Hi,
I have enabled doAs property as said in
http://hbase.apache.org/book.html#security.gateway.thrift.doas
<property>
<name>hbase.thrift.kerberos.principal</name>
<value>principal</value>
</property>
<property>
<name>hbase.thrift.keytab.file</name>
<value>keytab</value>
</property>
<property>
<name>hbase.thrift.ssl.enabled</name>
<value>true</value>
</property>
<property>
<name>hbase.thrift.ssl.keystore.store</name>
<value>keystorelocation</value>
</property>
<property>
<name>hbase.thrift.ssl.keystore.password</name>
<value>keystorepassword</value>
</property>
<property>
<name>hbase.thrift.ssl.keystore.keypassword</name>
<value>keypasspassword</value>
</property>
<property>
<name>hbase.thrift.security.qop</name>
<value>auth-conf</value>
</property>
<property>
<name>hbase.regionserver.thrift.http</name>
<value>true</value>
</property>
<property>
<name>hbase.thrift.support.proxyuser</name>
<value>true</value>
</property>
But when i run the DemoClient, facing errors
*hbase org.apache.hadoop.hbase.thrift.HttpDoAsClient machine1.example.com
<http://machine1.example.com> 10003 Kumar true*
Error logs - http://pastebin.com/ULSBi3Ci
and getting below WARN messages in HBase thrift server logs
2016-10-06 11:33:39,540 WARN [191407184@qtp-4591636-0] mortbay.log:
javax.net.s
sl.SSLException: Unrecognized SSL message, plaintext connection?
2016-10-06 11:33:50,791 WARN [191407184@qtp-4591636-0] mortbay.log:
javax.net.s
sl.SSLException: Unrecognized SSL message, plaintext connection?
2016-10-06 11:34:04,266 WARN [191407184@qtp-4591636-0] mortbay.log:
javax.net.s
sl.SSLException: Unrecognized SSL message, plaintext connection?
2016-10-06 11:34:04,272 WARN [191407184@qtp-4591636-0] mortbay.log:
javax.net.s
sl.SSLException: Unrecognized SSL message, plaintext connection?
Did i missed anything?
Help me to resolve the errors.
Thanks.
On Wed, Oct 5, 2016 at 2:50 PM, kumar r <kumarc...@gmail.com> wrote:
> Hi Dima,
>
> Thanks for the update. Let me check further.
>
> On Wed, Oct 5, 2016 at 2:28 AM, Dima Spivak <dimaspi...@apache.org> wrote:
>
>> Hey Kumar,
>>
>> The ref guide section on enabling security for the Thrift gateway [1] is a
>> good place to start. Have you gone through that?
>>
>> 1. http://hbase.apache.org/book.html#security.gateway.thrift.doas
>>
>> -Dima
>>
>> On Tue, Oct 4, 2016 at 4:59 AM, kumar r <kumarc...@gmail.com> wrote:
>>
>> > Hi,
>> >
>> > I need example for C# HBase thrift with doAs header.
>> >
>> > First of all, setting the below property isn't enough to enable
>> > authentication/impersonation?
>> >
>> > <property>
>> > <name>hbase.thrift.security.qop</name>
>> > <value>auth-conf</value>
>> > </property>
>> >
>> > After setting this property, i cannot access HBase via C# thrift. I need
>> > example to access HBase with doAs via C# thrift client.
>> >
>> > Help me to get it work.
>> >
>> > Thanks in advance,
>> > Kumar
>> >
>>
>
>
