You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "Naveen Gangam (JIRA)" <ji...@apache.org> on 2016/05/23 14:48:12 UTC

[jira] [Resolved] (HIVE-9144) Beeline + Kerberos shouldn't prompt for unused username + password

     [ https://issues.apache.org/jira/browse/HIVE-9144?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Naveen Gangam resolved HIVE-9144.
---------------------------------
       Resolution: Fixed
    Fix Version/s: 2.1.0

I have included the fix for this in HIVE-13502. Should be fixed now.

> Beeline + Kerberos shouldn't prompt for unused username + password
> ------------------------------------------------------------------
>
>                 Key: HIVE-9144
>                 URL: https://issues.apache.org/jira/browse/HIVE-9144
>             Project: Hive
>          Issue Type: Bug
>          Components: Beeline
>    Affects Versions: 0.13.0
>         Environment: Hive 0.13 on MapR 4.0.1
>            Reporter: Hari Sekhon
>            Assignee: Naveen Gangam
>            Priority: Minor
>             Fix For: 2.1.0
>
>
> When using beeline to connect to a kerberized HiveServer2 it still prompts for a username and password that aren't used. It should be changed to not prompt when using Kerberos:
> {code}/opt/mapr/hive/hive-0.13/bin/beeline
> Beeline version 0.13.0-mapr-1409 by Apache Hive
> beeline> !connect jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM
> scan complete in 6ms
> Connecting to jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM
> Enter username for jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM: wronguser
> Enter password for jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM: <enter>
> Connected to: Apache Hive (version 0.13.0-mapr-1409)
> Driver: Hive JDBC (version 0.13.0-mapr-1409)
> Transaction isolation: TRANSACTION_REPEATABLE_READ
> {code}
> Hive conf includes (as concisely shown by set):
> {code}hive.server2.authentication = KERBEROS
> hive.server2.enable.doAs = true
> hive.server2.enable.impersonation = true
> {code}
> I can't see how to demonstrate in HQL session that I am not connected as "wronguser" (which obviously doesn't exist either locally or as a Kerberos principal or account in my LDAP directory), so I've raised another ticket for that HIVE-9143, but it should be clear given I specifed a non-existent user and a completely blank password just hitting enter that it's not using those credentials. Same happens with <enter>, <enter> for both username and password.
> Regards,
> Hari Sekhon
> http://www.linkedin.com/in/harisekhon



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)