kerberized apache phoenix的node.js和npm jdbc软件包问题 [英] node.js and npm jdbc package issue with kerberized apache phoenix

问题描述

我正在使用hortonworks上的nodejs和npm jdbc软件包连接到以kerberized形式运行的Apache phoenix，我能够使用nodejs和jdbc软件包来连接至非kerberized的phoenix，但是在Kerberos kerberized phoenix的作用下面临Kerberos身份验证错误.如果有人做了类似的事情，请给一些指导.

I am using nodejs and the npm jdbc package to connect to kerberized Apache phoenix on hortonworks, I am able to connect to non kerberized phoenix with nodejs and jdbc package, but facing below Kerberos authentication error with kerberized phoenix. if anybody has done anything similar, please give some direction.

Klist命令:

klist -k -t -e /etc/security/keytabs/kafka.headless.keytab
Keytab name: FILE:/etc/security/keytabs/kafka.headless.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   1 09/30/16 10:10:27 kafka@REALM.LAN (aes256-cts-hmac-sha1-96)

代码:

var express = require('express');
var app = express();

var server = require('http').Server(app);
var https =require('http');
var io = require('socket.io')(server);
var kafka = require('kafka-node');
var cassandra = require('cassandra-driver');
var JDBC = require('jdbc');
var jinst = require('jdbc/lib/jinst');
var asyncjs = require('async');
//var Pool = require('jdbc/lib/pool');
//var nodeunit = require('nodeunit');
//var _ = require('lodash');

var _ = require('underscore');
 //ar cors = require("cors");
app.use(express.static(__dirname + '/view'));


server.listen(3000);
app.use('/bower_components',  express.static(__dirname + '/bower_components'));
app.get('/', function (req, res, next) { res.sendFile(__dirname + '/index.html');});

if (!jinst.isJvmCreated()) {
  jinst.addOption("-Xrs");
  jinst.setupClasspath(['/etc/krb5.conf',
                         '/usr/hdp/2.4.2.0-258/hadoop/conf',
                         '/etc/hbase/conf/core-site.xml',
                         '/etc/hbase/conf/hbase-site.xml',
                         '/etc/hbase/conf/hbase-policy.xml',
                         '/etc/hbase/conf/hbase_client_jaas.conf',
                         '/etc/hbase/conf/hbase_regionserver_jaas.conf',
                         '/etc/hbase/conf/hdfs-site.xml',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-client-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-common-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-thin-client.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-server-4.4.0.2.4.2.0-258-runnable.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-client.jar']);


var config = {
  url: 'jdbc:phoenix:piv-prd-os-646.forsys.lan:2181:/hbase-secure:kafka@FORSYS.LAN:/etc/security/keytabs/kafka.headless.keytab',
  drivername: 'org.apache.phoenix.jdbc.PhoenixDriver',
  //user : 'root',
  //password: 'root',
  //properties: {}
  minpoolsize: 2,
  maxpoolsize: 3
  };

var hsqldb = new JDBC(config);

hsqldb.initialize(function(err) {
  if (err) {
    console.log(err);
  }
  else
  {
    console.log("---- initialize successfully ----")
  }
});

例外:

error:  Error: Error running static method
java.sql.SQLException: ERROR 103 (08004): Unable to establish connection.
        at org.apache.phoenix.exception.SQLExceptionCode$Factory$1.newException(SQLExceptionCode.java:395)
        at org.apache.phoenix.exception.SQLExceptionInfo.buildException(SQLExceptionInfo.java:145)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:287)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.access$300(ConnectionQueryServicesImpl.java:170)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1840)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1819)
        at org.apache.phoenix.util.PhoenixContextExecutor.call(PhoenixContextExecutor.java:77)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.init(ConnectionQueryServicesImpl.java:1819)
        at org.apache.phoenix.jdbc.PhoenixDriver.getConnectionQueryServices(PhoenixDriver.java:180)
        at org.apache.phoenix.jdbc.PhoenixEmbeddedDriver.connect(PhoenixEmbeddedDriver.java:132)
        at org.apache.phoenix.jdbc.PhoenixDriver.connect(PhoenixDriver.java:151)
        at java.sql.DriverManager.getConnection(DriverManager.java:571)
        at java.sql.DriverManager.getConnection(DriverManager.java:187)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
Caused by: java.io.IOException: Login failure for kafka@FORSYS.LAN from keytab /etc/security/keytabs/kafka.headless.keytab: javax.security.auth.login.LoginException: Unable to obtain password from user

        at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:976)
        at org.apache.hadoop.security.SecurityUtil.login(SecurityUtil.java:280)
        at org.apache.hadoop.hbase.security.User$SecureHadoopUser.login(User.java:386)
        at org.apache.hadoop.hbase.security.User.login(User.java:253)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:282)
        ... 14 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

        at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:856)
        at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719)
        at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
        at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:967)
        ... 18 more

推荐答案

我能够通过以下更改来解决此问题:

I was able to solve this by below changes:

解决方案:

if (!jinst.isJvmCreated()) {
  jinst.addOption("-Xrs");
  jinst.addOption("-Djava.security.auth.login.config=/home/user/jar/hbase_client_jaas.conf");
  jinst.addOption("-Djava.security.krb5.conf=/etc/krb5.conf");
  jinst.addOption("-Dkerberos.client.reference.name=Client");
  jinst.setupClasspath([
                        '/etc/hbase/2.4.2.0-258/0/',
                        '/etc/hadoop/2.4.2.0-258/0/',
                        '/home/user/jar/phoenix-4.4.0-HBase-1.1-client.jar'
                         ]);
}

var config = {
 url: 'jdbc:phoenix:ZK1,ZK2,ZK3:2181:/hbase-secure:user@REAL.LAN:/home/user/user.headless.keytab',
 drivername: 'org.apache.phoenix.jdbc.PhoenixDriver',
  user : 'hbase',
  password: 'hbase'
  };

这篇关于kerberized apache phoenix的node.js和npm jdbc软件包问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！