[jira] [Commented] (KNOX-844) Add documentation for support of Apache Phoenix via Knox

Tue, 07 Feb 2017 17:18:07 -0800 

    [ 
https://issues.apache.org/jira/browse/KNOX-844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15857163#comment-15857163
 ] 

Shi Wang commented on KNOX-844:
-------------------------------

Hi [~elserj]

I was doing some knox testing against phoenix thin client. I add avatica in the 
topology and service and tried

# bin/sqlline-thin.py 
https://knox_gateway_host:8443/gateway/default/avatica;truststore=path_to_gateway.jks;truststore_password=knox

But it still will show error:
java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: 
sun.security.validator.ValidatorException: PKIX path building failed: 
sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
valid certification path to requested target

I also tried !connect 
jdbc:phoenix:thin:url=https://knox_gateway_host:8443/gateway/default/avatica;truststore=path_to_gateway.jks;truststore_password=knox
 inside the shell, but it gets same SSL error,

Is there anything missing?

> Add documentation for support of Apache Phoenix via Knox
> --------------------------------------------------------
>
>                 Key: KNOX-844
>                 URL: https://issues.apache.org/jira/browse/KNOX-844
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Site
>    Affects Versions: 0.11.0
>            Reporter: John McParland
>            Assignee: Josh Elser
>             Fix For: 0.11.0
>
>         Attachments: KNOX-844.001.patch, KNOX-844.002.patch, Knox_Phoenix.png
>
>
> We would like to access data stored in Hadoop (especially HBase) using 
> traditional tools which rely on ODBC connections and SQL.
> Phoenix provides the SQL interface to HBase, and Hortonworks have an [ODBC 
> Connector for 
> Phoenix|http://hortonworks.com/hadoop-tutorial/bi-apache-phoenix-odbc/]
> However this is unsecured - in so far as accessing from outside of the 
> perimeter of the Big Data Platform.
> This ticket should address that by allowing the ODBC connection to Phoenix to 
> be proxied through Knox, to enforce perimeter level security.
> h4. Acceptance Criteria
> - Connections to Phoenix via Knox are only allowed with valid credentials, as 
> enforced by Knox
> - Connections to Phoenix via Knox are NOT allowed if Knox finds invalid 
> credentials.
> -  Connection to Phoenix via Knox can are made via an ODBC connector



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to