.getMessage());
}
HBaseAdmin.checkHBaseAvailable(conf);
connection.close();
System.out.println("HBase is running!");
但我收到以下错误:
org.apache.hadoop.security.UserGroupInformation - PriviledgedActionException as:u8000 (auth:SIMPLE) cause:java.io.IOException: Failed to specify server's Kerberos principal name
org.apache.hadoop.hbase.ipc.AbstractRpcClient - Exception encountered while connecting to the server : java.io.IOException: Failed to specify server's Kerberos principal name
org.apache.hadoop.security.UserGroupInformation - PriviledgedActionException as:u8000 (auth:SIMPLE) cause:java.io.IOException: java.io.IOException: Failed to specify server's Kerberos principal name
相同的代码可以在Linux上成功运行,但在Windows上始终失败。
答案 0 :(得分:1)
只需将SecurityUtil.login(conf, KEYTAB_KEY, USER_KEY);替换为
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab("USER_KEY", KEYTAB_KEY);
为简单起见,您可以编写如下代码:
Configuration conf = HBaseConfiguration.create();
conf.addResource(new Path("D:\\core-site.xml");
conf.addResource(new Path("D:\\hbase-site.xml");
System.setProperty( "java.security.krb5.conf", "D:\\krb5.conf");
// give the path of krb5.conf file
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab("Dummy@EXAMPLE.COM", "D:\\farooque.keytab");
// Dummy@EXAMPLE.COM is the principal name, give the path of keytab file
Connection connection = ConnectionFactory.createConnection(conf);
try (Table table = connection.getTable(TableName.valueOf("newssentiment:test"))) {
Scan scan = new Scan();
ResultScanner scanner = table.getScanner(scan);
Iterator<Result> iterator = scanner.iterator();
System.out.println();
while(iterator.hasNext()) {
System.out.println(iterator.next());
}
}
catch (Exception e){
System.out.print(e.getMessage());
}
HBaseAdmin.checkHBaseAvailable(conf);
connection.close();
System.out.println("HBase is running!");
如果上面的代码成功运行,您可以用变量替换固定值。