[jira] [Created] (PHOENIX-3216) Kerberos ticket is not renewed when using Kerberos authentication with Phoenix JDBC driver

Mon, 29 Aug 2016 08:21:06 -0700 

Dan Bahir created PHOENIX-3216:
----------------------------------

             Summary: Kerberos ticket is not renewed when using Kerberos 
authentication with Phoenix JDBC driver
                 Key: PHOENIX-3216
                 URL: https://issues.apache.org/jira/browse/PHOENIX-3216
             Project: Phoenix
          Issue Type: Bug
    Affects Versions: 4.8.0, 4.5.2, 4.6.0, 4.5.1, 4.5.0, 4.4.0
         Environment: Kerberized
            Reporter: Dan Bahir


When using Phoenix jdbc driver in a Kerberized environment and logging in with 
a keytab is not automatically renewed.

Expected:The ticket will be automatically renewed and the Phoenix driver will 
be able to write to the database.
Actual: The ticket is not renewed and driver loses access to the database.

2016-08-15 00:00:59.738 WARN  AbstractRpcClient 
[hconnection-0x4763c727-metaLookup-shared--pool1-t686] - Exception encountered 
while connecting to the server : javax.security.sasl.Sa
slException: GSS initiate failed [Caused by GSSException: No valid credentials 
provided (Mechanism level: Failed to find any Kerberos tgt)]
2016-08-15 00:00:59.739 ERROR AbstractRpcClient 
[hconnection-0x4763c727-metaLookup-shared--pool1-t686] - SASL authentication 
failed. The most likely cause is missing or invalid crede
ntials. Consider 'kinit'.
javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: 
No valid credentials provided (Mechanism level: Failed to find any Kerberos 
tgt)]
        at 
com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java
:211)
        at 
org.apache.hadoop.hbase.security.HBaseSaslRpcClient.saslConnect(HBaseSaslRpcClie
nt.java:179)
        at 
org.apache.hadoop.hbase.ipc.RpcClientImpl$Connection.setupSaslConnection(RpcClie
ntImpl.java:611)
        at 
org.apache.hadoop.hbase.ipc.RpcClientImpl$Connection.access$600(RpcClientImpl.ja
va:156)
        at 
org.apache.hadoop.hbase.ipc.RpcClientImpl$Connection$2.run(RpcClientImpl.java:73
7)
        at 
org.apache.hadoop.hbase.ipc.RpcClientImpl$Connection$2.run(RpcClientImpl.java:73
4)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.ja





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to