Hmm, so it seems updating the Hadoop version used by my processor from
2.6.0 to 2.7.3 has fixed the problem. Testing a little more just to
make sure...
On 14 July 2017 at 14:48, Georg Heiler wrote:
> We just applied the standard fix to enable the JCE extensions i.e.
We just applied the standard fix to enable the JCE extensions i.e. copied
the files into the right place. I was on vacation last week but it looked
like the fix we had been searching for for a while. We were still
conducting some more testing to see if this actually fixed the problem.
But without
Hi Georg,
I am indeed using open-jdk8 on CentOS 7.3, but I'm not sure why my
standalone app is ok, whereas the same code in NiFi isn't. How did you
fix the JCE policies?
I'm guessing it is something to do with the shared
UserGroupInformation class. Which makes me wonder how (if) it will
work
Hi Joe,
we recently had a similar problem. For us it turned out that we are using
the latest open-jdk8 which no longer is providing the JCE policies required
for strong cryptography out of the box on cents 7.3.
regards,
Georg
Joe Witt schrieb am Fr., 14. Juli 2017 um 15:12
James,
I know Jeff Storck has recently been doing some work around
Kerberos/TGT renewal. Hopefully he can share some of his
observations/work back on this thread soon.
Thanks
On Fri, Jul 14, 2017 at 8:48 AM, James Srinivasan
wrote:
> Hi all,
>
> I have a NiFi
Hi all,
I have a NiFi processor which uses Kerberos keytab authentication to
write data to Accumulo. I have a separate thread which periodically
runs in order to try renewing my TGT
(UserGroupInformation.getCurrentUser.checkTGTAndReloginFromKeytab()).
This code works fine outside NiFi, but