- Community Home
- >
- Software
- >
- HPE Ezmeral Software platform
- >
- Authentication failed in Oozie 5.2 after upgrade f...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 08:59 AM
02-02-2021 08:59 AM
I have a MapRSASL secured cluster. Back in oozie4.3 , i had no issues with running the jobs. My configuration:
oozie-env.sh:
export OOZIE_BASE_URL="http://hostname:11000/oozie"
oozie-site.xml:
<property>
<name>oozie.base.url</name>
<value>http://hostname:11000/oozie</value>
</property>
After upgrade to oozie 5.2, the jobs fail on "secure" cluster with below error even after setting oozie.base.url to http://hostname:11000/oozie.
Also, tried by touching the ".customSecure" file as per https://docs.datafabric.hpe.com/62/Oozie/ConfiguringOozieonaSecureCluster.html
and https://docs.datafabric.hpe.com/62/SecurityGuide/Custom-security-in-mapr.html
Is there any additional configuration that needs to be enabled?
Error:
#/opt/mapr/oozie/oozie-5.2.0/bin/oozie admin -status
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by com.mapr.fs.ShimLoader (file:/opt/mapr/oozie/oozie-5.2.0/embedded-oozie-server/webapp/WEB-INF/lib/maprfs-6.2.0.0-mapr.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of com.mapr.fs.ShimLoader
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
log4j:WARN No appenders could be found for logger (org.eclipse.jetty.util.log).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
AUTHENTICATION : Could not authenticate, Authentication failed, status: 302, message: Found
at org.apache.oozie.client.AuthOozieClient.createConnection(AuthOozieClient.java:204)
at org.apache.oozie.client.OozieClient$1.doExecute(OozieClient.java:522)
at org.apache.oozie.client.retry.ConnectionRetriableClient.execute(ConnectionRetriableClient.java:44)
at org.apache.oozie.client.OozieClient.createRetryableConnection(OozieClient.java:524)
at org.apache.oozie.client.OozieClient.getSupportedProtocolVersions(OozieClient.java:399)
at org.apache.oozie.client.OozieClient.validateWSVersion(OozieClient.java:359)
at org.apache.oozie.client.OozieClient.createURL(OozieClient.java:475)
at org.apache.oozie.client.OozieClient.access$000(OozieClient.java:88)
at org.apache.oozie.client.OozieClient$ClientCallable.call(OozieClient.java:569)
at org.apache.oozie.client.OozieClient.getSystemMode(OozieClient.java:2165)
at org.apache.oozie.cli.OozieCLI.adminCommand(OozieCLI.java:2027)
at org.apache.oozie.cli.OozieCLI.processCommand(OozieCLI.java:733)
at org.apache.oozie.cli.OozieCLI.run(OozieCLI.java:682)
at org.apache.oozie.cli.OozieCLI.main(OozieCLI.java:245)
Caused by: org.apache.hadoop.security.authentication.client.AuthenticationException: Authentication failed, status: 302, message: Found
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2021 09:00 AM
02-02-2021 09:00 AM
SolutionI was able to reproduce this issue. Can you try adding below property oozie 5.2 is working fine with "http" in oozie-site.xml.
<property>
<name>oozie.https.enabled</name>
<value>false</value>
</property># ls -lrt /opt/mapr/conf/.custom*
-rw-r--r-- 1 mapr mapr 0 Jan 19 12:19 /opt/mapr/conf/.customSecure# export OOZIE_URL=http://<ip>:11000/oozie
It appears HTTPS is set automatically in secured cluster, but this is more like configuration feature. I do not see a problem with using HTTP in secure cluster. Also, it looks a valid solution based on Apache doc: https://oozie.apache.org/docs/5.1.0/AG_Install.html#Configure_the_Oozie_Server_to_use_SSL_HTTPS
".. Set oozie.https.enabled to true. To revert back to HTTP, set oozie.https.enabled to false"
But, anyway, unless your usecase demands HTTP oozie usage, i would recommend to use HTTPS connection for Oozie.