topic Re: Unable to obtain password from user in Talend Studio

Unable to obtain password from user

mshafeeq — Fri, 15 Nov 2024 22:14:14 GMT

hello, job is running normally on localhost but i'm using jobserver to run the job from target Exec tab to test the job on server to be able to run it on TAC , i tried also to change keytab path to jobserver path but also failed with same error , any help ??

Checking ports...

Sending job 'ProdDemo' to server (edp-prd-talnd-js02:8001)...

File transfer completed.

Deploying job 'ProdDemo' on server (172.16.163.174:8000)...

Running job 'ProdDemo'...

Starting job ProdDemo at 23:07 27/12/2022.

NOTE: Picked up JDK_JAVA_OPTIONS: --add-reads=java.xml=java.logging --add-exports=java.base/org.apache.karaf.specs.locator=java.xml,ALL-UNNAMED --patch-module java.base=lib/endorsed/org.apache.karaf.specs.locator-4.2.11.jar --patch-module java.xml=lib/endorsed/org.apache.karaf.specs.java.xml-4.2.11.jar --add-opens java.base/java.security=ALL-UNNAMED --add-opens java.base/java.net=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.naming/javax.naming.spi=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.file=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.ftp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=java.base/sun.net.www.content.text=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED

WARNING: package org.apache.karaf.specs.locator not in java.base

[statistics] connecting to socket on port 3705

[statistics] connected

[FATAL] 09:07:26 uat.proddemo_0_1.ProdDemo- tHDFSConnection_1 failure to login: for principal: prdtest@ZAINJO.AI from keytab C:/Users/devtest/Downloads/prod/prdtest.keytab javax.security.auth.login.LoginException: Unable to obtain password from user

org.apache.hadoop.security.KerberosAuthException: failure to login: for principal: prdtest@ZAINJO.AI from keytab C:/Users/devtest/Downloads/prod/prdtest.keytab javax.security.auth.login.LoginException: Unable to obtain password from user

at org.apache.hadoop.security.UserGroupInformation.doSubjectLogin(UserGroupInformation.java:1993) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytabAndReturnUGI(UserGroupInformation.java:1361) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:1141) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at uat.proddemo_0_1.ProdDemo.tHDFSConnection_1Process(ProdDemo.java:2069) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.tPrejob_1Process(ProdDemo.java:1894) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.runJobInTOS(ProdDemo.java:8919) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.main(ProdDemo.java:8541) [proddemo_0_1.jar:?]

Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:877) ~[jdk.security.auth:?]

at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:740) ~[jdk.security.auth:?]

at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:592) ~[jdk.security.auth:?]

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:747) ~[?:?]

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:672) ~[?:?]

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:670) ~[?:?]

at java.security.AccessController.doPrivileged(Native Method) ~[?:?]

at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:670) ~[?:?]

at javax.security.auth.login.LoginContext.login(LoginContext.java:581) ~[?:?]

at org.apache.hadoop.security.UserGroupInformation$HadoopLoginContext.login(UserGroupInformation.java:2072) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.security.UserGroupInformation.doSubjectLogin(UserGroupInformation.java:1983) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

... 6 more

Re: Unable to obtain password from user

Anonymous — Thu, 29 Dec 2022 07:33:36 GMT

Is jobserver installed on the same machine where studio is installed? If not, the keytab file should exist on Jobserver and set the file path pointed to Jobserver's keytab. Additionally, ensure that the right permissions are available on the keytab file.

Regards

Shong

Re: Unable to obtain password from user

mshafeeq — Thu, 29 Dec 2022 10:34:19 GMT

i did that and change the path to job server keytab but faced new error

OTE: Picked up JDK_JAVA_OPTIONS: --add-reads=java.xml=java.logging --add-exports=java.base/org.apache.karaf.specs.locator=java.xml,ALL-UNNAMED --patch-module java.base=lib/endorsed/org.apache.karaf.specs.locator-4.2.11.jar --patch-module java.xml=lib/endorsed/org.apache.karaf.specs.java.xml-4.2.11.jar --add-opens java.base/java.security=ALL-UNNAMED --add-opens java.base/java.net=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.naming/javax.naming.spi=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.file=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.ftp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=java.base/sun.net.www.content.text=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED

WARNING: package org.apache.karaf.specs.locator not in java.base

[statistics] connecting to socket on port 3396

[statistics] connected

[ERROR] 12:22:13 org.apache.thrift.transport.TSaslTransport- SASL negotiation failure

javax.security.sasl.SaslException: GSS initiate failed

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:222) ~[jdk.security.jgss:?]

at org.apache.thrift.transport.TSaslClientTransport.handleSaslStartMessage(TSaslClientTransport.java:94) ~[hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hadoop.hive.metastore.security.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:51) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hadoop.hive.metastore.security.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:48) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at java.security.AccessController.doPrivileged(Native Method) ~[?:?]

at javax.security.auth.Subject.doAs(Subject.java:423) [?:?]

at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1876) [hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.hive.metastore.security.TUGIAssumingTransport.open(TUGIAssumingTransport.java:48) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:441) [hive-jdbc-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:317) [hive-jdbc-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:107) [hive-jdbc-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at java.sql.DriverManager.getConnection(DriverManager.java:677) [java.sql:?]

at java.sql.DriverManager.getConnection(DriverManager.java:251) [java.sql:?]

at uat.proddemo_0_1.ProdDemo.tHiveConnection_1Process(ProdDemo.java:2372) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.tHDFSConnection_1Process(ProdDemo.java:2165) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.tPrejob_1Process(ProdDemo.java:1880) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.runJobInTOS(ProdDemo.java:8571) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.main(ProdDemo.java:8193) [proddemo_0_1.jar:?]

Caused by: org.ietf.jgss.GSSException: No valid credentials provided (Mechanism level: KDC has no support for encryption type (14))

at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:773) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:266) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196) ~[java.security.jgss:?]

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:203) ~[jdk.security.jgss:?]

... 19 more

Caused by: sun.security.krb5.KrbException: KDC has no support for encryption type (14)

at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:70) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:226) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:237) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.serviceCredsSingle(CredentialsUtil.java:477) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:340) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:314) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:169) ~[java.security.jgss:?]

at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:490) ~[java.security.jgss:?]

at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:697) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:266) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196) ~[java.security.jgss:?]

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:203) ~[jdk.security.jgss:?]

... 19 more

Caused by: sun.security.krb5.Asn1Exception: Identifier doesn't match expected value (906)

at sun.security.krb5.internal.KDCRep.init(KDCRep.java:140) ~[java.security.jgss:?]

at sun.security.krb5.internal.TGSRep.init(TGSRep.java:65) ~[java.security.jgss:?]

at sun.security.krb5.internal.TGSRep.<init>(TGSRep.java:60) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:55) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:226) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:237) ~[java.security.jgss:?]