I finally have Falcon replicating data on our secure clusters when using
the kerberos.principal I have setup. I have kerberos authentication
enabled.
Now when I try and list cluster entities (./bin/falcon entity -type cluster
-list) when kinit'd as a different user, I get the error below.
Is this expected? Or would I have a setup issue of some kind? I am unsure
what this exception means.
Stacktrace:
org.apache.falcon.client.FalconCLIException: Unable to initialize Falcon
Client object
at
org.apache.falcon.client.FalconClient.<init>(FalconClient.java:145)
at org.apache.falcon.cli.FalconCLI.run(FalconCLI.java:177)
at org.apache.falcon.cli.FalconCLI.main(FalconCLI.java:132)
Caused by: org.apache.falcon.client.FalconCLIException: Could not
authenticate for url
https://gsbl90213.blue.ygrid.yahoo.com:15443/api/options?user.name=agresch,
Authentication failed, status: 500, message: No rules applied to
agre...@y.corp.yahoo.com
at
org.apache.falcon.client.FalconClient.getToken(FalconClient.java:173)
at
org.apache.falcon.client.FalconClient.<init>(FalconClient.java:143)
... 2 more
Caused by:
org.apache.hadoop.security.authentication.client.AuthenticationException:
Authentication failed, status: 500, message: No rules applied to
agre...@y.corp.yahoo.com
at
org.apache.hadoop.security.authentication.client.AuthenticatedURL.extractToken(AuthenticatedURL.java:288)
at
org.apache.hadoop.security.authentication.client.PseudoAuthenticator.authenticate(PseudoAuthenticator.java:77)
at
org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:205)
at
org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:232)
at
org.apache.falcon.client.FalconClient.getToken(FalconClient.java:171)
... 3 more
