[英]Java Hbase Rest Client with Kerberos Authentication
我正在嘗試使用Java HBase Rest Client連接到我的Hbase Server,並且顯示身份驗證錯誤。 如果我使用connection對象並使用scanner API ,則可以檢索數據,但是不確定如何使用Rest Client執行此操作。
遵循curl命令非常有效。
curl --negotiate -u: http://example.com:17000/bda:employee_hbase/schema?user.name=gaurang.shah
但是,以下Java代碼顯示錯誤。
public class Weather {
private Client client;
protected Connection connection = null;
public Weather() {
Configuration conf = HBaseConfiguration.create();
conf.addResource("src/main/resources/hbase-site.xml");
conf.addResource("src/main/resources/core-site.xml");
conf.addResource("src/main/resources/hdfs-site.xml");
conf.addResource("src/main/resources/yarn-site.xml");
System.setProperty("java.security.krb5.conf", "src/main/resources/krb5.conf");
System.setProperty("sun.security.krb5.debug", "true");
UserGroupInformation.setConfiguration(conf);
try {
UserGroupInformation.loginUserFromKeytab("gaurang.shah", "src/main/resources/gaurang.shah.keytab");
connection = ConnectionFactory.createConnection(HBaseConfiguration.create(conf));
} catch (IOException e) {
e.printStackTrace();
}
Cluster cluster = new Cluster();
cluster.add("example.com", 17000);
client = new Client(cluster);
}
public String getSchema(){
client.addExtraHeader("Accept", "text/xml");
try {
return client.get("/bda:weather_history/schema").toString();
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
}
堆棧跟蹤
java.io.IOException: org.apache.hadoop.security.authentication.client.AuthenticationException: Authentication failed, URL: http://example.com:17000/users/schema?user.name=gaurang.shah, status: 403, message: Forbidden
at org.apache.hadoop.hbase.rest.client.Client.negotiate(Client.java:285)
at org.apache.hadoop.hbase.rest.client.Client.executeURI(Client.java:239)
at org.apache.hadoop.hbase.rest.client.Client.executePathOnly(Client.java:204)
at org.apache.hadoop.hbase.rest.client.Client.execute(Client.java:265)
at org.apache.hadoop.hbase.rest.client.Client.get(Client.java:459)
at org.apache.hadoop.hbase.rest.client.Client.get(Client.java:365)
at org.apache.hadoop.hbase.rest.client.Client.get(Client.java:354)
at ca.cantire.hbase.Weather.getSchema(Weather.java:52)
at ca.cantire.WeatherRestClient.TestWeatherRest.testData(TestWeatherRest.java:10)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365)
at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273)
at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159)
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:379)
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:340)
at org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:125)
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:413)
Caused by: org.apache.hadoop.security.authentication.client.AuthenticationException: Authentication failed, URL: http://example.com:17000/users/schema?user.name=gaurang.shah, status: 403, message: Forbidden
at org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:281)
at org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:77)
at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:212)
at org.apache.hadoop.hbase.rest.client.Client.negotiate(Client.java:280)
... 33 more
在您的API項目中,您可以創建一個正在運行的Java調度程序,該調度程序應負責kinit和kerberos的更新。
void executeKinit() {
try {
CurlUtil cmdUtil = new CurlUtil();
if ("prod".equals(env)) {
cmdUtil.execute("kinit -k -t /resources/myKeyTab.keytab admin@TEST.NET");
cmdUtil.execute("kinit -R");
}
logger.info("kinit executed");
} catch (Exception ex) {
logger.error("Error while renewing the kerberose tocken", ex);
}
}
Hbase-client kerberos 身份驗證僅在本地計算機上工作
[英]Hbase-client kerberos authentication working only on local computer
如何在使用Java客戶端的.NET WCF服務中啟用Kerberos身份驗證
[英]How to enable Kerberos Authentication in Java Client Consuming .NET WCF service
java http客戶端,用於使用kerberos身份驗證將文件上傳到sharepoint
[英]java http client for file upload to sharepoint using kerberos authentication
支持在Java 6上運行的JMX客戶端/服務器上的Kerberos身份驗證/授權
[英]Support for Kerberos Authentication/Authorization on JMX Client/Server running on Java 6
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.