Hi Larry, Thanks for getting back to me. Yes you are right. Let me try the other set of Topology. I am also reaching out to Cloudera. Regards, Jeff
On Sun, Aug 22, 2021 at 10:43 PM larry mccay <[email protected]> wrote: > Hi Jeff - > > I am not sure what your deployment is set up to do here but it looks as > though you are trying to send HTTP Basic credentials to a KnoxSSO protected > cdp-proxy topology that is configured for SAML via pac4j. > > I assume that there is a cdp-proxy-api topology in your deployment as well > which would be more appropriate for HTTP Basic credentials. > > This seems to be a cloudera specific deployment though - so you should > contact support from the vendor for those details. > > thanks, > > --larry > > On Sun, Aug 22, 2021 at 11:40 AM Jeffrey Rodriguez <[email protected]> > wrote: > >> Apache Knox RESOURCEMANAGER API not returning information >> >> Running product on a cluster that has a Resource Manager with a >> failover configuration. >> >> Simply accessing /v1/cluster/information didn't return information. >> >> >> curl -v -L -k -u jrodrigu -H "Accept: application/xml" -H >> "Content-Type: application/json" -X GET >> ' >> https://mysite.cloudera.site:8443/mysite/cdp-proxy/resourcemanager/v1/cluster/info >> ' >> Enter host password for user 'jrodrigu': >> * About to connect() to mysiste,cloudera.site port 8443 (#0) >> * Trying 10.243.52.27... >> * Connected to mysite.cloudera.site (10.243.52.27) port 8443 (#0) >> * Initializing NSS with certpath: sql:/etc/pki/nssdb >> * skipping SSL peer certificate verification >> * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 >> * Server certificate: >> * subject: CN=mysite.cloudera.site,ST=CA,C=US >> * start date: Jun 30 19:19:20 2021 GMT >> * expire date: Jun 30 23:59:59 2022 GMT >> * common name: mysite.cloudera.site >> * issuer: CN=mysite >> * Server auth using Basic with user 'jrodrigu' >> > GET /mysite/cdp-proxy/resourcemanager/v1/cluster/info HTTP/1.1 >> > Authorization: Basic anJvZHJpZ3U6UDl1bmtpblA5IVA5dW5raW5QOSE= >> > User-Agent: curl/7.29.0 >> > Host: mysite.dpaas-pr.jsoy-bql6.cloudera.site:8443 >> > Accept: application/xml >> > Content-Type: application/json >> > >> < HTTP/1.1 302 Found >> < Date: Sun, 22 Aug 2021 15:04:30 GMT >> < Location: >> https://mysite.cloudera.site:8443/mysite/knoxsso/api/v1/websso?originalUrl=https://mysite..cloudera.site:8443/devaron/cdp-proxy/resourcemanager/v1/cluster/info >> < Content-Length: 0 >> < >> * Connection #0 to host >> devaron-manager0.dpaas-pr.jsoy-bql6.cloudera.site left intact >> * Issue another request to this URL: >> ' >> https://mysite.cloudera.site:8443/devaron/knoxsso/api/v1/websso?originalUrl=https://mysite..cloudera.site:8443/mysite/cdp-proxy/resourcemanager/v1/cluster/info >> ' >> * Found bundle for host mysite.cloudera.site: 0x1928190 >> * Re-using existing connection! (#0) with host dmysite.cloudera.site >> * Connected to mysite.cloudera.site (10.243.52.27) port 8443 (#0) >> * Server auth using Basic with user foobar >> > GET /mysite/knoxsso/api/v1/websso?originalUrl= >> https://mysite.cloudera.site:8443/mysite.cdp-proxy/resourcemanager/v1/cluster/info >> HTTP/1.1 >> > Authorization: Basic sfsdfskdjflskdjfksjsd >> > User-Agent: curl/7.29.0 >> > Host: mysite.cloudera.site:8443 >> > Accept: application/xml >> > Content-Type: application/json >> > >> < HTTP/1.1 200 OK >> < Date: Sun, 22 Aug 2021 15:04:30 GMT >> < Cache-Control: no-cache, no-store >> < Pragma: no-cache >> < Expires: Thu, 01 Jan 1970 00:00:00 GMT >> < X-Content-Type-Options: nosniff >> < Strict-Transport-Security: max-age=15768000 ; includeSubDomains >> < X-Frame-Options: DENY >> < X-XSS-Protection: 1; mode=block >> < Set-Cookie: >> pac4j.session.pac4jCsrfToken=AAAACAAAABAAAABAJZgve/KisatD1VK9UgpHJiEA1wslBU586xT0TcItouJ3mkLNRsRGu92iv26GIgDhCjxlry9YaKN4ovVmeUVMY4IQmSmQVPGMGY2PlRlsSXv3HZxuHoeYeA==; >> Domain=.dpaas-pr.jsoy-bql6.cloudera.site; Secure; HttpOnly >> < Set-Cookie: pac4jCsrfToken=3ba09563-8fb4-4d72-b27b-246af32c58c6; >> Path=/; Domain=mysite.cloudera.site >> < Set-Cookie: >> pac4j.session.pac4jRequestedUrl=AAAACAAAABAAAAdwa1xbItwCqb+dzCLpBg1BjBc9maDQlmk16ZUFgG2PuQDlBQTP1cfhQrS8CPnRu4LRU1ozYAY/ZS42asEhAwhDzczCKvbVdcuSLJmerJgC81NO+DvtX1pPoN7bTF8JhXFJfoYoozEXQllZWvOT76boeM+GqULVvQEOv9ViYZ3LqoZGcIR4pZ6YKkpqRiH/7Nj6SM/Hh1Ha8QdNEhublEOuuc7eEVitjrcoNrZSgjPa6CILWLaOYXSfR2J1HkSS5A253Sk6U/mmZHsr9Xaff1A2MEfHTAJLbb30r+zFpLuU7Cofn5XPN7u3mP9hlmkgl5Hbv0J8qsfL5hh5pD7xM784yU2UdfvzqlHxvdNu0OMaV0yDpCWBVil/6vnsxzSAxQV3pBXqmg+eAJmUC7i4/b02nTJlyKYSY7bGxfY/zCsgK0h2vWBqh/AgDX6+0A24IFeV7jYW1y1xlQ7PzaaSTIiGw80R1zDY9ZLzM1i87mpJ7c6g41vAaq+qcnSDl/cFj7r8vszqNUoYKot8BU2hjM9qJulFb9Ly/vUVEqRxJ52a6UUzEqPd25XUcZiJUdaG0yKv4mvMuh9m0rJfrjBK6u2/KXbRZENk447EiPVejDJE9r5R+soKyTVW+nR2skDmyVJUgmLm4BTDbi+6tu9/Qn+5dVTYY9q5WaMVljNk1UGcfcQfS97jiZHNeBDMfxyvnC1OPF0LsDMR0ApvhpkYNO9ZNS/0Y0TslZVSeRYbmfwF56StOBAf8rs8KFOraJV6bR8OyFIhEpXsgyGpq0qTz21jeRElOJLR2X/YanukjLgukXRpNO0KGQfBCb9uTEaCTidbcwELF6GqGmay0fJejuZHd5VqYisKVFcpvdY5utB0hmaDA4vY82Qpj7O9JyY33x+W00DzPlqCl7402MiH4QYNMt0f6/En6LKYEuQCJzoZqeUbEWDd+f9oEks72mM0q2uePy1dkStVV+rUTCJCSgOKlY2bfs+MINzmS0yhN0WZSSmkxVVxf2sA3kOjLB1jma0yYDFYz4vX6ZlEvLUihRK2UDyVXjUjTz5e9aHegxo32Hj7T27Y68YnyHquUGS3bqNtqGWjkmDZv6aiMnSrABKI7Jk2qBnk77eBBiNH5q5fTFa8HsA8rP+lgJsrl0dm3m25LKvnI4bvrsDYEp1KiRaEj6ZFct+JhYWssWLOBcU21YMqjcvdN63SU7TJzBItUw7sbNa+lo694UjBKYJRHnT3eHPqy7IPRLlJbTWE1Dvhc+FaXwCArEh/qxTehetB7Ke8NTsk4oJIQL51l2bgp48bnd4IJQoKlGloCPArPoXD82YjFW31Ne92J2Q7UT0cku3WKkmxiCA8n82wVSIzF/iAkL3LL4iLDfll8GOgCPMp0250unvKS33V8qOqu4PAhgduVWiryMLxc/ivrWGGyiyZX0QgKyxDCa/b4YqoRbvImX7tmeKUF50OD/8pFySiPae1ZXhAwireCcaUNOgil3DVeslJLXFChf7d208lAENAIx8aOQruOJ2FsJxLaP4bAvvOx54jzskyhcMWbrMTG4sVGM143V0e6pW6NlCbnX1ti1kWyY2ORBljnLJ0koKudd6LqxPpowBRzwLqYEWwMeVhY9heWuCLG4Cav5Yrvc4OjEum3+fhT0Pot19UihdKrhLQfE46pOaOTylH4ueQmPhyV4aEO7qHS0jd7I7jnlLoPOhU637+EigMcom0EX6Ai4rCJKIovJS1we6PnxrdEEtxahfj4Rt03AcLEPwjPE214fxaZbYF92aqD8MVXlw5D3sHupPP9KtLXpe4/z7T1CfzCWM3k1DE2f/x0gYN5j6NSX4MtOP2xY1PfQ2B1vS3eGpgQTfK8OhB0iDQueMQYlI5wuls+0P3azWSsMK2lJxGoIbtGzWDApla70E0Z+aSo/9OGjjmWYUHU3nTZC0Wuuc9PhLcYK/QblSg1Qty7u2o6aPlfQ+CLclOkHSAQUSS2XWB+P1REeSeyzPIKSNu6EvKGtn03xNihzYEjkxnL2RuWTQzDic2WFAC3UYCQ8J9ze1j1p6IjAEv76IfwLT9Icu4v1vQM3bFNPLzA6/2nJrCq04bitLWSSO66506SlSq3eQN4/AGmbiH+WK5SCxFeeBzDnHwPkM7Z9/MjAPJYf1u0RPjtlh0lkJwxy2iMKxipC/bsd4yGXIFBjs2YZtP/irk0isZrxgy6WM2VLS22mC1Tnh/LOPuvkz5Sh8RP1E/+UYLJ02GuUJABGvQm/emqGHtsQ/3jhBsNdZjEUzndIBQpgjFwPHPoqPxj271Fyhp7esEw5wvRX0/IILzEtIymeYW2b1T+cF+STyVhVpL5+4WRS7AsEA3iXgTC5iSl0BxHofm7TbY=; >> Domain=.dpaas-pr.jsoy-bql6.cloudera.site; Secure; HttpOnly >> < Content-Type: text/html;charset=utf-8 >> < Content-Length: 2369 >> < >> <!DOCTYPE html> >> <html> >> <head> >> <meta charset="utf-8" /> >> </head> >> <body onload="document.forms[0].submit()"> >> <noscript> >> <p> >> <strong>Note:</strong> Since your browser does not >> support JavaScript, >> you must press the Continue button once to proceed. >> </p> >> </noscript> >> >> <form action="https:// >> consoleauth.altus.cloudera.com >> /sso/saml?accountId=b5af7e24-1c17-4005-a308-8e154c72ce2e" >> method="post"> >> <div> >> <input type="hidden" name="RelayState" >> >> value="https://mysite.cloudera.site/devaron/knoxsso/api/v1/websso?pac4jCallback=true&client_name=SAML2Client"/> >> <input type="hidden" name="SAMLRequest" >> >> value="PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwycDpBdXRoblJlcXVlc3QgQXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlVVJMPSJodHRwczovL2RldmFyb24tbWFuYWdlcjAuZHBhYXMtcHIuanNveS1icWw2LmNsb3VkZXJhLnNpdGUvZGV2YXJvbi9rbm94c3NvL2FwaS92MS93ZWJzc28/cGFjNGpDYWxsYmFjaz10cnVlJmFtcDtjbGllbnRfbmFtZT1TQU1MMkNsaWVudCIgRGVzdGluYXRpb249Imh0dHBzOi8vY29uc29sZWF1dGguYWx0dXMuY2xvdWRlcmEuY29tL3Nzby9zYW1sP2FjY291bnRJZD1iNWFmN2UyNC0xYzE3LTQwMDUtYTMwOC04ZTE1NGM3MmNlMmUiIEZvcmNlQXV0aG49ImZhbHNlIiBJRD0iXzU2MTkzY2FhMTAyYjRlOTlhMTZhNDYxNTI5OTQxOWNkZDkwZDIzZCIgSXNQYXNzaXZlPSJmYWxzZSIgSXNzdWVJbnN0YW50PSIyMDIxLTA4LTIyVDE1OjA0OjMxLjAwOFoiIFByTUw6Mi4wOnByb3RvY29sIj48c2FtbDI6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5IiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+aHR0cHM6Ly9kZXZhcm9uLW1hbmFnZXIwLmRwYWFzLXByLmpzb3ktYnFsNi5jbG91ZGVyYS5zaXRlL2RldmFyb24va25veHNzby9hcGkvdjEvd2Vic3NvP3BhYzRqQ2FsbGJhY2s9dHJ1ZSZhbXA7Y2xpZW50X25hbWU9U0FNTDJDbGllbnQ8L3NhbWwyOklzc3Vlcj48L3NhbWwycDpBdXRoblJlcXVlc3Q+"/> >> >> </div> >> <noscript> >> <div> >> <input type="submit" value="Continue"/> >> </div> >> </noscript> >> </form> >> </body> >> * Connection #0 to host mysite.cloudera.site left intact >> >> >> It should have returned instead >> >> {"clusterInfo":{"id":1628614210832,"startedOn":1628614210832,"state":"STARTED","haState":"ACTIVE","rmStateStoreName":"org.apache.hadoop.yarn.server.resourcemanager.recovery.ZKRMStateStore","resourceManagerVersion":"3.1.1.7.2.9.1-8","resourceManagerBuildVersion":"3.1.1.7.2.9.1-8 >> from fa5da4566b9868f2632f5153bda61ce5d9be50ec by jenkins source >> checksum >> 82dd33d38614261c6ee72cc452bb115c","resourceManagerVersionBuiltOn":"2021-06-11T20:10Z","hadoopVersion":"3.1.1.7.2.9.1-8","hadoopBuildVersion":"3.1.1.7.2.9.1-8 >> from fa5da4566b9868f2632f5153bda61ce5d9be50ec by jenkins source >> checksum >> 6bf5b24b4c11cc96b10295202ce8a","hadoopVersionBuiltOn":"2021-06-11T20:08Z","haZooKeeperConnectionState":"CONNECTED"}} >> >> Regards, >> Jeff Rodriguez >> >
