[
https://issues.apache.org/jira/browse/RANGER-4038?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17926509#comment-17926509
]
Bhavik Patel commented on RANGER-4038:
--------------------------------------
KMS service Test-connection is not working after enabling kerberos
{code:java}
025-02-12 17:27:47,247 DEBUG [http-nio-9292-exec-8]
o.a.h.s.a.s.AuthenticationFilter (AuthenticationFilter.java:520) - Got token
null from httpRequest http://localhost:9292/kms/v1/keys/names?doAs=ranger
2025-02-12 17:27:47,248 DEBUG [http-nio-9292-exec-8]
o.a.h.s.a.s.AuthenticationFilter (AuthenticationFilter.java:533) - Request
[http://localhost:9292/kms/v1/keys/names?doAs=ranger] triggering
authentication. handler: class
org.apache.hadoop.security.token.delegation.web.KerberosDelegationTokenAuthenticationHandler
2025-02-12 17:27:47,248 DEBUG [http-nio-9292-exec-8]
o.a.h.s.t.d.w.DelegationTokenAuthenticationHandler
(DelegationTokenAuthenticationHandler.java:410) - Falling back to class
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler
(req=org.apache.catalina.connector.RequestFacade@65632057)
2025-02-12 17:27:47,249 ERROR [http-nio-9292-exec-8]
o.a.c.c.C.[.[.v.c.[.[webservices-driver] (DirectJDKLog.java:175) -
Servlet.service() for servlet [webservices-driver] in context with path [/kms]
threw exception [Filter execution threw an exception] with root cause
java.lang.NoSuchMethodError: 'void
jakarta.servlet.http.HttpServletResponse.setStatus(int, java.lang.String)'
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.doFilter(AuthenticationFilter.java:631)
at
org.apache.hadoop.crypto.key.kms.server.KMSAuthenticationFilter.doFilter(KMSAuthenticationFilter.java:136)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:164)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:140)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:483)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:115)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:663)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:384)
at
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:905)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1741)
at
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1190)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:63)
at java.base/java.lang.Thread.run(Thread.java:840)
2025-02-12 17:28:00,832 DEBUG [PolicyRefresher(serviceName=feb11spring_kms)-31]
o.a.r.p.u.PolicyRefresher (PolicyRefresher.java:491) - ==>
PolicyRefresher(serviceName=feb11spring_kms).loadRoles() {code}
> Upgrade spring framework and spring security versions
> -----------------------------------------------------
>
> Key: RANGER-4038
> URL: https://issues.apache.org/jira/browse/RANGER-4038
> Project: Ranger
> Issue Type: Bug
> Components: Ranger
> Reporter: Himanshu Maurya
> Priority: Major
>
> Pivotal Spring Framework up to (excluding) 6.0.0 suffers from a potential
> remote code execution (RCE) issue if used for Java deserialization of
> untrusted data. Depending on how the library is implemented within a product,
> this issue may or not occur, and authentication may be required.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
