Return-Path: 
 <user-return-21355-apmail-hadoop-mapreduce-user-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-mapreduce-user-archive@minotaur.apache.org
Delivered-To: apmail-hadoop-mapreduce-user-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 4B56118572
	for <apmail-hadoop-mapreduce-user-archive@minotaur.apache.org>;
 Tue, 27 Oct 2015 01:51:16 +0000 (UTC)
Received: (qmail 68498 invoked by uid 500); 27 Oct 2015 01:51:05 -0000
Delivered-To: apmail-hadoop-mapreduce-user-archive@hadoop.apache.org
Received: (qmail 68347 invoked by uid 500); 27 Oct 2015 01:51:04 -0000
Mailing-List: contact user-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@hadoop.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@hadoop.apache.org>
List-Post: <mailto:user@hadoop.apache.org>
List-Id: <user.hadoop.apache.org>
Reply-To: user@hadoop.apache.org
Delivered-To: mailing list user@hadoop.apache.org
Received: (qmail 68333 invoked by uid 99); 27 Oct 2015 01:51:04 -0000
Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 27 Oct 2015 01:51:04 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org)
 with ESMTP id D7316C2B19
	for <user@hadoop.apache.org>; Tue, 27 Oct 2015 01:51:03 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 3.011
X-Spam-Level: ***
X-Spam-Status: No, score=3.011 tagged_above=-999 required=6.31
	tests=[HTML_MESSAGE=3, RP_MATCHES_RCVD=-0.001, T_MIME_MALF=0.01,
	URIBL_BLOCKED=0.001, WEIRD_PORT=0.001] autolearn=disabled
Received: from mx1-us-east.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new,
 port 10024)
	with ESMTP id K_1IHM8rHKdD for <user@hadoop.apache.org>;
	Tue, 27 Oct 2015 01:50:52 +0000 (UTC)
Received: from SNT004-OMC1S15.hotmail.com (snt004-omc1s15.hotmail.com
 [65.55.90.26])
	by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with
 ESMTPS id 13BD842BB4
	for <user@hadoop.apache.org>; Tue, 27 Oct 2015 01:50:52 +0000 (UTC)
Received: from SNT405-EAS423 ([65.55.90.7]) by SNT004-OMC1S15.hotmail.com over
 TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008);
	 Mon, 26 Oct 2015 18:50:45 -0700
X-TMN: [/tVMXrg333JhSeBkjzxkERsEUtPOW8Xl]
X-Originating-Email: [jingfei_hu@hotmail.com]
Message-ID: <SNT405-EAS423CD029838BBEE5F3437BAED220@phx.gbl>
From: Jingfei Hu <jingfei_hu@hotmail.com>
To: <user@hadoop.apache.org>
CC: <gauravkumar37@gmail.com>
References: 
 <SNT405-EAS6677A0C5B69C2726D7F22DED380@phx.gbl>,<47A75D61-66EC-41F4-8508-E17EFF7694A3@hortonworks.com>,<SNT405-EAS330C695903770CF6D1ECE78ED270@phx.gbl>,<E6064297-E912-4150-A6D6-603DB719ED84@hortonworks.com>,<SNT405-EAS242CBE16EB10745BEFF2CEED270@phx.gbl>,<CAPZZp4xoHe1rr3FxXV2sshvBm1FsR9FwCExp_UVQx+HLO1srhQ@mail.gmail.com>
 <SNT149-W346F0A040FB6980988CC85ED270@phx.gbl>
In-Reply-To: <SNT149-W346F0A040FB6980988CC85ED270@phx.gbl>
Subject: RE: GSSException: No valid credentials provided (Mechanism level:
 Failed to find any Kerberos credentails)
Date: Tue, 27 Oct 2015 09:50:42 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0207_01D1109C.F1CA3AC0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: 
 AQABAgME+tdqnJ7ee/RGdG7HsFs3SwDdycCSACiys+0A+FpskwDlcs2cAKkfu6cAhQNtPKH+G8XA
Content-Language: en-us
X-OriginalArrivalTime: 27 Oct 2015 01:50:45.0366 (UTC)
 FILETIME=[E52F2160:01D11059]

------=_NextPart_000_0207_01D1109C.F1CA3AC0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

HI Gaurav, 

I would appreciate that if you can give me a little more steps to
troubleshoot where I am doing wrong. Thank you very much.

 

Jingfei

 

From: Jingfei Hu [mailto:jingfei_hu@hotmail.com] 
Sent: Thursday, October 22, 2015 11:20 PM
To: user@hadoop.apache.org
Subject: RE: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)

 

Hi Gaurav,

 

ON which machine I should install the Kerberos client libraries?

 

On which machine I execute the kinit command?

 

Can't users just provide a username and password whenever He/She needs
access a hdfs using webhdfs? In most cases, people have no or little
knowledge about the kinit command.  Is my understanding right?

 

Thanks,

Jingfei

  _____  

Date: Thu, 22 Oct 2015 17:33:14 +0530
Subject: Re: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)
From: gauravkumar37@gmail.com <mailto:gauravkumar37@gmail.com> 
To: user@hadoop.apache.org <mailto:user@hadoop.apache.org> 

Hi,

Assuming you have Kerberos client libraries installed on your machine and
that you have the correct configuration to point to the Kerberos KDC.

You'll need to first do a kinit to authenticate to the Kerberos KDC and then
when you do a curl you'll no longer see the error.

At any time you can check your active tokens by executing klist -e





Best Regards,
Gaurav Kumar
Big Data . Data Science . Photography . Music
+91 9953294125

 

On Thu, Oct 22, 2015 at 1:29 PM, Jingfei Hu <jingfei_hu@hotmail.com
<mailto:jingfei_hu@hotmail.com> > wrote:

Hi Anu,

Thanks for the reply. Here is what I am doing in my client machine. 

C:\Users\adms>curl -i --negotiate -u:
"http://xxx.cloudapp.net:50070/webhdfs/v1?op=gethomedirectory"

HTTP/1.1 401 Authentication required

Cache-Control: must-revalidate,no-cache,no-store

Date: Thu, 22 Oct 2015 07:38:52 GMT

Pragma: no-cache

Date: Thu, 22 Oct 2015 07:38:52 GMT

Pragma: no-cache

Content-Type: text/html; charset=iso-8859-1

WWW-Authenticate: Negotiate

Set-Cookie: hadoop.auth=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT;
HttpOnly

Content-Length: 1403

Server: Jetty(6.1.26.hwx)

 

HTTP/1.1 403 GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)

Cache-Control: must-revalidate,no-cache,no-store

Date: Thu, 22 Oct 2015 07:38:52 GMT

Pragma: no-cache

Date: Thu, 22 Oct 2015 07:38:52 GMT

Pragma: no-cache

Content-Type: text/html; charset=iso-8859-1

Set-Cookie: hadoop.auth=; Path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT;
HttpOnly

Content-Length: 1561

Server: Jetty(6.1.26.hwx)

 

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>

<title>Error 403 GSSException: No valid credentials provided (Mechanism
level: Failed to find any Kerberos credentails)</title>

</head>

<body><h2>HTTP ERROR 403</h2>

<p>Problem accessing /webhdfs/v1. Reason:

<pre>    GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)</pre></p><hr /><i><small>Powered by
Jetty://</small></i><br/>

 

</body>

</html>

 

As for the command line shown in the url . Here is what I am trying on the
KDC machine.

kinit admin/admin

After entering the password, it exited without problems

curl -i --negotiate -u admin
http://sandbox.hortonworks.com:50070/webhdfs/v1?op=gethomedirectory and
enter the password for the subsequent prompt. 

It also returns ok. I can see the response's content is
{"Path":"/user/admin"}

However if I change the command line to be curl -i --negotiate -u admin
http://xxx.cloudapp.net:50070/webhdfs/v1?op=gethomedirectory, it failed with


 

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>

<title>Error 401 Authentication required</title>

</head>

<body><h2>HTTP ERROR 401</h2>

<p>Problem accessing /webhdfs/v1. Reason:

<pre>    Authentication required</pre></p><hr /><i><small>Powered by
Jetty://</small></i><br/>

</body>

</html>

 

Any ideas?

 

Thanks,

Jingfei

From: Anu Engineer [mailto:aengineer@hortonworks.com
<mailto:aengineer@hortonworks.com> ] 
Sent: Thursday, October 22, 2015 12:16 PM
To: user@hadoop.apache.org <mailto:user@hadoop.apache.org> 
Subject: Re: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)

 

Did you try out with curl and it did not work at all ?.  It is slightly
easier to debug with command line than a browser like IE.

 

https://hadoop.apache.org/docs/r2.6.0/hadoop-auth/Examples.html

 

Please try getting a ticket and try to connect the cluster using it and if
does not work, could you please post your traces. 

This will allow us rule out the issue that you might not have a valid
kerberos ticket in the first place.

 

 

Thanks

Anu

 

 

From: Jingfei Hu
Reply-To: "user@hadoop.apache.org <mailto:user@hadoop.apache.org> "
Date: Wednesday, October 21, 2015 at 7:30 PM
To: "user@hadoop.apache.org <mailto:user@hadoop.apache.org> "
Subject: RE: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)

 

The links Anu provides seems to be no much helpful for my problem. I would
give more context here.

 

I am using HDP on Azure. Its version is 2.3. After several attempts, I'm
finally able to enable Kerberos for my HDP deployment. Now I am trying to
use webhdfs to access hdfs files in IE.

http://xxx.cloudapp.net:50070/webhdfs/v1?op=gethomedirectory.

Then IE pops up a windows to ask for user name and password. Then I enter
the admin principal in KDC domain style (admin/admin@DOMAIN.com
<mailto:admin/admin@DOMAIN.com> ) along with the correct password. However
it gives me
GSSException: No valid credentials provided (Mechanism level: Failed to find
any Kerberos credentials)

Before enabling Kerberos, I can access this without entering anything
because its security is off.

Now how am i gonna do to make it work with Kerberos enabled?

 

Jingfei

 

From: Anu Engineer [mailto:aengineer@hortonworks.com] 
Sent: Wednesday, October 21, 2015 11:42 PM
To: user@hadoop.apache.org <mailto:user@hadoop.apache.org> 
Subject: Re: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)

 

This usually means that you don't have valid Kerberos credentials.

 

Please look at the authentication section at this URL
https://hadoop.apache.org/docs/r1.0.4/webhdfs.html or here is another
example. 

http://www.cloudera.com/content/www/en-us/documentation/archive/cdh/4-x/4-3-
2/CDH4-Security-Guide/cdh4sg_topic_7_2.html

 

Thanks

Anu

 

 

From: Jingfei Hu
Reply-To: "user@hadoop.apache.org <mailto:user@hadoop.apache.org> "
Date: Tuesday, October 20, 2015 at 10:45 PM
To: "user@hadoop.apache.org <mailto:user@hadoop.apache.org> "
Subject: GSSException: No valid credentials provided (Mechanism level:
Failed to find any Kerberos credentails)

 

Hi team,

Is there anyone who knows what this exception means? What should I do to fix
this?  I am trying to access

 

http://xxx.cloudapp.net:50070/webhdfs/v1/?op=liststatus

 

I just enabled the Kerberos for the HDFS deployment.

 

Thanks,

Jingfei

 


------=_NextPart_000_0207_01D1109C.F1CA3AC0
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta =
http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 15 =
(filtered medium)"><!--[if !mso]><style>v\:* =
{behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
	{font-family:SimSun;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:SimSun;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:"Segoe UI Light";
	panose-1:2 11 5 2 4 2 4 2 2 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:12.0pt;
	font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
p
	{mso-style-priority:99;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:12.0pt;
	font-family:"Times New Roman",serif;}
p.msonormal0, li.msonormal0, div.msonormal0
	{mso-style-name:msonormal;
	mso-margin-top-alt:auto;
	margin-right:0in;
	mso-margin-bottom-alt:auto;
	margin-left:0in;
	font-size:12.0pt;
	font-family:"Times New Roman",serif;}
span.EmailStyle19
	{mso-style-type:personal-reply;
	font-family:"Calibri",sans-serif;
	color:#1F497D;
	font-weight:normal;
	font-style:normal;
	text-decoration:none none;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-size:10.0pt;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.25in 1.0in 1.25in;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue =
vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'=
>HI Gaurav, <o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'=
>I would appreciate that if you can give me a little more steps to =
troubleshoot where I am doing wrong. Thank you very =
much.<o:p></o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'=
><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span =
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'=
>Jingfei<o:p></o:p></span></p><p class=3DMsoNormal><a =
name=3D"_MailEndCompose"><span =
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D'=
><o:p>&nbsp;</o:p></span></a></p><div><div =
style=3D'border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span><=
/b><span style=3D'font-size:11.0pt;font-family:"Calibri",sans-serif'> =
Jingfei Hu [mailto:jingfei_hu@hotmail.com] <br><b>Sent:</b> Thursday, =
October 22, 2015 11:20 PM<br><b>To:</b> =
user@hadoop.apache.org<br><b>Subject:</b> RE: GSSException: No valid =
credentials provided (Mechanism level: Failed to find any Kerberos =
credentails)<o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><o:p>&nbsp;</o:p></p><div><div><p =
class=3DMsoNormal><span style=3D'font-family:"Calibri",sans-serif'>Hi =
Gaurav,<o:p></o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><o:p>&nbsp;</o:p></span></p></=
div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>ON which machine I should =
install the Kerberos client =
libraries?<o:p></o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><o:p>&nbsp;</o:p></span></p></=
div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>On which machine I execute =
the kinit command?<o:p></o:p></span></p></div><div><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><o:p>&nbsp;</o:p></span></p></=
div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>Can't users just provide a =
username and password whenever He/She needs access a hdfs =
using&nbsp;webhdfs? In most cases, people have no or little knowledge =
about the kinit command.&nbsp; Is my understanding =
right?<o:p></o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><o:p>&nbsp;</o:p></span></p></=
div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>Thanks,<o:p></o:p></span></p><=
/div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>Jingfei<o:p></o:p></span></p><=
/div><div><div class=3DMsoNormal align=3Dcenter =
style=3D'text-align:center'><span =
style=3D'font-family:"Calibri",sans-serif'><hr size=3D2 width=3D"100%" =
align=3Dcenter id=3DstopSpelling></span></div><p class=3DMsoNormal =
style=3D'margin-bottom:12.0pt'><span =
style=3D'font-family:"Calibri",sans-serif'>Date: Thu, 22 Oct 2015 =
17:33:14 +0530<br>Subject: Re: GSSException: No valid credentials =
provided (Mechanism level: Failed to find any Kerberos =
credentails)<br>From: <a =
href=3D"mailto:gauravkumar37@gmail.com">gauravkumar37@gmail.com</a><br>To=
: <a =
href=3D"mailto:user@hadoop.apache.org">user@hadoop.apache.org</a><o:p></o=
:p></span></p><div><div><div><div><p class=3DMsoNormal =
style=3D'margin-bottom:12.0pt'><span =
style=3D'font-family:"Calibri",sans-serif'>Hi,<o:p></o:p></span></p></div=
><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>Assuming you have Kerberos =
client libraries installed on your machine and that you have the correct =
configuration to point to the Kerberos =
KDC.<o:p></o:p></span></p></div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>You'll need to first do a =
kinit to authenticate to the Kerberos KDC and then when you do a curl =
you'll no longer see the error.<o:p></o:p></span></p></div><p =
class=3DMsoNormal style=3D'margin-bottom:12.0pt'><span =
style=3D'font-family:"Calibri",sans-serif'>At any time you can check =
your active tokens by executing klist =
-e<o:p></o:p></span></p></div><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><br =
clear=3Dall><o:p></o:p></span></p><div><div><div><div><div><div><div><div=
><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><br>Best Regards,<br>Gaurav =
Kumar<br>Big Data &#8226; Data Science &#8226; Photography &#8226; =
Music<br>+91 =
9953294125<o:p></o:p></span></p></div></div></div></div></div></div></div=
></div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><o:p>&nbsp;</o:p></span></p><d=
iv><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>On Thu, Oct 22, 2015 at 1:29 =
PM, Jingfei Hu &lt;<a href=3D"mailto:jingfei_hu@hotmail.com" =
target=3D"_blank">jingfei_hu@hotmail.com</a>&gt; =
wrote:<o:p></o:p></span></p><blockquote =
style=3D'border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in =
6.0pt;margin-top:5.0pt;margin-bottom:5.0pt'><div><div><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Hi =
Anu,</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Thanks for the =
reply. Here is what I am doing in my client machine. </span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>C:\Users\adms&gt=
;curl -i --negotiate -u: &quot;<a =
href=3D"http://xxx.cloudapp.net:50070/webhdfs/v1?op=3Dgethomedirectory" =
target=3D"_blank">http://xxx.cloudapp.net:50070/webhdfs/v1?op=3Dgethomedi=
rectory</a>&quot;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>HTTP/1.1 401 =
Authentication required</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Cache-Control: =
must-revalidate,no-cache,no-store</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Date: Thu, 22 =
Oct 2015 07:38:52 GMT</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Pragma: =
no-cache</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Date: Thu, 22 =
Oct 2015 07:38:52 GMT</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Pragma: =
no-cache</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Content-Type: =
text/html; charset=3Diso-8859-1</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>WWW-Authenticate=
: Negotiate</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Set-Cookie: =
hadoop.auth=3D; Path=3D/; Expires=3DThu, 01-Jan-1970 00:00:00 GMT; =
HttpOnly</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Content-Length: =
1403</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Server: =
Jetty(6.1.26.hwx)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>HTTP/1.1 403 =
GSSException: No valid credentials provided (Mechanism level: Failed to =
find any Kerberos credentails)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Cache-Control: =
must-revalidate,no-cache,no-store</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Date: Thu, 22 =
Oct 2015 07:38:52 GMT</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Pragma: =
no-cache</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Date: Thu, 22 =
Oct 2015 07:38:52 GMT</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Pragma: =
no-cache</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Content-Type: =
text/html; charset=3Diso-8859-1</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Set-Cookie: =
hadoop.auth=3D; Path=3D/; Expires=3DThu, 01-Jan-1970 00:00:00 GMT; =
HttpOnly</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Content-Length: =
1561</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Server: =
Jetty(6.1.26.hwx)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;html&gt;</sp=
an><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;head&gt;</sp=
an><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;meta =
http-equiv=3D&quot;Content-Type&quot; content=3D&quot;text/html; =
charset=3DISO-8859-1&quot;/&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;title&gt;<sp=
an style=3D'background:yellow'>Error 403 GSSException: No valid =
credentials provided (Mechanism level: Failed to find any Kerberos =
credentails)</span>&lt;/title&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;/head&gt;</s=
pan><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;body&gt;&lt;=
h2&gt;HTTP ERROR 403&lt;/h2&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;p&gt;Problem=
 accessing /webhdfs/v1. Reason:</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;pre&gt;&nbsp=
;&nbsp;&nbsp; GSSException: No valid credentials provided (Mechanism =
level: Failed to find any Kerberos =
credentails)&lt;/pre&gt;&lt;/p&gt;&lt;hr =
/&gt;&lt;i&gt;&lt;small&gt;Powered by =
Jetty://&lt;/small&gt;&lt;/i&gt;&lt;br/&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;/body&gt;</s=
pan><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;/html&gt;</s=
pan><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>As for the =
command line shown in the url . Here is what I am trying on the KDC =
machine.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><i><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>kinit =
admin/admin</span></i><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>After entering =
the password, it exited without problems</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><i><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>curl -i =
--negotiate -u admin <a =
href=3D"http://sandbox.hortonworks.com:50070/webhdfs/v1?op=3Dgethomedirec=
tory" =
target=3D"_blank">http://sandbox.hortonworks.com:50070/webhdfs/v1?op=3Dge=
thomedirectory</a></span></i><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'> and enter the =
password for the subsequent prompt. </span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>It also returns =
ok. I can see the response&#8217;s content is =
{&#8220;Path&#8221;:&#8221;/user/admin&#8221;}</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>However if I =
change the command line to be <i>curl -i --negotiate -u admin <a =
href=3D"http://xxx.cloudapp.net:50070/webhdfs/v1?op=3Dgethomedirectory" =
target=3D"_blank">http://xxx.cloudapp.net:50070/webhdfs/v1?op=3Dgethomedi=
rectory</a></i>, it failed with </span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;html&gt;</sp=
an><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;head&gt;</sp=
an><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;meta =
http-equiv=3D&quot;Content-Type&quot; content=3D&quot;text/html; =
charset=3DISO-8859-1&quot;/&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;title&gt;Err=
or 401 Authentication required&lt;/title&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;/head&gt;</s=
pan><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;body&gt;&lt;=
h2&gt;HTTP ERROR 401&lt;/h2&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;p&gt;Problem=
 accessing /webhdfs/v1. Reason:</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;pre&gt;&nbsp=
;&nbsp;&nbsp; <span style=3D'background:yellow'>Authentication =
required</span>&lt;/pre&gt;&lt;/p&gt;&lt;hr =
/&gt;&lt;i&gt;&lt;small&gt;Powered by =
Jetty://&lt;/small&gt;&lt;/i&gt;&lt;br/&gt;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;/body&gt;</s=
pan><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&lt;/html&gt;</s=
pan><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Any =
ideas?</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Thanks,</span><s=
pan style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Jingfei</span><s=
pan =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><div><di=
v style=3D'border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-family:"Calibri",sans-serif'>From:</span></b><span =
style=3D'font-family:"Calibri",sans-serif'> Anu Engineer [mailto:<a =
href=3D"mailto:aengineer@hortonworks.com" =
target=3D"_blank">aengineer@hortonworks.com</a>] <br><b>Sent:</b> =
Thursday, October 22, 2015 12:16 PM<br><b>To:</b> <a =
href=3D"mailto:user@hadoop.apache.org" =
target=3D"_blank">user@hadoop.apache.org</a><br><b>Subject:</b> Re: =
GSSException: No valid credentials provided (Mechanism level: Failed to =
find any Kerberos credentails)<o:p></o:p></span></p></div></div><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'>&nbsp;<o:p></o:p></span></p><d=
iv><div><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>D=
id you try out with curl and it did not work at all ?.&nbsp; It is =
slightly easier to debug with command line than a browser like =
IE.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'><=
a =
href=3D"https://hadoop.apache.org/docs/r2.6.0/hadoop-auth/Examples.html" =
target=3D"_blank">https://hadoop.apache.org/docs/r2.6.0/hadoop-auth/Examp=
les.html</a></span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>P=
lease try getting a ticket and try to connect the cluster using it and =
if does not work, could you please post your traces.&nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>T=
his will allow us rule out the issue that you might not have a valid =
kerberos ticket in the first place.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>T=
hanks</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>A=
nu</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div></=
div><div><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>From: =
</span></b><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>Jingfei =
Hu<br><b>Reply-To: </b>&quot;<a href=3D"mailto:user@hadoop.apache.org" =
target=3D"_blank">user@hadoop.apache.org</a>&quot;<br><b>Date: =
</b>Wednesday, October 21, 2015 at 7:30 PM<br><b>To: </b>&quot;<a =
href=3D"mailto:user@hadoop.apache.org" =
target=3D"_blank">user@hadoop.apache.org</a>&quot;<br><b>Subject: =
</b>RE: GSSException: No valid credentials provided (Mechanism level: =
Failed to find any Kerberos credentails)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>The links Anu =
provides seems to be no much helpful for my problem. I would give more =
context here.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>I am using HDP =
on Azure. Its version is 2.3. After several attempts, I&#8217;m finally =
able to enable Kerberos for my HDP deployment. Now I am trying to use =
webhdfs to access hdfs files in IE.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'><a =
href=3D"http://xxx.cloudapp.net:50070/webhdfs/v1?op=3Dgethomedirectory" =
target=3D"_blank">http://xxx.cloudapp.net:50070/webhdfs/v1?op=3Dgethomedi=
rectory</a>.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Then IE pops up =
a windows to ask for user name and password. Then I enter the admin =
principal in KDC domain style (<a href=3D"mailto:admin/admin@DOMAIN.com" =
target=3D"_blank">admin/admin@DOMAIN.com</a>) along with the correct =
password. However it gives me<br>GSSException: No valid credentials =
provided (Mechanism level: Failed to find any Kerberos =
credentials)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Before enabling =
Kerberos, I can access this without entering anything because its =
security is off.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Now how am i =
gonna do to make it work with Kerberos enabled?</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>Jingfei</span><s=
pan style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:#1F497D'>&nbsp;</span><sp=
an =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><div><di=
v style=3D'border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>From:</span></b><s=
pan style=3D'font-family:"Calibri",sans-serif;color:black'> Anu Engineer =
[<a href=3D"mailto:aengineer@hortonworks.com" =
target=3D"_blank">mailto:aengineer@hortonworks.com</a>] <br><b>Sent:</b> =
Wednesday, October 21, 2015 11:42 PM<br><b>To:</b> <a =
href=3D"mailto:user@hadoop.apache.org" =
target=3D"_blank">user@hadoop.apache.org</a><br><b>Subject:</b> Re: =
GSSException: No valid credentials provided (Mechanism level: Failed to =
find any Kerberos credentails)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div></=
div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>&nbsp;</span><span=
 =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><div><di=
v><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>T=
his usually means that you don&#8217;t have valid Kerberos =
credentials.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>P=
lease look at the authentication section at this URL&nbsp;<a =
href=3D"https://hadoop.apache.org/docs/r1.0.4/webhdfs.html" =
target=3D"_blank">https://hadoop.apache.org/docs/r1.0.4/webhdfs.html</a>&=
nbsp;or here is another example.&nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'><=
a =
href=3D"http://www.cloudera.com/content/www/en-us/documentation/archive/c=
dh/4-x/4-3-2/CDH4-Security-Guide/cdh4sg_topic_7_2.html" =
target=3D"_blank">http://www.cloudera.com/content/www/en-us/documentation=
/archive/cdh/4-x/4-3-2/CDH4-Security-Guide/cdh4sg_topic_7_2.html</a></spa=
n><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>T=
hanks</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>A=
nu</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div></=
div><div><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in =
0in 0in'><p class=3DMsoNormal><b><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>From: =
</span></b><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>Jingfei =
Hu<br><b>Reply-To: </b>&quot;<a href=3D"mailto:user@hadoop.apache.org" =
target=3D"_blank">user@hadoop.apache.org</a>&quot;<br><b>Date: =
</b>Tuesday, October 20, 2015 at 10:45 PM<br><b>To: </b>&quot;<a =
href=3D"mailto:user@hadoop.apache.org" =
target=3D"_blank">user@hadoop.apache.org</a>&quot;<br><b>Subject: =
</b>GSSException: No valid credentials provided (Mechanism level: Failed =
to find any Kerberos credentails)</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><p class=3DMsoNormal><span =
style=3D'font-size:10.5pt;font-family:"Calibri",sans-serif;color:black'>&=
nbsp;</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div><d=
iv><div><p class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>Hi =
team,</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>Is there anyone =
who knows what this exception means? What should I do to fix this?&nbsp; =
I am trying to access</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>&nbsp;</span><span=
 style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'><a =
href=3D"http://xxx.cloudapp.net:50070/webhdfs/v1/?op=3Dliststatus" =
target=3D"_blank">http://xxx.cloudapp.net:50070/webhdfs/v1/?op=3Dliststat=
us</a></span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>&nbsp;</span><span=
 style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>I just enabled =
the Kerberos for the HDFS deployment.</span><span =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>&nbsp;</span><span=
 style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>Thanks,</span><spa=
n style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif;color:black'>Jingfei</span><spa=
n =
style=3D'font-family:"Calibri",sans-serif'><o:p></o:p></span></p></div></=
div></div></div></div></div></blockquote></div><p =
class=3DMsoNormal><span =
style=3D'font-family:"Calibri",sans-serif'><o:p>&nbsp;</o:p></span></p></=
div></div></div></div></body></html>
------=_NextPart_000_0207_01D1109C.F1CA3AC0--