java - Kerberos Authentication Error - When loading Hadoop Config Files from SharedPath -
i developing java application , application saving result data hdfs. java application should run in windows machine.
we using kerberos authentication , placed keytab file in nas drive. , saved hadoop config files in same nas drive.
my issues when load hadoop config files nas drive, throwing me authetication error, application running fine if load config files local file system (i saved config files inside c:\hadoop)
below working code snippet. (keytab file in nas, hadoop config files in local file system)
static string keytabpath = "\\\\path\\2\\keytabfile\\name.keytab" configuration config = new configuration(); config.set("fs.defaultfs", "hdfs://xxx.xx.xx.com:8020"); config.addresource(new path("c:\\hadoop\\core-site.xml")); config.addresource(new path("c:\\hadoop\\hdfs-site.xml")); config.addresource(new path("c:\\hadoop\\mapred-site.xml")); config.addresource(new path("c:\\hadoop\\yarn-site.xml")); config.set("fs.hdfs.impl", org.apache.hadoop.hdfs.distributedfilesystem.class.getname()); config.set("fs.file.impl",org.apache.hadoop.fs.localfilesystem.class.getname()); // kerberos authentication config.set("hadoop.security.authentication", "kerberos"); usergroupinformation.setconfiguration(config); usergroupinformation.loginuserfromkeytab("name@xx.xx.com",keytabpath);
i tried loading config files nas drive getting kerberos authentication error. below code snippet throwing error (keytab file in nas , hadoop config files in nas)
static string keytabpath = "\\\\path\\2\\keytabfile\\name.keytab" configuration config = new configuration(); config.set("fs.defaultfs", "hdfs://xxx.xx.xx.com:8020"); config.addresource(new path("\\\\nasdrive\\core-site.xml")); config.addresource(new path("\\\\nasdrive\\hdfs-site.xml")); config.addresource(new path("\\\\nasdrive\\mapred-site.xml")); config.addresource(new path("\\\\nasdrive\\yarn-site.xml")); config.set("fs.hdfs.impl", org.apache.hadoop.hdfs.distributedfilesystem.class.getname()); config.set("fs.file.impl",org.apache.hadoop.fs.localfilesystem.class.getname()); // kerberos authentication config.set("hadoop.security.authentication", "kerberos"); usergroupinformation.setconfiguration(config); usergroupinformation.loginuserfromkeytab("name@xx.xx.com",keytabpath);
below error message
java.io.ioexception: login failure name@xx.xx.com keytab \\nasdrive\name.keytab: javax.security.auth.login.loginexception: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com @ org.apache.hadoop.security.usergroupinformation.loginuserfromkeytab(usergroupinformation.java:962) @ appname.ldaplookuploop(appname.java:111) @ appname.main(appname.java:70) caused by: javax.security.auth.login.loginexception: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com @ org.apache.hadoop.security.usergroupinformation$hadooploginmodule.commit(usergroupinformation.java:199) @ sun.reflect.nativemethodaccessorimpl.invoke0(native method) @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source) @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source) @ java.lang.reflect.method.invoke(unknown source) @ javax.security.auth.login.logincontext.invoke(unknown source) @ javax.security.auth.login.logincontext.access$000(unknown source) @ javax.security.auth.login.logincontext$4.run(unknown source) @ javax.security.auth.login.logincontext$4.run(unknown source) @ java.security.accesscontroller.doprivileged(native method) @ javax.security.auth.login.logincontext.invokepriv(unknown source) @ javax.security.auth.login.logincontext.login(unknown source) @ org.apache.hadoop.security.usergroupinformation.loginuserfromkeytab(usergroupinformation.java:953) ... 2 more caused by: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com @ org.apache.hadoop.security.user.<init>(user.java:51) @ org.apache.hadoop.security.user.<init>(user.java:43) @ org.apache.hadoop.security.usergroupinformation$hadooploginmodule.commit(usergroupinformation.java:197) ... 14 more caused by: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com @ org.apache.hadoop.security.authentication.util.kerberosname.getshortname(kerberosname.java:389) @ org.apache.hadoop.security.user.<init>(user.java:48) ... 16 more jul 06, 2016 4:29:14 pm com.xx.it.logging.jdkmapper info info: io exception occured: java.io.ioexception: login failure name@xx.xx.com keytab \\nasdrive\name.keytab: javax.security.auth.login.loginexception: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com
so issues seems loading config file. application reading keytab file fine nas drive, not hadoop config files. issue. checked nas drive permissions , file permissions. everthing fine. dont know issue is. please me find out issue.
Comments
Post a Comment