[ https://issues.apache.org/jira/browse/HDFS-14845?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16929312#comment-16929312 ]
Eric Yang commented on HDFS-14845: ---------------------------------- [~Prabhu Joseph] Thank you for the patch. Correct me if I am mistaken. This patch will restore HttpFSAuthenticationFilter instead of enforcing custom filters. When user select to use JWTAuthenticationFilter, it would not apply to HttpFS server. This may not meet user expectation. The more proper solution is to nullified HttpFSAuthenticationFilter, and map authFilter initialization to the standard filter initializer only. [~aajisaka] Let us know if you really intend to use JWTAuthenticationFilter with HttpFS, or you only want HttpFSAuthenticationFilter? Thanks > Request is a replay (34) error in httpfs > ---------------------------------------- > > Key: HDFS-14845 > URL: https://issues.apache.org/jira/browse/HDFS-14845 > Project: Hadoop HDFS > Issue Type: Bug > Components: httpfs > Affects Versions: 3.3.0 > Environment: Kerberos and ZKDelgationTokenSecretManager enabled in > HttpFS > Reporter: Akira Ajisaka > Assignee: Prabhu Joseph > Priority: Critical > Attachments: HDFS-14845-001.patch > > > We are facing "Request is a replay (34)" error when accessing to HDFS via > httpfs on trunk. > {noformat} > % curl -i --negotiate -u : "https://<host>:4443/webhdfs/v1/?op=liststatus" > HTTP/1.1 401 Authentication required > Date: Mon, 09 Sep 2019 06:00:04 GMT > Date: Mon, 09 Sep 2019 06:00:04 GMT > Pragma: no-cache > X-Content-Type-Options: nosniff > X-XSS-Protection: 1; mode=block > WWW-Authenticate: Negotiate > Set-Cookie: hadoop.auth=; Path=/; Secure; HttpOnly > Cache-Control: must-revalidate,no-cache,no-store > Content-Type: text/html;charset=iso-8859-1 > Content-Length: 271 > HTTP/1.1 403 GSSException: Failure unspecified at GSS-API level (Mechanism > level: Request is a replay (34)) > Date: Mon, 09 Sep 2019 06:00:04 GMT > Date: Mon, 09 Sep 2019 06:00:04 GMT > Pragma: no-cache > X-Content-Type-Options: nosniff > X-XSS-Protection: 1; mode=block > (snip) > Set-Cookie: hadoop.auth=; Path=/; Secure; HttpOnly > Cache-Control: must-revalidate,no-cache,no-store > Content-Type: text/html;charset=iso-8859-1 > Content-Length: 413 > <html> > <head> > <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> > <title>Error 403 GSSException: Failure unspecified at GSS-API level > (Mechanism level: Request is a replay (34))</title> > </head> > <body><h2>HTTP ERROR 403</h2> > <p>Problem accessing /webhdfs/v1/. Reason: > <pre> GSSException: Failure unspecified at GSS-API level (Mechanism level: > Request is a replay (34))</pre></p> > </body> > </html> > {noformat} -- This message was sent by Atlassian Jira (v8.3.2#803003) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org