[
https://issues.apache.org/jira/browse/HADOOP-8410?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13417735#comment-13417735
]
Shumin Wu commented on HADOOP-8410:
-----------------------------------
Have you configured the HTTP principal with a password? It looks like your
keytab file does not contain the login credential:
"12/05/18 14:46:20 WARN mortbay.log: failed SpnegoFilter:
javax.servlet.ServletException: javax.security.auth.login.LoginException:
Unable to obtain password from user"
> SPNEGO filter should have better error messages when not fully configured
> -------------------------------------------------------------------------
>
> Key: HADOOP-8410
> URL: https://issues.apache.org/jira/browse/HADOOP-8410
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 2.0.0-alpha
> Reporter: Todd Lipcon
> Priority: Minor
>
> I upgraded to a build which includes SPNEGO, but neglected to configure
> dfs.web.authentication.kerberos.principal. This resulted in the following
> error:
> 12/05/18 14:46:20 INFO server.KerberosAuthenticationHandler: Login using
> keytab //home/todd/confs/conf.pseudo.security//hdfs.keytab, for principal
> ${dfs.web.authentication.kerberos.principal}
> 12/05/18 14:46:20 WARN mortbay.log: failed SpnegoFilter:
> javax.servlet.ServletException: javax.security.auth.login.LoginException:
> Unable to obtain password from user
> Instead, it should give an error that the principal needs to be configured.
> Even better would be if we could default to HTTP/_HOST@<default realm>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
