Hi guys.
I try to configure Kerberos for Storm.
I use storm 0.10.
Now I try configure only UI, without other components.
I add to config:
ui.filter:
"org.apache.hadoop.security.authentication.server.AuthenticationFilter"
ui.filter.params:
"type": "kerberos"
"kerberos.principal": "HTTP/%myhostname%"
"kerberos.keytab": "%mykeytab%"
"kerberos.name.rules": "DEFAULT"
Generate keytab, and SPN.
But when I start UI, I getting error:
javax.security.auth.login.LoginException: No key to store
*Full stacktrace:*
2016-03-16 15:54:49.265 o.a.s.s.o.e.j.u.c.AbstractLifeCycle [WARN] FAILED
o.a.s.s.o.e.j.s.ServletContextHandler{/,null}:
javax.servlet.ServletException: org.apache
.hadoop.security.authentication.client.AuthenticationException:
javax.security.auth.login.LoginException: No key to store
javax.servlet.ServletException:
org.apache.hadoop.security.authentication.client.AuthenticationException:
javax.security.auth.login.LoginException: No key to store
at
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.init(KerberosAuthenticationHandler.java:240)
~[hadoop-auth-2.7.2.jar:?]
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.initializeAuthHandler(AuthenticationFilter.java:238)
~[hadoop-auth-2.7.2.jar:?]
at
org.apache.hadoop.security.authentication.server.AuthenticationFilter.init(AuthenticationFilter.java:227)
~[hadoop-auth-2.7.2.jar:?]
at
org.apache.storm.shade.org.eclipse.jetty.servlet.FilterHolder.doStart(FilterHolder.java:107)
~[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.servlet.ServletHandler.initialize(ServletHandler.java:707)
~[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:254)
~[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:689)
~[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.server.handler.HandlerWrapper.doStart(HandlerWrapper.java:95)
[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.server.Server.doStart(Server.java:281)
[storm-core-0.10.0.jar:0.10.0]
at
org.apache.storm.shade.org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:64)
[storm-core-0.10.0.jar:0.10.0]
at
backtype.storm.ui.helpers$storm_run_jetty.invoke(helpers.clj:228)
[storm-core-0.10.0.jar:0.10.0]
at backtype.storm.ui.core$start_server_BANG_.invoke(core.clj:1091)
[storm-core-0.10.0.jar:0.10.0]
at backtype.storm.ui.core$_main.invoke(core.clj:1111)
[storm-core-0.10.0.jar:0.10.0]
at clojure.lang.AFn.applyToHelper(AFn.java:152)
[clojure-1.6.0.jar:?]
at clojure.lang.AFn.applyTo(AFn.java:144) [clojure-1.6.0.jar:?]
at backtype.storm.ui.core.main(Unknown Source)
[storm-core-0.10.0.jar:0.10.0]
Caused by:
org.apache.hadoop.security.authentication.client.AuthenticationException:
javax.security.auth.login.LoginException: No key to store
at
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.init(KerberosAuthenticationHandler.java:224)
~[hadoop-auth-2.7.2.jar:?]
... 17 more
Caused by: javax.security.auth.login.LoginException: No key to store
at
com.sun.security.auth.module.Krb5LoginModule.commit(Krb5LoginModule.java:1119)
~[?:1.8.0_60]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
~[?:1.8.0_60]
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
~[?:1.8.0_60]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:1.8.0_60]
at java.lang.reflect.Method.invoke(Method.java:497) ~[?:1.8.0_60]
at
javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
~[?:1.8.0_60]
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
~[?:1.8.0_60]
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
~[?:1.8.0_60]
at
javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
~[?:1.8.0_60]
at java.security.AccessController.doPrivileged(Native Method)
~[?:1.8.0_60]
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
~[?:1.8.0_60]
at
javax.security.auth.login.LoginContext.login(LoginContext.java:588)
~[?:1.8.0_60]
at
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler.init(KerberosAuthenticationHandler.java:221)
~[hadoop-auth-2.7.2.jar:?]
... 17 more
Did anyone who know whats wrong?
--
С уважением Дудин Андрей
