1. 首頁
  2. 問答
  3. 卡桑德拉Java驅動程序與Kerberos安全

卡桑德拉Java驅動程序與Kerberos安全

2013-10-15 45 views
1

我試圖從Datastax Java驅動程序連接到啓用kerberos的cassandra安全集羣。卡桑德拉Java驅動程序與Kerberos安全

樣品連接代碼:

cluster = Cluster.builder().addContactPoint(node).withCredentials("username","password").build(); 
    Metadata metadata = cluster.getMetadata(); 
    System.out.printf("Connected to cluster: %s\n", 
      metadata.getClusterName()); 
    for (Host host : metadata.getAllHosts()) { 
     System.out.printf("Datatacenter: %s; Host: %s; Rack: %s\n", 
       host.getDatacenter(), host.getAddress(), host.getRack()); 

    } 
    session = cluster.connect();

我得到下面的錯誤:

異常線程 「main」 com.datastax.driver.core.exceptions.AuthenticationException:主機驗證錯誤/ xxxx:java.lang.RuntimeException:javax.security.auth.login.LoginException:無法從用戶獲取密碼

at com.datastax.driver.core.Connection.waitForSaslCompletion(Connection.java:204) 
at com.datastax.driver.core.Connection.initializeTransport(Connection.java:170) 
at com.datastax.driver.core.Connection.<init>(Connection.java:132) 
at com.datastax.driver.core.Connection.<init>(Connection.java:59) 
at com.datastax.driver.core.Connection$Factory.open(Connection.java:442) 
at com.datastax.driver.core.ControlConnection.tryConnect(ControlConnection.java:205) 
at com.datastax.driver.core.ControlConnection.reconnectInternal(ControlConnection.java:168) 
at com.datastax.driver.core.ControlConnection.connect(ControlConnection.java:81) 
at com.datastax.driver.core.Cluster$Manager.init(Cluster.java:662) 
at com.datastax.driver.core.Cluster$Manager.access$100(Cluster.java:604) 
at com.datastax.driver.core.Cluster.<init>(Cluster.java:69) 
at com.datastax.driver.core.Cluster.buildFrom(Cluster.java:96) 
at com.datastax.driver.core.Cluster$Builder.build(Cluster.java:585) 
at com.datastax.training.SimpleClient.connect(SimpleClient.java:32) 
at com.datastax.training.SimpleClient.main(SimpleClient.java:148)

我正在使用DSE版本3.1.3。 Java驅動程序1.0.3-dse。

來源

2013-10-15 Ram

回答

1

在您的代碼示例中,您正在使用用戶名/密碼憑據進行身份驗證,這不適用於Kerberos。本博客文章包含有關使用具有安全DSE羣集的java驅動程序的詳細信息:http://www.datastax.com/dev/blog/accessing-secure-dse-clusters-with-cql-native-protocol

來源

2013-10-17 08:43:30 beobal

+0

我沒有發現任何錯誤,指出「獲取服務器標識的主題時出錯」。這些是我嘗試連接時的服務器日誌 – Ram

+0

**/var/log/krb5kdc.log ** Oct 18 16:32:37 krb5kdc [3112](info):AS_REQ(3 etypes {3 1 16} )xxxx:NEEDED_PREAUTH:dse/ @ REALM.COM for krbtgt/[email protected],需要額外的預認證 Oct 18 16:32:37 krb5kdc [3112](info):AS_REQ(3 etypes { 3 1 16})xxxx:ISSUE:authtime 1382113957,etypes {rep = 16 tkt = 16 ses = 16},dse/ @ REALM.COM for krbtgt/[email protected] **這些是eclipse錯誤:** 線程「main」中的異常com.datastax.driver.core.exceptions.NoHostAvailableException:嘗試查詢所有主機失敗(嘗試:/ xxxx – Ram

相關問題

 相關問題