Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Authentication Failure on Apache Ranger

Labels:
avatar
author-rank ranger
Explorer

Created ‎09-05-2019 02:02 AM

I have configured Ranger with Ranger-admin and Hadoop , HDFS  plugins. 

 

I can access the basic url,
curl -u rangeradmin:rangeradmin -i -X GET http://127.0.0.1:6080
HTTP/1.1 302 Found
Set-Cookie: RANGERADMINSESSIONID=6A1E7311C911AE876D02359679222E24; Path=/; HttpOnly
X-Frame-Options: DENY
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
Location: http://127.0.0.1:6080/login.jsp
Content-Length: 0
Date: Thu, 05 Sep 2019 09:02:16 GMT
Server: Apache Ranger

 

but on accessing other urls it fails:

 

 

curl -u rangeradmin:rangeradmin -i -X GET http://127.0.0.1:6080/service/plugins/policies/service/1
HTTP/1.1 401 Unauthorized
Set-Cookie: RANGERADMINSESSIONID=96A517FCD3CDC23354BFDFE3D22E6FE4; Path=/; HttpOnly
X-Frame-Options: DENY
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; style-src 'self' 'unsafe-inline';font-src 'self'
Content-Length: 52
Date: Thu, 05 Sep 2019 08:37:47 GMT
Server: Apache Ranger

{"statusCode":401,"msgDesc":"Authentication Failed"}

5,177 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank jsensharma author-rank
Master Mentor

Created on ‎09-05-2019 02:31 AM - edited ‎09-05-2019 02:35 AM

@ranger 

As we see "Authentication Failed" hence most possible cause may be the incorrect ranger admin credentials supplied to the curl command.

 

1. Are you sure that you are able to Login to Ranger UI using Web Browser with the same credentials Username: "rangeradmin" Password: "rangeradmin"?

 

 

http://$RANGER_HOSTNAME:6080

 

 

If not then please check what is the Username& Password you have entered here

 

 

Ambari UI --> Ranger --> Configs --> Advanced --> "Advanced ranger-env" --> "Ranger Admin username" AND "Ranger Admin user's password"

 

 


2. Please tail the "xa_portal.log" log and see if you are getting any of the following message when you are attempting to login to Ranger UI using the same credentials? Or while making the API call?

 

 

# tail -f /var/log/ranger/admin/xa_portal.log
# grep 'Login Unsuccessful' /var/log/ranger/admin/xa_portal.log
# grep 'Authentication with' /var/log/ranger/admin/xa_portal.log
# grep 'Bad Credentials' /var/log/ranger/admin/xa_portal.log

 

 

.

 



 

View solution in original post

5,170 Views
0 Kudos
5 REPLIES 5

avatar
author-rank jsensharma author-rank
Master Mentor

Created on ‎09-05-2019 02:31 AM - edited ‎09-05-2019 02:35 AM

@ranger 

As we see "Authentication Failed" hence most possible cause may be the incorrect ranger admin credentials supplied to the curl command.

 

1. Are you sure that you are able to Login to Ranger UI using Web Browser with the same credentials Username: "rangeradmin" Password: "rangeradmin"?

 

 

http://$RANGER_HOSTNAME:6080

 

 

If not then please check what is the Username& Password you have entered here

 

 

Ambari UI --> Ranger --> Configs --> Advanced --> "Advanced ranger-env" --> "Ranger Admin username" AND "Ranger Admin user's password"

 

 


2. Please tail the "xa_portal.log" log and see if you are getting any of the following message when you are attempting to login to Ranger UI using the same credentials? Or while making the API call?

 

 

# tail -f /var/log/ranger/admin/xa_portal.log
# grep 'Login Unsuccessful' /var/log/ranger/admin/xa_portal.log
# grep 'Authentication with' /var/log/ranger/admin/xa_portal.log
# grep 'Bad Credentials' /var/log/ranger/admin/xa_portal.log

 

 

.

 



 

5,171 Views
0 Kudos

avatar
author-rank ranger
Explorer

Created ‎09-05-2019 02:55 AM

I have not used Ambari  UI, instead built ranger from sources and installed the hadoop , ranger-admin and HDFS plugins , Is there any way to check Ranger's REST apis with Ambari

 

This is my configuration inside install.properties of ranger-2.1.0-SNAPSHOT-admin , after which I installed ranger-admin plugin

 

policymgr_external_url=http://localhost:6080
policymgr_http_enabled=true
policymgr_https_keystore_file=
policymgr_https_keystore_keyalias=rangeradmin
policymgr_https_keystore_password=rangeradmin

 

With this user name and password, I get the following response:

 

curl -u rangeradmin:rangeradmin -i -X GET http://127.0.0.1:6080/login.jsp
HTTP/1.1 200 OK
Set-Cookie: RANGERADMINSESSIONID=A748FB6091DA17AEFACC6E3552723593; Path=/; HttpOnly
X-Frame-Options: DENY
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 3629
Date: Thu, 05 Sep 2019 09:53:52 GMT
Server: Apache Ranger

 

 

5,165 Views
0 Kudos

avatar
author-rank jsensharma author-rank
Master Mentor

Created ‎09-05-2019 03:18 AM

@ranger 

Even if you have build ranger from source... before making the API call you should validate the following:

 

Are you really sure that the credentials that you are entering is correct?

 

1. Are you able to login to Ranger UI with that credential?  (this is the verify if your credentials are correct or not) ?    

 

2. Do you see "Bad Credentials" message inside the "xa_portal.log" ?  Can you share the log?

 

 

5,159 Views
0 Kudos

avatar
author-rank ranger
Explorer

Created on ‎09-05-2019 06:54 AM - edited ‎09-05-2019 09:29 AM

Thanks for your guidance, Now when I try to login with rangeradmin:rangeradmin credentials ,

 

The username or password you entered is incorrect.

5,149 Views
0 Kudos

avatar
author-rank ranger
Explorer

Created ‎09-05-2019 09:48 AM

Though I have put rangeradmin as username and password inside ranger-admin/install,properties, it is not taking that,, Instead its taking admin:admin as credentials what I have setuo in Ambari server..

 

This I dont understand because ambari server I installed separately and never used Ambari to install Ranger, instead compiled Ranger from scratch.

5,133 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements