When I try to connect to accumulo from a java client, it is failing. I am using the 'root' user but have changed the password. I debugged my code, it is in fact getting the correct user name and password, the same I one I use to log into the shell with.
I read on some other sites that I have to set 'trace.user' and 'trace.password' in my accumulo-site.xml file, so I did that and restarted accumulo. Unfortunately it did not change a thing.
When I try to connect from java, these are the important lines from the stack:
Caused by: org.apache.accumulo.core.client.AccumuloSecurityException: Error BAD_CREDENTIALS for user root - Username or Password is Invalid
Caused by: ThriftSecurityException(user:root, code:BAD_CREDENTIALS)
From my accumulo console, I see this:
08 15:44:06,0544 tserver:michael-GA-890GPA-UD3H 4
ERROR
ThriftSecurityException(user:root, code:BAD_CREDENTIALS)
When I look through my accumulo logs I just see the same exception and its stack getting printed every second that goes by.
I went looking through the accumulo manual and couldn't find anything that I'm missing. A google search and SO search also did not help me.
Would somebody please tell me what I'm doing wrong?
Depending on the version you're using, you may also have trace.token.property.password defined in accumulo-site.xml which is the replacement for trace.password. >=1.6.0 introduced the trace.token.property.password property. If both that property and trace.password are present in the configuration, trace.token.property.password will take precedence over trace.password.
Look at the $ACCUMULO_LOG_DIR/tracer_$hostname.debug.log file, you'll likely have numerous exceptions in there.
The "proper" way (read as: how you'd want to do it in a production environment) to configure the tracer is to create the 'trace' table as 'root', create a 'trace' user, and give the 'trace' user READ, WRITE and ALTER_TABLE permissions on the 'trace' table. Then, update trace.user and trace.token.property.password in accumulo-site.xml.
Not sure if you still want the solution or not, what helped me is changing the value of trace.token.property.password to the correct password, i.e., the value of instance.secret for the trace.user 'root' in accumulo-site.xml file.
Or you could open the acccumulo shell using the 'root' user and create a new user inside the shell and then update the values of both the trace user and it's current password.
Related
I am trying to connect to a SAS-driven remote database from within R, using RJDBC. The first time I do a dbConnect, I get an error:
Error in .jcall(drv#jdrv, "Ljava/sql/Connection;", "connect", as.character(url)[1],
: java.lang.NoClassDefFoundError: com/sas/net/crypto/CryptoException
When I do the dbConnect a second time after the first call, it connects fine, and I get back an object of class JDBCConnection.
I looked in the sas.core.jar file (from the latest 94M2 SAS JDBC drivers), and can see CryptoException listed in there. However, I am also curious why it was trying to throw a CryptoException.
Question 1: How can I silently ignore the error on the first dbConnect call?
Question 2: Why was it trying to throw a CryptoException? What can I do to prevent this? (This may cancel question 1.)
This is the same question as shared on the SAS Support Communities page:
https://communities.sas.com/thread/80620
There you shared the code you are using
https://github.com/wthielen/wrds/blob/7edfbfe89ddc329618be72e591cc0bd50e294ea4/R/wrds.R#L47
In this code, the problem appears to be that you are trying to set the classpath before initializing the JVM. Using .jinit() before the call to .jaddClassPath should correct the issue. In the doc for .jinit and since you are developing a package, you may want to use .jpackage instead of .jinit
https://www.rforge.net/doc/packages/rJava/jpackage.html
I was having the same problems and tried the above solutions with no change.
The solution on my computer was modifying the .Renviron file which holds the classpath to the java drivers. Replacing "JDBC_Drivers" with "WRDS_Drivers" was all that was needed:
CLASSPATH="C:/Users/nicol/Documents/WRDS_Drivers/sas.core.jar;C:/Users/nicol/Documents/WRDS_Drivers/sas.intrnet.javatools.jar"
I get an error saying this:
This User is not allowed to add a field to _User. You can change this setting in the Data Browser.
From testing, it seems that this only affects users signed in through Facebook. I don't really know what setting the error is talking about.
The code isn't doing anything that special. The weird part is it used to work before. It is only recently that it started to throw an error.
currUser = ParseUser.getCurrentUser();
currUser.put("username", username);//username
currUser.put("email", email);//email
currUser.saveInBackground();
Figured out the issue. It seems like the setting for Add Field wasn't public in the _User class under security.
Problem:
I am logging into a virtual machine(RDC) using the below credentials:
The user is part of a domain group called as teldept
user:147852 pass:helloworld
when i try to get the user details from java application it gives me : 147852
but when i click on start menu at the top i can see my Name displayed.
How is this done? i want to access this name from java application
I use the below snippet:
System.getProperty("user.name");
Whatever the above snippet gives me is correct as aper oracle docs.
I am logging in with ID: 147852 and above snippet gives me 14852
but some how in windows this ID:147852 is mapped with my name so only in the start menu in XP i am getting my name displyed instead of 147852. we need to know how this mapping is done between the ID & Name . I am guessing it has something to do with Domain or some network logic which i am not good with .
The name shown on XP's start menu is not the logon name. It's Full Name Corresponding to the Logon Name. Not sure if your login is a local login or a domain login. If it's a local login, go to Admin Tools -> Computer Management -> Users and Groups -> Here against your username (147852), you will find a full name.
If your login is a domain login, you can similarly lookup your name in Active Directory - or search for it at other places.
This is very OS Specific and cannot be found by Java.
You will need to do this using JNI and Windows API - Calling GetUserNameEx or NetUserGetInfo depending on type of user.
If you just want to get your logon name (147852), calling com.sun.security.auth.module.NTSystem().getName is a better way than using System.getProperty("user.name")
From this SO question, you can use:
System.getProperty("user.name");
to return the currently logged in user. This will return the username string. I believe this is what you're asking for, but your question is rather unclear.
I am working on an existing Web based application.
Now, I need to secure the application against what I think is called url hacking. For instance, if the customer with customerId 1 is logged in and viewing his profile, the following http get variable will be visible in the address field: customerId=1.
I need to prevent a customer from being able to set customerId=2 and see the profile of another customer.
The problem is that, the application is already in production and in good working condition, so the changes should be minimal with respect to this change.
How is this best achieved?
Any sugggestions/comments?
why do you give the id in the URL when the user should only be allowed to change his profile? I don't see any need for this. Rather get the current user from SecurityConext and display its profile on an URL without the id.
with the new information you gave in the comments I suggest sth. like this:
just check if the given orderid in the URL belongs to the current user.
You're saying you use "normal web based Application" so I assume Servlet/jsp based. In your servlet you would do something like this:
int orderId = Integer.parseInt(request.getParameter("orderId"));
String username = request.getUserPrincipal().getName();
/*now you need to check if username match with the username of the order e.g. by using hibernate to get the order by id and check its user and if not throw PermissionDeniedException or similiar*/
95% agree with Korgen's answer above.
5% - if you want to allow administrator access to edit user profiles using the same functionality just switch to UUID to identify edited user.
I am looking for simple way to connect information about requirement/release and source code.
The case is that developer should be able to find any artifacts created given release or CR in easy way.
The idea I have is to introduce some new annotation to mark any new class ( I am not sure if it is good for any new method) for example:
#ArtifactInfo(release="1.2" cr="cr123")
Do you have any other ideas? Maybe you use already something similar?
Take care,
Marcin
IMO the code is the wrong place for that kind of information.
Take a look at the imaginary code below.
class Authenticator {
login(String username, String password){
User user = retrieveUserFromDatabase(username);
throwIfWrongpassword(user, password);
verifyUserAge(user)
}
void throwIfWrongpassword(User user, String password){
//throws AuthenticationException if password is wrong
}
void verifyUserAge(User user){
//verify that user is above 18 or account is authorized by a parent
}
void biometricLogin(String username, BiometricImage bioimg){
User user = retrieveUserFromDatabase(username);
verifyBiometricImage(user, password);
verifyUserAge(user);
}
}
This is the result of a few requirements:
Users must authenticate to have acces to the system
Users can use biometric authentication instead on password auth
Underaged users must be authorized be parents or something like that.
All those requirements were added in different poins of time, on different versions of the software.
A class-level, or even a method-level annotation won't suffice to effectively map requirements to code.
You'd have to use a "line of code"-level annotation.
Of course, that's impractical.
The right way to do that is to follow a few best practices when using the source code repository and the bug tracker:
1) Every requirement corresponds to one or more issues on the bug tracker
2) Every commit message starts with a corresponding issue key, like "PROJ-123 - a nice feature"
3) When you do a release (meaning, incrementing your software version), you tell the bug tracker that those issues were fixed in that version.
If you need to know what requirements were implemented in what version, ask your bug tracker.
If you need to know all the code that was produced for a given requirement, ask your source code repository (filter commits by log message)
If you need to know what is the requirement for a given line of code, ask your source code repository. GIT and SVN have a "blame" command that will tell you, for a given file, for each line of code, who commited it, when, and the commit message (which will have the issue number if everyone on the team is a good boy) - So this will work as that hypothetical "line-of-code"-level annotation.
Using "commit hooks" can help you enforce rule 2) in an organization.
Maven has some degree of integration with JIRA and other bug trackers, and maybe it can help automate #3. But I haven't really used it like that. But if it doesn't do what you need, you can always ask for more :-)