node.js和npm jdbc包问题与kerberized apache phoenix

我正在使用nodejs和npm jdbc包连接到hortonworks上的kerberized Apache phoenix,我能够使用nodejs和jdbc包连接到非kerberized phoenix,但是面对kerberized phoenix的Kerberos身份验证错误.如果有人做了类似的事情,请给出一些指示.

Klist命令:

klist -k -t -e /etc/security/keytabs/kafka.headless.keytab
Keytab name: FILE:/etc/security/keytabs/kafka.headless.keytab
KVNO Timestamp         Principal
---- ----------------- --------------------------------------------------------
   1 09/30/16 10:10:27 kafka@REALM.LAN (aes256-cts-hmac-sha1-96)

码:

var express = require('express');
var app = express();

var server = require('http').Server(app);
var https =require('http');
var io = require('socket.io')(server);
var kafka = require('kafka-node');
var cassandra = require('cassandra-driver');
var JDBC = require('jdbc');
var jinst = require('jdbc/lib/jinst');
var asyncjs = require('async');
//var Pool = require('jdbc/lib/pool');
//var nodeunit = require('nodeunit');
//var _ = require('lodash');

var _ = require('underscore');
 //ar cors = require("cors");
app.use(express.static(__dirname + '/view'));


server.listen(3000);
app.use('/bower_components',  express.static(__dirname + '/bower_components'));
app.get('/', function (req, res, next) { res.sendFile(__dirname + '/index.html');});

if (!jinst.isJvmCreated()) {
  jinst.addOption("-Xrs");
  jinst.setupClasspath(['/etc/krb5.conf',
                         '/usr/hdp/2.4.2.0-258/hadoop/conf',
                         '/etc/hbase/conf/core-site.xml',
                         '/etc/hbase/conf/hbase-site.xml',
                         '/etc/hbase/conf/hbase-policy.xml',
                         '/etc/hbase/conf/hbase_client_jaas.conf',
                         '/etc/hbase/conf/hbase_regionserver_jaas.conf',
                         '/etc/hbase/conf/hdfs-site.xml',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-client-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-common-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/hbase/lib/hbase-server-1.1.2.2.4.2.0-258.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-thin-client.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-server-4.4.0.2.4.2.0-258-runnable.jar',
                         '/usr/hdp/2.4.2.0-258/phoenix/phoenix-4.4.0.2.4.2.0-258-client.jar']);


var config = {
  url: 'jdbc:phoenix:piv-prd-os-646.forsys.lan:2181:/hbase-secure:kafka@FORSYS.LAN:/etc/security/keytabs/kafka.headless.keytab',
  drivername: 'org.apache.phoenix.jdbc.PhoenixDriver',
  //user : 'root',
  //password: 'root',
  //properties: {}
  minpoolsize: 2,
  maxpoolsize: 3
  };

var hsqldb = new JDBC(config);

hsqldb.initialize(function(err) {
  if (err) {
    console.log(err);
  }
  else
  {
    console.log("---- initialize successfully ----")
  }
});

例外:

error:  Error: Error running static method
java.sql.SQLException: ERROR 103 (08004): Unable to establish connection.
        at org.apache.phoenix.exception.SQLExceptionCode$Factory$1.newException(SQLExceptionCode.java:395)
        at org.apache.phoenix.exception.SQLExceptionInfo.buildException(SQLExceptionInfo.java:145)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:287)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.access$300(ConnectionQueryServicesImpl.java:170)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1840)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl$12.call(ConnectionQueryServicesImpl.java:1819)
        at org.apache.phoenix.util.PhoenixContextExecutor.call(PhoenixContextExecutor.java:77)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.init(ConnectionQueryServicesImpl.java:1819)
        at org.apache.phoenix.jdbc.PhoenixDriver.getConnectionQueryServices(PhoenixDriver.java:180)
        at org.apache.phoenix.jdbc.PhoenixEmbeddedDriver.connect(PhoenixEmbeddedDriver.java:132)
        at org.apache.phoenix.jdbc.PhoenixDriver.connect(PhoenixDriver.java:151)
        at java.sql.DriverManager.getConnection(DriverManager.java:571)
        at java.sql.DriverManager.getConnection(DriverManager.java:187)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
Caused by: java.io.IOException: Login failure for kafka@FORSYS.LAN from keytab /etc/security/keytabs/kafka.headless.keytab: javax.security.auth.login.LoginException: Unable to obtain password from user

        at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:976)
        at org.apache.hadoop.security.SecurityUtil.login(SecurityUtil.java:280)
        at org.apache.hadoop.hbase.security.User$SecureHadoopUser.login(User.java:386)
        at org.apache.hadoop.hbase.security.User.login(User.java:253)
        at org.apache.phoenix.query.ConnectionQueryServicesImpl.openConnection(ConnectionQueryServicesImpl.java:282)
        ... 14 more
Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

        at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:856)
        at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:719)
        at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:584)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)
        at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)
        at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)
        at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)
        at javax.security.auth.login.LoginContext.login(LoginContext.java:595)
        at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:967)
        ... 18 more

最佳答案 我能够通过以下变化来解决这个问题:

解:

if (!jinst.isJvmCreated()) {
  jinst.addOption("-Xrs");
  jinst.addOption("-Djava.security.auth.login.config=/home/user/jar/hbase_client_jaas.conf");
  jinst.addOption("-Djava.security.krb5.conf=/etc/krb5.conf");
  jinst.addOption("-Dkerberos.client.reference.name=Client");
  jinst.setupClasspath([
                        '/etc/hbase/2.4.2.0-258/0/',
                        '/etc/hadoop/2.4.2.0-258/0/',
                        '/home/user/jar/phoenix-4.4.0-HBase-1.1-client.jar'
                         ]);
}

var config = {
 url: 'jdbc:phoenix:ZK1,ZK2,ZK3:2181:/hbase-secure:user@REAL.LAN:/home/user/user.headless.keytab',
 drivername: 'org.apache.phoenix.jdbc.PhoenixDriver',
  user : 'hbase',
  password: 'hbase'
  };
点赞