falcon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Balu Vellanki <bvella...@hortonworks.com>
Subject Re: UI throws authentication error
Date Wed, 13 May 2015 14:58:17 GMT
Hi Mahak

In a setup that I have, the one difference between your configs and mine
is this.


We use simple because the UI is currently read-only.  If you want to set
this to kerberos, you will have to configure your browser. An example doc
for firefox is at 

Balu Vellanki 

On 5/13/15, 7:48 AM, "Mahak Mukhi" <mmukhi@yahoo-inc.com.INVALID> wrote:

>I read through the article but I'm not sure if it's the
>startup.properties that is causing this issue. I think its because the
>server is configured to authenticate using kerberos and the browser is
>unable to provide a valid keytab. If that is the case, how do I configure
>the browser to do that. If that is not the case, what might be the issue
>here? Following is a snippet from my startup.properties file.
>##### SPNEGO Configuration
># Authentication type must be specified: simple|kerberos|<class>
># org.apache.falcon.security.RemoteUserInHeaderBasedAuthenticationHandler
>can be used for backwards compatibility
># Indicates how long (in seconds) an authentication token is valid before
>it has to be renewed.
># The signature secret for signing the authentication tokens.
># The domain to use for the HTTP cookie that stores the authentication
># Indicates if anonymous requests are allowed when using 'simple'
># Indicates the Kerberos principal to be used for HTTP endpoint.
># The principal MUST start with 'HTTP/' as per Kerberos HTTP SPNEGO
># Location of the keytab file with the credentials for the HTTP principal.
> Regards,
>Mahak Mukhi
>     On Tuesday, May 12, 2015 1:31 AM, Balu Vellanki
><bvellanki@hortonworks.com> wrote:
> Hi 
>One the user provides user.name through the prompt, it is stored in
>localStorage object. The issue is most probably with authentication
>settings in startup.properties.
>Please look at http://falcon.apache.org/Security.html and make sure the
>properties have correct values,
>On 5/11/15, 9:21 PM, "Pallavi Rao" <pallavi.rao@inmobi.com> wrote:
>>I have noticed that UI requires user.name to be passed as query param,
>>without which it throws that error. Try with
>>https://localhost:15443/?user.name=<user name>
>>The user is not really authenticated.
>>If this doesn't work, then, pass on the config files and logs (as Ying
>>requested), so, we can debug further.
>>On Tue, May 12, 2015 at 5:17 AM, Ying Zheng <yzheng@hortonworks.com>
>>> Hi Mahak,
>>> Could you share your configuration file 'startup.properties'? Could you
>>> provide your falcon.application.log under logs folder?
>>> It is very likely that your startup.property is not set up correctly.
>>> is a guideline:
>>> http://falcon.apache.org/Security.html
>>> Thanks,
>>> Ying
>>> On 5/11/15, 4:05 PM, "Mahak Mukhi" <mmukhi@yahoo-inc.com.INVALID>
>>> >Hi,
>>> >Whenever I try and access the UI to my falcon
>>> >server(https://<servername>:15443/) it  prompts to ask for a user.name
>>> >which follows with the following exception Failed to load data. Error:
>>> >401 Authentication required.
>>> >What might be causing this?
>>> > Regards,
>>> >Mahak Mukhi
>>The information contained in this communication is intended solely for
>>use of the individual or entity to whom it is addressed and others
>>authorized to receive it. It may contain confidential or legally
>>information. If you are not the intended recipient you are hereby
>>that any disclosure, copying, distribution or taking any action in
>>on the contents of this information is strictly prohibited and may be
>>unlawful. If you have received this communication in error, please notify
>>us immediately by responding to this email and then delete it from your
>>system. The firm is neither liable for the proper and complete
>>of the information contained in this communication nor for any delay in

View raw message