question rest api via knox only admin can access in Archives of Support Questions (Read Only) https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212140#M69595 <P>Hi All:</P><P>when curl via knox i only can use admin (-u admin:admin-password) to access and can't use other account or will reply :</P><P>HTTP/1.1 401 Unauthorized Date: Fri, 13 Oct 2017 05:45:38 GMT Set-Cookie: rememberMe=deleteMe; Path=/gateway/default; Max-Age=0; Expires=Thu, 12-Oct-2017 05:45:38 GMT WWW-Authenticate: BASIC realm="application" Content-Length: 0 Server: Jetty(9.2.15.v20160210)</P><P>my command:</P><P>curl -i -k -u user1:Hadoop -X PUT 'https://knoxHost:8443/gateway/default/webhdfs/v1/user1/senfile1?op=CREATE'</P><P>folder permission:</P><P>drwxr-xr-x - user1 hdfs 0 2017-10-05 11:08 /user1</P><P>Knox users-ldif: </P><P># entry for user1 </P><P>dn: uid=user1,ou=people,dc=hadoop,dc=apache,dc=org objectclass:top objectclass:person objectclass:organizationalPerson objectclass:inetOrgPerson cn: user1 sn: user1 uid: user1 userPassword:Hadoop</P><P>Ranger (Sync Source is Unix) HDFS config: add user1 to default all-path policy </P><P>Ranger knox config: add user1 to default all-topology, service policy</P><P>if any wrong in my config?</P> Fri, 13 Oct 2017 13:00:54 GMT sen_ke 2017-10-13T13:00:54Z rest api via knox only admin can access https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212140#M69595 <P>Hi All:</P><P>when curl via knox i only can use admin (-u admin:admin-password) to access and can't use other account or will reply :</P><P>HTTP/1.1 401 Unauthorized Date: Fri, 13 Oct 2017 05:45:38 GMT Set-Cookie: rememberMe=deleteMe; Path=/gateway/default; Max-Age=0; Expires=Thu, 12-Oct-2017 05:45:38 GMT WWW-Authenticate: BASIC realm="application" Content-Length: 0 Server: Jetty(9.2.15.v20160210)</P><P>my command:</P><P>curl -i -k -u user1:Hadoop -X PUT 'https://knoxHost:8443/gateway/default/webhdfs/v1/user1/senfile1?op=CREATE'</P><P>folder permission:</P><P>drwxr-xr-x - user1 hdfs 0 2017-10-05 11:08 /user1</P><P>Knox users-ldif: </P><P># entry for user1 </P><P>dn: uid=user1,ou=people,dc=hadoop,dc=apache,dc=org objectclass:top objectclass:person objectclass:organizationalPerson objectclass:inetOrgPerson cn: user1 sn: user1 uid: user1 userPassword:Hadoop</P><P>Ranger (Sync Source is Unix) HDFS config: add user1 to default all-path policy </P><P>Ranger knox config: add user1 to default all-topology, service policy</P><P>if any wrong in my config?</P> Fri, 13 Oct 2017 13:00:54 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212140#M69595 sen_ke 2017-10-13T13:00:54Z Re: rest api via knox only admin can access https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212141#M69596 <P> <A rel="user" href="https://community.cloudera.com/users/45191/senke.html" nodeid="45191">@Sen Ke</A>,</P><P>Can you please attach the gateway.log (/var/log/knox/gateway.log)</P> Fri, 13 Oct 2017 19:29:32 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212141#M69596 asirna 2017-10-13T19:29:32Z Re: rest api via knox only admin can access https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212142#M69597 <P><A rel="user" href="https://community.cloudera.com/users/14200/asirna.html" nodeid="14200">@Aditya Sirna</A> </P><P>2017-10-16 09:40:15,499 INFO hadoop.gateway (KnoxLdapRealm.java:getUserDn(691)) - Computed userDn: uid=user1,ou=people,dc=hadoop,dc=apache,dc=org using dnTemplate for principal: user1 </P><P>2017-10-16 09:40:15,509 INFO hadoop.gateway (KnoxLdapRealm.java:doGetAuthenticationInfo(203)) - Could not login: org.apache.shiro.authc.UsernamePasswordToken - user1, rememberMe=false (10.243.91.58) </P><P>2017-10-16 09:40:15,509 ERROR hadoop.gateway (KnoxLdapRealm.java:doGetAuthenticationInfo(205)) - Shiro unable to login: javax.naming.AuthenticationException: [LDAP: error code 49 - INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user uid=user1,ou=people,dc=hadoop,dc=apache,dc=org]</P> Mon, 16 Oct 2017 08:44:36 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212142#M69597 sen_ke 2017-10-16T08:44:36Z Re: rest api via knox only admin can access https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212143#M69598 <P>oh! i think i solved this problem,</P><P>after add user1, i restart knox all service, and start DEMO LDAP, and DEMO LDAP looks no restart,</P><P>so i stop DEMO LDAP then restart again, it's worked! </P><P>thanks <A rel="user" href="https://community.cloudera.com/users/14200/asirna.html" nodeid="14200">@Aditya Sirna</A></P> Mon, 16 Oct 2017 09:00:11 GMT https://community.cloudera.com/t5/Archives-of-Support-Questions/rest-api-via-knox-only-admin-can-access/m-p/212143#M69598 sen_ke 2017-10-16T09:00:11Z