You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hive.apache.org by "Peter Bacsko (JIRA)" <ji...@apache.org> on 2017/09/06 09:02:00 UTC

[jira] [Created] (HIVE-17461) Beeline should detect conflicting authentication methods

Peter Bacsko created HIVE-17461:
-----------------------------------

             Summary: Beeline should detect conflicting authentication methods
                 Key: HIVE-17461
                 URL: https://issues.apache.org/jira/browse/HIVE-17461
             Project: Hive
          Issue Type: Improvement
          Components: Beeline, JDBC
            Reporter: Peter Bacsko


In Oozie, we pass "-a delegationToken" in the command line when we invoke Beeline in a Hive action.

In one of our test, we accidentally defined "principal=" in the JDBC URL. In this case, HiveConnection ignored the delegation token setting and tried to authenticate via Kerberos, which didn't work inside a YARN container. We found this behavior very confusing.

So either BeeLine itself should detect such inconsistencies or alternatively HiveConnection could take care of it. Looking at the code, the "-a delegationToken" does not matter that much inside HiveConnection.createBinaryTransport() - if there's a principal, it will use Kerberos, then it looks for delegation tokens, then finally it falls back to plain authentication.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)