[
https://issues.apache.org/jira/browse/PHOENIX-4688?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16636185#comment-16636185
]
Josh Elser commented on PHOENIX-4688:
-------------------------------------
Ok, figured it out. Python is still (somehow) finding my MIT krb libraries. I
get the same exact error if I use MIT kinit with the heimdal krb5.conf you
generate.
{noformat}
% KRB5_TRACE=/dev/stdout
KRB5_CONFIG=/var/folders/4q/q02ykc2j5l1fg8nbs_sczskh0000gp/T/krb5.conf4602740147062445533.tmp
/usr/local/Cellar/krb5/1.16.1/bin/kinit -kt
/Users/jelser/projects/phoenix.git/phoenix-queryserver/target/SecureQueryServerPhoenixDBIT/keytabs/user1.keytab
user1
[5696] 1538518054.672090: Getting initial credentials for us...@example.com
[5696] 1538518054.672091: Looked up etypes in keytab: aes128-cts, des3-cbc-sha1
[5696] 1538518054.672093: Sending unauthenticated request
[5696] 1538518054.672094: Sending request (171 bytes) to EXAMPLE.COM
[5696] 1538518054.672095: Resolving hostname tcp/localhost{noformat}
That makes sense now as to why you don't see this issue. I don't particularly
think we should care about fixing it either :)
Let me just add an option that users can set on the command-line to override
what SecureQueryServerPhoenixDBIT will default to (heimdal or mit krb
compatible krb5.conf).
> Add kerberos authentication to python-phoenixdb
> -----------------------------------------------
>
> Key: PHOENIX-4688
> URL: https://issues.apache.org/jira/browse/PHOENIX-4688
> Project: Phoenix
> Issue Type: Improvement
> Reporter: Lev Bronshtein
> Priority: Minor
>
> In its current state python-phoenixdv does not support support kerberos
> authentication. Using a modern python http library such as requests or
> urllib it would be simple (if not trivial) to add this support.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
