kerberos

问题 I have exception similar to one that Spark 1.3 fixes https://issues.apache.org/jira/browse/SPARK-3778 but I faced it with Spark version 1.5.0-cdh5.5.2 It happens when submitting spark job to Yarn with kerberos (hadoop.rpc.protection=privacy) 16/03/24 19:17:47 ERROR ApplicationMaster: User class threw exception: org.apache.hadoop.ipc.RemoteException(java.io.IOException): Delegation Token can be issued only with kerberos or web authentication at org.apache.hadoop.hdfs.server.namenode

问题 So I have tried and tried to get my ssh to work with kerberos on Mavericks to no avail. Here are my versions: ssh: OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 kerberos: Heimdal 1.5.1apple1 I also tried the built in ssh with no effect as well. Here is my config: ForwardAgent yes GSSAPIAuthentication yes GSSAPIDelegateCredentials yes GSSAPIKeyExchange yes i have checked, there are no overriding settings in my user config After all of this, I still get prompted for a password when ssh'ing to a

问题 I am trying to configure Kerberos SSO on Web Logic 12.1.2 with JDK 1.7.x on Win 2012 R2 . I am using Java ktab java command to create keytab file . The encryption includes DES and rc4-hmac . My kerberos ini file only uses rc4-hmac encryption . But when I try to login to my application I am getting this error in Web Logic log file (fragment): ####<Nov 13, 2014 7:24:29 AM PST> <Debug> <SecurityAtn> <ifvm00131> <ICN_ManagedServer_2> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel

问题 I am trying to connect to sql server by using keytab and it throws below error com.microsoft.sqlserver.jdbc.SQLServerException: Cannot login with Kerberos principal DOMAIN\User, check your credentials. Kerberos Login failed: Integrated authentication failed. ClientConnectionId:6f436f49-b0bf-441e-bab3-e6af86ac8361 due to javax.security.auth.login.LoginException (Cannot get any of properties: [password, PASSWORD] from con properties not available to garner authentication information from the

问题 Team, I am trying to implement SSO for a WAS7 based web application using Kerberos & SPNEGO. I am almost done with the configuration. I have few doubts on Kerberos. When I execute the command klist , following is the output. Ticket cache: FILE:/tmp/krb5cc_38698 Default principal: pocsso1@POC.MAIL.COM Valid starting Expires Service principal 01/09/2014 16:15 02/09/2014 02:21 krbtgt/POC.MAIL.COM@POC.MAIL.COM renew until 08/09/2014 16:15 My Question is "what expires and renew indicates here.?"

问题 Our AD Team is going to disable RC4-HMAC so I have to change our JBoss-applications to AES. I added the aes types to krb5.conf and created new keytabs but that seems to not work. Tests besides the application with kinit show the same results. There was an similar issue but its solution was already enabled for us. There is another guy (Rick Moritz) with my problem without an answer. Server: SLES12 AD: Windows Server 2016 krb5.conf [libdefaults] debug = false default_realm = MY.DOMAIN ticket

问题 I am using a keytab file to bypass kerberos to run a shell script through oozie. Shell script includes hbase shell commands so I nee to do a kinit before running hbase shell commands.This works fine for me. So, in a case where I launch the job using a coordinator and have several shell scripts in the workflow using a keytab(service account) will there be a conflict in oozie ?Since I launch the job using oozie coordinator but have keytab files in workflow of a service account. Thanks, 回答1: The

问题 I'm trying to get to point, where wildfly 9 would be able to authenticate users with kerberos and authorize them with ldap. I'm having rich EJB client using JAAS (having com.sun.security.auth.module.Krb5LoginModule ). I'd need some sample including the step-by-step configuration. What I've found is: wildfly with LDAP (https://developer.jboss.org/wiki/LDAPSecurityRealmExamples) wildfly with SPNEGO (https://github.com/kwart/spnego-demo) wildfly with kerberos for server management (http:/

问题 How do I fix the problem that generates this error: WARN [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:ZooKeeperServer@1040] - Client failed to SASL authenticate: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)] javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: Failure unspecified at GSS-API level (Mechanism level: Checksum failed)] at com.sun.security.sasl

问题 I have a problem that is as follows: I have a webservice, and I want to authenticate with Kerberos. I add in my visual studio wsdl by adding a service reference ... it creates a proxy class, so to speak, and reference.cs can invoke the service. What he wanted now was to get a Kerberos ticket from the user logged into pc, and then add this ticket in the soap request and invoke the service. Can anyone help me how can I do this? 来源： https://stackoverflow.com/questions/24042386/add-kerberos