[jira] [Created] (HADOOP-11151) failed to create (put, copyFromLocal, cp, etc.) file in encryption zone after one day running

zhubin (JIRA) Mon, 29 Sep 2014 01:19:01 -0700

zhubin created HADOOP-11151:
-------------------------------

             Summary: failed to create (put, copyFromLocal, cp, etc.) file in 
encryption zone after one day running
                 Key: HADOOP-11151
                 URL: https://issues.apache.org/jira/browse/HADOOP-11151
             Project: Hadoop Common
          Issue Type: Bug
          Components: security
    Affects Versions: 2.6.0
            Reporter: zhubin



Enable CFS and KMS service in the cluster, initially it worked to put/copy file 
into encryption zone. But after a while (might be one day), it fails to 
put/copy file into the encryption zone with the error
java.util.concurrent.ExecutionException: java.io.IOException: HTTP status 
[403], message [Forbidden]

The kms.log shows below
AbstractDelegationTokenSecretManager - Updating the current master key for 
generating delegation tokens
2014-09-29 13:18:46,599 WARN  AuthenticationFilter - AuthenticationToken 
ignored: org.apache.hadoop.security.authentication.util.SignerException: 
Invalid signature
2014-09-29 13:18:46,599 WARN  AuthenticationFilter - Authentication exception: 
Anonymous requests are disallowed
org.apache.hadoop.security.authentication.client.AuthenticationException: 
Anonymous requests are disallowed
        at 
org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler.authenticate(PseudoAuthenticationHandler.java:184)
        at 
org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationHandler.authenticate(DelegationTokenAuthenticationHandler.java:331)
        at 
org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:507)
        at 
org.apache.hadoop.crypto.key.kms.server.KMSAuthenticationFilter.doFilter(KMSAuthenticationFilter.java:129)
        at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
        at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
        at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
        at 
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
        at java.lang.Thread.run(Thread.java:745)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (HADOOP-11151) failed to create (put, copyFromLocal, cp, etc.) file in encryption zone after one day running

Reply via email to