Tom Beerbower created AMBARI-17242: -------------------------------------- Summary: Atlas Integration : atlas.authentication.principal should be set to atlas/_h...@example.com Key: AMBARI-17242 URL: https://issues.apache.org/jira/browse/AMBARI-17242 Project: Ambari Issue Type: Bug Reporter: Tom Beerbower Assignee: Tom Beerbower
In a kerberized env, the value of atlas.authentication.principal should be set to atlas/_h...@example.com. Currently the value is set to atlas which causes Atlas server startup to fail. {code} ######################################################################################## (Atlas:194) 2016-06-11 01:51:27,820 INFO - [main:] ~ >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> (Atlas:195) 2016-06-11 01:51:27,820 INFO - [main:] ~ Server starting with TLS ? false on port 21000 (Atlas:196) 2016-06-11 01:51:27,820 INFO - [main:] ~ <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< (Atlas:197) 2016-06-11 01:51:27,885 INFO - [main:] ~ Logging initialized @1201ms (log:186) 2016-06-11 01:51:28,005 INFO - [main:] ~ jetty-9.2.12.v20150709 (Server:327) 2016-06-11 01:51:29,022 INFO - [main:] ~ Loading Guice modules (GuiceServletConfig:65) 2016-06-11 01:51:29,199 WARN - [main:] ~ Failed startup of context o.e.j.w.WebAppContext@14cd1699{/,file:/usr/hdp/2.5.0.0-717/atlas/server/webapp/atlas/,STARTING}{/usr/hdp/current/atlas-server/server/webapp/atlas} (WebAppContext:514) java.lang.IllegalStateException: Unable to perform KERBEROS login. at org.apache.atlas.web.listeners.LoginProcessor.doServiceLogin(LoginProcessor.java:79) at org.apache.atlas.web.listeners.LoginProcessor.login(LoginProcessor.java:58) at org.apache.atlas.web.listeners.GuiceServletConfig.getInjector(GuiceServletConfig.java:76) at com.google.inject.servlet.GuiceServletContextListener.contextInitialized(GuiceServletContextListener.java:47) at org.apache.atlas.web.listeners.GuiceServletConfig.contextInitialized(GuiceServletConfig.java:132) at org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:800) at org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:444) at org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:791) at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:294) at org.eclipse.jetty.webapp.WebAppContext.startWebapp(WebAppContext.java:1349) at org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1342) at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:741) at org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:505) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:132) at org.eclipse.jetty.server.Server.start(Server.java:387) at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:114) at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61) at org.eclipse.jetty.server.Server.doStart(Server.java:354) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.apache.atlas.web.service.EmbeddedServer.start(EmbeddedServer.java:93) at org.apache.atlas.Atlas.main(Atlas.java:113) Caused by: java.io.IOException: Login failure for atlas from keytab /etc/security/keytabs/atlas.service.keytab: javax.security.auth.login.LoginException: Unable to obtain password from user at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:987) at org.apache.atlas.web.listeners.LoginProcessor.doServiceLogin(LoginProcessor.java:73) ... 21 more Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:897) at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:760) at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:587) at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:978) ... 22 more 2016-06-11 01:51:29,214 INFO - [main:] ~ Started ServerConnector@771adfcb{HTTP/1.1}{0.0.0.0:21000} (ServerConnector:266) 2016-06-11 01:51:29,214 INFO - [main:] ~ Started @2533ms (Server:379) {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)