Hi, The method 1 should work as far as the query server connects to the cluster successfully with the configured keytab. It seems a classpath problem on client side:
[ERROR] Terminal initialization failed; falling back to unsupported java.lang.NoClassDefFoundError: Could not initialize class org.apache.phoenix.sh aded.org.fusesource.jansi.internal.Kernel32 I have no exprience with windows. Seems that there is need for jline in the classpath https://jline.github.io/ check this: https://issues.apache.org/jira/browse/HIVE-13824 regards On Thu, Oct 5, 2017 at 2:29 PM, Mallieswari Dineshbabu < dmalliesw...@gmail.com> wrote: > Yes, It is installed in all the JVMs. Any other solution. > > > On Wed, Oct 4, 2017 at 5:30 PM, rafa <raf...@gmail.com> wrote: > >> Hi Mallieswari, >> >> Perhaps the Java Cryptography Extension (JCE) Unlimited Strength >> Jurisdiction Policy Files are not installed in all the JVMs ? >> >> Regards, >> rafa >> >> On Wed, Oct 4, 2017 at 1:18 PM, Mallieswari Dineshbabu < >> dmalliesw...@gmail.com> wrote: >> >>> Hi , >>> >>> >>> >>> I have configured a phoenix package "apache-phoenix-4.11.0-HBase-1.2-bin" >>> to Hbase version "1.2.5" in kerberos cluster. >>> >>> >>> >>> For phoenix secure cluster configuration, I have added the following >>> properties into the *hbase-site.xml* present in *phoenix/bin* along >>> with the properties of hbase configuration properties present in hbase/conf >>> path and refer the *core-site.xml*, *hdfs-site.xml* file in phoenix/bin >>> path >>> >>> >>> >>> phoenix.queryserver.keytab.file >>> >>> The key to look for keytab file. >>> >>> *unset* >>> >>> phoenix.queryserver.kerberos.principal >>> >>> The kerberos principal to use when authenticating. >>> >>> *unset* >>> >>> Phoenix Query Server: >>> >>> >>> >>> Once updated a above properties query server has been started >>> successfully using keytab. >>> >>> >>> >>> *Command to Server:* >>> >>> *python queryserver.py* >>> >>> >>> >>> Phoenix Client: >>> >>> >>> >>> Once the query server is started successfully then the port no 8765 >>> comes to live. When i try to connect client with following command it >>> returns GSS Exception. Am I missing any steps in configuration. >>> >>> >>> >>> >>> >>> *Command to Client:* >>> >>> Following are the methods i tried to connect in secure cluster it does >>> not works. >>> >>> >>> >>> *Method 1:* python sqlline-thin.py http://hostname:8765 >>> >>> *Method 2:* >>> >>> python sqlthin-client.py http://hostname:8765;authentic >>> ation=SPNEGO;principal=phoenix/org...@xxxxxx.xxxxx.com; >>> keytab=C:\\path\\to\\HadoopKeyTabs\\\phoenix.keytab >>> <http://hostname:8765;authentication=SPNEGO;principal=phoenix/org...@xxxxxx.xxxxx.com;keytab=C:/path/to/HadoopKeyTabs/phoenix.keytab> >>> >>> >>> >>> >>> >>> *CLIENT SIDE ERROR:* >>> >>> x-4.11.0-HBase-1.2-bin\bin>python sqlline-thin.py http://namenode1:8765 >>> >>> Failed to find hbase executable on PATH, defaulting serialization to >>> PROTOBUF. >>> >>> [ERROR] Terminal initialization failed; falling back to unsupported >>> >>> java.lang.NoClassDefFoundError: Could not initialize class >>> org.apache.phoenix.sh >>> >>> aded.org.fusesource.jansi.internal.Kernel32 >>> >>> at org.apache.phoenix.shaded.org.fusesource.jansi.internal.Wind >>> owsSuppor >>> >>> t.getConsoleMode(WindowsSupport.java:50) >>> >>> at org.apache.phoenix.shaded.jline.WindowsTerminal.getConsoleMo >>> de(Window >>> >>> sTerminal.java:177) >>> >>> at org.apache.phoenix.shaded.jline.WindowsTerminal.init(Windows >>> Terminal. >>> >>> java:80) >>> >>> at org.apache.phoenix.shaded.jline.TerminalFactory.create(Termi >>> nalFactor >>> >>> y.java:101) >>> >>> at org.apache.phoenix.shaded.jline.TerminalFactory.get(Terminal >>> Factory.j >>> >>> ava:159) >>> >>> at sqlline.SqlLineOpts.<init>(SqlLineOpts.java:45) >>> >>> at sqlline.SqlLine.<init>(SqlLine.java:55) >>> >>> at sqlline.SqlLine.start(SqlLine.java:397) >>> >>> at sqlline.SqlLine.main(SqlLine.java:291) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >>> qllineWra >>> >>> pper.java:88) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >>> qllineWra >>> >>> pper.java:85) >>> >>> at java.security.AccessController.doPrivileged(Native Method) >>> >>> at javax.security.auth.Subject.doAs(Subject.java:415) >>> >>> at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro >>> upInforma >>> >>> tion.java:1657) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq >>> llineWrap >>> >>> per.java:85) >>> >>> >>> >>> [ERROR] Terminal initialization failed; falling back to unsupported >>> >>> java.lang.NoClassDefFoundError: Could not initialize class >>> org.apache.phoenix.sh >>> >>> aded.org.fusesource.jansi.internal.Kernel32 >>> >>> at org.apache.phoenix.shaded.org.fusesource.jansi.internal.Wind >>> owsSuppor >>> >>> t.getConsoleMode(WindowsSupport.java:50) >>> >>> at org.apache.phoenix.shaded.jline.WindowsTerminal.getConsoleMo >>> de(Window >>> >>> sTerminal.java:177) >>> >>> at org.apache.phoenix.shaded.jline.WindowsTerminal.init(Windows >>> Terminal. >>> >>> java:80) >>> >>> at org.apache.phoenix.shaded.jline.TerminalFactory.create(Termi >>> nalFactor >>> >>> y.java:101) >>> >>> at sqlline.SqlLine.getConsoleReader(SqlLine.java:723) >>> >>> at sqlline.SqlLine.begin(SqlLine.java:657) >>> >>> at sqlline.SqlLine.start(SqlLine.java:398) >>> >>> at sqlline.SqlLine.main(SqlLine.java:291) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >>> qllineWra >>> >>> pper.java:88) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >>> qllineWra >>> >>> pper.java:85) >>> >>> at java.security.AccessController.doPrivileged(Native Method) >>> >>> at javax.security.auth.Subject.doAs(Subject.java:415) >>> >>> at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro >>> upInforma >>> >>> tion.java:1657) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq >>> llineWrap >>> >>> per.java:85) >>> >>> >>> >>> Setting property: [incremental, false] >>> >>> Setting property: [isolation, TRANSACTION_READ_COMMITTED] >>> >>> issuing: !connect jdbc:phoenix:thin:url=http://n >>> amenode1:8765;serialization=PROT >>> >>> OBUF;authentication=SPNEGO none none org.apache.phoenix.queryserver >>> .client.Drive >>> >>> r >>> >>> Connecting to jdbc:phoenix:thin:url=http://n >>> amenode1:8765;serialization=PROTOBUF >>> >>> ;authentication=SPNEGO >>> >>> java.lang.RuntimeException: Failed to execute HTTP Request, got HTTP/404 >>> >>> at org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientSp >>> negoImpl. >>> >>> send(AvaticaCommonsHttpClientSpnegoImpl.java:148) >>> >>> at org.apache.calcite.avatica.remote.RemoteProtobufService._app >>> ly(Remote >>> >>> ProtobufService.java:45) >>> >>> at org.apache.calcite.avatica.remote.ProtobufService.apply(Prot >>> obufServi >>> >>> ce.java:81) >>> >>> at org.apache.calcite.avatica.remote.Driver.connect(Driver.java >>> :176) >>> >>> at sqlline.DatabaseConnection.connect(DatabaseConnection.java:1 >>> 57) >>> >>> at sqlline.DatabaseConnection.getConnection(DatabaseConnection. >>> java:203) >>> >>> >>> >>> at sqlline.Commands.connect(Commands.java:1064) >>> >>> at sqlline.Commands.connect(Commands.java:996) >>> >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> >>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >>> ssorImpl. >>> >>> java:57) >>> >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >>> thodAcces >>> >>> sorImpl.java:43) >>> >>> at java.lang.reflect.Method.invoke(Method.java:606) >>> >>> at sqlline.ReflectiveCommandHandler.execute(ReflectiveCommandHa >>> ndler.jav >>> >>> a:38) >>> >>> at sqlline.SqlLine.dispatch(SqlLine.java:809) >>> >>> at sqlline.SqlLine.initArgs(SqlLine.java:588) >>> >>> at sqlline.SqlLine.begin(SqlLine.java:661) >>> >>> at sqlline.SqlLine.start(SqlLine.java:398) >>> >>> at sqlline.SqlLine.main(SqlLine.java:291) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >>> qllineWra >>> >>> pper.java:88) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper$1.run(S >>> qllineWra >>> >>> pper.java:85) >>> >>> at java.security.AccessController.doPrivileged(Native Method) >>> >>> at javax.security.auth.Subject.doAs(Subject.java:415) >>> >>> at org.apache.hadoop.security.UserGroupInformation.doAs(UserGro >>> upInforma >>> >>> tion.java:1657) >>> >>> at org.apache.phoenix.queryserver.client.SqllineWrapper.main(Sq >>> llineWrap >>> >>> per.java:85) >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> *SERVER SIDE ERROR:* >>> >>> 17/10/04 05:34:28 INFO server.Server: Started @9558ms >>> >>> 17/10/04 05:34:28 INFO server.HttpServer: Service listening on port 8765. >>> >>> 17/10/04 05:38:39 WARN security.SpnegoLoginService: >>> >>> GSSException: Failure unspecified at GSS-API level (Mechanism level: >>> Encryption >>> >>> type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled) >>> >>> at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Cont >>> ext.java: >>> >>> 788) >>> >>> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >>> Impl.java >>> >>> :342) >>> >>> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >>> Impl.java >>> >>> :285) >>> >>> at sun.security.jgss.spnego.SpNegoContext.GSS_acceptSecContext( >>> SpNegoCon >>> >>> text.java:871) >>> >>> at sun.security.jgss.spnego.SpNegoContext.acceptSecContext(SpNe >>> goContext >>> >>> .java:544) >>> >>> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >>> Impl.java >>> >>> :342) >>> >>> at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContext >>> Impl.java >>> >>> :285) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.security.SpnegoL >>> oginServi >>> >>> ce.login(SpnegoLoginService.java:137) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.security.authent >>> ication.L >>> >>> oginAuthenticator.login(LoginAuthenticator.java:61) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.security.authent >>> ication.S >>> >>> pnegoAuthenticator.validateRequest(SpnegoAuthenticator.java:99) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.security.Securit >>> yHandler. >>> >>> handle(SecurityHandler.java:512) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler.H >>> andlerLis >>> >>> t.handle(HandlerList.java:52) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.server.handler.H >>> andlerWra >>> >>> pper.handle(HandlerWrapper.java:97) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.server.Server.ha >>> ndle(Serv >>> >>> er.java:499) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.server.HttpChann >>> el.handle >>> >>> (HttpChannel.java:311) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.server.HttpConne >>> ction.onF >>> >>> illable(HttpConnection.java:257) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.io.AbstractConne >>> ction$2.r >>> >>> un(AbstractConnection.java:544) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread.Queu >>> edThreadP >>> >>> ool.runJob(QueuedThreadPool.java:635) >>> >>> at org.apache.phoenix.shaded.org.eclipse.jetty.util.thread.Queu >>> edThreadP >>> >>> ool$3.run(QueuedThreadPool.java:555) >>> >>> at java.lang.Thread.run(Thread.java:744) >>> >>> Caused by: KrbException: Encryption type AES256 CTS mode with HMAC >>> SHA1-96 is no >>> >>> t supported/enabled >>> >>> at sun.security.krb5.EncryptionKey.findKey(EncryptionKey.java:5 >>> 52) >>> >>> at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:270) >>> >>> at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:144) >>> >>> at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecCon >>> textToken >>> >>> .java:108) >>> >>> at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Cont >>> ext.java: >>> >>> 771) >>> >>> ... 19 more >>> >>> >>> >>> >>> >>> >>> >>> Please help me to solve this issue. >>> >>> -- >>> >>> Thanks and regards >>> >>> D.Mallieswari >>> >> >> > > > -- > Thanks and regards > D.Mallieswari >