[jira] [Commented] (HDFS-3980) NPE in HttpURLConnection.java while starting SecondaryNameNode.

Thu, 18 Oct 2012 01:22:09 -0700 

    [ 
https://issues.apache.org/jira/browse/HDFS-3980?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13478781#comment-13478781
 ] 

Brahma Reddy Battula commented on HDFS-3980:
--------------------------------------------

HI ATM,

I got cause,
fs.default.name I configured as IP and then principal coming as HTTP/IP(Usually 
it should be HTTP/hostname) which is not present in KDC.
After changing that to hostname it's working fine..
{code}
 String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
                KerberosAuthenticator.this.url.getHost());
{code}
here URL will take from fs.default.name..Since I configured as IP,principal is 
coming as HTTP/IP which is not present.
I think following need to look as part of this defect...Once you finalize I'll 
duplicate HDFS-4043
[~ahadr] comment from HDFS-4043
{quote}
KerberosAuthenticator.this.url.getHost() call does not always return the fully 
qualified host name, and thus causes the namenode to login to fail due to 
kerberos's inability to find a matching hdfs principal in the hdfs.keytab file. 
Instead it should use InetAddress.getCanonicalHostName. This is consistent with 
what is used internally by SecurityUtil.java to login in other services, such 
as the DataNode.
{quote}

Thanks
Brahma.

                
> NPE in HttpURLConnection.java while starting SecondaryNameNode.
> ---------------------------------------------------------------
>
>                 Key: HDFS-3980
>                 URL: https://issues.apache.org/jira/browse/HDFS-3980
>             Project: Hadoop HDFS
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 3.0.0, 2.0.1-alpha
>            Reporter: Brahma Reddy Battula
>            Priority: Critical
>         Attachments: core-site.xml, hdfs-site.xml
>
>
> Scenario:
> ========
> I started secure cluster by going thru following..
> https://ccp.cloudera.com/display/CDHDOC/CDH3+Security+Guide..
> Here SecondaryNamenode is getting shutdown by throwing NPE..
> Please correct me If I am wrong...
> Will attach conf and logs..

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to