Dear Apache List Members,I have a test system that comprises of several VMs.
One provides (integrated) OpenLDAP/Kerberos5 services (LDAP backend) and I've
integrated zookeeper with this (via JAAS). The authentication works but I had
to use a per node (with FQDNs) to achieve this. (ie. zk/node0001.my.domain;
zk/node0002.my.domain, ..., instead of zk/[email protected])
My goal is to have drill authenticate and to be able to use the underlying java
DoAs() functionality. I don't quite understand how the kerberos authentication
works. Does the drill software provide a kerberos authenticated client
connection to zookeeper? The drill cluster appears to start OK (without
client-side authentication to zookeeper - which I'd like to remedy) but I seem
to be receiving errors relating to GSSAPI when I attempt to connect to the
drill via sqlline:
Error: Failure in connecting to Drill: org.apache.drill.exec.rpc.RpcException:
javax.security.sasl.SaslException: Failed to login. [Caused by
javax.security.auth.login.LoginException: Unable to obtain password from user]
(state=,code=0)
I've tried various combinations but can't seem to get drill to authenticate.
Any assistance or pointers would be greatly appreciated.Thanks.Cheers, Spiro.
