I’m not sure this answers your question directly but I found getting a Livy 
Java client on Windows to talk successfully to a Kerberos-enabled cluster to be 
a major pain in the neck. However these links might help you:
https://stackoverflow.com/questions/46909048/livy-rest-api-get-requests-work-but-post-requests-fail-with-401-authentication
https://stackoverflow.com/questions/45957379/curl-on-windows-gssexception-defective-token-detected-mechanism-level-gsshe
Good luck!
Lucas.

From: Joel Folkerts <joel.folke...@gmail.com>
Sent: 30 April 2019 18:21
To: user@livy.incubator.apache.org
Subject: EXT: How to use Livy Client API with SPNEGO

I am attempting to authenticate against a Kerberos-enabled cluster suing the 
Livy API:

Setting up Kerberos properties:

Properties props = new Properties();
props.setProperty("spnego.enabled", "true");
props.setProperty("auth.login.config", "C:\\PATH_TO_\\jaas-client.conf");
props.setProperty("krb5.debug", "true");
props.setProperty("krb5.conf", "C:\\Windows\\krb5.ini");

Building Livy client with Kerberos properties

this.livyClient = new LivyClientBuilder()
        .setURI(this.config.getLivyURI())
        .setAll(props)
        .build();
I receive the following exception:

NEGOTIATE authentication error: No valid credentials provided (Mechanism level: 
No valid credentials provided (Mechanism level: Failed to find any Kerberos 
tgt))

Looking closer at the Livy source code, it appears that the enum value 
"Entry.SPNEGO_ENABLED" needs to be set to false; however, I don't see a way to 
access the enum Entry object prior to the check on line 66:

https://github.com/cloudera/livy/blob/9ae24d08738652ba5fd817780711d01b110d74a9/client-http/src/main/java/com/cloudera/livy/client/http/HttpConf.java#L66

Any help would be greatly appreciated!

Reply via email to