Take a look at the patch added to https://issues.apache.org/jira/browse/HBASE-12366 There will be a new AuthUtil. launchAuthChore() which should help in your case. (The doc patch is here https://issues.apache.org/jira/browse/HBASE-12528)
Matteo On Wed, Nov 19, 2014 at 11:19 AM, Bogala, Chandra Reddy < chandra.bog...@gs.com> wrote: > Hi, > I am trying to login to secure cluster with keytabs using below methods. > It works fine if the token is not expired. My process runs for long time ( > web app from tomcat). Keep getting below exceptions after the token expire > time and connection fails if the user tries to view data from web page. > What is the better way of handling connections? How to refresh keys > automatically?. Is there a spring implementation for managing connections? > If yes, can you share sample code. > > > UserGroupInformation.setConfiguration(conf); > UserGroupInformation.loginUserFromKeytab("hbase.myclient.principal", > "hbase.myclient.keytab"); > > 2014-11-13 08:25:49,899 ERROR > [org.apache.hadoop.security.UserGroupInformation] > PriviledgedActionException as u...@mycompany.com (auth:KERBEROS) > cause:javax.security.sasl.SaslException: GSS initiate failed [Caused by > GSSException: No valid credentials provided (Mechanism level: Failed to > find any Kerberos tgt)] > 2014-11-13 08:25:49,900 WARN [org.apache.hadoop.ipc.RpcClient] Exception > encountered while connecting to the server : > javax.security.sasl.SaslException: GSS initiate failed [Caused by > GSSException: No valid credentials provided (Mechanism level: Failed to > find any Kerberos tgt)] > javax.security.sasl.SaslException: GSS initiate failed > Caused by: org.ietf.jgss.GSSException: No valid credentials provided > (Mechanism level: Failed to find any Kerberos tgt) > > Thanks, > Chandra > > > >