Yes, It is installed in all the JVMs. Any other solution.
On Wed, Oct 4, 2017 at 5:30 PM, rafa <raf...@gmail.com> wrote: > Hi Mallieswari, > > Perhaps the Java Cryptography Extension (JCE) Unlimited Strength > Jurisdiction Policy Files are not installed in all the JVMs ? > > Regards, > rafa > > On Wed, Oct 4, 2017 at 1:18 PM, Mallieswari Dineshbabu < > dmalliesw...@gmail.com> wrote: > >> Hi , >> >> >> >> I have configured a phoenix package "apache-phoenix-4.11.0-HBase-1.2-bin" >> to Hbase version "1.2.5" in kerberos cluster. >> >> >> >> For phoenix secure cluster configuration, I have added the following >> properties into the *hbase-site.xml* present in *phoenix/bin* along with >> the properties of hbase configuration properties present in hbase/conf path >> and refer the *core-site.xml*, *hdfs-site.xml* file in phoenix/bin path >> >> >> >> phoenix.queryserver.keytab.file >> >> The key to look for keytab file. >> >> *unset* >> >> phoenix.queryserver.kerberos.principal >> >> The kerberos principal to use when authenticating. >> >> *unset* >> >> Phoenix Query Server: >> >> >> >> Once updated a above properties query server has been started >> successfully using keytab. >> >> >> >> *Command to Server:* >> >> *python queryserver.py* >> >> >> >> Phoenix Client: >> >> >> >> Once the query server is started successfully then the port no 8765 comes >> to live. When i try to connect client with following command it returns GSS >> Exception. Am I missing any steps in configuration. >> >> >> >> >> >> *Command to Client:* >> >> Following are the methods i tried to connect in secure cluster it does >> not works. >> >> >> >> *Method 1:* python sqlline-thin.py http://hostname:8765 >> >> *Method 2:* >> >> python sqlthin-client.py http://hostname:8765;authentic >> ation=SPNEGO;principal=phoenix/OrgClu@XXXXXX.XXXXX. >> COM;keytab=C:\\path\\to\\HadoopKeyTabs\\\phoenix.keytab >> <http://hostname:8765;authentication=SPNEGO;principal=phoenix/org...@xxxxxx.xxxxx.com;keytab=C:/path/to/HadoopKeyTabs/phoenix.keytab> >> >> >> >> >> >> *CLIENT SIDE ERROR:* >> >> x-4.11.0-HBase-1.2-bin\bin>python sqlline-thin.py http://namenode1:8765 >> >> Failed to find hbase executable on PATH, defaulting serialization to >> PROTOBUF. >> >> [ERROR] Terminal initialization failed; falling back to unsupported >> >> java.lang.NoClassDefFoundError: Could not initialize class >> org.apache.phoenix.sh >> >> aded.org.fusesource.jansi.internal.Kernel32 >> >> at org.apache.phoenix.shaded.org.fusesource.jansi.internal.Wind >> owsSuppor >> >> t.getConsoleMode(WindowsSupport.java:50) >> >> at org.apache.phoenix.shaded.jline.WindowsTerminal.getConsoleMo >> de(Window >> >> sTerminal.java:177) >> >> at org.apache.phoenix.shaded.jline.WindowsTerminal.init(Windows >> Terminal. >> >> java:80) >> >> at org.apache.phoenix.shaded.jline.TerminalFactory.create(Termi >> nalFactor >> >> y.java:101) >> >> at org.apache.phoenix.shaded.jline.TerminalFactory.get(Terminal >> Factory.j >> >> ava:159) >> >> at sqlline.SqlLineOpts.<init>(SqlLineOpts.java:45) >> >> at sqlline.SqlLine.<init>(SqlLine.java:55) >> >> at sqlline.SqlLine.start(SqlLine.java:397) >> >> at sqlline.SqlLine.main(SqlLine.java:291) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >> qllineWra >> >> pper.java:88) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >> qllineWra >> >> pper.java:85) >> >> at java.security.AccessController.doPrivileged(Native Method) >> >> at javax.security.auth.Subject.doAs(Subject.java:415) >> >> at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro >> upInforma >> >> tion.java:1657) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq >> llineWrap >> >> per.java:85) >> >> >> >> [ERROR] Terminal initialization failed; falling back to unsupported >> >> java.lang.NoClassDefFoundError: Could not initialize class >> org.apache.phoenix.sh >> >> aded.org.fusesource.jansi.internal.Kernel32 >> >> at org.apache.phoenix.shaded.org.fusesource.jansi.internal.Wind >> owsSuppor >> >> t.getConsoleMode(WindowsSupport.java:50) >> >> at org.apache.phoenix.shaded.jline.WindowsTerminal.getConsoleMo >> de(Window >> >> sTerminal.java:177) >> >> at org.apache.phoenix.shaded.jline.WindowsTerminal.init(Windows >> Terminal. >> >> java:80) >> >> at org.apache.phoenix.shaded.jline.TerminalFactory.create(Termi >> nalFactor >> >> y.java:101) >> >> at sqlline.SqlLine.getConsoleReader(SqlLine.java:723) >> >> at sqlline.SqlLine.begin(SqlLine.java:657) >> >> at sqlline.SqlLine.start(SqlLine.java:398) >> >> at sqlline.SqlLine.main(SqlLine.java:291) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >> qllineWra >> >> pper.java:88) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >> qllineWra >> >> pper.java:85) >> >> at java.security.AccessController.doPrivileged(Native Method) >> >> at javax.security.auth.Subject.doAs(Subject.java:415) >> >> at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro >> upInforma >> >> tion.java:1657) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq >> llineWrap >> >> per.java:85) >> >> >> >> Setting property: [incremental, false] >> >> Setting property: [isolation, TRANSACTION_READ_COMMITTED] >> >> issuing: !connect jdbc:phoenix:thin:url=http://n >> amenode1:8765;serialization=PROT >> >> OBUF;authentication=SPNEGO none none org.apache.phoenix.queryserver >> .client.Drive >> >> r >> >> Connecting to jdbc:phoenix:thin:url=http://n >> amenode1:8765;serialization=PROTOBUF >> >> ;authentication=SPNEGO >> >> java.lang.RuntimeException: Failed to execute HTTP Request, got HTTP/404 >> >> at org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientSp >> negoImpl. >> >> send(AvaticaCommonsHttpClientSpnegoImpl.java:148) >> >> at org.apache.calcite.avatica.remote.RemoteProtobufService._app >> ly(Remote >> >> ProtobufService.java:45) >> >> at org.apache.calcite.avatica.remote.ProtobufService.apply(Prot >> obufServi >> >> ce.java:81) >> >> at org.apache.calcite.avatica.remote.Driver.connect(Driver.java >> :176) >> >> at sqlline.DatabaseConnection.connect(DatabaseConnection.java: >> 157) >> >> at sqlline.DatabaseConnection.getConnection(DatabaseConnection. >> java:203) >> >> >> >> at sqlline.Commands.connect(Commands.java:1064) >> >> at sqlline.Commands.connect(Commands.java:996) >> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >> ssorImpl. >> >> java:57) >> >> at sun.reflect.DelegatingMethodAccessorImpl.invoke( >> DelegatingMethodAcces >> >> sorImpl.java:43) >> >> at java.lang.reflect.Method.invoke(Method.java:606) >> >> at sqlline.ReflectiveCommandHandler.execute(ReflectiveCommandHa >> ndler.jav >> >> a:38) >> >> at sqlline.SqlLine.dispatch(SqlLine.java:809) >> >> at sqlline.SqlLine.initArgs(SqlLine.java:588) >> >> at sqlline.SqlLine.begin(SqlLine.java:661) >> >> at sqlline.SqlLine.start(SqlLine.java:398) >> >> at sqlline.SqlLine.main(SqlLine.java:291) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >> qllineWra >> >> pper.java:88) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >> qllineWra >> >> pper.java:85) >> >> at java.security.AccessController.doPrivileged(Native Method) >> >> at javax.security.auth.Subject.doAs(Subject.java:415) >> >> at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro >> upInforma >> >> tion.java:1657) >> >> at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq >> llineWrap >> >> per.java:85) >> >> >> >> >> >> >> >> >> >> *SERVER SIDE ERROR:* >> >> 17/10/04 05:34:28 INFO server.Server: Started @9558ms >> >> 17/10/04 05:34:28 INFO server.HttpServer: Service listening on port 8765. >> >> 17/10/04 05:38:39 WARN security.SpnegoLoginService: >> >> GSSException: Failure unspecified at GSS-API level (Mechanism level: >> Encryption >> >> type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled) >> >> at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Cont >> ext.java: >> >> 788) >> >> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >> Impl.java >> >> :342) >> >> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >> Impl.java >> >> :285) >> >> at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext( >> SpNegoCon >> >> text.java:871) >> >> at sun.security.jgss.spnego.SpNegoContext.acceptSecContext( >> SpNegoContext >> >> .java:544) >> >> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >> Impl.java >> >> :342) >> >> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >> Impl.java >> >> :285) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.security.SpnegoL >> oginServi >> >> ce.login(SpnegoLoginService.java:137) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.security.authent >> ication.L >> >> oginAuthenticator.login(LoginAuthenticator.java:61) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.security.authent >> ication.S >> >> pnegoAuthenticator.validateRequest(SpnegoAuthenticator.java:99) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.security.Securit >> yHandler. >> >> handle(SecurityHandler.java:512) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler.H >> andlerLis >> >> t.handle(HandlerList.java:52) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler.H >> andlerWra >> >> pper.handle(HandlerWrapper.java:97) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.server.Server.ha >> ndle(Serv >> >> er.java:499) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.server.HttpChann >> el.handle >> >> (HttpChannel.java:311) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.server.HttpConne >> ction.onF >> >> illable(HttpConnection.java:257) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.io.AbstractConne >> ction$2.r >> >> un(AbstractConnection.java:544) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread.Queu >> edThreadP >> >> ool.runJob(QueuedThreadPool.java:635) >> >> at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread.Queu >> edThreadP >> >> ool$3.run(QueuedThreadPool.java:555) >> >> at java.lang.Thread.run(Thread.java:744) >> >> Caused by: KrbException: Encryption type AES256 CTS mode with HMAC >> SHA1-96 is no >> >> t supported/enabled >> >> at sun.security.krb5.EncryptionKey.findKey(EncryptionKey.java: >> 552) >> >> at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:270) >> >> at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:144) >> >> at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecCon >> textToken >> >> .java:108) >> >> at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Cont >> ext.java: >> >> 771) >> >> ... 19 more >> >> >> >> >> >> >> >> Please help me to solve this issue. >> >> -- >> >> Thanks and regards >> >> D.Mallieswari >> > > -- Thanks and regards D.Mallieswari
