Support Questions
Find answers, ask questions, and share your expertise
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Cloudera Community
- Support
- Support Questions
- Who agreed with this topic
Who agreed with this topic
Unable to login to Hue UI when AD Authentication is enabled
Labels:
Rising Star
Created 11-25-2022 03:24 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We are able to login to Hue UI locally with default user name / password, the issue arises when choosing AD Authentication it does not accept the username / password.
Error in Hue Access log
[25/Nov/2022 14:00:29 -0800] DEBUG Initiating TLS
[25/Nov/2022 14:00:29 -0800] DEBUG search_s('DC=mtest,DC=com', 2, '(&(sAMAccountName=%(user)s)(sAMAccountName={0}))') returned 0 objects:
[25/Nov/2022 14:00:29 -0800] DEBUG Authentication failed for User1_dev: failed to map the username to a DN.
[25/Nov/2022 14:00:29 -0800] WARNING 10.216.176.10 -anon- - "POST /hue/accounts/login HTTP/1.1" --- Failed login for user: User1_dev
[25/Nov/2022 14:00:29 -0800] INFO 10.216.176.10 -anon- - "POST /hue/accounts/login HTTP/1.1" returned in 1062ms 200 114908
[25/Nov/2022 14:00:40 -0800] DEBUG 10.216.176.10 -anon- - "POST /hue/accounts/login HTTP/1.1" -Error in Runcpserver.log
[25/Nov/2022 14:43:01 -0800] resource ERROR Error logging return call POST http://localhost:7187/api/v9
Traceback (most recent call last):
File "/opt/cloudera/parcels/CDH-7.1.7-1.cdh7.1.7.p1000.24102687/lib/hue/desktop/core/src/desktop/lib/rest/resource.py", line 122, in _invoke
resp_content = smart_unicode(resp.content, errors='replace')
AttributeError: 'NoneType' object has no attribute 'content'
[25/Nov/2022 14:43:01 -0800] navigator_client ERROR Failed to search for entities with search query: {"query": "((originalName:**^3)OR(originalDescription:**^1)OR(name:**^10)OR(description:**^3)OR(tags:**^5))AND((originalName:[* TO *])OR(originalDescription:[* TO *])OR(name:[* TO *])OR(description:[* TO *])OR(tags:[* TO *]))", "filterQueries": ["deleted:false"], "facetFields": ["tags"]}
[25/Nov/2022 14:43:01 -0800] access INFO 10.216.176.10 admin - "POST /metadata/api/catalog/list_tags HTTP/1.1" returned in 43ms 500 308
[25/Nov/2022 14:43:01 -0800] access INFO 10.216.176.10 admin - "GET /desktop/api2/context/clusters/jobs HTTP/1.1" returned in 4ms 200 225
[25/Nov/2022 14:43:01 -0800] access INFO 10.216.176.10 admin - "GET /desktop/api2/context/namespaces/hive HTTP/1.1" returned in 215ms 200 287
[25/Nov/2022 14:43:01 -0800] access INFO 10.216.176.10 admin - "GET /desktop/api2/context/computes/impala HTTP/1.1" returned in 135ms 200 230
[25/Nov/2022 14:43:01 -0800] access INFO 10.216.176.10 admin - "GET /editor HTTP/1.1" returned in 266ms 200 127305
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "POST /notebook/api/create_notebook HTTP/1.1" returned in 2ms 200 243
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "GET /desktop/api2/user_preferences/default_app HTTP/1.1" returned in 2ms 200 27
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "GET /notebook/api/get_history HTTP/1.1" returned in 9ms 200 70
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "GET /desktop/workers/aceSqlSyntaxWorker.js HTTP/1.1" returned in 8ms 200 196
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "POST /jobbrowser/jobs/ HTTP/1.1" returned in 8ms 200 12
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "GET /desktop/workers/aceSqlLocationWorker.js HTTP/1.1" returned in 19ms 200 200
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "POST /notebook/api/create_session HTTP/1.1" returned in 111ms 200 1113
[25/Nov/2022 14:43:03 -0800] navigator_client INFO (('query', 'parentPath:"/default" AND type:(table view field)'), ('offset', 0), ('limit', 450))
[25/Nov/2022 14:43:03 -0800] resource ERROR Error logging return call GET http://localhost:7187/api/v9
Traceback (most recent call last):
File "/opt/cloudera/parcels/CDH-7.1.7-1.cdh7.1.7.p1000.24102687/lib/hue/desktop/core/src/desktop/lib/rest/resource.py", line 122, in _invoke
resp_content = smart_unicode(resp.content, errors='replace')
AttributeError: 'NoneType' object has no attribute 'content'
[25/Nov/2022 14:43:03 -0800] navigator_client ERROR Failed to search for entities with search query: parentPath:"/default" AND type:(table view field)
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "POST /desktop/api/search/entities HTTP/1.1" returned in 36ms 500 366
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "GET /desktop/api2/docs/ HTTP/1.1" returned in 25ms 200 116
[25/Nov/2022 14:43:03 -0800] access INFO 10.216.176.10 admin - "GET /desktop/api2/context/computes/hive HTTP/1.1" returned in 124ms 200 226
[25/Nov/2022 14:43:04 -0800] access INFO 10.216.176.10 admin - "GET /dynamic_bundle/workers/vendors~calcite-parser~druid-parser~elasticsearch-parser~flink-parser~generic-par~a12e5353-chunk-9e88fe32881dac37fa21.js HTTP/1.1" returned in 3ms 302 0
[25/Nov/2022 14:43:04 -0800] access INFO 10.216.176.10 admin - "GET /dynamic_bundle/workers/calcite-parser~druid-parser~elasticsearch-parser~flink-parser~generic-parser~hive~fd963363-chunk-9e88fe32881dac37fa21.js HTTP/1.1" returned in 4ms 302 0
[25/Nov/2022 14:43:04 -0800] access INFO 10.216.176.10 admin - "GET /dynamic_bundle/workers/hive-parser-chunk-9e88fe32881dac37fa21.js HTTP/1.1" returned in 12ms 302 0
[25/Nov/2022 14:43:04 -0800] access INFO 10.216.176.10 admin - "GET /dynamic_bundle/workers/vendors~calcite-parser~druid-parser~elasticsearch-parser~flink-parser~generic-par~a12e5353-chunk-9e88fe32881dac37fa21.js HTTP/1.1" returned in 1ms 302 0
[25/Nov/2022 14:43:04 -0800] access INFO 10.216.176.10 admin - "GET /dynamic_bundle/workers/calcite-parser~druid-parser~elasticsearch-parser~flink-parser~generic-parser~hive~fd963363-chunk-9e88fe32881dac37fa21.js HTTP/1.1" returned in 2ms 302 0
[25/Nov/2022 14:43:04 -0800] access INFO 10.216.176.10 admin - "GET /dynamic_bundle/workers/hive-parser-chunk-9e88fe32881dac37fa21.js HTTP/1.1" returned in 1ms 302 0
[25/Nov/2022 14:43:10 -0800] views WARNING Error closing impala session: Snippet type impala is not configured.
[25/Nov/2022 14:43:10 -0800] access INFO 10.216.176.10 -anon- - "GET /accounts/logout HTTP/1.1" returned in 58ms 302 0
[25/Nov/2022 14:43:10 -0800] middleware INFO Redirecting to login page: /
[25/Nov/2022 14:43:10 -0800] access INFO 10.216.176.10 -anon- - "GET / HTTP/1.1" --- login redirection
[25/Nov/2022 14:43:10 -0800] access INFO 10.216.176.10 -anon- - "GET / HTTP/1.1" returned in 9ms 302 0
[25/Nov/2022 14:43:10 -0800] access INFO 10.216.176.10 admin - "POST /notebook/api/notebook/close HTTP/1.1" returned in 129ms 200 44
[25/Nov/2022 14:43:10 -0800] decorators INFO AXES: Calling decorated function: dt_login
[25/Nov/2022 14:43:10 -0800] access INFO 10.216.176.10 -anon- - "GET /hue/accounts/login HTTP/1.1" returned in 49ms 200 114859
[25/Nov/2022 14:43:11 -0800] access INFO 127.0.0.1 -anon- - "HEAD /desktop/debug/is_alive HTTP/1.1" returned in 16ms 200 0
[25/Nov/2022 14:43:33 -0800] decorators INFO AXES: Calling decorated function: dt_login
[25/Nov/2022 14:43:34 -0800] access WARNING 10.216.176.10 -anon- - "POST /hue/accounts/login HTTP/1.1" --- Failed login for user: USER1_dev
[25/Nov/2022 14:43:34 -0800] decorators INFO AXES: Repeated login failure by 127.0.0.1. Updating access record. Count = 25
[25/Nov/2022 14:43:34 -0800] access INFO 10.216.176.10 -anon- - "POST /hue/accounts/login HTTP/1.1" returned in 1086ms 200 114908
[25/Nov/2022 14:43:45 -0800] decorators INFO AXES: Calling decorated function: dt_login
Also would like to understand is it mandatory to have unix server also domain joined on which hue is deployed for AD Authentication to work?
Appreciate all the help
Thanks
