John Zhuge created HADOOP-13748:
-----------------------------------
Summary: TestKMS fails in testProxyUserSimple and
testDelegationTokensOpsSimple
Key: HADOOP-13748
URL: https://issues.apache.org/jira/browse/HADOOP-13748
Project: Hadoop Common
Issue Type: Bug
Components: kms
Reporter: John Zhuge
{noformat}
Running org.apache.hadoop.crypto.key.kms.server.TestKMS
Tests run: 26, Failures: 0, Errors: 2, Skipped: 0, Time elapsed: 97.723 sec <<<
FAILURE! - in org.apache.hadoop.crypto.key.kms.server.TestKMS
testProxyUserSimple(org.apache.hadoop.crypto.key.kms.server.TestKMS) Time
elapsed: 1.273 sec <<< ERROR!
org.apache.hadoop.security.authorize.AuthorizationException: User [jzhuge] is
not authorized to create key !!
testDelegationTokensOpsSimple(org.apache.hadoop.crypto.key.kms.server.TestKMS)
Time elapsed: 1.194 sec <<< ERROR!
java.io.IOException: HTTP status [403], message
[org.apache.hadoop.security.AccessControlException: jzhuge tries to renew a
token with renewer client1]
at
org.apache.hadoop.util.HttpExceptionUtils.validateResponse(HttpExceptionUtils.java:169)
at
org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.doDelegationTokenOperation(DelegationTokenAuthenticator.java:300)
at
org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.renewDelegationToken(DelegationTokenAuthenticator.java:216)
at
org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL.renewDelegationToken(DelegationTokenAuthenticatedURL.java:415)
at
org.apache.hadoop.crypto.key.kms.KMSClientProvider$2.run(KMSClientProvider.java:906)
at
org.apache.hadoop.crypto.key.kms.KMSClientProvider$2.run(KMSClientProvider.java:903)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1795)
at
org.apache.hadoop.crypto.key.kms.KMSClientProvider.renewDelegationToken(KMSClientProvider.java:902)
at
org.apache.hadoop.crypto.key.kms.KMSClientProvider$KMSTokenRenewer.renew(KMSClientProvider.java:183)
at org.apache.hadoop.security.token.Token.renew(Token.java:490)
at
org.apache.hadoop.crypto.key.kms.server.TestKMS$14$1$1.run(TestKMS.java:1850)
at
org.apache.hadoop.crypto.key.kms.server.TestKMS$14$1$1.run(TestKMS.java:1839)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1795)
at
org.apache.hadoop.crypto.key.kms.server.TestKMS$14$1.run(TestKMS.java:1839)
at
org.apache.hadoop.crypto.key.kms.server.TestKMS$14$1.run(TestKMS.java:1792)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1795)
at
org.apache.hadoop.crypto.key.kms.server.TestKMS.doAs(TestKMS.java:291)
at
org.apache.hadoop.crypto.key.kms.server.TestKMS.access$100(TestKMS.java:79)
Results :
Tests in error:
TestKMS.testProxyUserSimple » Authorization User [jzhuge] is not authorized
to...
TestKMS.testDelegationTokensOpsSimple:1760->testDelegationTokensOps:1784->runServer:121->runServer:139->access$100:79->doAs:291
» IO
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org
