[Bug] [zookeeper Kebers] java.security.PrivilegedActionException: javax.security.sasl.SaslException:

[chenhaipeng]

Search before asking

• I had searched in the issues and found no similar issues.

What happened

i have config the keberos for flink ,but it did't work, the pic show below

2024-09-26 10:50:29.688 INFO  org.apache.flink.shaded.curator4.org.apache.curator.framework.state.ConnectionStateManager(251): State change: CONNECTED
2024-09-26 10:50:29.688 ERROR org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.client.ZooKeeperSaslClient(308): An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]) occurred when evaluating Zookeeper Quorum Member's  received SASL token. Zookeeper Client will go to AUTH_FAILED state.
2024-09-26 10:50:29.690 ERROR org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.ClientCnxn(1072): SASL authentication with Zookeeper Quorum member failed: javax.security.sasl.SaslException: An error: (java.security.PrivilegedActionException: javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]) occurred when evaluating Zookeeper Quorum Member's  received SASL token. Zookeeper Client will go to AUTH_FAILED state.
2024-09-26 10:50:29.691 ERROR org.apache.flink.shaded.curator4.org.apache.curator.ConnectionState(307): Authentication failed
2024-09-26 10:50:29.791 ERROR org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.CuratorFrameworkImpl(703): Ensure path threw exception org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.KeeperException$AuthFailedException: KeeperErrorCode = AuthFailed for /flink
	at org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.KeeperException.create(KeeperException.java:126) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.KeeperException.create(KeeperException.java:54) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.ZooKeeper.exists(ZooKeeper.java:1111) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.zookeeper3.org.apache.zookeeper.ZooKeeper.exists(ZooKeeper.java:1139) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.utils.ZKPaths.mkdirs(ZKPaths.java:291) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.NamespaceImpl$1.call(NamespaceImpl.java:90) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.connection.StandardConnectionHandlingPolicy.callWithRetry(StandardConnectionHandlingPolicy.java:64) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.RetryLoop.callWithRetry(RetryLoop.java:100) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.NamespaceImpl.fixForNamespace(NamespaceImpl.java:83) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.CuratorFrameworkImpl.fixForNamespace(CuratorFrameworkImpl.java:731) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.WatcherRemovalFacade.fixForNamespace(WatcherRemovalFacade.java:170) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.GetDataBuilderImpl.forPath(GetDataBuilderImpl.java:295) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.imps.GetDataBuilderImpl.forPath(GetDataBuilderImpl.java:35) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache$TreeNode.doRefreshData(TreeCache.java:287) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache$TreeNode.refreshData(TreeCache.java:266) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache$TreeNode.refresh(TreeCache.java:250) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache$TreeNode.wasCreated(TreeCache.java:316) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache.handleStateChange(TreeCache.java:819) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache.access$1800(TreeCache.java:75) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.recipes.cache.TreeCache$1.stateChanged(TreeCache.java:543) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.state.ConnectionStateManager.lambda$processEvents$1(ConnectionStateManager.java:280) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.listen.MappingListenerManager.lambda$forEach$0(MappingListenerManager.java:93) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.listen.MappingListenerManager.forEach(MappingListenerManager.java:90) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.listen.StandardListenerManager.forEach(StandardListenerManager.java:89) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.state.ConnectionStateManager.processEvents(ConnectionStateManager.java:280) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.state.ConnectionStateManager.access$000(ConnectionStateManager.java:44) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at org.apache.flink.shaded.curator4.org.apache.curator.framework.state.ConnectionStateManager$1.call(ConnectionStateManager.java:133) ~[flink-shaded-zookeeper-3.4.14.jar:3.4.14-14.0]
	at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_141]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[?:1.8.0_141]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[?:1.8.0_141]
	at java.lang.Thread.run(Thread.java:748) ~[?:1.8.0_141]

What you expected to happen

I think it may be some config in dinky did't work, it did't use kerberos config to connect

How to reproduce

config as example

Anything else

No response

Version

1.1.0

Are you willing to submit PR?

• Yes I am willing to submit a PR!

Code of Conduct

• I agree to follow this project's Code of Conduct

[Zzm0809]

仔细看日志，已经给出了原因。

[chenhaipeng]

仔细看日志，已经给出了原因。

配置的路径，文件都是存在的， 并且旧版是OK的

[Zzm0809]

仔细看日志，已经给出了原因。

配置的路径，文件都是存在的， 并且旧版是OK的

社区无此环境 建议你本地调试下进行排查

[chenhaipeng]

好的，我排查一下