Reply
Explorer
Posts: 20
Registered: ‎03-25-2017

CONN KERBEROS AUTHENTICATION ERROR GET TICKET CACHE OR BAD JAAS CONFIGURATION in AIX

[ Edited ]

Hi,

 

I am trying to make a JDBC connection through Java program running on AIX to Hive running on Kerberos enabled cluster. I have downloaded the JDBC driver from Cloudera site but it through the error "bad JAAS Configuration" or when i use SIMBA driver i get error "CONN KERBEROS AUTHENTICATION ERROR GET TICKET CACHE" . I am able to perform kinit and can see the ticket while running klist command.The same Jar which i created with AIX driver downloaded from Cloudera website run smoothly on REDHAT server but throws error on AIX server.

JAVA PROGRAM:

import java.io.PrintStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;




public class HiveConnectivityDriver
{
  public HiveConnectivityDriver() {}
  
  public static void main(String[] paramArrayOfString)
    throws SQLException
  {
    String str1 = "com.cloudera.hive.jdbc4.HS2Driver";
    Connection localConnection = null;
    int i = 0;
    try {
      Class.forName(str1);
    } catch (ClassNotFoundException localClassNotFoundException) {      localClassNotFoundException.printStackTrace();
      System.exit(1);
    }
    try
    {      localConnection = DriverManager.getConnection("jdbc:hive2://master1:10000;AuthMech=1;KrbRealm=MYREALM.COM;KrbHostFQDN=master1;KrbServiceName=hive;LogLevel=6;LogPath=logs");
    }
    catch (Exception localException) {      localException.printStackTrace();
      System.exit(1);
    }
    
    System.out.println("Connection Created ");
    System.out.println("*************************");
    
    Statement localStatement = localConnection.createStatement();
    


    String str2 = "show tables";
    System.out.println("Below are the list of tables");
    System.out.println("*************************");
    ResultSet localResultSet = localStatement.executeQuery(str2);
    if (localResultSet.next()) {
      System.out.print(++i + ".");
      System.out.println(localResultSet.getString(1));
    }    
    localConnection.close();    localStatement.close();    localResultSet.close();
  }
}

Error Log:

Caused by: com.cloudera.hiveserver2.support.exceptions.GeneralException: [Cloudera][HiveJDBCDriver](500168) Error creating login context using ticket cache: Bad JAAS configuration: unrecognized option: ticketCache.
        ... 13 more
Caused by: javax.security.auth.login.LoginException: Bad JAAS configuration: unrecognized option: ticketCache
        at com.ibm.security.jgss.i18n.I18NException.throwLoginException(I18NException.java:41)
        at com.ibm.security.auth.module.Krb5LoginModule.d(Krb5LoginModule.java:600)
        at com.ibm.security.auth.module.Krb5LoginModule.a(Krb5LoginModule.java:369)
        at com.ibm.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:660)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
        at java.lang.reflect.Method.invoke(Method.java:508)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:788)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:196)
        at javax.security.auth.login.LoginContext$5.run(LoginContext.java:721)
        at javax.security.auth.login.LoginContext$5.run(LoginContext.java:719)
        at java.security.AccessController.doPrivileged(AccessController.java:686)
        at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:719)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:593)
        at com.cloudera.hiveserver2.jdbc.kerberos.Kerberos.getSubjectViaTicketCache(Unknown Source)
        at com.cloudera.hiveserver2.hivecommon.api.HiveServer2ClientFactory.createTransport(Unknown Source)
        at com.cloudera.hiveserver2.hivecommon.api.ZooKeeperEnabledExtendedHS2Factory.createClient(Unknown Source)
        at com.cloudera.hiveserver2.hivecommon.core.HiveJDBCCommonConnection.connect(Unknown Source)
        at com.cloudera.hiveserver2.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
        at com.cloudera.hiveserver2.jdbc.common.AbstractDriver.connect(Unknown Source)
        at java.sql.DriverManager.getConnection(DriverManager.java:675)
        at java.sql.DriverManager.getConnection(DriverManager.java:281)
        at driver.HiveConnectivityDriver.main(HiveConnectivityDriver.java:30)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:95)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
        at java.lang.reflect.Method.invoke(Method.java:508)
        at org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoader.java:58)

 

 

Any Help will be appreciated.

 

Thanks in advance for your kind help.

Posts: 463
Topics: 1
Kudos: 58
Solutions: 38
Registered: ‎08-16-2016

Re: CONN KERBEROS AUTHENTICATION ERROR GET TICKET CACHE OR BAD JAAS CONFIGURATION in AIX

Are you using JAAS? It is complaining that you are at that the ticketCache option is invalid. That is the right setting name for Windows and RHEL. So either the value is off, maybe pointing to a directory/file that doesn't exist, the value is malformed, or it isn't valid on AIX.

When you run klist does it list the same file and location as in the JAAS configuration (assuming it is there)?
Highlighted
Explorer
Posts: 20
Registered: ‎03-25-2017

Re: CONN KERBEROS AUTHENTICATION ERROR GET TICKET CACHE OR BAD JAAS CONFIGURATION in AIX

Hi,

I have not setup any jaas configuration for it. But i do have set
KRB5CCNAME environment variable and can see ticket while klist.

Thanks for your help.
Announcements