Failed to Download Authentication Credentials When the Username Is Too Long
Issue
In MRS clusters 3.0.2 to 3.1.0, a maximum of 32 characters are allowed in the username when a user is added. However, if the username contains more than 20 characters, the user fails to download the Keytab file, and status code "400 Bad Request" is displayed.
Symptom
In MRS clusters 3.0.2 to 3.1.0, a maximum of 32 characters are allowed in the username when a user is added. However, if the username contains more than 20 characters, the user fails to download the Keytab file, and status code "400 Bad Request" is displayed.
Cause Analysis
The validate-common-config.xml, validate-rule-session.xml, and validate-rule-user.xml configuration files in the /opt/Bigdata/om-server_*/apache-tomcat-*/webapps/web/WEB-INF/validate directory of the master node are incorrect and need to be modified.
Procedure
- Log in to the master node as user omm and switch to the /opt/Bigdata/om-server_*/apache-tomcat-*/webapps/web/WEB-INF/validate directory.
cd /opt/Bigdata/om-server_*/apache-tomcat-*/webapps/web/WEB-INF/validate
- Modify the validate-common-config.xml file.
vi validate-common-config.xml
Change the maxLength value of the username from 32 to 64.
<!-- Username --> <validators alias="USER_NAME"> <validator name="RANGE_LENGTH_VALIDATOR" minLength="3" maxLength="64" /> <validator name="REGEXP_VALIDATOR" rule="^[_a-zA-Z0-9\- ]+$" </validators>
- Modify the validate-rule-session.xml file.
vi validate-rule-session.xml
Change the rule value from 20 to 64.
<!-- Download the credentials of the current user --> <param_validator url="/api/v2/session/user/keytab/download" method="get" errorHandler="com.xxx.bigdata.om.web.api.validate.SpecialValidatorErrorHandler" dataPattern="form"> <!-- Parameter name: File name --> <!--Validation rule: userName_13-digit number_keytab.tar; case sensitive--> <parameter name="file_name" required="true" errorKey="13-4000005" errorMessage="RESID_OM_API_SESSION_0013"> <validator name="REGEXP_VALIDATOR" rule="[\-\w ]{3,64}_\d{13}_keytab\.tar" caseSensitive="true" /> </parameter>
- Modify the validate-rule-user.xml file.
vi validate-rule-user.xml
Change the rule value from 20 to 64.
<!--Download the user credentials --> <param_validator url="/api/v2/permission/users/keytab/download" method="get" errorHandler="com.xxx.bigdata.om.web.api.validate.SpecialValidatorErrorHandler" dataPattern="form"> <!--Mandatory; userName_13-digit number_keytab.tar; case sensitive--> <parameter name="file_name" required="true" errorKey="12-4000005" errorMessage="RESID_OM_API_AUTHORITY_0005"> <validator name="REGEXP_VALIDATOR" rule="[\-\w ]{3,64}_\d{13}_keytab\.tar" caseSensitive="true" /> </parameter> </param_validator>
- Restart Tomcat and wait until the startup is successful.
- Run the following command as user omm to query the PID of the Tomcat process:
ps -ef|grep apache-tomcat
- Run the kill -9 PID command to forcibly stop the specified Tomcat process. For example:
kill -9 1203
- Run the following command to restart Tomcat:
- Run the following command as user omm to query the PID of the Tomcat process:
- Download the authentication credentials again.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot