[jira] [Commented] (HADOOP-13890) TestWebDelegationToken and TestKMS fails in trunk

Tue, 13 Dec 2016 21:19:43 -0800 

    [ 
https://issues.apache.org/jira/browse/HADOOP-13890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15747314#comment-15747314
 ] 

Xiaoyu Yao commented on HADOOP-13890:
-------------------------------------

[~yuanbo], do you use Oracle JDK or IBM JDK? What's your JDK version? It passed 
on my machine with Oracle JDK 1.8.

Can you enable trace log for KerberosAuthenticatonHandler during the test run by
1. adding the following to the end of TestWebDelegationToken#setUp() 
{code}
    GenericTestUtils.setLogLevel(KerberosAuthenticationHandler.LOG, 
Level.TRACE);
{code}
2. change KerberosAuthenticationHandler.LOG to public in 
KerberosAuthenticator.java.
and reattach the log with additional trace enabled? This will reveal the cause 
of SPNEGO failure from server side. Thanks in advance!

> TestWebDelegationToken and TestKMS fails in trunk
> -------------------------------------------------
>
>                 Key: HADOOP-13890
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13890
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: test
>            Reporter: Brahma Reddy Battula
>            Assignee: Xiaoyu Yao
>         Attachments: HADOOP-13890.00.patch, HADOOP-13890.01.patch, 
> HADOOP-13890.02.patch, HADOOP-13890.03.patch, test-failure.txt
>
>
> TestWebDelegationToken, TestKMS , TestTrashWithSecureEncryptionZones and 
> TestSecureEncryptionZoneWithKMS started failing in trunk because the SPENGO 
> principle used in these test are incomplete: HTTP/localhost assuming the 
> default realm will be applied at authentication time. This ticket is opened 
> to fix these unit test with complete HTTP principal.
> {noformat}
> org.apache.hadoop.security.authentication.client.AuthenticationException: 
> org.apache.hadoop.security.authentication.client.AuthenticationException: 
> Invalid SPNEGO sequence, status code: 403
>       at 
> org.apache.hadoop.security.authentication.client.KerberosAuthenticator.readToken(KerberosAuthenticator.java:371)
>       at 
> org.apache.hadoop.security.authentication.client.KerberosAuthenticator.access$300(KerberosAuthenticator.java:53)
>       at 
> org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:317)
>       at 
> org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:287)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at javax.security.auth.Subject.doAs(Subject.java:422)
>       at 
> org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:287)
>       at 
> org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:205)
>       at 
> org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.authenticate(DelegationTokenAuthenticator.java:132)
>       at 
> org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:216)
>       at 
> org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.doDelegationTokenOperation(DelegationTokenAuthenticator.java:298)
>       at 
> org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticator.getDelegationToken(DelegationTokenAuthenticator.java:170)
>       at 
> org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL.getDelegationToken(DelegationTokenAuthenticatedURL.java:373)
>       at 
> org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken$5.call(TestWebDelegationToken.java:782)
>       at 
> org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken$5.call(TestWebDelegationToken.java:779)
>       at 
> org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken$4.run(TestWebDelegationToken.java:715)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at javax.security.auth.Subject.doAs(Subject.java:422)
>       at 
> org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken.doAsKerberosUser(TestWebDelegationToken.java:712)
>       at 
> org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken.testKerberosDelegationTokenAuthenticator(TestWebDelegationToken.java:778)
>       at 
> org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken.testKerberosDelegationTokenAuthenticator(TestWebDelegationToken.java:729)
>  {noformat}
>  *Jenkins URL* 
> https://builds.apache.org/job/hadoop-qbt-trunk-java8-linux-x86/251/testReport/
> https://builds.apache.org/job/PreCommit-HADOOP-Build/11240/testReport/



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to