You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Larry McCay (JIRA)" <ji...@apache.org> on 2014/09/26 16:23:34 UTC

[jira] [Commented] (KNOX-434) Access secured Hive from Knox

    [ https://issues.apache.org/jira/browse/KNOX-434?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14149212#comment-14149212 ] 

Larry McCay commented on KNOX-434:
----------------------------------

[~Alexandre LINTE] - thanks for raising a concern about this here!
Knox should work with a kerberized HiveServer2 deployment just fine, however.
You may want to provide more details of the failure that you are encountering - logs, error messages, etc.
Are you able to access webhdfs in your cluster through Knox?
Are you able to access HS2 through beeline or other hive clients?
Thanks again for the reported concern - look forward to more details of your situation.

> Access secured Hive from Knox
> -----------------------------
>
>                 Key: KNOX-434
>                 URL: https://issues.apache.org/jira/browse/KNOX-434
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>    Affects Versions: 0.4.0
>         Environment: Centos 6.5
>            Reporter: LINTE
>
> When connecting to hive from Knox gateway, the connexion beetwen knox and hive is unsecured.
> So to use Hiveserver2 behind knox, Hiveserver2 has allow anybody to connect to.
> Knox send the following paquet to hive : 
> POST /cliservice?doAs=authenticateduserhtrougthknox HTTP/1.1
> Without any Cookie or HTTP "Autorization : Negociate : " header for proxyuser authentication and "doAs" user check.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)