Hi All,
I am trying to call Apache Atlas using java code by passing my username and password as credentials as mentioned below:
Client client = Client.create(config);
client.addFilter(new HTTPBasicAuthFilter(prop.getProperty("user"), prop.getProperty("password")));
service = client.resource(prop.getProperty("rest_uri"));
addService = service.path(AtlasBaseClient.LOGIN);
addService = service.path(AtlasBaseClient.ATLAS_API).path(AtlasBaseClient.ENTITIES)
.queryParam(AtlasBaseClient.TYPE, "hive_process");
processOut.write(getOutputAsJSON(addService).getBytes());
The above code snippet is working fine.
But, when i tried to use keytab based authentication using principalname and keytab file , I am getting authorized but I couldn't able to read the response from atlas. I have programmed this approach in 3 steps as mentioned below :
Step 1 : set Config properties
String genericId = "peaXXXXX";
String genericId_principalName = "peaXXXX@xyz.XXX.XXX";
String keytabPath = "/home/peaXXXXX/peaXXXXX.keytab";
Configuration configuration = new Configuration();
configuration.set("fs.defaultFS", "http://XXXX.XXX.XX:21000");
configuration.set("hbase.master.kerberos.principal", genericId_principalName);
configuration.set("hadoop.security.authentication", "kerberos");
configuration.set("atlas.authentication.method.kerberos", "true");
configuration.set("atlas.http.authentication.enabled","true");
configuration.set("atlas.http.authentication.type","kerberos");
configuration.set("hadoop.security.authorization", "true");
Step 2: User authorization using keytab file and principal name
UserGroupInformation.setConfiguration(configuration);
//UserGroupInformation.loginUserFromKeytab(genericId_principalName,
keytabPath);
UserGroupInformation.loginUserFromKeytab(genericId, keytabPath);
step 3: cal atlas URL by using doAs()
URL url = new URL("http://XXXX.XXXXX.XXX:21000/api/atlas/entities?type=hive_table");
HttpURLConnection connection =
UserGroupInformation.getLoginUser().doAs(
new
PrivilegedExceptionAction<HttpURLConnection>() {
public
HttpURLConnection run() throws Exception {
AuthenticatedURL.Token
token = new AuthenticatedURL.Token();
return
new AuthenticatedURL().openConnection(url, token);
}
});
System.out.println("KeyTabTest.main()-->
connection "+connection);
//reading
the response from url cal
connection.addRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0");
connection.connect();
BufferedReader in = new BufferedReader(new
InputStreamReader(connection.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) !=
null)
System.out.println(inputLine);
We are getting the below 403 forbidden error when we are
trying to read the response from url cal.
Exception in thread "main"
java.lang.reflect.InvocationTargetException
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at
java.lang.reflect.Method.invoke(Method.java:498)
at
org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader.main(JarRsrcLoader.java:58)
Caused by: java.io.IOException: Server returned HTTP
response code: 403 for URL: http://XXXXX.XXX.XXX:21000/api/atlas/entities?type=hive_table
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1876)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
at atlas.KeyTabTest.main(KeyTabTest.java:107)
... 5 more
Kindly help me with the below questions :
1.) Can some one please help me out to overcome this 403 forbidden error.
2.) Also, I have a doubt here., we are passing url
and token values to httpConnection . But where we do assigned the value for
token variable ? Will it be read by
default ?
3.) If the UserGroupInformation from step 2 not being passed to step 3 for atlas URL cal ., please suggest how can I pass the UGI credentials to HttpConnection.
Kindly respond. Thank You.
