Skip to main content

Qlik

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Announcements
A fresh, new look for the Data Integration & Quality forums and navigation! Read more about what's changed.
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
mshafeeq
Contributor III
‎2022-12-28 02:11 AM

Unable to obtain password from user

hello, job is running normally on localhost but i'm using jobserver to run the job from target Exec tab to test the job on server to be able to run it on TAC , i tried also to change keytab path to jobserver path but also failed with same error , any help ??

Checking ports...

Sending job 'ProdDemo' to server (edp-prd-talnd-js02:8001)...

File transfer completed.

Deploying job 'ProdDemo' on server (172.16.163.174:8000)...

Running job 'ProdDemo'...

Starting job ProdDemo at 23:07 27/12/2022.

NOTE: Picked up JDK_JAVA_OPTIONS: --add-reads=java.xml=java.logging --add-exports=java.base/org.apache.karaf.specs.locator=java.xml,ALL-UNNAMED --patch-module java.base=lib/endorsed/org.apache.karaf.specs.locator-4.2.11.jar --patch-module java.xml=lib/endorsed/org.apache.karaf.specs.java.xml-4.2.11.jar --add-opens java.base/java.security=ALL-UNNAMED --add-opens java.base/java.net=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.naming/javax.naming.spi=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.file=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.ftp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=java.base/sun.net.www.content.text=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED

WARNING: package org.apache.karaf.specs.locator not in java.base

[statistics] connecting to socket on port 3705

[statistics] connected

[FATAL] 09:07:26 uat.proddemo_0_1.ProdDemo- tHDFSConnection_1 failure to login: for principal: prdtest@ZAINJO.AI from keytab C:/Users/devtest/Downloads/prod/prdtest.keytab javax.security.auth.login.LoginException: Unable to obtain password from user

org.apache.hadoop.security.KerberosAuthException: failure to login: for principal: prdtest@ZAINJO.AI from keytab C:/Users/devtest/Downloads/prod/prdtest.keytab javax.security.auth.login.LoginException: Unable to obtain password from user

at org.apache.hadoop.security.UserGroupInformation.doSubjectLogin(UserGroupInformation.java:1993) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytabAndReturnUGI(UserGroupInformation.java:1361) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.security.UserGroupInformation.loginUserFromKeytab(UserGroupInformation.java:1141) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at uat.proddemo_0_1.ProdDemo.tHDFSConnection_1Process(ProdDemo.java:2069) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.tPrejob_1Process(ProdDemo.java:1894) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.runJobInTOS(ProdDemo.java:8919) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.main(ProdDemo.java:8541) [proddemo_0_1.jar:?]

Caused by: javax.security.auth.login.LoginException: Unable to obtain password from user

at com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5LoginModule.java:877) ~[jdk.security.auth:?]

at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:740) ~[jdk.security.auth:?]

at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:592) ~[jdk.security.auth:?]

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:747) ~[?:?]

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:672) ~[?:?]

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:670) ~[?:?]

at java.security.AccessController.doPrivileged(Native Method) ~[?:?]

at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:670) ~[?:?]

at javax.security.auth.login.LoginContext.login(LoginContext.java:581) ~[?:?]

at org.apache.hadoop.security.UserGroupInformation$HadoopLoginContext.login(UserGroupInformation.java:2072) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.security.UserGroupInformation.doSubjectLogin(UserGroupInformation.java:1983) ~[hadoop-common-3.1.1.7.1.1.0-565.jar:?]

... 6 more

Labels (2)
Labels
465 Views
0 Likes
2 Replies
Anonymous
Not applicable
‎2022-12-29 02:33 AM

Hi

Is jobserver installed on the same machine where studio is installed? If not, the keytab file should exist on Jobserver and set the file path pointed to Jobserver's keytab. Additionally, ensure that the right permissions are available on the keytab file.

 

Regards

Shong

465 Views
0 Likes
mshafeeq
Contributor III
‎2022-12-29 05:34 AM
Author

In response to Anonymous

i did that and change the path to job server keytab but faced new error

 

OTE: Picked up JDK_JAVA_OPTIONS: --add-reads=java.xml=java.logging --add-exports=java.base/org.apache.karaf.specs.locator=java.xml,ALL-UNNAMED --patch-module java.base=lib/endorsed/org.apache.karaf.specs.locator-4.2.11.jar --patch-module java.xml=lib/endorsed/org.apache.karaf.specs.java.xml-4.2.11.jar --add-opens java.base/java.security=ALL-UNNAMED --add-opens java.base/java.net=ALL-UNNAMED --add-opens java.base/java.lang=ALL-UNNAMED --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.naming/javax.naming.spi=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport.tcp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.file=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.ftp=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.https=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-exports=java.base/sun.net.www.content.text=ALL-UNNAMED --add-exports=jdk.xml.dom/org.w3c.dom.html=ALL-UNNAMED --add-exports=jdk.naming.rmi/com.sun.jndi.url.rmi=ALL-UNNAMED

WARNING: package org.apache.karaf.specs.locator not in java.base

[statistics] connecting to socket on port 3396

[statistics] connected

[ERROR] 12:22:13 org.apache.thrift.transport.TSaslTransport- SASL negotiation failure

javax.security.sasl.SaslException: GSS initiate failed

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:222) ~[jdk.security.jgss:?]

at org.apache.thrift.transport.TSaslClientTransport.handleSaslStartMessage(TSaslClientTransport.java:94) ~[hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:271) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hadoop.hive.metastore.security.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:51) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hadoop.hive.metastore.security.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:48) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at java.security.AccessController.doPrivileged(Native Method) ~[?:?]

at javax.security.auth.Subject.doAs(Subject.java:423) [?:?]

at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1876) [hadoop-common-3.1.1.7.1.1.0-565.jar:?]

at org.apache.hadoop.hive.metastore.security.TUGIAssumingTransport.open(TUGIAssumingTransport.java:48) [hive-exec-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:441) [hive-jdbc-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:317) [hive-jdbc-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:107) [hive-jdbc-3.1.3000.7.1.1.0-565.jar:3.1.3000.7.1.1.0-565]

at java.sql.DriverManager.getConnection(DriverManager.java:677) [java.sql:?]

at java.sql.DriverManager.getConnection(DriverManager.java:251) [java.sql:?]

at uat.proddemo_0_1.ProdDemo.tHiveConnection_1Process(ProdDemo.java:2372) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.tHDFSConnection_1Process(ProdDemo.java:2165) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.tPrejob_1Process(ProdDemo.java:1880) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.runJobInTOS(ProdDemo.java:8571) [proddemo_0_1.jar:?]

at uat.proddemo_0_1.ProdDemo.main(ProdDemo.java:8193) [proddemo_0_1.jar:?]

Caused by: org.ietf.jgss.GSSException: No valid credentials provided (Mechanism level: KDC has no support for encryption type (14))

at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:773) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:266) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196) ~[java.security.jgss:?]

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:203) ~[jdk.security.jgss:?]

... 19 more

Caused by: sun.security.krb5.KrbException: KDC has no support for encryption type (14)

at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:70) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:226) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:237) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.serviceCredsSingle(CredentialsUtil.java:477) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:340) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.serviceCreds(CredentialsUtil.java:314) ~[java.security.jgss:?]

at sun.security.krb5.internal.CredentialsUtil.acquireServiceCreds(CredentialsUtil.java:169) ~[java.security.jgss:?]

at sun.security.krb5.Credentials.acquireServiceCreds(Credentials.java:490) ~[java.security.jgss:?]

at sun.security.jgss.krb5.Krb5Context.initSecContext(Krb5Context.java:697) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:266) ~[java.security.jgss:?]

at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:196) ~[java.security.jgss:?]

at com.sun.security.sasl.gsskerb.GssKrb5Client.evaluateChallenge(GssKrb5Client.java:203) ~[jdk.security.jgss:?]

... 19 more

Caused by: sun.security.krb5.Asn1Exception: Identifier doesn't match expected value (906)

at sun.security.krb5.internal.KDCRep.init(KDCRep.java:140) ~[java.security.jgss:?]

at sun.security.krb5.internal.TGSRep.init(TGSRep.java:65) ~[java.security.jgss:?]

at sun.security.krb5.internal.TGSRep.<init>(TGSRep.java:60) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsRep.<init>(KrbTgsRep.java:55) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.getReply(KrbTgsReq.java:226) ~[java.security.jgss:?]

at sun.security.krb5.KrbTgsReq.sendAndGetCreds(KrbTgsReq.java:237) ~[java.security.jgss:?]

465 Views
0 Likes
Top