[
https://issues.apache.org/jira/browse/KNOX-2526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17255536#comment-17255536
]
Sandeep More commented on KNOX-2526:
------------------------------------
Looking at the audit logs looks like the 401 came back from HDFUI
{code}
20/12/28 11:08:00
||2fbb585a-3813-4c5f-9201-b556d5af8c25|audit|10.110.37.33|HDFSUI|admin|||dispatch|uri|http://hdp11.bigdata.zll.360es.cn:50070/dfshealth.html?doAs=admin|unavailable|Request
method: GET
20/12/28 11:08:00
||2fbb585a-3813-4c5f-9201-b556d5af8c25|audit|10.110.37.33|HDFSUI|admin|||dispatch|uri|http://hdp11.bigdata.zll.360es.cn:50070/dfshealth.html?doAs=admin|success|Response
status: 401
20/12/28 11:08:01
|||audit|10.110.37.33|HDFSUI|admin|||access|uri|/gateway/sandbox/hdfs/dfshealth.html|success|Response
status: 401
{code}
I am assuming you updated the krb5.conf and krb5JAASLogin.conf files.
Can you check the HDFS logs and see what it is complaining about? I am assuming
Hadoop is running in secure mode.
> Knox can not access the Secure Hadoop
> -------------------------------------
>
> Key: KNOX-2526
> URL: https://issues.apache.org/jira/browse/KNOX-2526
> Project: Apache Knox
> Issue Type: Bug
> Components: Server
> Affects Versions: 1.5.0
> Reporter: 李远锋
> Priority: Blocker
> Fix For: 1.5.0
>
> Attachments: gateway-audit.log, gateway.err, gateway.log,
> gateway.out, image-2020-12-27-22-24-45-419.png, knox.service.keytab
> &spnego.service.keytab.txt
>
>
> @[~smore] First of all, thank you for answering my question in jira last
> time, today I encountered a new problem, I hope you can help me, thank you a
> lot.
> I think this is not a bug, but my poor understanding of Knox's kerberos
> configuration. I have read the User Guide and Wiki on the official website
> several times, but I can't understand them well.I am confused about Kerberos
> configuration in the following two chapters and want to know the difference
> of two chapters:
> [Secure+Clusters|https://knox.apache.org/books/knox-1-4-0/user-guide.html#Secure+Clusters]
> [HadoopAuth+Authentication+Provider|https://knox.apache.org/books/knox-1-4-0/user-guide.html#HadoopAuth+Authentication+Provider]
>
> Although I followed these two configurations of the two chapters, I still
> encountered an error
> {code:java}
> // code placeholder
> curl -k -i --negotiate -u admin:admin-password
> https://localhost:8443/gateway/sandbox/webhdfs/v1/tmp?op=LISTSTATUS
> HTTP/1.1 401 Unauthorized
> Date: Sun, 27 Dec 2020 13:53:49 GMT
> WWW-Authenticate: BASIC realm="application"
> Content-Length: 0{code}
>
> I want to use a browser to access HadoopUI through Knox, but I also
> encountered a similar error。
> !image-2020-12-27-22-24-45-419.png!
> Finally, if Hadoop does not enable Kerberos, it is normal to access HadoopUI
> through Knox.
> Please help me,Thanks a lot.
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
