使用起泡水的LDAP身份验证
我们需要在汽水中使用LDAP对用户进行身份验证。我们尝试使用起泡水1.6.13和h2O 3.14.0.2配置相同的配置下面是配置:使用起泡水的LDAP身份验证,ldap,h2o,sparkling-water,Ldap,H2o,Sparkling Water,我们需要在汽水中使用LDAP对用户进行身份验证。我们尝试使用起泡水1.6.13和h2O 3.14.0.2配置相同的配置下面是配置: *ldaploginmodule { org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required debug="true" useLdaps="false" contextFactory="com.sun.jndi.ldap.LdapCtxFactory" hostname
*ldaploginmodule {
org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required
debug="true"
useLdaps="false"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
hostname="localhost"
port="389"
bindDn="CN=admin,OU=Users,DC=company,DC=com"
bindPassword="password"
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="dc=company,dc=com";
};*
java.lang.NullPointerException
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.getNextBatch(AbstractLdapNamingEnumeration.java:130)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextAux(AbstractLdapNamingEnumeration.java:258)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextImpl(AbstractLdapNamingEnumeration.java:249)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.next(AbstractLdapNamingEnumeration.java:203)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextElement(AbstractLdapNamingEnumeration.java:106)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextElement(AbstractLdapNamingEnumeration.java:40)
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.findUser(LdapLoginModule.java:513)
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.bindingLogin(LdapLoginModule.java:468)
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.login(LdapLoginModule.java:399)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:217)
at org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:83)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:456)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:111)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:449)
at org.eclipse.jetty.server.BlockingHttpConnection.handleRequest(BlockingHttpConnection.java:47)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:910)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:634)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:230)
at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:66)
at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:254)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:599)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:534)
at java.lang.Thread.run(Thread.java:745)
17/10/17 12:45:47 WARN JAASLoginService:
javax.security.auth.login.LoginException: Error obtaining user info.
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.login(LdapLoginModule.java:438)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:217)
at org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:83)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:456)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:111)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:449)
at org.eclipse.jetty.server.BlockingHttpConnection.handleRequest(BlockingHttpConnection.java:47)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:910)
at
使用的命令:spark submit--class water.sparkingwaterdriver--master warn client--num executors 2--driver memory 6g--executor memory 4g--executor cores 2--conf'spark.dynamicAllocation.enabled=false'--conf spark.ext.h2o.log.level=DEBUG--conf spark.ext.h2o.ldap.login=truespark.ext.h2o.login.conf=/home/user/ldap.conf/home/user/sparkling-water-1.6.13/assembly/build/libs/sparkling-water-assembly_2.10-1.6.13-all.jar
但我们面临一些问题。请查看以下错误日志。如果您能在这方面提供帮助,我将不胜感激。
错误:
*ldaploginmodule {
org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required
debug="true"
useLdaps="false"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
hostname="localhost"
port="389"
bindDn="CN=admin,OU=Users,DC=company,DC=com"
bindPassword="password"
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="dc=company,dc=com";
};*
java.lang.NullPointerException
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.getNextBatch(AbstractLdapNamingEnumeration.java:130)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextAux(AbstractLdapNamingEnumeration.java:258)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextImpl(AbstractLdapNamingEnumeration.java:249)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.next(AbstractLdapNamingEnumeration.java:203)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextElement(AbstractLdapNamingEnumeration.java:106)
at com.sun.jndi.ldap.AbstractLdapNamingEnumeration.nextElement(AbstractLdapNamingEnumeration.java:40)
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.findUser(LdapLoginModule.java:513)
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.bindingLogin(LdapLoginModule.java:468)
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.login(LdapLoginModule.java:399)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:217)
at org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:83)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:456)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:111)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:449)
at org.eclipse.jetty.server.BlockingHttpConnection.handleRequest(BlockingHttpConnection.java:47)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:910)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:634)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:230)
at org.eclipse.jetty.server.BlockingHttpConnection.handle(BlockingHttpConnection.java:66)
at org.eclipse.jetty.server.bio.SocketConnector$ConnectorEndPoint.run(SocketConnector.java:254)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:599)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:534)
at java.lang.Thread.run(Thread.java:745)
17/10/17 12:45:47 WARN JAASLoginService:
javax.security.auth.login.LoginException: Error obtaining user info.
at org.eclipse.jetty.plus.jaas.spi.LdapLoginModule.login(LdapLoginModule.java:438)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:217)
at org.eclipse.jetty.security.authentication.BasicAuthenticator.validateRequest(BasicAuthenticator.java:83)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:456)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:111)
at org.eclipse.jetty.server.Server.handle(Server.java:349)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:449)
at org.eclipse.jetty.server.BlockingHttpConnection.handleRequest(BlockingHttpConnection.java:47)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:910)
at
很可能是您的环境特有的配置错误。向组织的LDAP/AD专家寻求帮助。外部任何人都不容易帮助你 下面是我推荐的一些调试LDAP问题的技巧 首先,不要直接在汽水中调试。在没有Hadoop或Spark的纯独立H2O中调试它,这样就可以隔离问题,很容易看到发生了什么,而且不必搜索stdout/stderr/logs 其次,您可以启用DEBUG jetty日志级别,并通过向类路径添加以下文件来获取有关ldaploginmodule正在执行的操作的更多信息: 码头日志记录。属性
org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog
org.eclipse.jetty.LEVEL=DEBUG
这样运行(确保jetty-logging.properties位于当前目录中):
很可能是您的环境特有的配置错误。向组织的LDAP/AD专家寻求帮助。外部任何人都不容易帮助你 下面是我推荐的一些调试LDAP问题的技巧 首先,不要直接在汽水中调试。在没有Hadoop或Spark的纯独立H2O中调试它,这样就可以隔离问题,很容易看到发生了什么,而且不必搜索stdout/stderr/logs 其次,您可以启用DEBUG jetty日志级别,并通过向类路径添加以下文件来获取有关ldaploginmodule正在执行的操作的更多信息: 码头日志记录。属性
org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog
org.eclipse.jetty.LEVEL=DEBUG
这样运行(确保jetty-logging.properties位于当前目录中):
另外两项说明:
- 不要使用起泡水1.6和升级
- 升级后,对于LDAP conf,您需要修改LoginModlue引用到
ai.h2o.org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required
- 不要使用起泡水1.6和升级
- 升级后,对于LDAP conf,您需要修改LoginModlue引用到
ai.h2o.org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required