Member since
11-08-2017
3
Posts
0
Kudos Received
0
Solutions
03-23-2018
12:28 PM
Does anyone have experience setting up the SmartSense gateway using a proxy server with NTLM authentication? I know the proxy works for curl since the following command works fine (that's the static.smartsense.hortonworks.com IP 10.92.160.111): curl --proxy-ntlm --proxy-user user --proxy myproxyserver.net:8080 10.92.160.111 When I try to upload the bundle to HWX, I get the following error: 2018-03-22 11:32:15,505 INFO [qtp765284253-19] HTTPSProvider:107 - Executing request :POSThttps://smartsense.hortonworks.com:443/gateway/api/v1/upload/bundleHTTP/1.1 to targethttps://smartsense.hortonworks.com:443
2018-03-22 11:32:15,617 WARN [qtp765284253-19] HttpAuthenticator:207 - NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))
2018-03-22 11:32:15,617 WARN [qtp765284253-19] HttpAuthenticator:207 - NTLM authentication error: Credentials cannot be used for NTLM authentication: org.apache.http.auth.UsernamePasswordCredentials
2018-03-22 11:32:15,621 INFO [qtp765284253-19] HTTPSProvider:110 - ----------------------------------------
2018-03-22 11:32:15,621 INFO [qtp765284253-19] HTTPSProvider:111 - HTTP/1.1 407 authenticationrequired
2018-03-22 11:32:15,623 WARN [qtp765284253-19] ServletHandler:514 - /api/v1/upload/bundle
com.google.gson.JsonSyntaxException: java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at line 1 column 10
I'm thinking I have hst-gateway.ini configured incorrectly and not using NTLM, but not sure how to do that. Here is my hst-gateway.ini: # Copyright (c) 2011-2017, Hortonworks Inc. All rights reserved.
# Except as expressly permitted in a written agreement between you
# or your company and Hortonworks, Inc, any use, reproduction,
# modification, redistribution, sharing, lending or other exploitation
# of all or any part of the contents of this file is strictly prohibited. language governing permissions and
# limitations under the License
[security]
; supported digest commands are md2,md5,mdc2,rmd160,sha,sha1,sha224,sha256,sha384,sha512
openssl.digest.algorithms=sha256,sha384,sha512,sha,sha1,md5
gateway.home.dir = /var/lib/smartsense/hst-gateway
; one way ssl enabled for registration
gateway.registration.port=9450
; two ssl enabled for accessing gateway api
gateway.port=9451
[java]
home=/usr/java/jdk1.8.0_121/jre/bin/
[gateway]
; Warning: The following details should be changed only if directed by documentation or Hortonworks Support
; Transfer protocol for SmartSense environment
smartsense.upload.provider.type=HTTPS
; Hosted SmartSense environment SFTP username
smartsense.sftp.username=upload
; Hosted SmartSense environment SFTP password
smartsense.sftp.password=password
; Hosted SmartSense environment SFTP host
smartsense.sftp.server.host=10.92.160.111
; Hosted SmartSense environment SFTP port
smartsense.sftp.server.port=2222
; remote landing directory for bundle upload. Please do not change this
smartsense.sftp.remotedir=landing/
; timeout for sftp session (milliseconds)
; default is 10 seconds or 10000 milliseconds
smartsense.sftp.timeout=10000
start.validation.enabled=false
; Hosted SmartSense environment HTTPS username
smartsense.https.username=upload
; Hosted SmartSense environment HTTPS password
smartsense.https.password=password
; Hosted SmartSense environment HTTPS host
smartsense.https.server.host=10.92.160.111
; Hosted SmartSense environment HTTPS port
smartsense.https.server.port=443
; All proxy configurations are applicable only for HTTPS provider type
; set to true to set up a proxy between gateway and SmartSense environment
provider.https.proxy.enabled=true
; fully qualified proxy hostname
provider.https.proxy.hostname=myproxyserver.net
; proxy port that will be used by gateway for outbound access
provider.https.proxy.port=8080
; supported proxy types : HTTP / HTTPS [default:HTTP]
provider.https.proxy.type=HTTP
; supported proxy authentication types : NONE / BASIC / DIGEST [default:NONE]
provider.https.proxy.auth.type=BASIC
; proxy username for identified auth.type
provider.https.proxy.auth.username=user
; proxy password for identified auth.type
provider.https.proxy.auth.password=password
; [optional] any additional proxy setup parameters
; use "|" to separate multiple parameters
; for example: digest requires parameters such as
; realm=default|nonce=12GHtqeZA!7Ke43
provider.https.proxy.auth.parameters=
; buffer size in bytes used for following transfers
; hst-server to gateway
; gateway to SmartSense
data.transfer.buffer.size=4096
; thread pool size for the gateway server's API endpoint
; if not provided then server automatically calculates based on cpu cores
;thread.pool.size=20
[ulimit]
; linux open-file limit
open.files=10000
... View more
Labels:
- Labels:
-
Hortonworks SmartSense
11-08-2017
09:04 PM
Did you ever find a solution for this? I am experiencing almost the exact set of errors as you and have yet to figure out the problem. I've gone through and recreated certs, keystore, and truststore to no avail.
... View more