java - Kerberos Authentication Error - When loading Hadoop Config Files from SharedPath -


i developing java application , application saving result data hdfs. java application should run in windows machine.

we using kerberos authentication , placed keytab file in nas drive. , saved hadoop config files in same nas drive.

my issues when load hadoop config files nas drive, throwing me authetication error, application running fine if load config files local file system (i saved config files inside c:\hadoop)

below working code snippet. (keytab file in nas, hadoop config files in local file system)

static string keytabpath = "\\\\path\\2\\keytabfile\\name.keytab" configuration config = new configuration();         config.set("fs.defaultfs", "hdfs://xxx.xx.xx.com:8020");         config.addresource(new path("c:\\hadoop\\core-site.xml"));         config.addresource(new path("c:\\hadoop\\hdfs-site.xml"));         config.addresource(new path("c:\\hadoop\\mapred-site.xml"));         config.addresource(new path("c:\\hadoop\\yarn-site.xml"));         config.set("fs.hdfs.impl", org.apache.hadoop.hdfs.distributedfilesystem.class.getname());         config.set("fs.file.impl",org.apache.hadoop.fs.localfilesystem.class.getname());         // kerberos authentication         config.set("hadoop.security.authentication", "kerberos");         usergroupinformation.setconfiguration(config);         usergroupinformation.loginuserfromkeytab("name@xx.xx.com",keytabpath); 

i tried loading config files nas drive getting kerberos authentication error. below code snippet throwing error (keytab file in nas , hadoop config files in nas)

static string keytabpath = "\\\\path\\2\\keytabfile\\name.keytab" configuration config = new configuration();         config.set("fs.defaultfs", "hdfs://xxx.xx.xx.com:8020");         config.addresource(new path("\\\\nasdrive\\core-site.xml"));         config.addresource(new path("\\\\nasdrive\\hdfs-site.xml"));         config.addresource(new path("\\\\nasdrive\\mapred-site.xml"));         config.addresource(new path("\\\\nasdrive\\yarn-site.xml"));         config.set("fs.hdfs.impl", org.apache.hadoop.hdfs.distributedfilesystem.class.getname());         config.set("fs.file.impl",org.apache.hadoop.fs.localfilesystem.class.getname());         // kerberos authentication         config.set("hadoop.security.authentication", "kerberos");         usergroupinformation.setconfiguration(config);         usergroupinformation.loginuserfromkeytab("name@xx.xx.com",keytabpath); 

below error message

java.io.ioexception: login failure name@xx.xx.com keytab \\nasdrive\name.keytab: javax.security.auth.login.loginexception: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com     @ org.apache.hadoop.security.usergroupinformation.loginuserfromkeytab(usergroupinformation.java:962)     @ appname.ldaplookuploop(appname.java:111)     @ appname.main(appname.java:70) caused by: javax.security.auth.login.loginexception: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com     @ org.apache.hadoop.security.usergroupinformation$hadooploginmodule.commit(usergroupinformation.java:199)     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(unknown source)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(unknown source)     @ java.lang.reflect.method.invoke(unknown source)     @ javax.security.auth.login.logincontext.invoke(unknown source)     @ javax.security.auth.login.logincontext.access$000(unknown source)     @ javax.security.auth.login.logincontext$4.run(unknown source)     @ javax.security.auth.login.logincontext$4.run(unknown source)     @ java.security.accesscontroller.doprivileged(native method)     @ javax.security.auth.login.logincontext.invokepriv(unknown source)     @ javax.security.auth.login.logincontext.login(unknown source)     @ org.apache.hadoop.security.usergroupinformation.loginuserfromkeytab(usergroupinformation.java:953)     ... 2 more caused by: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com     @ org.apache.hadoop.security.user.<init>(user.java:51)     @ org.apache.hadoop.security.user.<init>(user.java:43)     @ org.apache.hadoop.security.usergroupinformation$hadooploginmodule.commit(usergroupinformation.java:197)     ... 14 more caused by: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com     @ org.apache.hadoop.security.authentication.util.kerberosname.getshortname(kerberosname.java:389)     @ org.apache.hadoop.security.user.<init>(user.java:48)     ... 16 more jul 06, 2016 4:29:14 pm com.xx.it.logging.jdkmapper info info:  io exception occured: java.io.ioexception: login failure name@xx.xx.com keytab \\nasdrive\name.keytab: javax.security.auth.login.loginexception: java.lang.illegalargumentexception: illegal principal name name@xx.xx.com: org.apache.hadoop.security.authentication.util.kerberosname$nomatchingrule: no rules applied name@xx.xx.com 

so issues seems loading config file. application reading keytab file fine nas drive, not hadoop config files. issue. checked nas drive permissions , file permissions. everthing fine. dont know issue is. please me find out issue.


Comments

Popular posts from this blog

sequelize.js - Sequelize group by with association includes id -

java - Android raising EPERM (Operation not permitted) when attempting to send UDP packet after network connection -

c++ - Migration from QScriptEngine to QJSEngine -