AnsweredAssumed Answered

Turn off auth:SIMPLE

Question asked by peterluo95014 on Sep 13, 2018

I use Kerberos authentication. The log, SecurityAuth.audit says the client, ip-10-11-32-13.ec2.internal has been authenticated twice. It is authenticated by default authentication (auth:SIMPLE). Then, it is authenticated again by Kerberos (auth:KERBEROS)

 

2018-09-13 22:55:22,178 INFO SecurityLogger.org.apache.hadoop.hbase.Server: Auth successful for mapr/ip-10-11-32-13.ec2.internal@EC2.INTERNAL (auth:SIMPLE)

 

2018-09-13 22:55:22,236 INFO SecurityLogger.org.apache.hadoop.security.authorize.ServiceAuthorizationManager: Authorization successful for mapr/ip-10-11-32-13.ec2.internal@EC2.INTERNAL (auth:KERBEROS) for protocol=interface org.apache.hadoop.hbase.protobuf.generated.RegionServerStatusProtos$RegionServerStatusService$BlockingInterface

 

I got "Couldn't setup connection" due to (auth:SIMPLE).

 

2018-09-13 23:36:38,362 WARN  [MASTER_SERVER_OPERATIONS-ip-10-11-32-216:60001-0] master.AssignmentManager: Failed assignment of hbase:meta,,1.1588230740 to ip-10-11-32-13.ec2.internal,60021,1536879400640, trying to assign elsewhere instead; try=1 of 10

java.io.IOException: Couldn't setup connection for mapr/ip-10-11-32-216.ec2.internal@EC2.INTERNAL to mapr/ip-10-11-32-13.ec2.internal@EC2.INTERNAL

 

In the hbase-site.xml:

  <property><name>hbase.security.authentication</name><value>kerberos</value></property>

  <property><name>hbase.security.authorization</name><value>true</value></property>

Outcomes