Hi Jeff - I am not sure what your deployment is set up to do here but it looks as though you are trying to send HTTP Basic credentials to a KnoxSSO protected cdp-proxy topology that is configured for SAML via pac4j.
I assume that there is a cdp-proxy-api topology in your deployment as well which would be more appropriate for HTTP Basic credentials. This seems to be a cloudera specific deployment though - so you should contact support from the vendor for those details. thanks, --larry On Sun, Aug 22, 2021 at 11:40 AM Jeffrey Rodriguez <jeffrey...@gmail.com> wrote: > Apache Knox RESOURCEMANAGER API not returning information > > Running product on a cluster that has a Resource Manager with a > failover configuration. > > Simply accessing /v1/cluster/information didn't return information. > > > curl -v -L -k -u jrodrigu -H "Accept: application/xml" -H > "Content-Type: application/json" -X GET > ' > https://mysite.cloudera.site:8443/mysite/cdp-proxy/resourcemanager/v1/cluster/info > ' > Enter host password for user 'jrodrigu': > * About to connect() to mysiste,cloudera.site port 8443 (#0) > * Trying 10.243.52.27... > * Connected to mysite.cloudera.site (10.243.52.27) port 8443 (#0) > * Initializing NSS with certpath: sql:/etc/pki/nssdb > * skipping SSL peer certificate verification > * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > * Server certificate: > * subject: CN=mysite.cloudera.site,ST=CA,C=US > * start date: Jun 30 19:19:20 2021 GMT > * expire date: Jun 30 23:59:59 2022 GMT > * common name: mysite.cloudera.site > * issuer: CN=mysite > * Server auth using Basic with user 'jrodrigu' > > GET /mysite/cdp-proxy/resourcemanager/v1/cluster/info HTTP/1.1 > > Authorization: Basic anJvZHJpZ3U6UDl1bmtpblA5IVA5dW5raW5QOSE= > > User-Agent: curl/7.29.0 > > Host: mysite.dpaas-pr.jsoy-bql6.cloudera.site:8443 > > Accept: application/xml > > Content-Type: application/json > > > < HTTP/1.1 302 Found > < Date: Sun, 22 Aug 2021 15:04:30 GMT > < Location: > https://mysite.cloudera.site:8443/mysite/knoxsso/api/v1/websso?originalUrl=https://mysite..cloudera.site:8443/devaron/cdp-proxy/resourcemanager/v1/cluster/info > < Content-Length: 0 > < > * Connection #0 to host > devaron-manager0.dpaas-pr.jsoy-bql6.cloudera.site left intact > * Issue another request to this URL: > ' > https://mysite.cloudera.site:8443/devaron/knoxsso/api/v1/websso?originalUrl=https://mysite..cloudera.site:8443/mysite/cdp-proxy/resourcemanager/v1/cluster/info > ' > * Found bundle for host mysite.cloudera.site: 0x1928190 > * Re-using existing connection! (#0) with host dmysite.cloudera.site > * Connected to mysite.cloudera.site (10.243.52.27) port 8443 (#0) > * Server auth using Basic with user foobar > > GET /mysite/knoxsso/api/v1/websso?originalUrl= > https://mysite.cloudera.site:8443/mysite.cdp-proxy/resourcemanager/v1/cluster/info > HTTP/1.1 > > Authorization: Basic sfsdfskdjflskdjfksjsd > > User-Agent: curl/7.29.0 > > Host: mysite.cloudera.site:8443 > > Accept: application/xml > > Content-Type: application/json > > > < HTTP/1.1 200 OK > < Date: Sun, 22 Aug 2021 15:04:30 GMT > < Cache-Control: no-cache, no-store > < Pragma: no-cache > < Expires: Thu, 01 Jan 1970 00:00:00 GMT > < X-Content-Type-Options: nosniff > < Strict-Transport-Security: max-age=15768000 ; includeSubDomains > < X-Frame-Options: DENY > < X-XSS-Protection: 1; mode=block > < Set-Cookie: > pac4j.session.pac4jCsrfToken=AAAACAAAABAAAABAJZgve/KisatD1VK9UgpHJiEA1wslBU586xT0TcItouJ3mkLNRsRGu92iv26GIgDhCjxlry9YaKN4ovVmeUVMY4IQmSmQVPGMGY2PlRlsSXv3HZxuHoeYeA==; > Domain=.dpaas-pr.jsoy-bql6.cloudera.site; Secure; HttpOnly > < Set-Cookie: pac4jCsrfToken=3ba09563-8fb4-4d72-b27b-246af32c58c6; > Path=/; Domain=mysite.cloudera.site > < Set-Cookie: > pac4j.session.pac4jRequestedUrl=AAAACAAAABAAAAdwa1xbItwCqb+dzCLpBg1BjBc9maDQlmk16ZUFgG2PuQDlBQTP1cfhQrS8CPnRu4LRU1ozYAY/ZS42asEhAwhDzczCKvbVdcuSLJmerJgC81NO+DvtX1pPoN7bTF8JhXFJfoYoozEXQllZWvOT76boeM+GqULVvQEOv9ViYZ3LqoZGcIR4pZ6YKkpqRiH/7Nj6SM/Hh1Ha8QdNEhublEOuuc7eEVitjrcoNrZSgjPa6CILWLaOYXSfR2J1HkSS5A253Sk6U/mmZHsr9Xaff1A2MEfHTAJLbb30r+zFpLuU7Cofn5XPN7u3mP9hlmkgl5Hbv0J8qsfL5hh5pD7xM784yU2UdfvzqlHxvdNu0OMaV0yDpCWBVil/6vnsxzSAxQV3pBXqmg+eAJmUC7i4/b02nTJlyKYSY7bGxfY/zCsgK0h2vWBqh/AgDX6+0A24IFeV7jYW1y1xlQ7PzaaSTIiGw80R1zDY9ZLzM1i87mpJ7c6g41vAaq+qcnSDl/cFj7r8vszqNUoYKot8BU2hjM9qJulFb9Ly/vUVEqRxJ52a6UUzEqPd25XUcZiJUdaG0yKv4mvMuh9m0rJfrjBK6u2/KXbRZENk447EiPVejDJE9r5R+soKyTVW+nR2skDmyVJUgmLm4BTDbi+6tu9/Qn+5dVTYY9q5WaMVljNk1UGcfcQfS97jiZHNeBDMfxyvnC1OPF0LsDMR0ApvhpkYNO9ZNS/0Y0TslZVSeRYbmfwF56StOBAf8rs8KFOraJV6bR8OyFIhEpXsgyGpq0qTz21jeRElOJLR2X/YanukjLgukXRpNO0KGQfBCb9uTEaCTidbcwELF6GqGmay0fJejuZHd5VqYisKVFcpvdY5utB0hmaDA4vY82Qpj7O9JyY33x+W00DzPlqCl7402MiH4QYNMt0f6/En6LKYEuQCJzoZqeUbEWDd+f9oEks72mM0q2uePy1dkStVV+rUTCJCSgOKlY2bfs+MINzmS0yhN0WZSSmkxVVxf2sA3kOjLB1jma0yYDFYz4vX6ZlEvLUihRK2UDyVXjUjTz5e9aHegxo32Hj7T27Y68YnyHquUGS3bqNtqGWjkmDZv6aiMnSrABKI7Jk2qBnk77eBBiNH5q5fTFa8HsA8rP+lgJsrl0dm3m25LKvnI4bvrsDYEp1KiRaEj6ZFct+JhYWssWLOBcU21YMqjcvdN63SU7TJzBItUw7sbNa+lo694UjBKYJRHnT3eHPqy7IPRLlJbTWE1Dvhc+FaXwCArEh/qxTehetB7Ke8NTsk4oJIQL51l2bgp48bnd4IJQoKlGloCPArPoXD82YjFW31Ne92J2Q7UT0cku3WKkmxiCA8n82wVSIzF/iAkL3LL4iLDfll8GOgCPMp0250unvKS33V8qOqu4PAhgduVWiryMLxc/ivrWGGyiyZX0QgKyxDCa/b4YqoRbvImX7tmeKUF50OD/8pFySiPae1ZXhAwireCcaUNOgil3DVeslJLXFChf7d208lAENAIx8aOQruOJ2FsJxLaP4bAvvOx54jzskyhcMWbrMTG4sVGM143V0e6pW6NlCbnX1ti1kWyY2ORBljnLJ0koKudd6LqxPpowBRzwLqYEWwMeVhY9heWuCLG4Cav5Yrvc4OjEum3+fhT0Pot19UihdKrhLQfE46pOaOTylH4ueQmPhyV4aEO7qHS0jd7I7jnlLoPOhU637+EigMcom0EX6Ai4rCJKIovJS1we6PnxrdEEtxahfj4Rt03AcLEPwjPE214fxaZbYF92aqD8MVXlw5D3sHupPP9KtLXpe4/z7T1CfzCWM3k1DE2f/x0gYN5j6NSX4MtOP2xY1PfQ2B1vS3eGpgQTfK8OhB0iDQueMQYlI5wuls+0P3azWSsMK2lJxGoIbtGzWDApla70E0Z+aSo/9OGjjmWYUHU3nTZC0Wuuc9PhLcYK/QblSg1Qty7u2o6aPlfQ+CLclOkHSAQUSS2XWB+P1REeSeyzPIKSNu6EvKGtn03xNihzYEjkxnL2RuWTQzDic2WFAC3UYCQ8J9ze1j1p6IjAEv76IfwLT9Icu4v1vQM3bFNPLzA6/2nJrCq04bitLWSSO66506SlSq3eQN4/AGmbiH+WK5SCxFeeBzDnHwPkM7Z9/MjAPJYf1u0RPjtlh0lkJwxy2iMKxipC/bsd4yGXIFBjs2YZtP/irk0isZrxgy6WM2VLS22mC1Tnh/LOPuvkz5Sh8RP1E/+UYLJ02GuUJABGvQm/emqGHtsQ/3jhBsNdZjEUzndIBQpgjFwPHPoqPxj271Fyhp7esEw5wvRX0/IILzEtIymeYW2b1T+cF+STyVhVpL5+4WRS7AsEA3iXgTC5iSl0BxHofm7TbY=; > Domain=.dpaas-pr.jsoy-bql6.cloudera.site; Secure; HttpOnly > < Content-Type: text/html;charset=utf-8 > < Content-Length: 2369 > < > <!DOCTYPE html> > <html> > <head> > <meta charset="utf-8" /> > </head> > <body onload="document.forms[0].submit()"> > <noscript> > <p> > <strong>Note:</strong> Since your browser does not > support JavaScript, > you must press the Continue button once to proceed. > </p> > </noscript> > > <form action="https:// > consoleauth.altus.cloudera.com > /sso/saml?accountId=b5af7e24-1c17-4005-a308-8e154c72ce2e" > method="post"> > <div> > <input type="hidden" name="RelayState" > > value="https://mysite.cloudera.site/devaron/knoxsso/api/v1/websso?pac4jCallback=true&client_name=SAML2Client"/> > <input type="hidden" name="SAMLRequest" > > value="PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwycDpBdXRoblJlcXVlc3QgQXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlVVJMPSJodHRwczovL2RldmFyb24tbWFuYWdlcjAuZHBhYXMtcHIuanNveS1icWw2LmNsb3VkZXJhLnNpdGUvZGV2YXJvbi9rbm94c3NvL2FwaS92MS93ZWJzc28/cGFjNGpDYWxsYmFjaz10cnVlJmFtcDtjbGllbnRfbmFtZT1TQU1MMkNsaWVudCIgRGVzdGluYXRpb249Imh0dHBzOi8vY29uc29sZWF1dGguYWx0dXMuY2xvdWRlcmEuY29tL3Nzby9zYW1sP2FjY291bnRJZD1iNWFmN2UyNC0xYzE3LTQwMDUtYTMwOC04ZTE1NGM3MmNlMmUiIEZvcmNlQXV0aG49ImZhbHNlIiBJRD0iXzU2MTkzY2FhMTAyYjRlOTlhMTZhNDYxNTI5OTQxOWNkZDkwZDIzZCIgSXNQYXNzaXZlPSJmYWxzZSIgSXNzdWVJbnN0YW50PSIyMDIxLTA4LTIyVDE1OjA0OjMxLjAwOFoiIFByTUw6Mi4wOnByb3RvY29sIj48c2FtbDI6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5IiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+aHR0cHM6Ly9kZXZhcm9uLW1hbmFnZXIwLmRwYWFzLXByLmpzb3ktYnFsNi5jbG91ZGVyYS5zaXRlL2RldmFyb24va25veHNzby9hcGkvdjEvd2Vic3NvP3BhYzRqQ2FsbGJhY2s9dHJ1ZSZhbXA7Y2xpZW50X25hbWU9U0FNTDJDbGllbnQ8L3NhbWwyOklzc3Vlcj48L3NhbWwycDpBdXRoblJlcXVlc3Q+"/> > > </div> > <noscript> > <div> > <input type="submit" value="Continue"/> > </div> > </noscript> > </form> > </body> > * Connection #0 to host mysite.cloudera.site left intact > > > It should have returned instead > > {"clusterInfo":{"id":1628614210832,"startedOn":1628614210832,"state":"STARTED","haState":"ACTIVE","rmStateStoreName":"org.apache.hadoop.yarn.server.resourcemanager.recovery.ZKRMStateStore","resourceManagerVersion":"3.1.1.7.2.9.1-8","resourceManagerBuildVersion":"3.1.1.7.2.9.1-8 > from fa5da4566b9868f2632f5153bda61ce5d9be50ec by jenkins source > checksum > 82dd33d38614261c6ee72cc452bb115c","resourceManagerVersionBuiltOn":"2021-06-11T20:10Z","hadoopVersion":"3.1.1.7.2.9.1-8","hadoopBuildVersion":"3.1.1.7.2.9.1-8 > from fa5da4566b9868f2632f5153bda61ce5d9be50ec by jenkins source > checksum > 6bf5b24b4c11cc96b10295202ce8a","hadoopVersionBuiltOn":"2021-06-11T20:08Z","haZooKeeperConnectionState":"CONNECTED"}} > > Regards, > Jeff Rodriguez >
