Community Articles

OBJECTIVE:

Verify the Beacon SSO setup is configured correctly.

OVERVIEW:

After you enable Knox SSO for beacon service as per the documentation, it is good to verify the Beacon Knox SSO setup is correctly configured before adding the clusters to the Dataplane.

STEPS:

STEP1:

From the ambari configs, get the beacon.sso.knox.providerurl property and execute the following curl command:

Syntax:

curl -iku $knox-username:$knox-password "<beacon.sso.knox.providerurl>/originalUrl=http://<beacon_server>:25986/api/becaon/cluster/list"

Example:

Command:

curl -iku $username:$password "https://hostname.hwx.site:8443/gateway/knoxsso/api/v1/websso?originalUrl=http://hostname.hwx.site:25968/api/beacon/cluster/list"

Output:

HTTP/1.1 307 Temporary Redirect
Date: Thu, 14 Jun 2018 21:26:27 GMT
X-Frame-Options: DENY
Set-Cookie: JSESSIONID=1abzrcp2xl7sm1k4jgtevkwv6x;Path=/gateway/knoxsso;Secure;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rememberMe=deleteMe; Path=/gateway/knoxsso; Max-Age=0; Expires=Wed, 13-Jun-2018 21:26:27 GMT
Set-Cookie: hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbjEiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTI5MTExNTg3fQ.lB4ZPXjqAQZJSS8vWJ3exXD4HcOCjTS6L4b9uIf6ZWc80eBTVuEv-u4iiEr02V44hxuEwVAeDVcDW1w0DGauW5L9hHfTKf_y87kaPhPKk2yN20aFtbbrA0lzgawxWIFFaj4wMxwyzDyyKlF6NRijamFhH00TWAH1vRITagVQWEc;Path=/;Domain=.hwx.site;HttpOnly
Location: http://hostname.hwx.site:25968/api/beacon/cluster/list
Content-Length: 0
Server: Jetty(9.2.15.v20160210)

Note the hadoop-jwt from the output

Syntax:

curl -ivL -u : --cookie "hadoop-jwt=<hadoop-jwt> " http://<beacon_server>:25986/api/becaon/cluster/list

Command:

curl -ivL -u : --cookie "hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbjEiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTI5MTExNTg3fQ.lB4ZPXjqAQZJSS8vWJ3exXD4HcOCjTS6L4b9uIf6ZWc80eBTVuEv-u4iiEr02V44hxuEwVAeDVcDW1w0DGauW5L9hHfTKf_y87kaPhPKk2yN20aFtbbrA0lzgawxWIFFaj4wMxwyzDyyKlF6NRijamFhH00TWAH1vRITagVQWEc" http://hostname.hwx.site:25968/api/beacon/cluster/list

Output:

* About to connect() to hostname.hwx.site port 25968 (#0)

* Trying 172.27.54.132...
* Connected to hostname.hwx.site (172.27.54.132) port 25968 (#0)
* Server auth using Basic with user ''
> GET /api/beacon/cluster/list HTTP/1.1
> Authorization: Basic Og==
> User-Agent: curl/7.29.0
> Host: hostname.hwx.site:25968
> Accept: */*
> Cookie: hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbjEiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTI5MTExNTg3fQ.lB4ZPXjqAQZJSS8vWJ3exXD4HcOCjTS6L4b9uIf6ZWc80eBTVuEv-u4iiEr02V44hxuEwVAeDVcDW1w0DGauW5L9hHfTKf_y87kaPhPKk2yN20aFtbbrA0lzgawxWIFFaj4wMxwyzDyyKlF6NRijamFhH00TWAH1vRITagVQWEc
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Expires: Thu, 01-Jan-1970 00:00:00 GMT
Expires: Thu, 01-Jan-1970 00:00:00 GMT
< Set-Cookie: JSESSIONID=xfigpewrhjme16egdblo9iz6p;Path=/
Set-Cookie: JSESSIONID=xfigpewrhjme16egdblo9iz6p;Path=/
< Content-Type: application/json
Content-Type: application/json
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Server: Jetty(6.1.26.hwx)
Server: Jetty(6.1.26.hwx)
<
* Connection #0 to host hostname.hwx.site left intact
{"totalResults":0,"results":0,"cluster":[]}

From the response, you can see the list of clusters added and paired. This verifies that Knox SSO setup with Beacon is working !!