Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

Hue Impala query run user with kerberos?

avatar
author-rank ben123
Rising Star

Created on ‎05-06-2016 03:28 PM - last edited on ‎04-21-2026 06:52 AM by Community Manager Community Manager

Hello

Why does Hue run Impala query as 'hue/master1@MY-REALM' instead my username 'ben'?

 

I get this error (even i'm logged-in as 'ben' user)

 

Your query has the following error(s):

Request from user 'hue/master1@MY-REALM' with requested pool 'it' denied access to assigned pool 'root.it'

 

Previous to Cloudera 5.7 i think Cloudera had llama service and ran Impala query as 'llama' user. Now with Cloudera 5.7 I could have Impala without llama and have it's own Dynamic Resource Management. but problem is Hue runs query as hue/master1... user instead of my username.

 

Similar thing happens to Hive. Hive runs hive query as 'hive' user instead of my username. I found it pretty annoying..

 

Does anyone has better idea to this?

Ben

11,161 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Romainr author-rank
Super Guru

Created ‎05-15-2016 08:51 PM

Do you have impersonation ON on the the Impala side?

https://groups.google.com/a/cloudera.org/forum/#!topic/hue-user/RNbjg2v7Zcc

View solution in original post

11,124 Views
0 Kudos
4 REPLIES 4

avatar
author-rank Romainr author-rank
Super Guru

Created ‎05-09-2016 09:32 AM

Is impersonation turned on on the Hue side and Impala side?

For hue
https://github.com/cloudera/hue/blob/master/desktop/conf.dist/hue.ini#L867
11,139 Views
0 Kudos

avatar
author-rank ben123
Rising Star

Created ‎05-10-2016 08:01 AM

 

I added this configuration to Hue Server

[impala]
impersonation_enabled=True

 

 

Now i get this error

User 'hue/master1@MYREALM.COM' is not authorized to delegate to 'ben'. User delegation is disabled.

11,137 Views
0 Kudos

avatar
author-rank Romainr author-rank
Super Guru

Created ‎05-15-2016 08:51 PM

Do you have impersonation ON on the the Impala side?

https://groups.google.com/a/cloudera.org/forum/#!topic/hue-user/RNbjg2v7Zcc
11,125 Views
0 Kudos

avatar
author-rank ben123
Rising Star

Created ‎05-16-2016 09:17 AM

I have had authorized_proxy_user_config=hue=* configuration on CM, but for some reason it wasn't being populated on impalad configuration.

 

after reading the post you provided me, instead of manually adding it to "advanced snippet", I enabled Sentry Authorization on Impala. Now the configuration appears on the impalad, and impersonation works fine.

 

Thank you for your help Romain

Ben

11,117 Views
0 Kudos
Announcements
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
What's New @ Cloudera
Announcing Cloudera Streaming Analytics Operator for Kuberne...
View More Announcements