sydt2014 edited a comment on issue #9543: URL: https://github.com/apache/druid/issues/9543#issuecomment-603022685
This may a bug for druid-kerbeos!!! KerberosHttpClient retain CookieManager for url request. However it use uncorrectly.For example , KerberosHttpClient send request to query broker: http://tst1-tst-tdrd-1.com:8082/druid/v2 and return correctly. but next , KerberosHttpClient send request to query historical node : http://tst1-tst-tdrd-1.com:8083/druid/v2 which will use the cookie for http://tst1-tst-tdrd-1.com:8082/druid/v2 and autrhorize failure: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <title>Error 403 org.apache.hadoop.security.authentication.util.SignerException: Invalid signature</title> </head> <body><h2>HTTP ERROR 403</h2> <p>Problem accessing /druid/v2. Reason: <pre> org.apache.hadoop.security.authentication.util.SignerException: Invalid signature</pre></p><hr><a href="http://eclipse.org/jetty";>Powered by Jetty:// 9.4.10.v20180503</a><hr/> </body> </html> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
