Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Kerberos local KDC - Error 401 Authentication required

Labels:
avatar
author-rank ddubeau1
New Contributor

Created on ‎10-31-2015 09:54 PM - edited ‎09-16-2022 02:47 AM

This is the Ambari error we receive when we attempt to restart the services.

raise Fail(err_msg) 
resource_management.core.exceptions.Fail: Execution of 'curl -sS -L -w '%{http_code}' -X GET --negotiate -u : 'http://devehdp001.unix.xxxx1900.org:50070/webhdfs/v1/user/hcat?op=GETFILESTATUS&user.name=hdfs'' returned status_code=401. 
<html> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/> 
<title>Error 401 Authentication required</title> 
</head> 
<body><h2>HTTP ERROR 401</h2> 
<p>Problem accessing /webhdfs/v1/user/hcat. Reason: 
<pre> Authentication required</pre></p><hr /><i><small>Powered by Jetty://</small></i><br/>
8,719 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank rlevas
Guru

Created ‎11-01-2015 02:41 PM

This is an authentication error that occurs when an HTTP request lacks a Kerberos ticket while the server requires it. So some service is not properly configured or a kinit is failing prior to executing this webhdfs call.

The service that is failing needs to be identified. Then you need to take a look at how it is configured and make sure a kinit can be successfully executed (manually) using the relevant Kerberos principal and keytab file. The kinit may fail because the keytab file is out of sync with the KDC or the service is misconfigured to use an incorrect principal name or keytab file.

View solution in original post

5,671 Views
0 Kudos
2 REPLIES 2

avatar
author-rank nsabharwal
Master Mentor

Created ‎10-31-2015 10:11 PM

@ddubeau@hortonworks.com

What's ambari version?

If you are on Ambari < 2.0.0 then you may want to see this

5,671 Views
0 Kudos

avatar
author-rank rlevas
Guru

Created ‎11-01-2015 02:41 PM

This is an authentication error that occurs when an HTTP request lacks a Kerberos ticket while the server requires it. So some service is not properly configured or a kinit is failing prior to executing this webhdfs call.

The service that is failing needs to be identified. Then you need to take a look at how it is configured and make sure a kinit can be successfully executed (manually) using the relevant Kerberos principal and keytab file. The kinit may fail because the keytab file is out of sync with the KDC or the service is misconfigured to use an incorrect principal name or keytab file.

5,672 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements