Member since
07-01-2015
460
Posts
78
Kudos Received
43
Solutions
My Accepted Solutions
| Title | Views | Posted |
|---|---|---|
| 1365 | 11-26-2019 11:47 PM | |
| 1312 | 11-25-2019 11:44 AM | |
| 9526 | 08-07-2019 12:48 AM | |
| 2195 | 04-17-2019 03:09 AM | |
| 3524 | 02-18-2019 12:23 AM |
11-21-2018
08:27 AM
1 Kudo
I think you can test it on the newly created topic, try to shut down the following replicas, so that only the leader will be the ISR and since you have a min.insync set to 2 it should refuse to accept write. Otherwise, without this option your leader can tolerate the failure of the followers and accept the writes to the topic
... View more
11-21-2018
07:32 AM
Yes, it could be the case.
... View more
11-21-2018
07:24 AM
1 Kudo
The error indicates your server does not have a jdbc driver. Try to install mysql on your host, it should deploy the JDBC driver. For example on Redhat/Centos: sudo yum -y install mysql-connector-java Then your driver is located here: /usr/share/java/mysql-connector-java.jar
... View more
11-21-2018
07:16 AM
I think by default this setting your configuration is not set by default. Therefore after the topic was created you dont see this property on the topic. After you explicitly set the property it is applied by the Kafka,. If you want to set it service wide, check out the docs https://www.cloudera.com/documentation/kafka/latest/topics/kafka_ha.html
... View more
11-21-2018
01:24 AM
One more issue I observed with sign in with email address: - I sign in first time, it is ok, Hue creates home directory and user entry - I sign out, and then sign in again, and it failes on duplicity: [21/Nov/2018 01:11:01 -0800] middleware INFO Processing exception: (1062, "Duplicate entry '<REDACTED>onmicrosoft.co' for key 'username'"): Traceback (most recent call last):
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/core/handlers/base.py", line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/transaction.py", line 371, in inner
return func(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/http.py", line 41, in inner
return func(request, *args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/csrf.py", line 57, in wrapped_view
return view_func(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/views.py", line 293, in assertion_consumer_service
create_unknown_user=create_unknown_user)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/contrib/auth/__init__.py", line 49, in authenticate
user = backend.authenticate(**credentials)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/desktop/core/src/desktop/lib/metrics/registry.py", line 388, in wrapper
return fn(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/desktop/libs/libsaml/src/libsaml/backend.py", line 53, in authenticate
return super(SAML2Backend, self).authenticate(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/backends.py", line 115, in authenticate
create_unknown_user, main_attribute, attributes, attribute_mapping)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/backends.py", line 152, in get_saml2_user
return self._get_or_create_saml2_user(main_attribute, attributes, attribute_mapping)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/backends.py", line 167, in _get_or_create_saml2_user
defaults=user_create_defaults, **user_query_args)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/manager.py", line 154, in get_or_create
return self.get_queryset().get_or_create(**kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/query.py", line 391, in get_or_create
six.reraise(*exc_info)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/query.py", line 383, in get_or_create
obj.save(force_insert=True, using=self.db)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/base.py", line 545, in save
force_update=force_update, update_fields=update_fields)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/base.py", line 573, in save_base
updated = self._save_table(raw, cls, force_insert, force_update, using, update_fields)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/base.py", line 654, in _save_table
result = self._do_insert(cls._base_manager, using, fields, update_pk, raw)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/base.py", line 687, in _do_insert
using=using, raw=raw)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/manager.py", line 232, in _insert
return insert_query(self.model, objs, fields, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/query.py", line 1514, in insert_query
return query.get_compiler(using=using).execute_sql(return_id)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/models/sql/compiler.py", line 903, in execute_sql
cursor.execute(sql, params)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/backends/util.py", line 53, in execute
return self.cursor.execute(sql, params)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/utils.py", line 99, in __exit__
six.reraise(dj_exc_type, dj_exc_value, traceback)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/backends/util.py", line 53, in execute
return self.cursor.execute(sql, params)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/backends/mysql/base.py", line 124, in execute
return self.cursor.execute(query, args)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/MySQL_python-1.2.5-py2.7-linux-x86_64.egg/MySQLdb/cursors.py", line 205, in execute
self.errorhandler(self, exc, value)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/MySQL_python-1.2.5-py2.7-linux-x86_64.egg/MySQLdb/connections.py", line 36, in defaulterrorhandler
raise errorclass, errorvalue
IntegrityError: (1062, "Duplicate entry '<REDACTED>onmicrosoft.co' for key 'username'") As this error comes from the database, it looks like Hue is looking into a database with a non-truncated username, and then tries to insert the truncated user name. It looks to me as a bug, but not important, as I want to use other field from the Attribute list.
... View more
11-21-2018
12:38 AM
@bgooley, thanks for the helpfull insights, I was able to move forward a little bit. But to keep the chronology of those test attempts clear, I reply first for the first suggestion to change the mapping in HUE and send a response uid. What I did: In AAD I created in Attributes and Claims a new uid and saml_user attributes and mapped a first name to it (let pretend that this is the user name I want to use). saml_user = user.givenname
uid = user.givenname In HUE I have added this +user_attribute_mapping='{"uid":"username"}' Now I expected that the hue will find the user name either in uid or in saml_user. But the logs shows the issue is the same: [20/Nov/2018 23:57:55 -0800] response INFO Subject NameID: <?xml version='1.0' encoding='UTF-8'?><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"><REDACTED-MY-USER-NAME></saml:NameID>
[20/Nov/2018 23:57:55 -0800] response DEBUG Attribute Statement: <?xml version='1.0' encoding='UTF-8'?><saml:AttributeStatement xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid" NameFormat=".....
[20/Nov/2018 23:57:55 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/tenantid" NameFo...
[20/Nov/2018 23:57:55 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/objectidentifier" NameFo...
[20/Nov/2018 23:57:55 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/identityprovider" NameFo...
[20/Nov/2018 23:57:55 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFor...
[20/Nov/2018 23:57:55 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="saml_user" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">Tomas</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 23:57:55 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?><saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">Tomas</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 23:57:55 -0800] response ERROR Missing Attribute Statement
[20/Nov/2018 23:57:55 -0800] response DEBUG --- AVA: {}
[20/Nov/2018 23:57:55 -0800] client_base INFO --- ADDED person info ----
[20/Nov/2018 23:57:55 -0800] backends ERROR The attributes dictionary is empty
[20/Nov/2018 23:57:55 -0800] backends ERROR Could not find saml_user value
[20/Nov/2018 23:57:55 -0800] views WARNING Could not authenticate user received in SAML Assertion. Session info: {'authn_info': [('urn:oasis:names:tc:SAML:2.0:ac:classes:Password', [], '2018-11-07T07:43:32.657Z')], 'name_id': <saml2.saml.NameID object at 0x7faf037550d0>, 'not_on_or_after': 1542790374, 'session_index': '_70892f13-d4ad-4fe2-808c-38e9d85a408b', 'came_from': None, 'ava': {}, 'issuer': 'https://sts.windows.net/f0ba4ef9-b8da-..../'}
[20/Nov/2018 23:57:55 -0800] middleware INFO Processing exception: : Traceback (most recent call last):
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/core/handlers/base.py", line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/transaction.py", line 371, in inner
return func(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/http.py", line 41, in inner
return func(request, *args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/csrf.py", line 57, in wrapped_view
return view_func(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/views.py", line 296, in assertion_consumer_service
raise PermissionDenied
PermissionDenied In the error log above I think the important message is that hue does not see any attribute list at all! And you can see, that the response contain couple of attribute elements and two of them are the uid and saml_user, mapping to "Tomas" as a value. So how to configure saml settings in hue to work with this response structure? Ok second part of my answer, your suggestion to map the user_name with a name_id_format. This actually worked nicely, but as you said, and I agree, I dont want to use email address as user name in HUE. So changing the settings in HUE: username_source=nameid
name_id_format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" resulted in this: [21/Nov/2018 00:06:57 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">Tomas</saml:AttributeValue></saml:Attribute>
[21/Nov/2018 00:06:57 -0800] response ERROR Missing Attribute Statement
[21/Nov/2018 00:06:57 -0800] response DEBUG --- AVA: {}
[21/Nov/2018 00:06:57 -0800] client_base INFO --- ADDED person info ----
[21/Nov/2018 00:06:57 -0800] backends ERROR The attributes dictionary is empty
[21/Nov/2018 00:06:57 -0800] cursors WARNING /opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/backends/mysql/base.py:124: Warning: Data truncated for column 'username' at row 1
return self.cursor.execute(query, args)
[21/Nov/2018 00:06:57 -0800] models WARNING /opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/backends.py:221: DeprecationWarning: The use of AUTH_PROFILE_MODULE to define user profiles has been deprecated.
profile = user.get_profile()
[21/Nov/2018 00:06:57 -0800] backend INFO Augmenting users with class: <class 'desktop.auth.backend.DefaultUserAugmentor'>
[21/Nov/2018 00:06:57 -0800] access INFO 10.85.xxx.xxx <REDACTED-MY-USER-NAME> - "POST /saml2/acs/ HTTP/1.1" returned in 113ms
[21/Nov/2018 00:06:59 -0800] access INFO 10.85.xxx.xxx <REDACTED-MY-USER-NAME_TRUNCATED> - "GET / HTTP/1.1" returned in 926ms
[21/Nov/2018 00:07:00 -0800] connectionpool INFO Starting new HTTPS connection (1): ip-10-85-yyy-yy.eu-west-1.compute.internal:14000
[21/Nov/2018 00:07:00 -0800] connectionpool DEBUG "ip-10-85-yyy-yy.eu-west-1.compute.internal:14000 GET /webhdfs/v1/user/<REDACTED-MY-USER-NAME_TRUNCATED>m?op=GETFILESTATUS&user.name=hue&doas=<REDACTED-MY-USER-NAME_TRUNCATED> HTTP/1.1" 401 997
[21/Nov/2018 00:07:00 -0800] kerberos_ DEBUG handle_401(): Handling: 401
[21/Nov/2018 00:07:00 -0800] kerberos_ DEBUG generate_request_header(): host_port_thread: ip-10-85-yyy-yy.eu-west-1.compute.internal_14000_140122880198400
[21/Nov/2018 00:07:00 -0800] kerberos_ DEBUG authenticate_user(): Authorization header: NegotiawnwMi.....
[21/Nov/2018 00:07:01 -0800] connectionpool DEBUG "ip-10-85-yyy-yy.eu-west-1.compute.internal:14000 GET /webhdfs/v1/user/<REDACTED-MY-USER-NAME_TRUNCATED>m?op=GETFILESTATUS&user.name=hue&doas=<REDACTED-MY-USER-NAME_TRUNCATED> HTTP/1.1" 404 None
[21/Nov/2018 00:07:01 -0800] kerberos_ DEBUG authenticate_user(): returning <Response [404]> As you can see the application picked correctly the username from nameid, and trucnated it (because it is a long email address). But the error regarding attributes are still there. What I would like to achieve is to map the user name to those "uid" or "saml_user" attributes instead. (Btw the two last errors I assume are from the NameNode when HUE asks the NN to fetch the user's data from HDFS, but this user apparently does not exists) And my last question is this is working as an IDP initiated login (when I test it from AAD), or it is working when I have logged in and in another tab I open hue URL. But in different window, opening the HUE does not redirect me to the windows login page. I thought this information - where to redirect - should be in the idp.xml file and the HUE application should redirect the user to the login page. Thanks Tomas
... View more
11-20-2018
10:03 AM
This is your reply related to my previous post, because I already did it, downloaded from the portal. As I posted last time " think using the IDP metadata file from AAD helped a bit," - because there are some new error messages. And I also posted the full error report, with all elements from the SAML reposnse. This XML what I used is called Federation metadata in the SSO page of the application.
... View more
11-20-2018
09:41 AM
1 Kudo
Hi, that's because your spark program is not using the common hive metastore, so the definition of the table is gone when your application finishes. You should create an external table in HIVE and then issue a refresh command, so after your spark application finishes, you will see new data in your table. For creating external table see the Cloudera docs.
... View more
11-20-2018
09:34 AM
@bgooley I think using the IDP metadata file from AAD helped a bit, it still fails, but I see there more information about the sign in person - I just redacted the keys, certificates, name of the user, AD login name, etc. [20/Nov/2018 09:24:35 -0800] response DEBUG response: <?xml version='1.0' encoding='UTF-8'?>
<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Destination="https://hue.redacted.fqd:8888/saml2/acs/" ID="_578d4cb5-1494-4087-9835-3755369d1c7d" IssueInstant="2018-11-20T17:24:34.576Z" Version="2.0"><saml:Issuer>https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status><saml:Assertion ID="_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4" IssueInstant="2018-11-20T17:24:34.576Z" Version="2.0"><saml:Issuer>https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</saml:Issuer><ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><ds:Reference URI="#_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><ds:DigestValue>sWH/9QDUVYTke2KTf8jB9xPYy+z9vGkUf1kpq2NUxik=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>XXXXXRDInP1nr78HQlVbgemS5sZrebvd7BH/ERb1aFhIV1Z9ZucIUjf1evoQY9LNM/V8UBzKc7lp748TGSuAZlGwlAbrvfwUDYHONUbZ3h2j3DVMb2LBjeDTyo3e8qU/4rtyvv3QapChKuECTyizF6OHJClgYKrCyzOkPb9jHsGDFNHnQ==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate><REDACTED>wMc7dfqQmlUnRbxRmBiPmyXJD6BAGphj9R/LdWC3OsNfehDnpPSsJ8+jHO3MeSMR2qTkBpeFp4naYv2lLfRgUV/0Tt4ncVPyCwTf6yoTmAHsbvzDf2jSFr6YtsnVU4VY1RswIvt9jUXjd4wcOyK/Mjs8Lfcub1oWL8jeujuSq0DJPxJiCWGWs4HSPtAoKIYnPTg9ysYHyWu/91DCTP7cnfQw37Lu+7X7nm6XO1xWmpSVhGqc2tT8PL</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">REDACTED-MY-USER-NAME</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData NotOnOrAfter="2018-11-20T17:29:34.576Z" Recipient="https://hue.redacted.fqd:8888/saml2/acs/" /></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2018-11-20T17:19:34.576Z" NotOnOrAfter="2018-11-20T18:19:34.576Z"><saml:AudienceRestriction><saml:Audience>hue-dev</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2018-11-07T07:43:32.657Z" SessionIndex="_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">f0ba4e-redacted-client-id-4kha</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">abd66e79-6e17-43fc-9a51-9eed558cd902</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedFirstName RedactedLastName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedFirstName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedLastName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">REDACTED-MY-USER-NAME</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">REDACTED-MY-USER-NAME</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>
[20/Nov/2018 09:24:35 -0800] entity DEBUG XMLSTR: <samlp:Response ID="_578d4cb5-1494-4087-9835-3755369d1c7d" Version="2.0" IssueInstant="2018-11-20T17:24:34.576Z" Destination="https://hue.redacted.fqd:8888/saml2/acs/" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><Assertion ID="_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4" IssueInstant="2018-11-20T17:24:34.576Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion"><Issuer>https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</Issuer><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><Reference URI="#_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>sWH/9QDUVYTke2KTf8jB9xPYy+z9vGkUf1kpq2NUxik=</DigestValue></Reference></SignedInfo><SignatureValue>XXXXXRDInP1nr78HQlVbgemS5sZrebvd7BH/ERb1aFhIV1Z9ZucIUjf1evoQY9LNM/V8UBzKc7lp748TGSuAZlGwlAbrvfwUDYHONUbZ3h2j3DVMb2LBjeDTyo3e8qU/4rtyvv3QapChKuECTyizF6OHJClgYKrCyzOkPb9jHsGDFNHnQ==</SignatureValue><KeyInfo><X509Data><X509Certificate><REDACTED>wMc7dfqQmlUnRbxRmBiPmyXJD6BAGphj9R/LdWC3OsNfehDnpPSsJ8+jHO3MeSMR2qTkBpeFp4naYv2lLfRgUV/0Tt4ncVPyCwTf6yoTmAHsbvzDf2jSFr6YtsnVU4VY1RswIvt9jUXjd4wcOyK/Mjs8Lfcub1oWL8jeujuSq0DJPxJiCWGWs4HSPtAoKIYnPTg9ysYHyWu/91DCTP7cnfQw37Lu+7X7nm6XO1xWmpSVhGqc2tT8PL</X509Certificate></X509Data></KeyInfo></Signature><Subject><NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">REDACTED-MY-USER-NAME</NameID><SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><SubjectConfirmationData NotOnOrAfter="2018-11-20T17:29:34.576Z" Recipient="https://hue.redacted.fqd:8888/saml2/acs/"/></SubjectConfirmation></Subject><Conditions NotBefore="2018-11-20T17:19:34.576Z" NotOnOrAfter="2018-11-20T18:19:34.576Z"><AudienceRestriction><Audience>hue-dev</Audience></AudienceRestriction></Conditions><AttributeStatement><Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid"><AttributeValue>f0ba4e-redacted-client-id-4kha</AttributeValue></Attribute><Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier"><AttributeValue>abd66e79-6e17-43fc-9a51-9eed558cd902</AttributeValue></Attribute><Attribute Name="http://schemas.microsoft.com/identity/claims/displayname"><AttributeValue>RedactedFirstName RedactedLastName</AttributeValue></Attribute><Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider"><AttributeValue>https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</AttributeValue></Attribute><Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences"><AttributeValue>http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</AttributeValue></Attribute><Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"><AttributeValue>RedactedFirstName</AttributeValue></Attribute><Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"><AttributeValue>RedactedLastName</AttributeValue></Attribute><Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"><AttributeValue>REDACTED-MY-USER-NAME</AttributeValue></Attribute><Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name"><AttributeValue>REDACTED-MY-USER-NAME</AttributeValue></Attribute></AttributeStatement><AuthnStatement AuthnInstant="2018-11-07T07:43:32.657Z" SessionIndex="_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4"><AuthnContext><AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef></AuthnContext></AuthnStatement></Assertion></samlp:Response>
[20/Nov/2018 09:24:35 -0800] response INFO status: <?xml version='1.0' encoding='UTF-8'?>
<samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status>
[20/Nov/2018 09:24:35 -0800] response DEBUG ***Unencrypted assertion***
[20/Nov/2018 09:24:35 -0800] response DEBUG signed
[20/Nov/2018 09:24:35 -0800] sigver DEBUG ==== Certs from metadata ==== None: [(<open file '<fdopen>', mode 'w+b' at 0x7f6f5805a0c0>, '/tmp/tmpJ4XqjT.pem')] ====
[20/Nov/2018 09:24:35 -0800] sigver DEBUG xmlsec command: /usr/bin/xmlsec1 --verify --pubkey-cert-pem /tmp/tmpJ4XqjT.pem --id-attr:ID urn:oasis:names:tc:SAML:2.0:assertion:Assertion --store-signatures --node-id _c1e08c03-ccf6-4f32-9a96-5e00cc4233e4 --output /tmp/tmpdOFzb_.xml /tmp/tmprHzcov.xml
[20/Nov/2018 09:24:35 -0800] response DEBUG assertion context: AuthnReq
[20/Nov/2018 09:24:35 -0800] response DEBUG assertion keys: ['authn_statement', 'attribute_statement', 'subject', 'issue_instant', 'version', 'signature', 'conditions', 'id', 'issuer']
[20/Nov/2018 09:24:35 -0800] response DEBUG outstanding_queries: {}
[20/Nov/2018 09:24:35 -0800] response DEBUG conditions: <?xml version='1.0' encoding='UTF-8'?>
<saml:Conditions xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NotBefore="2018-11-20T17:19:34.576Z" NotOnOrAfter="2018-11-20T18:19:34.576Z"><saml:AudienceRestriction><saml:Audience>hue-dev</saml:Audience></saml:AudienceRestriction></saml:Conditions>
[20/Nov/2018 09:24:35 -0800] response DEBUG --- Getting Identity ---
[20/Nov/2018 09:24:35 -0800] response INFO Subject NameID: <?xml version='1.0' encoding='UTF-8'?>
<saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">REDACTED-MY-USER-NAME</saml:NameID>
[20/Nov/2018 09:24:35 -0800] response DEBUG Attribute Statement: <?xml version='1.0' encoding='UTF-8'?>
<saml:AttributeStatement xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">f0ba4e-redacted-client-id-4kha</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">abd66e79-6e17-43fc-9a51-9eed558cd902</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedFirstName RedactedLastName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedFirstName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedLastName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">REDACTED-MY-USER-NAME</saml:AttributeValue></saml:Attribute><saml:Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">REDACTED-MY-USER-NAME</saml:AttributeValue></saml:Attribute></saml:AttributeStatement>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/tenantid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">f0ba4e-redacted-client-id-4kha</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/objectidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">abd66e79-6e17-43fc-9a51-9eed558cd902</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/displayname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedFirstName RedactedLastName</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/identity/claims/identityprovider" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">https://sts.windows.net/f0ba4e-redacted-client-id-4kha/</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.microsoft.com/claims/authnmethodsreferences" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedFirstName</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">RedactedLastName</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">REDACTED-MY-USER-NAME</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] attribute_converter INFO Unknown attribute name: <?xml version='1.0' encoding='UTF-8'?>
<saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">REDACTED-MY-USER-NAME</saml:AttributeValue></saml:Attribute>
[20/Nov/2018 09:24:35 -0800] response ERROR Missing Attribute Statement
[20/Nov/2018 09:24:35 -0800] response DEBUG --- AVA: {}
[20/Nov/2018 09:24:35 -0800] client_base INFO --- ADDED person info ----
[20/Nov/2018 09:24:35 -0800] backends ERROR The attributes dictionary is empty
[20/Nov/2018 09:24:35 -0800] backends ERROR Could not find saml_user value
[20/Nov/2018 09:24:35 -0800] views WARNING Could not authenticate user received in SAML Assertion. Session info: {'authn_info': [('urn:oasis:names:tc:SAML:2.0:ac:classes:Password', [], '2018-11-07T07:43:32.657Z')], 'name_id': <saml2.saml.NameID object at 0x7f6f1a93c690>, 'not_on_or_after': 1542737974, 'session_index': '_c1e08c03-ccf6-4f32-9a96-5e00cc4233e4', 'came_from': None, 'ava': {}, 'issuer': 'https://sts.windows.net/f0ba4e-redacted-client-id-4kha/'}
[20/Nov/2018 09:24:35 -0800] middleware INFO Processing exception: : Traceback (most recent call last):
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/core/handlers/base.py", line 112, in get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/db/transaction.py", line 371, in inner
return func(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/http.py", line 41, in inner
return func(request, *args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/Django-1.6.10-py2.7.egg/django/views/decorators/csrf.py", line 57, in wrapped_view
return view_func(*args, **kwargs)
File "/opt/cloudera/parcels/CDH-5.15.1-1.cdh5.15.1.p0.4/lib/hue/build/env/lib/python2.7/site-packages/djangosaml2-0.16.4-py2.7.egg/djangosaml2/views.py", line 296, in assertion_consumer_service
raise PermissionDenied
PermissionDenied
[20/Nov/2018 09:24:35 -0800] access WARNING 10.85.239.134 -anon- - "POST /saml2/acs/ HTTP/1.1" -- 403 access forbidden
... View more
11-20-2018
09:11 AM
1 Kudo
It is a normal python 🙂 Just use myvariable = "value", so app_name = "My gorgeous application" conf = SparkConf().setAppName(app_name).setMaster(master)
... View more