Return-Path: X-Original-To: apmail-hbase-issues-archive@www.apache.org Delivered-To: apmail-hbase-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D6AF1D4D8 for ; Sat, 23 Feb 2013 00:28:13 +0000 (UTC) Received: (qmail 39962 invoked by uid 500); 23 Feb 2013 00:28:13 -0000 Delivered-To: apmail-hbase-issues-archive@hbase.apache.org Received: (qmail 39918 invoked by uid 500); 23 Feb 2013 00:28:13 -0000 Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list issues@hbase.apache.org Received: (qmail 39909 invoked by uid 99); 23 Feb 2013 00:28:13 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 23 Feb 2013 00:28:13 +0000 Date: Sat, 23 Feb 2013 00:28:13 +0000 (UTC) From: "Ted Yu (JIRA)" To: issues@hbase.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HBASE-7913) Secure Rest server should login before getting an instance of rest servlet MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HBASE-7913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13584878#comment-13584878 ] Ted Yu commented on HBASE-7913: ------------------------------- In trunk, the file is hbase-server/src/main/java/org/apache/hadoop/hbase/rest/RESTServer.java FYI > Secure Rest server should login before getting an instance of rest servlet > -------------------------------------------------------------------------- > > Key: HBASE-7913 > URL: https://issues.apache.org/jira/browse/HBASE-7913 > Project: HBase > Issue Type: Bug > Components: REST > Affects Versions: 0.96.0, 0.94.5 > Reporter: Arpit Gupta > Assignee: Arpit Gupta > Fix For: 0.94.6 > > Attachments: HBASE-7913.branch-0.94.patch > > > Fails with exception > {code} > avax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)] > at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:194) > at org.apache.hadoop.hbase.security.HBaseSaslRpcClient.saslConnect(HBaseSaslRpcClient.java:139) > at org.apache.hadoop.hbase.ipc.SecureClient$SecureConnection.setupSaslConnection(SecureClient.java:194) > at org.apache.hadoop.hbase.ipc.SecureClient$SecureConnection.access$500(SecureClient.java:92) > at org.apache.hadoop.hbase.ipc.SecureClient$SecureConnection$2.run(SecureClient.java:302) > at org.apache.hadoop.hbase.ipc.SecureClient$SecureConnection$2.run(SecureClient.java:299) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.Subject.doAs(Subject.java:396) > at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1178) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at org.apache.hadoop.hbase.util.Methods.call(Methods.java:37) > at org.apache.hadoop.hbase.security.User.call(User.java:590) > at org.apache.hadoop.hbase.security.User.access$700(User.java:51) > at org.apache.hadoop.hbase.security.User$SecureHadoopUser.runAs(User.java:444) > at org.apache.hadoop.hbase.ipc.SecureClient$SecureConnection.setupIOstreams(SecureClient.java:298) > at org.apache.hadoop.hbase.ipc.HBaseClient.getConnection(HBaseClient.java:1124) > at org.apache.hadoop.hbase.ipc.HBaseClient.call(HBaseClient.java:974) > at org.apache.hadoop.hbase.ipc.SecureRpcEngine$Invoker.invoke(SecureRpcEngine.java:104) > at $Proxy5.getProtocolVersion(Unknown Source) > at org.apache.hadoop.hbase.ipc.SecureRpcEngine.getProxy(SecureRpcEngine.java:146) > at org.apache.hadoop.hbase.client.HConnectionManager$HConnectionImplementation.getMaster(HConnectionManager.java:711) > at org.apache.hadoop.hbase.client.HBaseAdmin.(HBaseAdmin.java:116) > at org.apache.hadoop.hbase.rest.RESTServlet.(RESTServlet.java:74) > at org.apache.hadoop.hbase.rest.RESTServlet.getInstance(RESTServlet.java:57) > at org.apache.hadoop.hbase.rest.Main.main(Main.java:81) > Caused by: GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt) > at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:130) > at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:106) > at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:172) > at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:209) > at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:195) > at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:162) > at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:175) > {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira