ChangWinde opened a new issue #5580: error when using pulsar-client with Kerberos URL: https://github.com/apache/pulsar/issues/5580 **Describe the bug** I use kerberos in pulsar. And I want use pulsar cli tools, but occuring some error. **To Reproduce** Steps to reproduce the behavior: bin/pulsar-client produce -m "dog" -n 10 persistent://test-tenant/test-sp/test-topic-partition-0 **Screenshots** 10:54:34.862 [pulsar-client-io-1-1] INFO org.apache.pulsar.client.impl.ProducerStatsRecorderImpl - Starting Pulsar producer perf with config: { "topicName" : "persistent://test-tenant/test-sp/test-topic-partition-0", "producerName" : null, "sendTimeoutMs" : 30000, "blockIfQueueFull" : false, "maxPendingMessages" : 1000, "maxPendingMessagesAcrossPartitions" : 50000, "messageRoutingMode" : "RoundRobinPartition", "hashingScheme" : "JavaStringHash", "cryptoFailureAction" : "FAIL", "batchingMaxPublishDelayMicros" : 1000, "batchingMaxMessages" : 1000, "batchingEnabled" : true, "batcherBuilder" : { }, "compressionType" : "NONE", "initialSequenceId" : null, "autoUpdatePartitions" : true, "properties" : { } } 10:54:34.864 [pulsar-client-io-1-1] INFO org.apache.pulsar.client.impl.ProducerStatsRecorderImpl - Pulsar client config: { "serviceUrl" : "pulsar://localhost:6650/", "authPluginClassName" : null, "authParams" : null, "operationTimeoutMs" : 30000, "statsIntervalSeconds" : 60, "numIoThreads" : 1, "numListenerThreads" : 1, "connectionsPerBroker" : 1, "useTcpNoDelay" : true, "useTls" : false, "tlsTrustCertsFilePath" : "", "tlsAllowInsecureConnection" : false, "tlsHostnameVerificationEnable" : false, "concurrentLookupRequest" : 5000, "maxLookupRequest" : 50000, "maxNumberOfRejectedRequestPerConnection" : 50, "keepAliveIntervalSeconds" : 30, "connectionTimeoutMs" : 10000, "requestTimeoutMs" : 60000, "defaultBackoffIntervalNanos" : 100000000, "maxBackoffIntervalNanos" : 30000000000 } 10:54:34.882 [pulsar-client-io-1-1] INFO org.apache.pulsar.client.impl.ConnectionPool - [[id: 0xc7a6a676, L:/10.31.26.18:36758 - R:10.31.26.18/10.31.26.18:6650]] Connected to server 10:54:34.882 [pulsar-client-io-1-1] INFO org.apache.pulsar.client.impl.auth.PulsarSaslClient - Using JAAS/SASL/GSSAPI auth to connect to server Principal broker/hadoop.hakafka.com, 10:54:34.882 [pulsar-client-io-1-1] INFO org.apache.pulsar.client.impl.auth.PulsarSaslClient - 即将创建一个新的SaslClient,clientPrincipal=brokerclient/[email protected],servicePrincipal=broker/hadoop.hakafka.com 10:54:34.889 [pulsar-client-io-1-1] INFO org.apache.pulsar.client.impl.ProducerImpl - [persistent://test-tenant/test-sp/test-topic-partition-0] [null] Creating producer on cnx [id: 0xc7a6a676, L:/10.31.26.18:36758 - R:10.31.26.18/10.31.26.18:6650] 10:54:34.901 [pulsar-client-io-1-1] WARN org.apache.pulsar.client.impl.ClientCnx - [id: 0xc7a6a676, L:/10.31.26.18:36758 - R:10.31.26.18/10.31.26.18:6650] Received error from server: org.apache.bookkeeper.mledger.ManagedLedgerException: Attempted to access ledger using the wrong password 10:54:34.902 [pulsar-client-io-1-1] ERROR org.apache.pulsar.client.impl.ProducerImpl - [persistent://test-tenant/test-sp/test-topic-partition-0] [null] Failed to create producer: org.apache.bookkeeper.mledger.ManagedLedgerException: Attempted to access ledger using the wrong password 10:54:34.903 [main] ERROR org.apache.pulsar.client.cli.PulsarClientTool - Error while producing messages 10:54:34.903 [main] ERROR org.apache.pulsar.client.cli.PulsarClientTool - org.apache.bookkeeper.mledger.ManagedLedgerException: Attempted to access ledger using the wrong password org.apache.pulsar.client.api.PulsarClientException$BrokerPersistenceException: org.apache.bookkeeper.mledger.ManagedLedgerException: Attempted to access ledger using the wrong password **Additional context** client.conf: authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationSasl authParams={"saslJaasClientSectionName":"PulsarClient", "serverType":"broker"} pulsar_tools_env.sh: PULSAR_EXTRA_OPTS="${PULSAR_EXTRA_OPTS} ${PULSAR_MEM} ${PULSAR_GC} -Dio.netty.leakDetectionLevel=disabled -Djava.security.auth.login.config=/home/pulsar/krbConfig/jaasFiles/pulsar_jaas.conf -Djava.security.krb5.conf=/home/pulsar/krbConfig/krb5.conf" pulsar_jaas.conf: PulsarBroker { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true useTicketCache=false keyTab="/home/pulsar/krbConfig/keytabs/broker.keytab" principal="broker/[email protected]"; }; PulsarClient { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true useTicketCache=false keyTab="/home/pulsar/krbConfig/keytabs/pulsarclient.keytab" principal="brokerclient/[email protected]"; }; Client { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true useTicketCache=false keyTab="/home/pulsar/krbConfig/keytabs/zkClient.keytab" principal="zkcli/[email protected]"; }; BookKeeper { com.sun.security.auth.module.Krb5LoginModule required useKeyTab=true storeKey=true useTicketCache=false keyTab="/home/pulsar/krbConfig/keytabs/bkClient.keytab" principal="bookkeepercli/[email protected]"; };
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
