I am trying to set the alias for my beeline. And facing an issue.
if I login to beeline and then provide following connection string it works. It asks me for username and password and I am able to login.
!connect jdbc:hive2://<my_domain>:8449/;ssl=true;transportMode=http;httpPath=gateway/emr-cluster-top/hive;sslTrustStore=/etc/pki/ca-trust/extracted/java/cacerts;trustStorePassword=changeit
However if I run following command, it's not working. Not sure what I am doing wrong.
beeline -u jdbc:hive2://<my_domain>:8449/;ssl=true;transportMode=http;httpPath=gateway/emr-cluster-top/hive;sslTrustStore=/etc/pki/ca-trust/extracted/java/cacerts;trustStorePassword=changeit -n my_user -=p my_pass
Error
Caused by: java.sql.SQLException: Could not establish connection to jdbc:hive2://<my_domain>:8449/;ssl=true;transportMode=http;httpPath=gateway/emr-cluster-top/hive;sslTrustStore=/etc/pki/ca-trust/extracted/java/cacerts;trustStorePassword=changeit: HTTP Response code: 401
at org.apache.hive.jdbc.HiveConnection.openSession(HiveConnection.java:699)
at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:200)
... 25 more
Caused by: org.apache.thrift.transport.TTransportException: HTTP Response code: 401
at org.apache.thrift.transport.THttpClient.flushUsingHttpClient(THttpClient.java:262)
at org.apache.thrift.transport.THttpClient.flush(THttpClient.java:313)
at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:73)
at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:62)
at org.apache.hive.service.rpc.thrift.TCLIService$Client.send_OpenSession(TCLIService.java:162)
at org.apache.hive.service.rpc.thrift.TCLIService$Client.OpenSession(TCLIService.java:154)
Related
I have karate test suite to execute on teamcity.It is supposed to connect to https://localhost:8086/ but it fails intermittently with error : connecting refused after xxx miliseconds to http://localhost:8086/
I am new to keycloak. I have been following the admin cli guide to automate realm creation ( inside a dockerfile ). The kcadm call to create realm is failing with authentication error - "HTTP error - 401 Unauthorized".
These are the 3 lines which I am trying to execute and the exception is thrown at the last line -
i) $JBOSS_HOME/bin/add-user-keycloak.sh -r master -u uadmin -p ${UADMIN_PWD}
( started the keycloak server after this )
ii) $JBOSS_HOME/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master -user uadmin --password ${UADMIN_PWD}
iii) $JBOSS_HOME/bin/kcadm.sh create realms -s realm=myrealm -s enabled=true
Top of the stack is here -
04:53:48,721 ERROR [org.jboss.resteasy.resteasy_jaxrs.i18n] (default task-1) RESTEASY002005:
Failed executing POST /admin/realms:org.jboss.resteasy.spi.UnauthorizedException: Bearer
at org.keycloak.services.resources.admin.AdminRoot.authenticateRealmAdminRequest(AdminRoot.java:160)
at org.keycloak.services.resources.admin.AdminRoot.getRealmsAdmin(AdminRoot.java:209)
I inspected the $HOME/.keycloak/kcadm.config file and the content is as below -
$ cat kcadm.config
{
"serverUrl" : "http://localhost:8080/auth",
"realm" : "master",
"endpoints" : { }
}
There is no authentication token , which I could see there.
( One more observation, the "config credentials" command does not throw any exception if an invalid credential is passed. It would be helpful if there is an exception thrown. )
Any pointers for what am I doing wrong here, for the authentication issue during realm creation ?
Actually there was a typo error in the command --
"ii) $JBOSS_HOME/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master -user uadmin --password ${UADMIN_PWD} "
The user parameter was "-user" , which should have been "--user"
Whilst trying to send email using GMAIL on the PDI job, I face a connection timed out error.
Settings were as give below
SMTP ->smtp.gmail.com
Port -> 465 (also tried with 587 and 25)
And followed by SSL connection with my full credentials.
This is the error I am getting
2016/08/24 11:56:48 - Mail - ERROR (version 6.1.0.1-196, build 1 from 2016-04-07 12.08.49 by buildguy) : Problem while sending message: javax.mail.MessagingException: Could not connect to SMTP host: smtp.gmail.com, port: 465;
nested exception is:
java.net.ConnectException: Connection timed out: connect
I see a similar open question here but with little help
Any help?
by using below server configuration i used to send mail from PDI
1.SMTP ->smtp.gmail.com
2.Port -> 465
3. use authentication [check this]
4.authentication user (use your gmail id)
5.authentication password (use your gmail password)
6.use secure authentication
7. secure connection type = SSL
when this job will execute in your gmail account a security concern mail will be sent by gmail team and you need to allow that security check
I'm trying to build in security on our Drill (1.6.0) system. I managed to get the security user authentication to work(JPam as explained in the documentation), but the impersonation does not seem to work. It seems to execute and fetch via the the admin user regardless of who has logged in via ODBC.
My drill-override.conf file is configured as follows:
drill.exec: {
cluster-id: "drillbits1",
zk.connect: "localhost:2181",
impersonation: {
enabled: true,
max_chained_user_hops: 3
},
security.user.auth {
enabled: true,
packages += "org.apache.drill.exec.rpc.user.security",
impl: "pam",
pam_profiles: [ "sudo", "login" ]
}
}
We are also only using Drill on one server, therefore I'm running drill-embedded to start things up. Troubleshooting:
root#srv001:/opt/apache-drill-1.6.0# bin/sqlline -u "jdbc:drill:schema=dfs;zk=localhost:2181;impersonation_target=dUser001" -n entryUser -p entryUserPassword
Error: Failure in connecting to Drill: org.apache.drill.exec.rpc.RpcException: Failure setting up ZK for client. (state=,code=0)
java.sql.SQLException: Failure in connecting to Drill: org.apache.drill.exec.rpc.RpcException: Failure setting up ZK for client.
at org.apache.drill.jdbc.impl.DrillConnectionImpl.<init> (DrillConnectionImpl.java:159)
at org.apache.drill.jdbc.impl.DrillJdbc41Factory.newDrillConnection(DrillJdbc41Factory.java:64)
at org.apache.drill.jdbc.impl.DrillFactory.newConnection(DrillFactory.java:69)
at net.hydromatic.avatica.UnregisteredDriver.connect(UnregisteredDriver.java:126)
at org.apache.drill.jdbc.Driver.connect(Driver.java:72)
at sqlline.DatabaseConnection.connect(DatabaseConnection.java:167)
at sqlline.DatabaseConnection.getConnection(DatabaseConnection.java:213)
at sqlline.Commands.connect(Commands.java:1083)
at sqlline.Commands.connect(Commands.java:1015)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at sqlline.ReflectiveCommandHandler.execute(ReflectiveCommandHandler.java:36)
at sqlline.SqlLine.dispatch(SqlLine.java:742)
at sqlline.SqlLine.initArgs(SqlLine.java:528)
at sqlline.SqlLine.begin(SqlLine.java:596)
at sqlline.SqlLine.start(SqlLine.java:375)
at sqlline.SqlLine.main(SqlLine.java:268)
Caused by: org.apache.drill.exec.rpc.RpcException: Failure setting up ZK for client.
at org.apache.drill.exec.client.DrillClient.connect(DrillClient.java:200)
at org.apache.drill.jdbc.impl.DrillConnectionImpl.<init>(DrillConnectionImpl.java:151)
... 18 more
Caused by: java.io.IOException: Failure to connect to the zookeeper cluster service within the allotted time of 10000 milliseconds.
at org.apache.drill.exec.coord.zk.ZKClusterCoordinator.start(ZKClusterCoordinator.java:123)
at org.apache.drill.exec.client.DrillClient.connect(DrillClient.java:198)
... 19 more
Any ideas on this?
I have also looked at doing my own built in security, but I'm not able to retrieve the username from a SQL query. I have tried the following without any luck:
CURRENT_USER()
USER()
SESSION_USER()
Any ideas on this approach?
I suggest to create a different pam profile (say drill) rather than login and sudo.
Then create drill file under /etc/pam.d/ directory with the content:
#%PAM-1.0
auth include password-auth
account include password-auth
To get connections run:
select * from sys.connections;
I am using OpenDJ-2.4.6 along with Oracle JDK 7.80 and I want to run Multi-master replication on 2 of my servers, the OS for these servers is Amazon Linux.
The OpenDJ setup runs perfectly fine; I can start the server too without any errors.
It is when I run the "dsreplication" script as follows:
./dsreplication enable --host1 server1.example,com --port1 4444 --bindDN1 "cn=Directory Manager" --bindPassword1 "Passw0rd" --replicationPort1 1388 --host2 server2.example,com --port2 4444 --bindDN2 "cn=Directory Manager" --bindPassword2 "Passw0rd" --replicationPort2 1388 --adminUID admin --adminPassword "Passw0rd" --baseDN "dc=example,dc=com"
the script hangs on the following step:
Initializing registration information on server server2.example.com:4444 with the contents of server server1.example.com:4444 .....
And on checking the logs, there is no error reported in there.
But, when I run the following command:
./dsreplication status -h localhost -p 4444 --adminUID admin --adminPassword "Passw0rd" -X
it throws the following error:
The displayed information might not be complete because the following
errors were encountered reading the configuration of the existing
servers: Error on server2.example.com:4444: An error occurred
connecting to the server. Details:
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credentials] Error on server:4444: An error occurred connecting to the
server. Details: javax.naming.AuthenticationException: [LDAP: error
code 49 - Invalid Credentials]
Please help me.
Thanks in advance.
The error could not be more explicit: "Invalid Credentials" on server 2.
Check the bindDN and bindPassword are valid against server 2.
When doing replication with OpenDJ, the hostnames must be resolved and addressable from either machines. Have you checked that this is the case with your Amazon Linux servers ?