drno-reg
@drno-reg
см не кратко

Как правильно указать на gss-jaas.conf?

Здравствуйте.

Хочу написать Hive клиента для подключения к керберизированному кластеру:

нашел такой пример кода,
сразу оговорюсь
IDEA стоит в окружении windows 2012 R2,
keytab в локальном окружении

public static  void main(String[] args) throws IOException, SQLException {
        try {
            Class.forName("org.apache.hive.jdbc.HiveDriver");
        } catch (ClassNotFoundException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
            System.exit(1);
        }

        org.apache.hadoop.conf.Configuration conf = new     org.apache.hadoop.conf.Configuration();
        conf.set("hadoop.security.authentication", "Kerberos");
        UserGroupInformation.setConfiguration(conf);
        UserGroupInformation.loginUserFromKeytab("testuser@DOM.COM", "C:\\Servers\\Repository\\Templates\\HiveClient\\src\\main\\resources\\testuser.keytab");

        Connection cnct = DriverManager.getConnection("jdbc:hive2://rnd-server-002:10010/default;principal=hive/testuser@DOM.COM");
        Statement stmt = cnct.createStatement();
        String sql = "show tables;";
        System.out.println("Running: " + sql);
        ResultSet res = stmt.executeQuery(sql);
        if (res.next()) {
            System.out.println(res.getString(1));
        }
    }


при попытке запуска возвращается ошибка

ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console.
10:58:05.377 [main] ERROR org.apache.hadoop.util.Shell - Failed to locate the winutils binary in the hadoop binary path
java.io.IOException: Could not locate executable null\bin\winutils.exe in the Hadoop binaries.
	at org.apache.hadoop.util.Shell.getQualifiedBinPath(Shell.java:355) ~[hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.util.Shell.getWinUtilsPath(Shell.java:370) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.util.Shell.<clinit>(Shell.java:363) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.util.StringUtils.<clinit>(StringUtils.java:79) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.Groups.parseStaticMapping(Groups.java:104) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.Groups.<init>(Groups.java:86) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.Groups.<init>(Groups.java:66) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.Groups.getUserToGroupsMappingService(Groups.java:280) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.UserGroupInformation.initialize(UserGroupInformation.java:271) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.UserGroupInformation.ensureInitialized(UserGroupInformation.java:248) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.UserGroupInformation.loginUserFromSubject(UserGroupInformation.java:763) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.security.UserGroupInformation.getLoginUser(UserGroupInformation.java:748) [hadoop-common-2.6.0.jar:?]
	at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge.createClientWithConf(HadoopThriftAuthBridge.java:88) [hive-shims-common-2.0.0.jar:2.0.0]
	at org.apache.hive.service.auth.KerberosSaslHelper.getKerberosTransport(KerberosSaslHelper.java:55) [hive-service-2.0.0.jar:2.0.0]
	at org.apache.hive.jdbc.HiveConnection.createBinaryTransport(HiveConnection.java:458) [hive-jdbc-2.0.0.jar:2.0.0]
	at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:179) [hive-jdbc-2.0.0.jar:2.0.0]
	at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:152) [hive-jdbc-2.0.0.jar:2.0.0]
	at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:107) [hive-jdbc-2.0.0.jar:2.0.0]
	at java.sql.DriverManager.getConnection(DriverManager.java:664) [?:1.8.0_121]
	at java.sql.DriverManager.getConnection(DriverManager.java:270) [?:1.8.0_121]
	at RU.Templates.Hive.Client2.main(Client2.java:24) [classes/:?]
Exception in thread "main" java.lang.SecurityException: java.io.IOException: gss-jaas.conf (No such file or directory)
	at sun.security.provider.ConfigFile$Spi.<init>(ConfigFile.java:137)
	at sun.security.provider.ConfigFile.<init>(ConfigFile.java:102)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
	at java.lang.Class.newInstance(Class.java:442)
	at javax.security.auth.login.Configuration$2.run(Configuration.java:255)
	at javax.security.auth.login.Configuration$2.run(Configuration.java:247)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:246)
	at sun.security.jgss.LoginConfigImpl$1.run(LoginConfigImpl.java:65)
	at sun.security.jgss.LoginConfigImpl$1.run(LoginConfigImpl.java:63)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.security.jgss.LoginConfigImpl.<init>(LoginConfigImpl.java:63)
	at sun.security.jgss.GSSUtil.login(GSSUtil.java:256)
	at sun.security.jgss.krb5.Krb5Util.getTicket(Krb5Util.java:158)
	at sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:335)
	at sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:331)
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.security.jgss.krb5.Krb5InitCredential.getTgt(Krb5InitCredential.java:330)
	at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:145)
	at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:122)
	at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:187)
	at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:224)
	at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:212)
	at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:179)
	at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:192)
	at org.apache.thrift.transport.TSaslClientTransport.handleSaslStartMessage(TSaslClientTransport.java:94)
	at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271)
	at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
	at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:52)
	at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:49)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.Subject.doAs(Subject.java:422)
	at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1628)
	at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport.open(TUGIAssumingTransport.java:49)
	at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:181)
	at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:152)
	at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:107)
	at java.sql.DriverManager.getConnection(DriverManager.java:664)
	at java.sql.DriverManager.getConnection(DriverManager.java:270)
	at RU.Templates.Hive.Client2.main(Client2.java:24)
Caused by: java.io.IOException: gss-jaas.conf (No such file or directory)
	at sun.security.provider.ConfigFile$Spi.ioException(ConfigFile.java:666)
	at sun.security.provider.ConfigFile$Spi.init(ConfigFile.java:262)
	at sun.security.provider.ConfigFile$Spi.<init>(ConfigFile.java:135)
	... 42 more


Как правильно указать на gss-jaas.conf, он локально лежит там же где и keytab?
  • Вопрос задан
  • 417 просмотров
Решения вопроса 1
@aol-nnov
Судя по стектрейсу, дело не в jaas.

https://stackoverflow.com/a/35652866
Ответ написан
Пригласить эксперта
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Войти через центр авторизации
Похожие вопросы
Bell Integrator Ульяновск
До 400 000 ₽
Bell Integrator Ижевск
До 400 000 ₽
Bell Integrator Хабаровск
До 400 000 ₽
28 мар. 2024, в 15:01
4000 руб./за проект
28 мар. 2024, в 14:54
1000 руб./за проект
28 мар. 2024, в 14:41
1000 руб./за проект