I am using nodejs and the npm jdbc package to connect to kerberized Apache phoenix on hortonworks, I am able to connect to non kerberized phoenix with nodejs and jdbc package, but facing below Kerberos authentication error with kerberized phoenix. if anybody has done anything similar, please give some direction.
Klist command:
klist -k -t -e /etc/security/keytabs/kafka.headless.keytab Keytab name: FILE:/etc/security/keytabs/kafka.headless.keytab KVNO Timestamp Principal ---- ----------------- -------------------------------------------------------- 1 09/30/16 10:10:27 kafka@REALM.LAN (aes256-cts-hmac-sha1-96) Code:
var express = require('express'); var app = express(); var server = require('http').Server(app); var https =require('http'); var io = require('socket.io')(server); var kafka = require('kafka-node'); var cassandra = require('cassandra-driver'); var JDBC = require('jdbc'); var jinst = require('jdbc/lib/jinst'); var asyncjs = require('async'); //var Pool = require('jdbc/lib/pool'); //var nodeunit = require('nodeunit'); //var _ = require('lodash'); var _ = require('underscore'); //ar cors = require("cors"); app.use(express.static(__dirname + '/view')); server.listen(3000); app.use('/bower_components', express.static(__dirname + '/bower_components')); app.get('/', function (req, res, next) { res.sendFile(__dirname + '/index.html');}); if (!jinst.isJvmCreated()) { jinst.addOption("-Xrs"); jinst.setupClasspath(['/etc/krb5.conf', '/usr/hdp/2.4.2.0-258/hadoop/conf', '/etc/hbase/conf/core-site.xml', '/etc/hbase/conf/hbase-site.xml', '/etc/hbase/conf/hbase-policy.xml', '/etc/hbase/conf/hbase_client_jaas.conf', '/etc/hbase/conf/hbase_regionserver_jaas.conf', '/etc/hbase/conf/hdfs-site.xml', '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-client-1.1.2.2.4.2.0-258.jar', '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar', '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-common-1.1.2.2.4.2.0-258.jar', '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar', '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-thin-client.jar', '/usr/hdp/2.4.2.0-258/phoenix/phoenix-server-4.4.0.2.4.2.0-258-runnable.jar', '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-client.jar']); var config = { url: 'jdbc:phoenix:piv-prd-os-646.forsys.lan:2181:/hbase-secure:kafka@FORSYS.LAN:/etc/security/keytabs/kafka.headless.keytab', drivername: 'org.apache.phoenix.jdbc.PhoenixDriver', //user : 'root', //password: 'root', //properties: {} minpoolsize: 2, maxpoolsize: 3 }; var hsqldb = new JDBC(config); hsqldb.initialize(function(err) { if (err) { console.log(err); } else { console.log("---- initialize successfully ----") } }); Exception:
error: Error: Error running static method java.sql.SQLException: ERROR 103 (08004): Unable to establish connection. at org.apache.phoenix.exception.SQLExceptionCode$Factory$1.newException(SQLExceptionCode.java:395) at org.apache.phoenix.exception.SQLExceptionInfo.buildException(SQLExceptionInfo.java:145) at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:287) at org.apache.phoenix.query.ConnectionQueryServicesImpl.access$300(ConnectionQueryServicesImpl.java:170) at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1840) at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1819) at org.apache.phoenix.util.PhoenixContextExecutor.call(PhoenixContextExecutor.java:77) at org.apache.phoenix.query.ConnectionQueryServicesImpl.init(ConnectionQueryServicesImpl.java:1819) at org.apache.phoenix.jdbc.PhoenixDriver.getConnectionQueryServices(PhoenixDriver.java:180) at org.apache.phoenix.jdbc.PhoenixEmbeddedDriver.connect(PhoenixEmbeddedDriver.java:132) at org.apache.phoenix.jdbc.PhoenixDriver.connect(PhoenixDriver.java:151) at java.sql.DriverManager.getConnection(DriverManager.java:571) at java.sql.DriverManager.getConnection(DriverManager.java:187) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) Caused by: java.io.IOException: Login failure for kafka@FORSYS.LAN from keytab /etc/security/keytabs/kafka.headless.keytab: javax.security.auth.login.LoginException: Unable to obtain password from user at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:976) at org.apache.hadoop.security.SecurityUtil.login(SecurityUtil.java:280) at org.apache.hadoop.hbase.security.User$SecureHadoopUser.login(User.java:386) at org.apache.hadoop.hbase.security.User.login(User.java:253) at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:282) ... 14 more Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:856) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719) at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) at javax.security.auth.login.LoginContext.login(LoginContext.java:595) at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:967) ... 18 more