我已经使用kerberos(cdh4.3)将hadoop hdfs配置为启用了安全性。它工作的很好,我可以做所有的操作使用命令行工具。还有其他一些非hadoop集群节点需要通过restapi访问hdfs文件系统,所以我已经启用了webhdfs并配置了kerberos。
对于不涉及临时重定向的操作,我的安全webhdfs可以正常工作:例如liststatus、create directory、remove directory、remove files,所有这些都可以正常工作。但对于创建文件、打开文件等两步操作,失败的信息如下:
[DEV][root@namenode ~]# curl -i --negotiate -u : -X
PUT "http: //namenode:50070/webhdfs/v1/tmp/hosts.txt?op=CREATE"
HTTP/1.1 401
Date: Fri, 25 Apr 2014 02:45:48 GMT
Pragma: no-cache
Date: Fri, 25 Apr 2014 02:45:48 GMT
Pragma: no-cache
WWW-Authenticate: Negotiate
Set-Cookie: hadoop.auth=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT
Content-Length: 0
Server: Jetty(6.1.26.cloudera.2)
HTTP/1.1 307 TEMPORARY_REDIRECT
Cache-Control: no-cache
Expires: Thu, 01-Jan-1970 00:00:00 GMT
Date: Fri, 25 Apr 2014 02:45:48 GMT
Pragma: no-cache
Date: Fri, 25 Apr 2014 02:45:48 GMT
Pragma: no-cache
Set-Cookie:
hadoop.auth="u=hdfs&p=hdfs@UNIXKRB&t=kerberos&e=1398429948267&s=XhEp/tfs5Pfp04Dp
9yy1moFPnEo=";Path=/
Location: http: //datanode.net:1006/webhdfs/v1/tmp/hosts.txt?
op=CREATE&delegation=HgAEaGRmcwRoZGZzAIoBRZbGSGyKAUW60sxsWo4BAhTfG8IRyDJjJ2BSR7K
hveMEo3V4dxJXRUJIREZTIGRlbGVnYXRpb24NMC4wLjAuMDo1MDA3MA&namenoderpcaddress=
namenode.net:8020&overwrite=false
Content-Type: application/octet-stream
Content-Length: 0
Server: Jetty(6.1.26.cloudera.2)
[DEV][root@namenode~]# curl -i -X PUT -T hosts.txt
http: //datanode.net:1006/webhdfs/v1/tmp/hosts.txt?
op=CREATE&delegation=HgAEaGRmcwRoZGZzAIoBRZbGSGyKAUW60sxsWo4BAhTfG8IRyDJjJ2
BSR7KhveMEo3V4dxJXRUJIREZTIGRlbGVnYXRpb24NMC4wLjAuMDo1MDA3MA&namenoderpcaddress=
namenode.net:8020&overwrite=false
[2] 19047
[3] 19048
[4] 19049
[DEV][root@namenode~]# HTTP/1.1 100 Continue
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Expires: Fri, 25 Apr 2014 02:46:26 GMT
Date: Fri, 25 Apr 2014 02:46:26 GMT
Pragma: no-cache
Expires: Fri, 25 Apr 2014 02:46:26 GMT
Date: Fri, 25 Apr 2014 02:46:26 GMT
Pragma: no-cache
Content-Type: application/json
Transfer-Encoding: chunked
Server: Jetty(6.1.26.cloudera.2)
{"RemoteException":
{"exception":"SecurityException","javaClassName":"java.lang.SecurityException",
"message":"Failed to obtain user group information: java.io.IOException:
Security enabled but user not authenticated by filter"}}
[2] Done curl -i -X PUT -T hosts.txt
http://datanode.net:1006/webhdfs/v1/tmp/hosts.txt?op=CREATE
[3] Done
delegation=HgAEaGRmcwRoZGZzAIoBRZbGSGyKAUW60sxsWo4BAhTfG8IRyDJjJ2BSR7KhveM
Eo3V4dxJXRUJIREZTIGRlbGVnYXRpb24NMC4wLjAuMDo1MDA3MA
[4]- Done namenoderpcaddress=namenode.net:8020
[DEV][root@namenode ~]#有人能发光吗?
谢谢,
1条答案
按热度按时间czfnxgou1#
在我的情况下,它运行良好,如下所示:
注意-如果您的屏幕截图不是经过编辑/修改的,那么您几乎没有语法问题(“”)和打字错误。我打赌你错过了第一个命令的http输入的“”。请在此处查看您的信息-http://hadoop.apache.org/docs/r1.0.4/webhdfs.html
顺便说一句,我用了高清,应该没有太大的区别,虽然。