[ https://issues.apache.org/jira/browse/KNOX-916?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15949522#comment-15949522 ]
Jeffrey E Rodriguez edited comment on KNOX-916 at 3/30/17 6:11 PM: -------------------------------------------------------------------- Sarah, any reason why we are running kinit "knox principal (knox/_HOSTNAME) " ? , in your testcase. As a user you shouldn't do that. was (Author: jeffreyr97): Sarah, any reason why we are running kinit "knox principal (knox/_HOSTNAME) " ? > When REST endpoint enables SPNEGO and there is valid kerberos ticket cache > for knox user, REST call through knox will show 401 error > ------------------------------------------------------------------------------------------------------------------------------------ > > Key: KNOX-916 > URL: https://issues.apache.org/jira/browse/KNOX-916 > Project: Apache Knox > Issue Type: Bug > Affects Versions: 0.11.0 > Reporter: Shi Wang > Assignee: Shi Wang > > For example, if webhdfs uses SPNEGO authentication, and curl through knox, su > knoxuser and klist, if there is valid kerberos ticket cached for knoxuser, > then it will show 401 unauthorized error. But if the cached ticket expired or > do not have any cached ticket, could get 200 correct result. -- This message was sent by Atlassian JIRA (v6.3.15#6346)