Cassandra 具有kerberos安全性的Datastax Java驱动程序
我正在尝试从eclipse访问启用kerberos的DSE群集 示例连接代码为Cassandra 具有kerberos安全性的Datastax Java驱动程序,cassandra,datastax-enterprise,datastax-java-driver,datastax,Cassandra,Datastax Enterprise,Datastax Java Driver,Datastax,我正在尝试从eclipse访问启用kerberos的DSE群集 示例连接代码为 public void connect(String node) { cluster = Cluster.builder().addContactPoint(node) .withAuthProvider(new DseAuthProvider()).build(); Metadata metadata = cluster.getMetadata(); Iterator<KeyspaceMe
public void connect(String node) {
cluster = Cluster.builder().addContactPoint(node)
.withAuthProvider(new DseAuthProvider()).build();
Metadata metadata = cluster.getMetadata();
Iterator<KeyspaceMetadata> in = metadata.getKeyspaces().iterator();
while (in.hasNext()) {
// System.out.println("Keyspaces");
System.out.println(in.next().getName());
}
我运行代码时遇到以下异常
Exception in thread "main" java.lang.RuntimeException: javax.security.auth.login.LoginException: Cannot locate default realm
at com.datastax.driver.core.sasl.KerberosAuthenticator.loginSubject(KerberosAuthenticator.java:113)
at com.datastax.driver.core.sasl.KerberosAuthenticator.<init>(KerberosAuthenticator.java:94)
at com.datastax.driver.core.sasl.DseAuthProvider.newAuthenticator(DseAuthProvider.java:52)
at com.datastax.driver.core.Connection.initializeTransport(Connection.java:164)
at com.datastax.driver.core.Connection.<init>(Connection.java:132)
at com.datastax.driver.core.Connection.<init>(Connection.java:59)
at com.datastax.driver.core.Connection$Factory.open(Connection.java:442)
at com.datastax.driver.core.ControlConnection.tryConnect(ControlConnection.java:205)
at com.datastax.driver.core.ControlConnection.reconnectInternal(ControlConnection.java:168)
at com.datastax.driver.core.ControlConnection.connect(ControlConnection.java:81)
at com.datastax.driver.core.Cluster$Manager.init(Cluster.java:662)
at com.datastax.driver.core.Cluster$Manager.access$100(Cluster.java:604)
at com.datastax.driver.core.Cluster.<init>(Cluster.java:69)
at com.datastax.driver.core.Cluster.buildFrom(Cluster.java:96)
at com.datastax.driver.core.Cluster$Builder.build(Cluster.java:585)
at AuthenticatedClient.connect(AuthenticatedClient.java:19)
at AuthenticatedClient.main(AuthenticatedClient.java:59)
Caused by: javax.security.auth.login.LoginException: Cannot locate default realm
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Unknown Source)
at com.sun.security.auth.module.Krb5LoginModule.login(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.access$000(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at javax.security.auth.login.LoginContext$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
at javax.security.auth.login.LoginContext.login(Unknown Source)
at com.datastax.driver.core.sasl.KerberosAuthenticator.loginSubject(KerberosAuthenticator.java:109)
... 16 more
Caused by: KrbException: Cannot locate default realm
at sun.security.krb5.PrincipalName.<init>(Unknown Source)
at sun.security.krb5.KrbAsReq.<init>(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.build(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.send(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.action(Unknown Source)
... 30 more
Caused by: KrbException: Cannot locate default realm
at sun.security.krb5.Config.getDefaultRealm(Unknown Source)
... 35 more
Caused by: KrbException: Generic error (description in e-text) (60) - Unable to locate Kerberos realm
at sun.security.krb5.Config.getRealmFromDNS(Unknown Source)
... 36 more
线程“main”java.lang.RuntimeException中的异常:javax.security.auth.login.LoginException:找不到默认域
位于com.datastax.driver.core.sasl.KerberosAuthenticator.loginsObject(KerberosAuthenticator.java:113)
位于com.datastax.driver.core.sasl.KerberosAuthenticator.(KerberosAuthenticator.java:94)
位于com.datasax.driver.core.sasl.DseAuthProvider.newAuthenticator(DseAuthProvider.java:52)
位于com.datastax.driver.core.Connection.initializeTransport(Connection.java:164)
位于com.datastax.driver.core.Connection.(Connection.java:132)
位于com.datastax.driver.core.Connection.(Connection.java:59)
位于com.datastax.driver.core.Connection$Factory.open(Connection.java:442)
位于com.datastax.driver.core.ControlConnection.tryConnect(ControlConnection.java:205)
位于com.datastax.driver.core.ControlConnection.ReconnectionInternal(ControlConnection.java:168)
位于com.datastax.driver.core.ControlConnection.connect(ControlConnection.java:81)
位于com.datastax.driver.core.Cluster$Manager.init(Cluster.java:662)
位于com.datastax.driver.core.Cluster$Manager.access$100(Cluster.java:604)
位于com.datastax.driver.core.Cluster.(Cluster.java:69)
位于com.datastax.driver.core.Cluster.buildFrom(Cluster.java:96)
位于com.datastax.driver.core.Cluster$Builder.build(Cluster.java:585)
在AuthenticatedClient.connect(AuthenticatedClient.java:19)
位于AuthenticatedClient.main(AuthenticatedClient.java:59)
原因:javax.security.auth.login.LoginException:找不到默认域
位于com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(未知源)
位于com.sun.security.auth.module.Krb5LoginModule.login(未知源)
在sun.reflect.NativeMethodAccessorImpl.invoke0(本机方法)处
位于sun.reflect.NativeMethodAccessorImpl.invoke(未知源)
在sun.reflect.DelegatingMethodAccessorImpl.invoke处(未知源)
位于java.lang.reflect.Method.invoke(未知源)
位于javax.security.auth.login.LoginContext.invoke(未知源)
位于javax.security.auth.login.LoginContext.access$000(未知源)
位于javax.security.auth.login.LoginContext$4.run(未知源)
位于javax.security.auth.login.LoginContext$4.run(未知源)
位于java.security.AccessController.doPrivileged(本机方法)
位于javax.security.auth.login.LoginContext.invokePriv(未知源代码)
位于javax.security.auth.login.LoginContext.login(未知源)
位于com.datastax.driver.core.sasl.KerberosAuthenticator.loginsObject(KerberosAuthenticator.java:109)
... 还有16个
原因:KrbException:找不到默认域
在sun.security.krb5.PrincipalName.(未知来源)
位于sun.security.krb5.KrbAsReq(未知来源)
位于sun.security.krb5.KrbAsReqBuilder.build(未知源)
位于sun.security.krb5.KrbAsReqBuilder.send(未知源)
位于sun.security.krb5.KrbAsReqBuilder.action(未知源)
... 30多
原因:KrbException:找不到默认域
位于sun.security.krb5.Config.getDefaultRealm(未知源)
... 35多
原因:krbeException:一般错误(电子文本中的描述)(60)-无法定位Kerberos领域
位于sun.security.krb5.Config.getRealmFromDNS(未知源)
... 36多
Am使用DSE 3.2.3和java驱动程序1.0.4很可能是由于客户端上缺少Kerberos设置或配置错误。在linux上,相关文件是
/etc/krb5.conf
,您可能需要检查
[libdefaults]
和[realms]
部分。对于您正在使用的JAAS配置,我希望在您的krb5.conf
中看到类似的内容:
[libdefaults]
default_realm = MYDOMAIN.COM
.
.
.
[realms]
MYDOMAIN.COM = {
kdc = <address of your kdc>
admin_server = <address of the domain admin server>
}
[libdefaults]
默认\u realm=MYDOMAIN.COM
.
.
.
[领域]
MYDOMAIN.COM={
kdc=
如果您在客户端计算机上运行OSX,此错误可能也与您有关:我可以登录到cqlsh并运行查询。Krb5看起来与上面显示的相同。我正在从windows计算机(Eclipse)运行java程序。我是否也需要在windows计算机上安装kerberos?是的,客户端计算机需要为其操作系统安装kerberos库。我发布的krb5.conf片段实际上来自客户端计算机(在大多数情况下,它与服务器上的相同)。
[libdefaults]
default_realm = MYDOMAIN.COM
.
.
.
[realms]
MYDOMAIN.COM = {
kdc = <address of your kdc>
admin_server = <address of the domain admin server>
}
nslookup <hostname> && nslookup <host ip>