Support Questions

Find answers, ask questions, and share your expertise

the knox admin-ui can not open

avatar
Explorer

I start the embeded ldap server ,config sanbox.xml to match my test cluster .

curl the webhdfs ,OK  

curl the  admin0-ui, NOT OK 

 

after seeing the guide on https://knox.apache.org/  ,still can not figure out why 

 

curl -i -k -u admin:admin-password -X GET 'https://192.168.1.109:8443/gateway/sandbox/webhdfs/v1/?op=LISTSTATUS'
HTTP/1.1 200 OK
Date: Mon, 18 Nov 2019 08:25:26 GMT
Set-Cookie: KNOXSESSIONID=node0wgxdedldxiq17d8hqt51ez5y0.node0; Path=/gateway/sandbox; Secure; HttpOnly
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rememberMe=deleteMe; Path=/gateway/sandbox; Max-Age=0; Expires=Sun, 17-Nov-2019 08:25:26 GMT
Cache-Control: no-cache
Expires: Mon, 18 Nov 2019 08:25:26 GMT
Date: Mon, 18 Nov 2019 08:25:26 GMT
Pragma: no-cache
Expires: Mon, 18 Nov 2019 08:25:26 GMT
Date: Mon, 18 Nov 2019 08:25:26 GMT
Pragma: no-cache
Content-Type: application/json;charset=utf-8
X-FRAME-OPTIONS: SAMEORIGIN
Transfer-Encoding: chunked
Server: Jetty(9.4.19.v20190610)

{"FileStatuses":{"FileStatus":[{"accessTime":0,"blockSize":0,"childrenNum":9,"fileId":16417,"group":"hbase","length":0,"modificationTime":1573116518085,"owner":"hbase","pathSuffix":"hbase","permission":"755","replication":0,"storagePolicy":0,"type":"DIRECTORY"},{"accessTime":0,"blockSize":0,"childrenNum":8,"fileId":16386,"group":"supergroup","length":0,"modificationTime":1570700396229,"owner":"hdfs","pathSuffix":"tmp","permission":"1777","replication":0,"storagePolicy":0,"type":"DIRECTORY"},

 

 

 

 

curl -i -k -u admin:admin-password -X GET 'https://192.168.1.109:8443/gateway/manager/admin-ui'
HTTP/1.1 302 Found
Date: Mon, 18 Nov 2019 07:48:00 GMT
Location: https://192.168.1.109:8443/gateway/manager/admin-ui/
Content-Length: 0
Server: Jetty(9.4.19.v20190610)


curl -i -k -u admin:admin-password -X GET 'https://192.168.1.109:8443/gateway/manager/admin-ui/'
HTTP/1.1 302 Found
Date: Mon, 18 Nov 2019 08:35:42 GMT
X-Frame-Options: DENY
X-XSS-Protection: 1;mode=block
Location: https://192.168.1.109:8443/gateway/knoxsso/api/v1/websso?originalUrl=https://192.168.1.109:8443/gateway/manager/admin-ui/
Content-Length: 0
Server: Jetty(9.4.19.v20190610)

 

 

 

gate-way  start logs: 

 

2019-11-18 08:24:22,742 INFO knox.gateway (GatewayServer.java:logSysProp(219)) - System Property: user.name=admin
2019-11-18 08:24:22,746 INFO knox.gateway (GatewayServer.java:logSysProp(219)) - System Property: user.dir=/usr/local/datadisk/knox-1.3.0
2019-11-18 08:24:22,746 INFO knox.gateway (GatewayServer.java:logSysProp(219)) - System Property: java.runtime.name=Java(TM) SE Runtime Environment
2019-11-18 08:24:22,746 INFO knox.gateway (GatewayServer.java:logSysProp(219)) - System Property: java.runtime.version=1.8.0_181-b13
2019-11-18 08:24:22,746 INFO knox.gateway (GatewayServer.java:logSysProp(219)) - System Property: java.home=/usr/local/datadisk/jdk1.8.0_181/jre
2019-11-18 08:24:22,886 INFO knox.gateway (GatewayConfigImpl.java:loadConfigResource(406)) - Loading configuration resource jar:file:/usr/local/datadisk/knox-1.3.0/bin/../lib/gateway-server-1.3.0.jar!/conf/gateway-default.xml
2019-11-18 08:24:22,961 INFO knox.gateway (GatewayConfigImpl.java:loadConfigFile(394)) - Loading configuration file /usr/local/datadisk/knox-1.3.0/conf/gateway-site.xml
2019-11-18 08:24:22,971 INFO knox.gateway (GatewayConfigImpl.java:initGatewayHomeDir(334)) - Using /usr/local/datadisk/knox-1.3.0/bin/.. as GATEWAY_HOME via system property.
2019-11-18 08:24:22,972 INFO knox.gateway (GatewayConfigImpl.java:init(327)) - Cookie scoping feature enabled: false
2019-11-18 08:24:23,397 INFO knox.gateway (RemoteAliasService.java:init(258)) - Remote Alias Service enabled
2019-11-18 08:24:23,399 WARN knox.gateway (ZookeeperRemoteAliasService.java:init(349)) - There is no registry client defined for remote configuration monitoring.
2019-11-18 08:24:23,406 INFO knox.gateway (JettySSLService.java:init(72)) - Credential store for the gateway instance found - no need to create one.
2019-11-18 08:24:23,408 INFO knox.gateway (JettySSLService.java:init(91)) - Keystore for the gateway instance found - no need to create one.
2019-11-18 08:24:23,410 INFO knox.gateway (JettySSLService.java:logAndValidateCertificate(112)) - The Gateway SSL certificate is issued to hostname: localhost.
2019-11-18 08:24:23,411 INFO knox.gateway (JettySSLService.java:logAndValidateCertificate(115)) - The Gateway SSL certificate is valid between: 11/13/19 1:40 AM and 11/12/20 1:40 AM.
2019-11-18 08:24:24,425 INFO knox.gateway (DefaultTopologyService.java:init(630)) - Monitoring simple descriptors in directory: /usr/local/datadisk/knox-1.3.0/conf/descriptors
2019-11-18 08:24:24,534 INFO knox.gateway (DefaultTopologyService.java:init(635)) - Monitoring shared provider configurations in directory: /usr/local/datadisk/knox-1.3.0/conf/shared-providers
2019-11-18 08:24:24,537 WARN knox.gateway (DefaultRemoteConfigurationMonitor.java:<init>(132)) - There is no registry client defined for remote configuration monitoring.
2019-11-18 08:24:24,538 WARN knox.gateway (RemoteConfigurationMonitorFactory.java:get(67)) - An error occurred while attempting to initialize the remote configuration monitor: Missing required configuration.
2019-11-18 08:24:24,664 INFO knox.gateway (GatewayServer.java:startGateway(360)) - Starting gateway...
2019-11-18 08:24:24,665 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.security.impl.DefaultMasterService
2019-11-18 08:24:24,665 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.security.impl.DefaultKeystoreService
2019-11-18 08:24:24,665 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.service.config.remote.zk.CuratorClientService
2019-11-18 08:24:24,665 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.security.impl.RemoteAliasService
2019-11-18 08:24:24,665 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.security.impl.DefaultCryptoService
2019-11-18 08:24:24,665 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.security.impl.JettySSLService
2019-11-18 08:24:24,666 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.token.impl.DefaultTokenAuthorityService
2019-11-18 08:24:24,668 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.registry.impl.DefaultServiceRegistryService
2019-11-18 08:24:24,668 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.hostmap.impl.DefaultHostMapperService
2019-11-18 08:24:24,668 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.DefaultServerInfoService
2019-11-18 08:24:24,668 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.topology.impl.DefaultClusterConfigurationMonitorService
2019-11-18 08:24:24,668 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.topology.impl.DefaultTopologyService
2019-11-18 08:24:24,669 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.registry.impl.DefaultServiceDefinitionRegistry
2019-11-18 08:24:24,669 INFO knox.gateway (AbstractGatewayServices.java:start(60)) - Starting service: org.apache.knox.gateway.services.metrics.impl.DefaultMetricsService
2019-11-18 08:24:24,747 INFO util.log (Log.java:initialized(193)) - Logging initialized @2381ms to org.eclipse.jetty.util.log.Slf4jLog
2019-11-18 08:24:24,849 INFO knox.gateway (GatewayServer.java:start(596)) - Loading topologies from directory: /usr/local/datadisk/knox-1.3.0/conf/topologies
2019-11-18 08:24:24,934 INFO knox.gateway (GatewayServer.java:handleCreateDeployment(961)) - Loading topology sandbox from /usr/local/datadisk/knox-1.3.0/data/deployments/sandbox.topo.16e68d83088
2019-11-18 08:24:24,934 INFO knox.gateway (GatewayServer.java:internalActivateTopology(829)) - Activating topology sandbox
2019-11-18 08:24:24,935 INFO knox.gateway (GatewayServer.java:internalActivateArchive(839)) - Activating topology sandbox archive %2F
2019-11-18 08:24:25,046 INFO knox.gateway (GatewayServer.java:handleCreateDeployment(961)) - Loading topology knoxsso from /usr/local/datadisk/knox-1.3.0/data/deployments/knoxsso.topo.16e7c8f7a00
2019-11-18 08:24:25,046 INFO knox.gateway (GatewayServer.java:internalActivateTopology(829)) - Activating topology knoxsso
2019-11-18 08:24:25,046 INFO knox.gateway (GatewayServer.java:internalActivateArchive(839)) - Activating topology knoxsso archive %2Fknoxauth
2019-11-18 08:24:25,047 INFO knox.gateway (GatewayServer.java:internalActivateArchive(839)) - Activating topology knoxsso archive %2F
2019-11-18 08:24:25,049 INFO knox.gateway (GatewayServer.java:handleCreateDeployment(944)) - Deploying topology manager to /usr/local/datadisk/knox-1.3.0/data/deployments/manager.topo.16e7d9bb9e0
2019-11-18 08:24:25,049 INFO knox.gateway (GatewayServer.java:internalDeactivateTopology(863)) - Deactivating topology manager
2019-11-18 08:24:25,466 INFO knox.gateway (DefaultGatewayServices.java:initializeContribution(159)) - Credential store found for the cluster: manager - no need to create one.
2019-11-18 08:24:26,209 INFO knox.gateway (DefaultGatewayServices.java:initializeContribution(159)) - Credential store found for the cluster: manager - no need to create one.
2019-11-18 08:24:26,707 INFO knox.gateway (GatewayServer.java:internalActivateTopology(829)) - Activating topology manager
2019-11-18 08:24:26,707 INFO knox.gateway (GatewayServer.java:internalActivateArchive(839)) - Activating topology manager archive %2Fadmin-ui
2019-11-18 08:24:26,708 INFO knox.gateway (GatewayServer.java:internalActivateArchive(839)) - Activating topology manager archive %2F
2019-11-18 08:24:26,709 INFO knox.gateway (GatewayServer.java:cleanupTopologyDeployments(352)) - Deleting backup deployed topology /usr/local/datadisk/knox-1.3.0/data/deployments/manager.topo.16e62d11560
2019-11-18 08:24:26,711 INFO knox.gateway (GatewayServer.java:handleCreateDeployment(944)) - Deploying topology admin to /usr/local/datadisk/knox-1.3.0/data/deployments/admin.topo.16e7d9bb9e0
2019-11-18 08:24:26,711 INFO knox.gateway (GatewayServer.java:internalDeactivateTopology(863)) - Deactivating topology admin
2019-11-18 08:24:26,802 INFO knox.gateway (DefaultGatewayServices.java:initializeContribution(159)) - Credential store found for the cluster: admin - no need to create one.
2019-11-18 08:24:27,280 INFO knox.gateway (GatewayServer.java:internalActivateTopology(829)) - Activating topology admin
2019-11-18 08:24:27,280 INFO knox.gateway (GatewayServer.java:internalActivateArchive(839)) - Activating topology admin archive %2F
2019-11-18 08:24:27,281 INFO knox.gateway (GatewayServer.java:cleanupTopologyDeployments(352)) - Deleting backup deployed topology /usr/local/datadisk/knox-1.3.0/data/deployments/admin.topo.16e62d11560
2019-11-18 08:24:27,336 INFO knox.gateway (GatewayServer.java:start(627)) - Topology port mapping feature enabled: true
2019-11-18 08:24:27,338 INFO server.Server (Server.java:doStart(370)) - jetty-9.4.19.v20190610; built: 2019-06-10T16:30:51.723Z; git: afcf563148970e98786327af5e07c261fda175d3; jvm 1.8.0_181-b13
2019-11-18 08:24:27,509 INFO annotations.AnnotationConfiguration (AnnotationConfiguration.java:scanForAnnotations(481)) - Scanning elapsed time=53ms
2019-11-18 08:24:27,713 INFO ContextHandler.gateway_sandbox (ContextHandler.java:log(2351)) - No Spring WebApplicationInitializer types detected on classpath
2019-11-18 08:24:27,740 INFO server.session (DefaultSessionIdManager.java:doStart(365)) - DefaultSessionIdManager workerName=node0
2019-11-18 08:24:27,740 INFO server.session (DefaultSessionIdManager.java:doStart(370)) - No SessionScavenger set, using defaults
2019-11-18 08:24:27,742 INFO server.session (HouseKeeper.java:startScavenging(149)) - node0 Scavenging every 600000ms
2019-11-18 08:24:27,752 INFO ContextHandler.gateway_sandbox (ContextHandler.java:log(2351)) - Initializing Shiro environment
2019-11-18 08:24:27,752 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(133)) - Starting Shiro environment initialization.
2019-11-18 08:24:27,880 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(147)) - Shiro environment initialized in 127 ms.
2019-11-18 08:24:27,963 INFO handler.ContextHandler (ContextHandler.java:doStart(857)) - Started o.e.j.w.WebAppContext@60baef24{/gateway/sandbox,file:///usr/local/datadisk/knox-1.3.0/data/deployments/sandbox.topo.16e68d83088/%252F/,AVAILABLE}{/usr/local/datadisk/knox-1.3.0/data/deployments/sandbox.topo.16e68d83088/%2F}
2019-11-18 08:24:27,995 INFO annotations.AnnotationConfiguration (AnnotationConfiguration.java:scanForAnnotations(481)) - Scanning elapsed time=17ms
2019-11-18 08:24:28,000 INFO ContextHandler.gateway_knoxsso_knoxauth (ContextHandler.java:log(2351)) - No Spring WebApplicationInitializer types detected on classpath
2019-11-18 08:24:28,037 INFO ContextHandler.gateway_knoxsso_knoxauth (ContextHandler.java:log(2351)) - Initializing Shiro environment
2019-11-18 08:24:28,038 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(133)) - Starting Shiro environment initialization.
2019-11-18 08:24:28,044 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(147)) - Shiro environment initialized in 6 ms.
2019-11-18 08:24:28,055 INFO handler.ContextHandler (ContextHandler.java:doStart(857)) - Started o.e.j.w.WebAppContext@1473b8c0{/gateway/knoxsso/knoxauth,file:///usr/local/datadisk/knox-1.3.0/data/deployments/knoxsso.topo.16e7c8f7a00/%252Fknoxauth/,AVAILABLE}{/usr/local/datadisk/knox-1.3.0/data/deployments/knoxsso.topo.16e7c8f7a00/%2Fknoxauth}
2019-11-18 08:24:28,075 INFO annotations.AnnotationConfiguration (AnnotationConfiguration.java:scanForAnnotations(481)) - Scanning elapsed time=9ms
2019-11-18 08:24:28,098 INFO ContextHandler.gateway_knoxsso (ContextHandler.java:log(2351)) - No Spring WebApplicationInitializer types detected on classpath
2019-11-18 08:24:28,100 INFO ContextHandler.gateway_knoxsso (ContextHandler.java:log(2351)) - Initializing Shiro environment
2019-11-18 08:24:28,100 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(133)) - Starting Shiro environment initialization.
2019-11-18 08:24:28,105 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(147)) - Shiro environment initialized in 5 ms.
2019-11-18 08:24:28,107 INFO handler.ContextHandler (ContextHandler.java:doStart(857)) - Started o.e.j.w.WebAppContext@5b5c0057{/gateway/knoxsso,file:///usr/local/datadisk/knox-1.3.0/data/deployments/knoxsso.topo.16e7c8f7a00/%252F/,AVAILABLE}{/usr/local/datadisk/knox-1.3.0/data/deployments/knoxsso.topo.16e7c8f7a00/%2F}
2019-11-18 08:24:28,130 INFO annotations.AnnotationConfiguration (AnnotationConfiguration.java:scanForAnnotations(481)) - Scanning elapsed time=12ms
2019-11-18 08:24:28,136 INFO ContextHandler.gateway_manager_admin_ui (ContextHandler.java:log(2351)) - No Spring WebApplicationInitializer types detected on classpath
2019-11-18 08:24:28,170 INFO handler.ContextHandler (ContextHandler.java:doStart(857)) - Started o.e.j.w.WebAppContext@f096f37{/gateway/manager/admin-ui,file:///usr/local/datadisk/knox-1.3.0/data/deployments/manager.topo.16e7d9bb9e0/%252Fadmin-ui/,AVAILABLE}{/usr/local/datadisk/knox-1.3.0/data/deployments/manager.topo.16e7d9bb9e0/%2Fadmin-ui}
2019-11-18 08:24:28,188 INFO annotations.AnnotationConfiguration (AnnotationConfiguration.java:scanForAnnotations(481)) - Scanning elapsed time=8ms
2019-11-18 08:24:28,192 INFO ContextHandler.gateway_manager (ContextHandler.java:log(2351)) - No Spring WebApplicationInitializer types detected on classpath
2019-11-18 08:24:28,228 INFO handler.ContextHandler (ContextHandler.java:doStart(857)) - Started o.e.j.w.WebAppContext@3effd4f3{/gateway/manager,file:///usr/local/datadisk/knox-1.3.0/data/deployments/manager.topo.16e7d9bb9e0/%252F/,AVAILABLE}{/usr/local/datadisk/knox-1.3.0/data/deployments/manager.topo.16e7d9bb9e0/%2F}
2019-11-18 08:24:28,250 INFO annotations.AnnotationConfiguration (AnnotationConfiguration.java:scanForAnnotations(481)) - Scanning elapsed time=8ms
2019-11-18 08:24:28,256 INFO ContextHandler.gateway_admin (ContextHandler.java:log(2351)) - No Spring WebApplicationInitializer types detected on classpath
2019-11-18 08:24:28,282 INFO ContextHandler.gateway_admin (ContextHandler.java:log(2351)) - Initializing Shiro environment
2019-11-18 08:24:28,282 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(133)) - Starting Shiro environment initialization.
2019-11-18 08:24:28,287 INFO env.EnvironmentLoader (EnvironmentLoader.java:initEnvironment(147)) - Shiro environment initialized in 5 ms.
2019-11-18 08:24:28,289 INFO handler.ContextHandler (ContextHandler.java:doStart(857)) - Started o.e.j.w.WebAppContext@1a28b346{/gateway/admin,file:///usr/local/datadisk/knox-1.3.0/data/deployments/admin.topo.16e7d9bb9e0/%252F/,AVAILABLE}{/usr/local/datadisk/knox-1.3.0/data/deployments/admin.topo.16e7d9bb9e0/%2F}
2019-11-18 08:24:28,296 INFO ssl.SslContextFactory (SslContextFactory.java:load(370)) - x509=X509@3bec5821(gateway-identity,h=[hk-test-cdh109, localhost],w=[]) for SslContextFactory@4086d8fb[provider=null,keyStore=file:///usr/local/datadisk/knox-1.3.0/data/security/keystores/gateway.jks,trustStore=null]
2019-11-18 08:24:28,340 INFO server.AbstractConnector (AbstractConnector.java:doStart(292)) - Started ServerConnector@3af37506{SSL,[ssl, http/1.1]}{0.0.0.0:8443}
2019-11-18 08:24:28,340 INFO server.Server (Server.java:doStart(410)) - Started @5977ms
2019-11-18 08:24:28,341 INFO knox.gateway (GatewayServer.java:start(662)) - Monitoring topologies in directory: /usr/local/datadisk/knox-1.3.0/conf/topologies
2019-11-18 08:24:28,343 INFO knox.gateway (GatewayServer.java:startGateway(385)) - Started gateway on port 8,443.
2019-11-18 08:25:26,319 INFO knox.gateway (KnoxLdapRealm.java:getUserDn(688)) - Computed userDn: uid=admin,ou=people,dc=hadoop,dc=apache,dc=org using dnTemplate for principal: admin
2019-11-18 08:26:46,570 INFO knox.gateway (KnoxLdapRealm.java:getUserDn(688)) - Computed userDn: uid=admin,ou=people,dc=hadoop,dc=apache,dc=org using dnTemplate for principal: admin
2019-11-18 08:35:42,564 WARN federation.jwt (SSOCookieFederationFilter.java:init(80)) - Configuration for authentication provider URL is missing - will derive default URL.
1 REPLY 1

avatar
Super Collaborator

Knox admin ui is SSO enabled by default. Accessing api /gateway/manager/admin-ui/ will redirect to SSO page where you should give the matching credentials (as per ldap/shiro configured in knoxsso.xml).

 

Access admin-ui from browser and verify.