Hello! I'm trying use custom auth filter to get Livy UI through knox. I have set up kerberized hadoop cluster and several UI's as described here: https://knox.apache.org/books/knox-1-6-0/user-guide.html#Hadoop+Configuration+Example
Livy settings: livy.server.auth.type = KnoxSSO livy.server.auth.KnoxSSO.class = org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler livy.server.auth.KnoxSSO.param.authentication.provider.url = https://${KNOX_DOMAIN}/gateway/knoxsso/api/v1/websso<https://$%7bKNOX_DOMAIN%7d/gateway/knoxsso/api/v1/websso> livy.server.auth.KnoxSSO.param.public.key.pem = "${KNOX_CLIENT_TRUST_CERT}" I have copy jar file hadoop-auth-3.3.3.jar with JWTRedirectAuthenticationHandler implementation to ${LIVY_HOME}/jars dir and start the Livy server. But I get error: INFO InteractiveSessionManager: Heartbeat watchdog thread started. INFO LivyServer: KnoxSSO auth enabled Exception in thread "main" MultiException[java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter, java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter] at org.eclipse.jetty.server.Server.doStart(Server.java:391) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.apache.livy.server.WebServer.start(WebServer.scala:108) at org.apache.livy.server.LivyServer.start(LivyServer.scala:317) at org.apache.livy.server.LivyServer$.main(LivyServer.scala:423) at org.apache.livy.server.LivyServer.main(LivyServer.scala) Caused by: MultiException[java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter, java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter] at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:863) at org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:349) at org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:778) at org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:262) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131) at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:113) at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:131) at org.eclipse.jetty.server.Server.start(Server.java:427) at org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:105) at org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:61) at org.eclipse.jetty.server.Server.doStart(Server.java:394) ... 5 more Suppressed: java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter at org.eclipse.jetty.servlet.FilterHolder.doStart(FilterHolder.java:99) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:909) ... 18 more Caused by: java.lang.IllegalStateException: class org.apache.hadoop.security.authentication.server.JWTRedirectAuthenticationHandler is not a javax.servlet.Filter at org.eclipse.jetty.servlet.FilterHolder.doStart(FilterHolder.java:99) at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) at org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:872) ... 18 more Can you help me, how to pass custom auth filter properly? Best regards, Stanislav Porotikov
