Community Articles
Find and share helpful community-sourced technical articles
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.
Contributor

OBJECTIVE:

Verify the Beacon SSO setup is configured correctly.

OVERVIEW:

After you enable Knox SSO for beacon service as per the documentation, it is good to verify the Beacon Knox SSO setup is correctly configured before adding the clusters to the Dataplane.

STEPS:

STEP1:

From the ambari configs, get the beacon.sso.knox.providerurl property and execute the following curl command:

Syntax:

curl -iku $knox-username:$knox-password "<beacon.sso.knox.providerurl>/originalUrl=http://<beacon_server>:25986/api/becaon/cluster/list"

Example:

Command:

curl -iku $username:$password "https://ctr-e138-1518143905142-362586-02-000011.hwx.site:8443/gateway/knoxsso/api/v1/websso?originalUrl=http://ctr-e138-1518143905142-362586-02-000011.hwx.site:25968/api/beacon/cluster/list"

Output:

HTTP/1.1 307 Temporary Redirect
Date: Thu, 14 Jun 2018 21:26:27 GMT
X-Frame-Options: DENY
Set-Cookie: JSESSIONID=1abzrcp2xl7sm1k4jgtevkwv6x;Path=/gateway/knoxsso;Secure;HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rememberMe=deleteMe; Path=/gateway/knoxsso; Max-Age=0; Expires=Wed, 13-Jun-2018 21:26:27 GMT
Set-Cookie: hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbjEiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTI5MTExNTg3fQ.lB4ZPXjqAQZJSS8vWJ3exXD4HcOCjTS6L4b9uIf6ZWc80eBTVuEv-u4iiEr02V44hxuEwVAeDVcDW1w0DGauW5L9hHfTKf_y87kaPhPKk2yN20aFtbbrA0lzgawxWIFFaj4wMxwyzDyyKlF6NRijamFhH00TWAH1vRITagVQWEc;Path=/;Domain=.hwx.site;HttpOnly
Location: http://ctr-e138-1518143905142-362586-02-000011.hwx.site:25968/api/beacon/cluster/list
Content-Length: 0
Server: Jetty(9.2.15.v20160210)

Note the hadoop-jwt from the output

Syntax:

curl -ivL -u : --cookie "hadoop-jwt=<hadoop-jwt> " http://<beacon_server>:25986/api/becaon/cluster/list

Command:

curl -ivL -u : --cookie "hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbjEiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTI5MTExNTg3fQ.lB4ZPXjqAQZJSS8vWJ3exXD4HcOCjTS6L4b9uIf6ZWc80eBTVuEv-u4iiEr02V44hxuEwVAeDVcDW1w0DGauW5L9hHfTKf_y87kaPhPKk2yN20aFtbbrA0lzgawxWIFFaj4wMxwyzDyyKlF6NRijamFhH00TWAH1vRITagVQWEc" http://ctr-e138-1518143905142-362586-02-000011.hwx.site:25968/api/beacon/cluster/list

Output:

* About to connect() to ctr-e138-1518143905142-362586-02-000011.hwx.site port 25968 (#0)

* Trying 172.27.54.132...
* Connected to ctr-e138-1518143905142-362586-02-000011.hwx.site (172.27.54.132) port 25968 (#0)
* Server auth using Basic with user ''
> GET /api/beacon/cluster/list HTTP/1.1
> Authorization: Basic Og==
> User-Agent: curl/7.29.0
> Host: ctr-e138-1518143905142-362586-02-000011.hwx.site:25968
> Accept: */*
> Cookie: hadoop-jwt=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbjEiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNTI5MTExNTg3fQ.lB4ZPXjqAQZJSS8vWJ3exXD4HcOCjTS6L4b9uIf6ZWc80eBTVuEv-u4iiEr02V44hxuEwVAeDVcDW1w0DGauW5L9hHfTKf_y87kaPhPKk2yN20aFtbbrA0lzgawxWIFFaj4wMxwyzDyyKlF6NRijamFhH00TWAH1vRITagVQWEc
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Expires: Thu, 01-Jan-1970 00:00:00 GMT
Expires: Thu, 01-Jan-1970 00:00:00 GMT
< Set-Cookie: JSESSIONID=xfigpewrhjme16egdblo9iz6p;Path=/
Set-Cookie: JSESSIONID=xfigpewrhjme16egdblo9iz6p;Path=/
< Content-Type: application/json
Content-Type: application/json
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Server: Jetty(6.1.26.hwx)
Server: Jetty(6.1.26.hwx)
<
* Connection #0 to host ctr-e138-1518143905142-362586-02-000011.hwx.site left intact
{"totalResults":0,"results":0,"cluster":[]}

From the response, you can see the list of clusters added and paired. This verifies that Knox SSO setup with Beacon is working !!

300 Views
Don't have an account?
Coming from Hortonworks? Activate your account here
Version history
Revision #:
1 of 1
Last update:
‎06-25-2018 09:48 PM
Updated by:
 
Contributors
Top Kudoed Authors