## **3. Configure Hadoop, Spark, Hive to use MinIO**

After successful installation navigate to the Ambari UI `http://<ambari-server>:8080/` and login using the default credentials: [**_username: admin, password: admin_**]

![ambari-login](https://github.com/minio/minio/blob/master/docs/bigdata/images/image3.png?raw=true "ambari login")

### **3.1 Configure Hadoop**

                }
            } else {
                if (!this.ctx.renewCredentials(loc.getURL().toString(), sae)) {
                    throw sae;
                }
                log.debug("Trying to renew credentials after auth error");
                try (SmbSessionInternal s = trans.getSmbSession(this.ctx, treesess.getTargetHost(), treesess.getTargetDomain())

	lookupResult, err := l.LDAP.LookupUsername(conn, username)
	if err != nil {
		errRet := fmt.Errorf("Unable to find user DN: %w", err)
		return nil, nil, errRet
	}

	// Authenticate the user credentials.
	err = conn.Bind(lookupResult.ActualDN, password)
	if err != nil {
		errRet := fmt.Errorf("LDAP auth failed for DN %s: %w", lookupResult.ActualDN, err)
		return nil, nil, errRet
	}

  public static final String ACCESS_CONTROL_ALLOW_PRIVATE_NETWORK =
      "Access-Control-Allow-Private-Network";

  /** The HTTP {@code Access-Control-Allow-Credentials} header field name. */
  public static final String ACCESS_CONTROL_ALLOW_CREDENTIALS = "Access-Control-Allow-Credentials";

  /** The HTTP {@code Access-Control-Expose-Headers} header field name. */

_2018-11-16_

 *  **OkHttp now supports TLS 1.3.** This requires either Conscrypt or Java 11+.

 *  **Proxy authenticators are now asked for preemptive authentication.** OkHttp will now request
    authentication credentials before creating TLS tunnels through HTTP proxies (HTTP `CONNECT`).
    Authenticators should identify preemptive authentications by the presence of a challenge whose
    scheme is "OkHttp-Preemptive".

		return
	}

	// Write success response.
	writeSuccessResponseJSON(w, data)
}

// ValidateBucketReplicationCredsHandler - validate replication credentials for a bucket.
// ----------
func (api objectAPIHandlers) ValidateBucketReplicationCredsHandler(w http.ResponseWriter, r *http.Request) {
	ctx := newContext(r, w, "ValidateBucketReplicationCreds")

	Endpoint  string
	AccessKey string
}

func (e RemoteTargetConnectionErr) Error() string {
	if e.Bucket != "" {
		return fmt.Sprintf("Remote service endpoint offline, target bucket: %s or remote service credentials: %s invalid \n\t%s", e.Bucket, e.AccessKey, e.Err.Error())
	}
	return fmt.Sprintf("Remote service endpoint %s not available\n\t%s", e.Endpoint, e.Err.Error())
}

 *
 * Warning: Do not use this if there is a chance that you might have multiple connections (even plain
 * HttpURLConnections, for the complete JRE) to the same host with different or mixed anonymous/authenticated
 * credentials. Authenticated connections can/will be reused.
 *
 * @deprecated This is broken by design, even a possible vulnerability. Deprecation is conditional on whether future JDK
 *             versions will allow to do this safely.

3. Check crawler logs: `logs/fess-crawler.log`
4. Manually trigger re-indexing:
   - Admin > Scheduler
   - Run "Default Crawler" job

#### Issue: Authentication errors on API calls

**Solution**:
- Verify credentials: default is `admin`/`admin`
- Check if API is enabled in `system.properties`
- Use proper authentication header:
  ```bash
  curl -u admin:admin ...
  # or
  curl -H "Authorization: Basic YWRtaW46YWRtaW4=" ...

     * @param securityAuthentication The security authentication.
     * @param providerUrl The provider URL.
     * @param principal The principal.
     * @param credntials The credentials.
     * @return The environment for LDAP connection.
     */
    protected Hashtable<String, String> createEnvironment(final String initialContextFactory, final String securityAuthentication,