[jira] [Commented] (OOZIE-1959) TestZKUtilsWithSecurity fails

Mon, 20 Oct 2014 16:35:20 -0700 

    [ 
https://issues.apache.org/jira/browse/OOZIE-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14177654#comment-14177654
 ] 

Robert Kanter commented on OOZIE-1959:
--------------------------------------

I figured out the problem here.  We're creating the Kerberos credentials 
against the hostname, "localhost", but ZooKeeper is using the ip address, 
"127.0.0.1".  I took another look at the logs for the successful 3.4.5 run vs 
the unsuccessful 3.4.6 run and saw that 3.4.5 had "localhost/127.0.0.1" when 
connecting but 3.4.6 had "127.0.0.1/127.0.01".  

I verified this by seeing that it works with 3.4.6 when I change
{code:java}
String serverPrincipal = "zookeeper/" + kdc.getHost();  // resolves to 
"localhost"
{code}
to
{code:java}
String serverPrincipal = "zookeeper/127.0.0.1";
{code}

I'll email the zookeeper list and see if they can help; otherwise, we at least 
have a workaround.

> TestZKUtilsWithSecurity fails
> -----------------------------
>
>                 Key: OOZIE-1959
>                 URL: https://issues.apache.org/jira/browse/OOZIE-1959
>             Project: Oozie
>          Issue Type: Bug
>    Affects Versions: trunk
>            Reporter: Robert Kanter
>            Assignee: Robert Kanter
>            Priority: Blocker
>             Fix For: trunk
>
>
> TestZKUtilsWithSecurity fails:
> {noformat}
> -------------------------------------------------------
>  T E S T S
> -------------------------------------------------------
> Picked up _JAVA_OPTIONS: -Djava.awt.headless=true
> Concurrency config is parallel='classes', perCoreThreadCount=false, 
> threadCount=1, useUnlimitedThreads=false
> 2014-07-31 16:44:33.786 java[38553:da03] Unable to load realm info from 
> SCDynamicStore
> Running org.apache.oozie.util.TestZKUtilsWithSecurity
> Tests run: 2, Failures: 0, Errors: 2, Skipped: 0, Time elapsed: 71.418 sec 
> <<< FAILURE!
> Results :
> Tests in error: 
>   testCheckAndSetACLs(org.apache.oozie.util.TestZKUtilsWithSecurity): E1700: 
> Issue communicating with ZooKeeper: KeeperErrorCode = AuthFailed for /services
>   testNewUsingACLs(org.apache.oozie.util.TestZKUtilsWithSecurity): 
> KeeperErrorCode = AuthFailed for /oozie
> Tests run: 2, Failures: 0, Errors: 2, Skipped: 0
> {noformat}
> It would also be good to get test-patch to run this (it currently does not 
> because it needs to be run in a separate JVM as it changes JVM security 
> settings that can't be unchanged); I think we can actually just create a new 
> module for ZK Security tests (and move this test there) because each module 
> uses a new JVM.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to