Support Questions

Find answers, ask questions, and share your expertise
Announcements
Celebrating as our community reaches 100,000 members! Thank you!

Beeline authentication

avatar
Super Collaborator

Hi everyone,

i have a problem with beeline authentication. I am using "hive.server2.authentication=LDAP" but it is not working. I can successfully log into beeline as any user using any, or blank password. I can just simply type some random signs and beeline recognizes it as user and successfully logs in. I would like to configure beeline, such it allows to connect users from LDAP/AD only and the correct password is required. Should it works as I mentioned above or I have some misconfiguration. The only configuration I provided is "hive.server2.authentication=LDAP" and provided necessary LDAP options. When I set "hive.server2.authentication=NONE" nothing changes (I think it works as it should - none authentication). I am using HDP2.3 with Ambari to make changes in configurations.

Thank you

1 ACCEPTED SOLUTION

avatar
Master Guru

Are you sure that uit works. I.e. have you restarted the Hive services after changing authentication to LDAP. I am pretty sure it should block you after.

I did PAM before a couple of times and I assure you when I enable that nothing works anymore if any of the other dependencies are not setup correctly.

https://community.hortonworks.com/articles/591/using-hive-with-pam-authentication.html

View solution in original post

3 REPLIES 3

avatar
Master Guru

Are you sure that uit works. I.e. have you restarted the Hive services after changing authentication to LDAP. I am pretty sure it should block you after.

I did PAM before a couple of times and I assure you when I enable that nothing works anymore if any of the other dependencies are not setup correctly.

https://community.hortonworks.com/articles/591/using-hive-with-pam-authentication.html

avatar
Super Collaborator

Thanks for the answer. PAM works well for me - that means I have some misconfiguration in my LDAP.

NOTE: Access to /etc/shadow should have the user which we want to log in beeline.

avatar
Contributor

Hi Edgar, Can you please check if hs2 authorization is enabled.

hive.server2.enable.authorization