About soumya_swain2

soumya_swain2 · ‎02-14-2018

i.e i want my other user to have access to hbase(to configure in ranger) but not having acess to decrypt (configure in ranger kms).so while acesing thorugh hbase with that user i should get an error msg that user is not able to decrypt.

soumya_swain2 · ‎02-14-2018

if some one wants to block others users in hbase shell also how can he do that. I am facing same issue from apps/hbase/data my user is not able to decrypt file but can read table data in hbase shell.

soumya_swain2 · ‎08-11-2017

yes, I am getting below messages in gateway-audit.log 17/08/11 14:55:53 ||abcb2bad-986f-46f4-a7e6-8b18306eaf3b|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/bootstrap.min.css|unavailable|Request method: GET 17/08/11 14:55:53 ||abcb2bad-986f-46f4-a7e6-8b18306eaf3b|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/knox.css|unavailable|Request method: GET 17/08/11 14:55:53 ||abcb2bad-986f-46f4-a7e6-8b18306eaf3b|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/knox.css|success|Response status: 200 17/08/11 14:55:53 ||abcb2bad-986f-46f4-a7e6-8b18306eaf3b|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/bootstrap.min.css|success|Response status: 200 17/08/11 14:55:53 ||690bd0e2-5de7-4fe0-b507-0d6e5a783d59|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/images/favicon.ico|unavailable|Request method: GET 17/08/11 14:55:53 ||690bd0e2-5de7-4fe0-b507-0d6e5a783d59|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/images/favicon.ico|success|Response status: 200 17/08/11 14:55:59 ||fc76ac04-b822-49a9-bbfe-efa20dcc6037|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/bootstrap.min.css|unavailable|Request method: GET 17/08/11 14:55:59 ||b03ff0c4-5e76-495f-b15c-4548194f7ab5|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/knox.css|unavailable|Request method: GET 17/08/11 14:55:59 ||b03ff0c4-5e76-495f-b15c-4548194f7ab5|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/knox.css|success|Response status: 200 17/08/11 14:55:59 ||fc76ac04-b822-49a9-bbfe-efa20dcc6037|audit|knoxauth||||access|uri|/gateway/knoxsso/knoxauth/styles/bootstrap.min.css|success|Response status: 200

soumya_swain2 · ‎08-10-2017

I have installed ambari-server and knox in two different server and done all necessary setups for ldaps and sso.but when i log in to ambari, it is sucessfully getting redirected to knox gateway and after i give credentials it goes to ambari ui and then coming back to knox gateway log in screen. In ambari-server.log i dont see any error and on gateway.log i am only seeing below infos: 2017-08-10 12:35:43,460 INFO hadoop.gateway (KnoxLdapRealm.java:getUserDn(691)) - Computed userDn: uid=xx,ou=People,dc=xx,dc=com using dnTemplate for principal: satya 2017-08-10 12:35:43,466 WARN service.knoxsso (WebSSOResource.java:init(102)) - The SSO cookie SecureOnly flag is set to FALSE and is therefore insecure. 2017-08-10 12:35:43,466 INFO service.knoxsso (WebSSOResource.java:init(109)) - The cookie max age is being set to: session. 2017-08-10 12:35:43,466 WARN service.knoxsso (WebSSOResource.java:init(113)) - The SSO cookie max age configuration is invalid: session - using default. 2017-08-10 12:35:43,467 INFO service.knoxsso (WebSSOResource.java:getCookieValue(318)) - Unable to find cookie with name: original-url 2017-08-10 12:35:43,470 INFO service.knoxsso (WebSSOResource.java:addJWTHadoopCookie(292)) - JWT cookie successfully added. 2017-08-10 12:35:43,470 INFO service.knoxsso (WebSSOResource.java:getAuthenticationToken(202)) - About to redirect to original URL: http://xxxxx:9081/ Appreciate any help to resolve this.

soumya_swain2 · ‎07-27-2017

Thanks a lot.It worked for me after making the hostname to lower case.

soumya_swain2 · ‎07-25-2017

Yes it is failing after kerberos is enabled with error message: java.io.IOException: ixxxx:50070: Unexpected HTTP response: code=403 != 200, op=GETDELEGATIONTOKEN, message=org.apache.hadoop.security.authentication.client.AuthenticationException ambari logged in user:admin i have also generated ticket for HTTP with spengo keytab for admin user.

soumya_swain2 · ‎07-18-2017

did u able to solve that problem?m facing the same issue.

soumya_swain2 · ‎07-18-2017

0favorite I have installed Ambari 2.5.0 version with HDP 2.6 and added some of the services but while enabling kerberos I am facing one weird issue. resource_management.core.exceptions.Fail: Execution of 'curl -sS -L -w '% {http_code}' -X GET --negotiate -u : 'http://xxxx:50070/webhdfs/v1/ats/done? op=GETFILESTATUS&user.name=hdfs'' returned status_code=403. <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/> <title>Error 403 org.apache.hadoop.security.authentication.client.AuthenticationException </title </head> <body><h2>HTTP ERROR 403</h2> <p>Problem accessing /webhdfs/v1/ats/done. Reason: <pre> org.apache.hadoop.security.authentication.client.AuthenticationException </pre> </p><hr /><i><small>Powered by Jetty://</small></i><br/> <br/> My installation is getting failed while installing the APP time line server and in the log file there is nothing coming.Everything was working fine before but suddenly it landed into this issue. Any suggestions will be appreciated.

Online	Offline
Last Visited	‎07-23-2018 03:11 AM

Member Since	‎07-18-2017 07:49 AM
Last Visited	‎07-23-2018 03:11 AM
Posts	14
Kudos received	1

Cloudera Community

Re: After creating an encryption zone for HBase, I...

Re: After creating an encryption zone for HBase, I...

Re: KNOX SSO ambari login redirect Issue

KNOX SSO ambari login redirect Issue

Re: Ambari:Problem accessing /webhdfs/v1/ats/done ...

Re: Ambari:Problem accessing /webhdfs/v1/ats/done ...

Re: Authentication failed when trying to open /web...

Ambari:Problem accessing /webhdfs/v1/ats/done Erro...