Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

ERROR hadoop.gateway - Service connectivity error - KNOX

Labels:
avatar
author-rank frank93
Super Collaborator

Created ‎06-03-2016 09:49 AM

Hi guys,

I have a problem with Knox. I am using HDP 2.3.2 with Ambari 2.1.1. I connected Knox to LDAP/AD successfully. I get 403 Forbidden when I do not grant access via policies in Ranger or 401 Unauthorized when I provid invalid credentials. My user and group search base is specified only to one user and one group because of ldap sizelimit exceeded (I only want to test that it is working). I am pretty sure that it can be a permissions problem. Below I described my error. Please find enclosed full gateway.log. Thank you in advance gateway.txt

When I try to run a command: 

curl -iku user:pass -X GET 'https://localhost:8443/gateway/default/webhdfs/v1/?op=LISTSTATUS'

I got an error:

ERROR hadoop.gateway (AbstractGatewayFilter.java:doFilter(66)) - Failed to execute filter: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.
2016-06-03 11:33:30,070 ERROR hadoop.gateway (GatewayFilter.java:doFilter(135)) - Gateway processing failed: javax.servlet.ServletException: org.apache.shiro.subject.ExecutionException: java.security.PrivilegedActionException: java.io.IOException: Service connectivity error.
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
Preview file
29 KB
8,869 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank frank93
Super Collaborator

Created ‎06-03-2016 11:25 AM

The problem was that I had WEBHDFS in topology in format hdfs:// instead of http://

View solution in original post

6,814 Views
0 Kudos
2 REPLIES 2

avatar
author-rank frank93
Super Collaborator

Created ‎06-03-2016 10:36 AM

EDIT:

It is worth to notice that I am using https for Ambari, instead of http. When I try to access Hbase I got a WARN that connection is refused, it is trying to connect using http instead of https.

Here is my knox gateway-audit.log

16/06/03
 12:31:29 
||2ebbd434-8238-402e-9979-7e7233669d27|audit|WEBHDFS||||access|uri|/gateway/default/webhdfs/v1/?op=LISTSTATUS|unavailable|


16/06/03 12:31:29 
||2ebbd434-8238-402e-9979-7e7233669d27|audit|WEBHDFS|my_user|||authentication|uri|/gateway/default/webhdfs/v1/?op=LISTSTATUS|success|


16/06/03 12:31:29 
||2ebbd434-8238-402e-9979-7e7233669d27|audit|WEBHDFS|my_user|||authentication|uri|/gateway/default/webhdfs/v1/?op=LISTSTATUS|success|Groups:
 [my_group]


16/06/03 12:31:29 
||2ebbd434-8238-402e-9979-7e7233669d27|audit|WEBHDFS|my_user|||dispatch|uri|hdfs://my_host:50070/webhdfs/v1/?op=LISTSTATUS&user.name=my_user|failure|


16/06/03 12:31:29 
||2ebbd434-8238-402e-9979-7e7233669d27|audit|WEBHDFS|my_user|||dispatch|uri|hdfs://my_host:50070/webhdfs/v1/?op=LISTSTATUS&user.name=my_user|unavailable|


16/06/03 12:31:29 
||2ebbd434-8238-402e-9979-7e7233669d27|audit|WEBHDFS|my_user|||access|uri|/gateway/default/webhdfs/v1/?op=LISTSTATUS|failure|
6,814 Views
0 Kudos

avatar
author-rank frank93
Super Collaborator

Created ‎06-03-2016 11:25 AM

The problem was that I had WEBHDFS in topology in format hdfs:// instead of http://

6,815 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements