嗨,我正在尝试为安全的hbase编写一个java客户端.
我想从代码本身做kinit,因为我使用的是用户组信息类.
任何人都可以指出我在哪里错了吗?
这是我试图连接o hbase的主要方法.
我必须在CONfiguration对象中添加配置而不是使用xml,因为客户端可以位于任何位置.
请参阅以下代码:
public static void main(String [] args) {
try {
System.setProperty(CommonConstants.KRB_REALM, ConfigUtil.getProperty(CommonConstants.HADOOP_CONF, "krb.realm"));
System.setProperty(CommonConstants.KRB_KDC, ConfigUtil.getProperty(CommonConstants.HADOOP_CONF,"krb.kdc"));
System.setProperty(CommonConstants.KRB_DEBUG, "true");
final Configuration config = HBaseConfiguration.create();
config.set(CommonConfigurationKeysPublic.HADOOP_Security_AUTHENTICATION, AUTH_KRB);
config.set(CommonConfigurationKeysPublic.HADOOP_Security_AUTHORIZATION, AUTHORIZATION);
config.set(CommonConfigurationKeysPublic.FS_AUTOMATIC_CLOSE_KEY, AUTO_CLOSE);
config.set(CommonConfigurationKeysPublic.FS_DEFAULT_NAME_KEY, defaultFS);
config.set("hbase.zookeeper.quorum", ConfigUtil.getProperty(CommonConstants.HBASE_CONF, "hbase.host"));
config.set("hbase.zookeeper.property.clientPort", ConfigUtil.getProperty(CommonConstants.HBASE_CONF, "hbase.port"));
config.set("hbase.client.retries.number", Integer.toString(0));
config.set("zookeeper.session.timeout", Integer.toString(6000));
config.set("zookeeper.recovery.retry", Integer.toString(0));
config.set("hbase.master", "gauravt-namenode.pbi.global.pvt:60000");
config.set("zookeeper.znode.parent", "/hbase-secure");
config.set("hbase.rpc.engine", "org.apache.hadoop.hbase.ipc.SecureRpcEngine");
config.set("hbase.security.authentication", AUTH_KRB);
config.set("hbase.security.authorization", AUTHORIZATION);
config.set("hbase.master.kerberos.principal", "hbase/[email protected]");
config.set("hbase.master.keytab.file", "D:/var/lib/bda/secure/keytabs/hbase.service.keytab");
config.set("hbase.regionserver.kerberos.principal", "hbase/gauravt-datan[email protected]");
config.set("hbase.regionserver.keytab.file", "D:/var/lib/bda/secure/keytabs/hbase.service.keytab");
UserGroup@R_6_404[email protected]figuration(config);
UserGroup@R_6_4045@ion userGroup@R_6_4045@ion = UserGroup@R_6_404[email protected]("hbase/gauravt-datan[email protected]", "D:/var/lib/bda/secure/keytabs/hbase.service.keytab");
UserGroup@R_6_404[email protected](userGroup@R_6_4045@ion);
User user = User.create(userGroup@R_6_4045@ion);
user.runAs(new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
HBaseAdmin admins = new HBaseAdmin(config);
if(admins.isTableAvailable("ambarismoketest")) {
System.out.println("Table is available");
};
HConnection connection = HConnectionManager.createConnection(config);
HTableInterface table = connection.getTable("ambarismoketest");
admins.close();
System.out.println(table.get(new Get(null)));
return table.get(new Get(null));
}
});
System.out.println(UserGroup@R_6_404[email protected]().getUserName());
} catch (Exception e) {
// Todo Auto-generated catch block
e.printstacktrace();
}
我得到以下异常:
Caused by: org.apache.hadoop.ipc.remoteexception(javax.security.sasl.SaslException): GSS initiate Failed
at org.apache.hadoop.hbase.security.HBaseSaslRpcclient.readStatus(HBaseSaslRpcclient.java:110)
at org.apache.hadoop.hbase.security.HBaseSaslRpcclient.saslConnect(HBaseSaslRpcclient.java:146)
at org.apache.hadoop.hbase.ipc.Rpcclient$Connection.setupSaslConnection(Rpcclient.java:762)
at org.apache.hadoop.hbase.ipc.Rpcclient$Connection.access$600(Rpcclient.java:354)
at org.apache.hadoop.hbase.ipc.Rpcclient$Connection$2.run(Rpcclient.java:883)
at org.apache.hadoop.hbase.ipc.Rpcclient$Connection$2.run(Rpcclient.java:880)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:396)
at org.apache.hadoop.security.UserGroup@R_6_404[email protected](UserGroup@R_6_404[email protected]:1491)
at org.apache.hadoop.hbase.ipc.Rpcclient$Connection.setupIOstreams(Rpcclient.java:880)
... 33 more
任何指针都会有所帮助.
解决方法:
不确定你是否还需要帮助.我认为你的代码片段中缺少设置“hadoop.security.authentication”属性.
我使用以下代码片段连接到安全HBase(在CDH5上).你可以尝试一下.
config.set("hbase.zookeeper.quorum", zookeeperHosts);
config.set("hbase.zookeeper.property.clientPort", zookeeperPort);
config.set("hadoop.security.authentication", "kerberos");
config.set("hbase.security.authentication", "kerberos");
config.set("hbase.master.kerberos.principal", HBASE_MASTER_PRINCIPAL);
config.set("hbase.regionserver.kerberos.principal", HBASE_RS_PRINCIPAL);
UserGroup@R_6_404[email protected]figuration(config);
UserGroup@R_6_404[email protected](ZOOKEEPER_PRINCIPAL,ZOOKEEPER_KEYTAB);
HBaseAdmin admins = new HBaseAdmin(config);
TableName[] tables = admins.listTableNames();
for(TableName table: tables){
System.out.println(table.toString());
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
