sydt2014 commented on issue #9543: broker query error when druid with kerberos URL: https://github.com/apache/druid/issues/9543#issuecomment-603022685 This may a bug for druid-kerbeos!!! KerberosHttpClient retain CookieManager for url request. However it use uncorrectly.For example , KerberosHttpClient send request to query broker: http://tst1-tst-tdrd-1.com:8082/druid/v2 and return correctly. but next , KerberosHttpClient send request to query historical node : http://tst1-tst-tdrd-1.com:8082/druid/v2 which will use the cookie for http://tst1-tst-tdrd-1.com:8082/druid/v2 and autrhorize failure: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <title>Error 403 org.apache.hadoop.security.authentication.util.SignerException: Invalid signature</title> </head> <body><h2>HTTP ERROR 403</h2> <p>Problem accessing /druid/v2. Reason: <pre> org.apache.hadoop.security.authentication.util.SignerException: Invalid signature</pre></p><hr><a href="http://eclipse.org/jetty";>Powered by Jetty:// 9.4.10.v20180503</a><hr/> </body> </html> what the fuck!!!
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
