Hello!
I'm trying use custom auth filter to get Livy UI through knox.
I have set up kerberized hadoop cluster and several UI's as described here:
https://knox.apache.org/books/knox-1-6-0/user-guide.html#Hadoop+Configuration+Example
Livy settings:
livy.server.auth.type = KnoxSSO
livy.server.auth.KnoxSSO.class = org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler
livy.server.auth.KnoxSSO.param.authentication.provider.url = https://${KNOX_DOMAIN}/gateway/knoxsso/api/v1/websso
livy.server.auth.KnoxSSO.param.public.key.pem = "${KNOX_CLIENT_TRUST_CERT}"
I have copy jar file hadoop-auth-3.3.3.jar with JWTRedirectAuthenticationHandler implementation to ${LIVY_HOME}/jars dir and start the Livy server.
But I got error:
INFO InteractiveSessionManager: Heartbeat watchdog thread started.
INFO LivyServer: KnoxSSO auth enabled
Exception in thread "main" MultiException[java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter, java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter]
at org.eclipse.jetty.server.Server.doStart(Server.java:391)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.apache.livy.server.WebServer.start(WebServer.scala:108)
at org.apache.livy.server.LivyServer.start(LivyServer.scala:317)
at org.apache.livy.server.LivyServer$.main(LivyServer.scala:423)
at org.apache.livy.server.LivyServer.main(LivyServer.scala)
Caused by: MultiException[java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter, java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter]
at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:863)
at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:349)
at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:778)
at org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:262)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113)
at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131)
at org.eclipse.jetty.server.Server.start(Server.java:427)
at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:105)
at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61)
at org.eclipse.jetty.server.Server.doStart(Server.java:394)
... 5 more
Suppressed: java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter
at org.eclipse.jetty.servlet.FilterHolder.doStart(FilterHolder.java:99)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:909)
... 18 more
Caused by: java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter
at org.eclipse.jetty.servlet.FilterHolder.doStart(FilterHolder.java:99)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:872)
... 18 more
Can you help me, how to pass custom auth filter properly?
