calcite-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron D. Mihalik" <aaron.miha...@gmail.com>
Subject Re: SPNEGO test failure (was Re: [VOTE] Release apache-calcite-avatica-1.9.0 (release candidate 0))
Date Wed, 26 Oct 2016 19:24:26 GMT
Josh,

I had some spare time this afternoon and I figured out it was a path issue
for the KeyTab location written to server-spnego.conf.  The debug
statements were key.

I submitted a PR at [1].  I'm not sure if that's how you want to actually
fix the issue, but it shows where the error stems from.

The key line in the debug out was the "Found KeyTab" line below:

SpNegoContext.initSecContext: sending token of type = SPNEGO NegTokenInit
SNegoContext.initSecContext: sending token = a0 82 ...
Found KeyTab C:Users mihalik empcalcite vaticaserver
argetHttpServerSpnegoWithJaasTest_keytabsHTTP_localhost.keytab
for HTTP/localhost@EXAMPLE.COM
Entered SpNegoContext.acceptSecContext with state=STATE_NEW
SpNegoContext.acceptSecContext: receiving token = a0 82 ...
SpNegoToken NegTokenInit: reading Mechanism Oid = 1.2.840.113554.1.2.2

--Aaron

[1] https://github.com/apache/calcite/pull/320




On Tue, Oct 25, 2016 at 6:02 PM Josh Elser <elserj@apache.org> wrote:

> Thanks for taking a look at the release, Aaron!
>
> These SPNEGO tests are a pain in my butt. Julian had recently disabled
> one of them because it was just flapping on travis-ci some percentage of
> the time (I think that was some problem with the mini-kdc we use, but
> whatever). I don't think I've ever tried to run them on Windows -- so
> you're probably paving a new path. They *should* work, or, at least, the
> goal is that they pass on Windows.
>
> If you have the motivation/cycles, I'm happy to try to help debug them
> with you. At a minimum, we can also @Assume the test off if we can
> figure out it's being executed on Windows to get a green dashboard on
> all platforms ;)
>
> - Josh
>
> Aaron D. Mihalik wrote:
> > +1 (non-binding)
> >
> > * cloned git://git.apache.org/calcite.git and checked out commit
> > 87df6053a5b76620ffad3cb7b3527c3acd3647cc
> > * Built from source (both git and src.zip using `mvn clean install`)
> > * verified hashes and sig for src.zip and src,tar,gz
> >
> > * All tests passed on my Mac, but there's at least one test failure on my
> > Windows machine.  I tried searching the Calcite Jira for this issue, but
> > 'windows' gives a lot of unrelated results :)  Failure below:
> >
> > Failed tests:
> >    HttpServerSpnegoWithJaasTest.testAuthenticatedClientsAllowed:223
> > expected:<[OK client@EXAMPLE.COM]>  but was:<[<html>
> > <head>
> > <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
> > <title>Error 500</title>
> > </head>
> > <body>
> > <h2>HTTP ERROR: 500</h2>
> > <p>Problem accessing /. Reason:
> > <pre>     Unauthenticated users should not reach here!</pre></p>
> > <hr /><i><small>Powered by Jetty://</small></i>
> > </body>
> > </html>
> > ]>
> >
> > A related error may be:
> > GSSException: Failure unspecified at GSS-API level (Mechanism level:
> > Invalid argument (400) - Cannot find key of appropriate type to decrypt
> AP
> > REP - AES128 CTS mode with HMAC SHA1-96)
> >          at
> > sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:856)
> >          at
> >
> sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342)
> >
> > On Tue, Oct 25, 2016 at 3:19 PM Josh Elser<elserj@apache.org>  wrote:
> >
> >> +1 (binding)
> >>
> >> * sigs/xsums OK
> >> * No binaries in src release
> >> * Shaded jars contain expected classes/relocated classes
> >> * GAV on avatica-1.9.0.jar (shaded avatica-core) hasn't changed over
> >> previous releases
> >> * mvn apache-rat:check OK
> >> * mvn verify OK
> >> * KEYS is up-to-date
> >> * Ran TCK over [1.6.0, 1.7.0, 1.7.1, 1.8.0, 1.9.0-rc0] and saw no
> >> unexpected failures.
> >>
> >> I left some comments on the release notes in the other thread. There are
> >> some improvements I think we could make, but I think they are fine for
> >> the purposes of this release candidate. We can tweak for the final
> >> website later.
> >>
> >> - Josh
> >>
> >> Julian Hyde wrote:
> >>> Hi all,
> >>>
> >>> I have created a build for Apache Calcite avatica-1.9.0, release
> >> candidate 0.
> >>> Thanks to everyone who has contributed to this release.
> >>> You can read the release notes here:
> >>>
> >>
> https://github.com/apache/calcite/blob/branch-avatica-1.9/avatica/site/_docs/history.md
> >>> The commit to be voted upon:
> >>>
> >>
> http://git-wip-us.apache.org/repos/asf/calcite/commit/87df6053a5b76620ffad3cb7b3527c3acd3647cc
> >>> Its hash is 87df6053a5b76620ffad3cb7b3527c3acd3647cc.
> >>>
> >>> The artifacts to be voted on are located here:
> >>>
> >>
> https://dist.apache.org/repos/dist/dev/calcite/apache-calcite-avatica-1.9.0-rc0
> >>> The hashes of the artifacts are as follows:
> >>> src.tar.gz.md5 5e60e38ca4c0564f00f5143ce3a1b831
> >>> src.tar.gz.sha1 ef5de77edc24fb720fb0a42706db9cea6409e720
> >>> src.zip.md5 b92ab3b942942f0221bfcbcb6a2cb633
> >>> src.zip.sha1 a44fee1e755bc547e158633e9c7f9301b5e4661d
> >>>
> >>> A staged Maven repository is available for review at:
> >>>
> https://repository.apache.org/content/repositories/orgapachecalcite-1028
> >>>
> >>> Release artifacts are signed with the following key:
> >>> https://people.apache.org/keys/committer/jhyde.asc
> >>>
> >>> Please vote on releasing this package as Apache Calcite avatica-1.9.0.
> >>>
> >>> The vote is open for the next 72 hours and passes if a majority of
> >>> at least three +1 PMC votes are cast.
> >>>
> >>> [ ] +1 Release this package as Apache Calcite avatica-1.9.0
> >>> [ ]  0 I don't feel strongly about it, but I'm okay with the release
> >>> [ ] -1 Do not release this package because...
> >>>
> >>>
> >>> Here is my vote:
> >>>
> >>> +1 (binding)
> >>>
> >>> Julian
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message