Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Issue while using Secure Internal Communication
See original GitHub issueHi,
I am trying to set up secure internal communication in presto with below config.properties. But it is throwing 401 unauthorised. As far as i understand it is happening cause it is asking for authentication from ldap and not able to authenticate itself from it.
Not sure but can we use LDAP and secure internal communication at the same time. I have not seen anything mention in the document itself. https://prestodb.io/docs/current/security/ldap.html https://prestodb.io/docs/current/security/internal-communication.html
coordinator=true
node-scheduler.include-coordinator=true
http-server.http.enabled=false
query.max-memory=5GB
query.max-memory-per-node=1GB
query.max-total-memory-per-node=2GB
node.internal-address=presto-coordinator.xyz.com
http-server.authentication.type=PASSWORD
http-server.https.enabled=true
http-server.https.port=8443
http-server.https.keystore.path=/presto.jks
http-server.https.keystore.key=vikash
discovery-server.enabled=false
discovery.uri=https://presto-coordinator.xyz.com:8443
internal-communication.https.required=true
internal-communication.https.keystore.path=/presto.jks
internal-communication.https.keystore.key=vikash
my password-authenticator.properties file are below.
password-authenticator.name=ldap
ldap.url=ldaps://ldapserver.xyz.com:636
ldap.user-bind-pattern=uid=${USER},ou=Employees,dc=xyz,dc=com
ldap.user-base-dn=DC=xyz,DC=com
Error Stacktrace are
2018-12-12T15:54:12.400+0530 INFO main com.facebook.presto.server.PrestoServer ======== SERVER STARTED ========
2018-12-12T15:54:12.400+0530 ERROR Announcer-0 io.airlift.discovery.client.Announcer Cannot connect to discovery server for announce: Announcement failed with status code 401:
2018-12-12T15:54:12.400+0530 ERROR Announcer-0 io.airlift.discovery.client.Announcer Service announcement failed after 33.49ms. Next request will happen within 0.00s
2018-12-12T15:54:12.408+0530 ERROR Announcer-2 io.airlift.discovery.client.Announcer Service announcement failed after 4.86ms. Next request will happen within 1.00ms
Do not know what i am doing wrong. can somebody help…
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:15 (3 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
After one and half week banging my head on the wall, i finally made it working by adding below properties under config.properties.
http-server.authentication.type=PASSWORD,CERTIFICATE@vikash32 - Actually, I don’t think this works. It makes it run but then you can connect over JDBC without the user/password if you have the cert. It’s like either work instead of both are required.