溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
SPNEGO(SPNEGO: Simple and Protected GSS-API Negotiation)是微軟提供的一種使用GSS-API認證機制的安全協議,用于使Webserver共享Windows Credentials,它擴展了Kerberos(一種網絡認證協議)。當使用Kerberos進行認證時,通過Ambari-server訪問某一個集群應用的HTTP協議API的時候,需要把Ambari WEB端已經通過GSS-API認證的Kerberos principal的Token,共享給集群應用的HTTP協議的API;如果Ambari未配置開啟、配置SPNEGO安全協議,Ambari請求集群HTTP協議API獲取數據時,將認證失敗,無法獲取數據。Ambari-server提示“SPNego authentication failed, can not get hadoop.auth cookie”錯誤信息1. 停止Ambari-server進程
[root@server bin]$ systemctl stop ambari-server
2. 開啟并配置安全協議
[root@server bin]$ ambari-server setup-security
Using python /usr/bin/python
Security setup options...
===========================================================================
Choose one of the following options:
[1] Enable HTTPS for Ambari server.
[2] Encrypt passwords stored in ambari.properties file.
[3] Setup Ambari kerberos JAAS configuration.
[4] Setup truststore.
[5] Import certificate to truststore.
===========================================================================
Enter choice, (1-5): 3
Setting up Ambari kerberos JAAS configuration to access secured Hadoop daemons...
Enter ambari server's kerberos principal name (ambari@EXAMPLE.COM): ambari-server-test@TEST.COM
Enter keytab path for ambari server's kerberos principal: /etc/security/keytabs/ambari.server.keytab
Ambari Server 'setup-security' completed successfully.
3. 重啟Ambari-server進程使之生效
[root@server bin]$ systemctl start ambari-server免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
