incubator-hcatalog-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajesh Balamohan <rajesh.balamo...@gmail.com>
Subject Re: HCatalog Security
Date Mon, 09 Apr 2012 00:17:47 GMT
Thanks for the reply. I tried that option as well. Still encounter the same
error message in the hcat_server side.


2012-04-08 17:15:36,695 DEBUG transport.TSaslServerTransport
(TSaslServerTransport.java:getTransport(212)) - transport map does not
contain key

2012-04-08 17:15:36,696 DEBUG transport.TSaslTransport
(TSaslTransport.java:open(243)) - opening transport
org.apache.thrift.transport.TSaslServerTransport@2c65394b

2012-04-08 17:15:36,697 DEBUG transport.TSaslTransport
(TSaslTransport.java:receiveSaslMessage(197)) - SERVER: Received message
with status START and payload length 6

2012-04-08 17:15:36,697 DEBUG transport.TSaslServerTransport
(TSaslServerTransport.java:handleSaslStartMessage(126)) - Received start
message with status START

2012-04-08 17:15:36,698 DEBUG transport.TSaslServerTransport
(TSaslServerTransport.java:handleSaslStartMessage(134)) - Received
mechanism name 'GSSAPI'

2012-04-08 17:15:36,699 DEBUG transport.TSaslTransport
(TSaslTransport.java:open(254)) - SERVER: Start message handled

2012-04-08 17:15:36,699 DEBUG transport.TSaslTransport
(TSaslTransport.java:receiveSaslMessage(197)) - SERVER: Received message
with status OK and payload length 2777

2012-04-08 17:15:36,700 DEBUG transport.TSaslTransport
(TSaslTransport.java:sendSaslMessage(162)) - SERVER: Writing message with
status BAD and payload length 19

2012-04-08 17:15:36,700 DEBUG transport.TSaslServerTransport
(TSaslServerTransport.java:getTransport(217)) - failed to open server
transport

org.apache.thrift.transport.TTransportException: GSS initiate failed

        at
org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:221)

        at
org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:296)

        at
org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:40)

        at
org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:215)

        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:557)

        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:555)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.Subject.doAs(Subject.java:337)

        at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1110)

        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory.getTransport(HadoopThriftAuthBridge20S.java:555)

        at
org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:170)

        at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

        at java.lang.Thread.run(Thread.java:662)

2012-04-08 17:15:36,701 ERROR server.TThreadPoolServer
(TThreadPoolServer.java:run(182)) - Error occurred during processing of
message.

java.lang.RuntimeException:
org.apache.thrift.transport.TTransportException: GSS initiate failed

        at
org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:218)

        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:557)

        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:555)

        at java.security.AccessController.doPrivileged(Native Method)

        at javax.security.auth.Subject.doAs(Subject.java:337)

On Apr 8, 2012 6:57 PM, "Rajesh Balamohan" <rajesh.balamohan@gmail.com>
wrote:

> Hi All,
>
> I am currently using HCatalog 0.4 and trying to enable security with this
> build.
>
> I have setup the following properties in /etc/hcatalog/hive-site.xml
>
> hive.metastore.kerberos.principal;
> hive.metastore.sasl.enabled
> hive.metastore.kerberos.keytab.file
>
> I tried kinit in standalone mode and it works fine. hcat_server.sh also
> works fine (which means that the thrift server is working)
>
> However, when I try ' hcat -e "show tables" ', it is not able to
> communicate with the thrift server. It throws GSSAPI failed exception.
>
>
> 2012-04-08 06:25:28,056 DEBUG transport.TSaslServerTransport
> (TSaslServerTransport.java:getTransport(212)) - transport map does not
> contain key
> 2012-04-08 06:25:28,056 DEBUG transport.TSaslTransport
> (TSaslTransport.java:open(243)) - opening transport
> org.apache.thrift.transport.TSaslServerTransport@6243487e
> 2012-04-08 06:25:28,057 DEBUG transport.TSaslServerTransport
> (TSaslServerTransport.java:getTransport(217)) - failed to open server
> transport
> org.apache.thrift.transport.TTransportException: Peer indicated failure:
> GSS initiate failed
>         at
> org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:190)
>         at
> org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:124)
>         at
> org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:253)
>         at
> org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:40)
>         at
> org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:215)
>         at
> org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:557)
>         at
> org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:555)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.Subject.doAs(Subject.java:337)
>         at
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1110)
>         at
> org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory.getTransport(HadoopThriftAuthBridge20S.java:555)
>         at
> org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:170)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
>         at java.lang.Thread.run(Thread.java:662)
> 2012-04-08 06:25:28,057 WARN  hive.metastore
> (HiveMetaStoreClient.java:openStore(270)) - Failed to connect to the
> MetaStore Server...
> 2012-04-08 06:25:28,057 ERROR server.TThreadPoolServer
> (TThreadPoolServer.java:run(182)) - Error occurred during processing of
> message.
> java.lang.RuntimeException:
> org.apache.thrift.transport.TTransportException: Peer indicated failure:
> GSS initiate failed
>         at
> org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:218)
>         at
> org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:557)
>         at
> org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:555)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.security.auth.Subject.doAs(Subject.java:337)
>         at
> org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1110)
>         at
> org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory.getTransport(HadoopThriftAuthBridge20S.java:555)
>         at
> org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:170)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
>         at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
>         at java.lang.Thread.run(Thread.java:662)
> Caused by: org.apache.thrift.transport.TTransportException: Peer indicated
> failure: GSS initiate failed
>         at
> org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:190)
>         at
> org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:124)
>         at
> org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:253)
>
> Any help would be greatly appreciated.
>
> --
> ~Rajesh.B
>

Mime
View raw message