hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zhijie Shen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-11754) RM fails to start in non-secure mode due to authentication filter failure
Date Thu, 26 Mar 2015 22:55:53 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-11754?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14382879#comment-14382879
] 

Zhijie Shen commented on HADOOP-11754:
--------------------------------------

bq. There are two ways to do this

Prefer the second way. We still want to load  auth filter with pseudo auth handler to accept
"user.name=blah blah". Moreover, before HADOOP-10670, the semantics is falling back to random
secret if no customized secret is given, no matter it's from config directly, or read from
a configured secret file. After that jira, the semantics changed to also failing when error
happens in reading the secret file. So previously if secret file is empty, it will work. Now
even though no read failure happens, I'm afraid the empty secret file will still bring down
the auth filter with null secret object.



> RM fails to start in non-secure mode due to authentication filter failure
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-11754
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11754
>             Project: Hadoop Common
>          Issue Type: Bug
>    Affects Versions: 2.7.0
>            Reporter: Sangjin Lee
>            Assignee: Haohui Mai
>            Priority: Blocker
>         Attachments: HADOOP-11754-v1.patch, HADOOP-11754-v2.patch
>
>
> RM fails to start in the non-secure mode with the following exception:
> {noformat}
> 2015-03-25 22:02:42,526 WARN org.mortbay.log: failed RMAuthenticationFilter: javax.servlet.ServletException:
java.lang.RuntimeException: Could not read signature secret file: /Users/sjlee/hadoop-http-auth-signature-secret
> 2015-03-25 22:02:42,526 WARN org.mortbay.log: Failed startup of context org.mortbay.jetty.webapp.WebAppContext@6de50b08{/,jar:file:/Users/sjlee/hadoop-3.0.0-SNAPSHOT/share/hadoop/yarn/hadoop-yarn-common-3.0.0-SNAPSHOT.jar!/webapps/cluster}
> javax.servlet.ServletException: java.lang.RuntimeException: Could not read signature
secret file: /Users/sjlee/hadoop-http-auth-signature-secret
> 	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.initializeSecretProvider(AuthenticationFilter.java:266)
> 	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.init(AuthenticationFilter.java:225)
> 	at org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationFilter.init(DelegationTokenAuthenticationFilter.java:161)
> 	at org.apache.hadoop.yarn.server.security.http.RMAuthenticationFilter.init(RMAuthenticationFilter.java:53)
> 	at org.mortbay.jetty.servlet.FilterHolder.doStart(FilterHolder.java:97)
> 	at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> 	at org.mortbay.jetty.servlet.ServletHandler.initialize(ServletHandler.java:713)
> 	at org.mortbay.jetty.servlet.Context.startContext(Context.java:140)
> 	at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1282)
> 	at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java:518)
> 	at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java:499)
> 	at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> 	at org.mortbay.jetty.handler.HandlerCollection.doStart(HandlerCollection.java:152)
> 	at org.mortbay.jetty.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:156)
> 	at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> 	at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java:130)
> 	at org.mortbay.jetty.Server.doStart(Server.java:224)
> 	at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:50)
> 	at org.apache.hadoop.http.HttpServer2.start(HttpServer2.java:773)
> 	at org.apache.hadoop.yarn.webapp.WebApps$Builder.start(WebApps.java:274)
> 	at org.apache.hadoop.yarn.server.resourcemanager.ResourceManager.startWepApp(ResourceManager.java:974)
> 	at org.apache.hadoop.yarn.server.resourcemanager.ResourceManager.serviceStart(ResourceManager.java:1074)
> 	at org.apache.hadoop.service.AbstractService.start(AbstractService.java:193)
> 	at org.apache.hadoop.yarn.server.resourcemanager.ResourceManager.main(ResourceManager.java:1208)
> Caused by: java.lang.RuntimeException: Could not read signature secret file: /Users/sjlee/hadoop-http-auth-signature-secret
> 	at org.apache.hadoop.security.authentication.util.FileSignerSecretProvider.init(FileSignerSecretProvider.java:59)
> 	at org.apache.hadoop.security.authentication.server.AuthenticationFilter.initializeSecretProvider(AuthenticationFilter.java:264)
> 	... 23 more
> ...
> 2015-03-25 22:02:42,538 FATAL org.apache.hadoop.yarn.server.resourcemanager.ResourceManager:
Error starting ResourceManager
> org.apache.hadoop.yarn.webapp.WebAppException: Error starting http server
> 	at org.apache.hadoop.yarn.webapp.WebApps$Builder.start(WebApps.java:279)
> 	at org.apache.hadoop.yarn.server.resourcemanager.ResourceManager.startWepApp(ResourceManager.java:974)
> 	at org.apache.hadoop.yarn.server.resourcemanager.ResourceManager.serviceStart(ResourceManager.java:1074)
> 	at org.apache.hadoop.service.AbstractService.start(AbstractService.java:193)
> 	at org.apache.hadoop.yarn.server.resourcemanager.ResourceManager.main(ResourceManager.java:1208)
> Caused by: java.io.IOException: Problem in starting http server. Server handlers failed
> 	at org.apache.hadoop.http.HttpServer2.start(HttpServer2.java:785)
> 	at org.apache.hadoop.yarn.webapp.WebApps$Builder.start(WebApps.java:274)
> 	... 4 more
> {noformat}
> This is likely a regression introduced by HADOOP-10670.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message