Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-11888

bootstrapStandby command broken in JDK1.8 with kerberos

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Duplicate
    • Affects Version/s: 2.6.0
    • Fix Version/s: None
    • Component/s: security
    • Labels:
      None
    • Environment:

      Suse 11 Sp3
      java = 1.8.0_40

      Description

      bootstrapStandby is failing incase of JDK1.8 with kerberos

      ./hdfs namenode -bootstrapStandby

      Caused by: org.apache.hadoop.security.authentication.client.AuthenticationException: org.apache.hadoop.security.authentication.client.AuthenticationException: Invalid SPNEGO sequence, status code: 403
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:335)
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.authenticate(KerberosAuthenticator.java:206)
              at org.apache.hadoop.security.authentication.client.AuthenticatedURL.openConnection(AuthenticatedURL.java:215)
              at org.apache.hadoop.hdfs.web.URLConnectionFactory.openConnection(URLConnectionFactory.java:162)
              at org.apache.hadoop.hdfs.server.namenode.TransferFsImage.doGetUrl(TransferFsImage.java:403)
              ... 16 more
      Caused by: org.apache.hadoop.security.authentication.client.AuthenticationException: Invalid SPNEGO sequence, status code: 403
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.readToken(KerberosAuthenticator.java:370)
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.access$300(KerberosAuthenticator.java:55)
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:320)
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1.run(KerberosAuthenticator.java:288)
              at java.security.AccessController.doPrivileged(Native Method)
              at javax.security.auth.Subject.doAs(Subject.java:415)
              at org.apache.hadoop.security.authentication.client.KerberosAuthenticator.doSpnegoSequence(KerberosAuthenticator.java:288)
              ... 20 more
      

        Attachments

        1. HADOOP-11888.patch
          1 kB
          Surendra Singh Lilhore

          Issue Links

            Activity

              People

              • Assignee:
                surendrasingh Surendra Singh Lilhore
                Reporter:
                bibinchundatt Bibin A Chundatt
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: