Hi,
I've been trying to run DSE Cassandra with Kerberos authentication enabled but with no luck so far.
I have enabled kerberos authentication in the Cassandra.yaml file and used the following values in dse.yaml:
keytab: /root/dse.keytab
service_principal: dse/_HOST@REALM
HTTP_principal: HTTP/_HOST@REALM
qop: auth
Now everytime I start cassandra server using "dse cassandra -f" I see the following errors:
ERROR 14:47:44,888 An error occurred during transport negotiation
com.datastax.bdp.transport.common.TTransportNegotiationException: Improper authentication type requested. Requested auth: No authentication with service principal: FRAMED_TRANSPORT_FAKE_PRINCIPAL, Allowed auth: Kerberos
at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getUnderlyingFactory(TNegotiatingServerTransport.java:483)
at com.datastax.bdp.transport.server.TNegotiatingServerTransport.handleTransportNegotiation(TNegotiatingServerTransport.java:284)
at com.datastax.bdp.transport.server.TNegotiatingServerTransport.open(TNegotiatingServerTransport.java:192)
at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getTransport(TNegotiatingServerTransport.java:515)
at com.datastax.bdp.transport.server.TNegotiatingServerTransport$Factory.getTransport(TNegotiatingServerTransport.java:406)
at org.apache.cassandra.thrift.CustomTThreadPoolServer$WorkerProcess.run(CustomTThreadPoolServer.java:193)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
I have added dse as a service principal on the dse.keytab and using "klist -k dse.keytab" confirms this:
dse/10.14.101.27@EVENG.LOCAL
dse/10.14.101.27@EVENG.LOCAL
dse/CassENT.eveng.local@EVENG.LOCAL
dse/CassENT.eveng.local@EVENG.LOCAL
Could someone please provide pointers to why I'm seeing those errors?
Thanks
mharwida
