node.js and npm jdbc package issue with kerberized

2020-04-09 04:06发布

站内文章 / 前沿技术
118 0 0

问题:

I am using nodejs and the npm jdbc package to connect to kerberized Apache phoenix on hortonworks, I am able to connect to non kerberized phoenix with nodejs and jdbc package, but facing below Kerberos authentication error with kerberized phoenix. if anybody has done anything similar, please give some direction.

Klist command:

klist -k -t -e /etc/security/keytabs/kafka.headless.keytab
Keytab name: FILE:/etc/security/keytabs/kafka.headless.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   1 09/30/16 10:10:27 kafka@REALM.LAN (aes256-cts-hmac-sha1-96)

Code:

var express = require('express');
var app = express();

var server = require('http').Server(app);
var https =require('http');
var io = require('socket.io')(server);
var kafka = require('kafka-node');
var cassandra = require('cassandra-driver');
var JDBC = require('jdbc');
var jinst = require('jdbc/lib/jinst');
var asyncjs = require('async');
//var Pool = require('jdbc/lib/pool');
//var nodeunit = require('nodeunit');
//var _ = require('lodash');

var _ = require('underscore');
 //ar cors = require("cors");
app.use(express.static(__dirname + '/view'));


server.listen(3000);
app.use('/bower_components',  express.static(__dirname + '/bower_components'));
app.get('/', function (req, res, next) { res.sendFile(__dirname + '/index.html');});

if (!jinst.isJvmCreated()) {
  jinst.addOption("-Xrs");
  jinst.setupClasspath(['/etc/krb5.conf',
                         '/usr/hdp/2.4.2.0-258/hadoop/conf',
                         '/etc/hbase/conf/core-site.xml',
                         '/etc/hbase/conf/hbase-site.xml',
                         '/etc/hbase/conf/hbase-policy.xml',
                         '/etc/hbase/conf/hbase_client_jaas.conf',
                         '/etc/hbase/conf/hbase_regionserver_jaas.conf',
                         '/etc/hbase/conf/hdfs-site.xml',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-client-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-common-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-thin-client.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-server-4.4.0.2.4.2.0-258-runnable.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-client.jar']);


var config = {
  url: 'jdbc:phoenix:piv-prd-os-646.forsys.lan:2181:/hbase-secure:kafka@FORSYS.LAN:/etc/security/keytabs/kafka.headless.keytab',
  drivername: 'org.apache.phoenix.jdbc.PhoenixDriver',
  //user : 'root',
  //password: 'root',
  //properties: {}
  minpoolsize: 2,
  maxpoolsize: 3
  };

var hsqldb = new JDBC(config);

hsqldb.initialize(function(err) {
  if (err) {
    console.log(err);
  }
  else
  {
    console.log("---- initialize successfully ----")
  }
});

Exception:

error:  Error: Error running static method
java.sql.SQLException: ERROR 103 (08004): Unable to establish connection.
        at org.apache.phoenix.exception.SQLExceptionCode$Factory$1.newException(SQLExceptionCode.java:395)
        at org.apache.phoenix.exception.SQLExceptionInfo.buildException(SQLExceptionInfo.java:145)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:287)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.access$300(ConnectionQueryServicesImpl.java:170)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1840)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1819)
        at org.apache.phoenix.util.PhoenixContextExecutor.call(PhoenixContextExecutor.java:77)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.init(ConnectionQueryServicesImpl.java:1819)
        at org.apache.phoenix.jdbc.PhoenixDriver.getConnectionQueryServices(PhoenixDriver.java:180)
        at org.apache.phoenix.jdbc.PhoenixEmbeddedDriver.connect(PhoenixEmbeddedDriver.java:132)
        at org.apache.phoenix.jdbc.PhoenixDriver.connect(PhoenixDriver.java:151)
        at java.sql.DriverManager.getConnection(DriverManager.java:571)
        at java.sql.DriverManager.getConnection(DriverManager.java:187)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
Caused by: java.io.IOException: Login failure for kafka@FORSYS.LAN from keytab /etc/security/keytabs/kafka.headless.keytab: javax.security.auth.login.LoginException: Unable to obtain password from user

        at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:976)
        at org.apache.hadoop.security.SecurityUtil.login(SecurityUtil.java:280)
        at org.apache.hadoop.hbase.security.User$SecureHadoopUser.login(User.java:386)
        at org.apache.hadoop.hbase.security.User.login(User.java:253)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:282)
        ... 14 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

        at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:856)
        at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719)
        at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
        at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:967)
        ... 18 more

回答1:

I was able to solve this by below changes:

Solution:

if (!jinst.isJvmCreated()) {
  jinst.addOption("-Xrs");
  jinst.addOption("-Djava.security.auth.login.config=/home/user/jar/hbase_client_jaas.conf");
  jinst.addOption("-Djava.security.krb5.conf=/etc/krb5.conf");
  jinst.addOption("-Dkerberos.client.reference.name=Client");
  jinst.setupClasspath([
                        '/etc/hbase/2.4.2.0-258/0/',
                        '/etc/hadoop/2.4.2.0-258/0/',
                        '/home/user/jar/phoenix-4.4.0-HBase-1.1-client.jar'
                         ]);
}

var config = {
 url: 'jdbc:phoenix:ZK1,ZK2,ZK3:2181:/hbase-secure:user@REAL.LAN:/home/user/user.headless.keytab',
 drivername: 'org.apache.phoenix.jdbc.PhoenixDriver',
  user : 'hbase',
  password: 'hbase'
  };


标签: node.js jdbc npm kerberos phoenix
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~