Created on 10-10-2019 12:57 PM - edited 09-16-2022 07:33 AM
Facing Kerbros' Authentication error while accessing hive table
Error Shared :
py4j.protocol.Py4JJavaError: An error occurred while calling None.org.apache.spark.api.java.JavaSparkContext.
: org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): User @\<>@DOMAIN.<>.COM (auth:KERBEROS) is not authorized for protocol interface org.apache.hadoop.hdfs.protocol.ClientProtocol: denied by configured ACL
Created 10-10-2019 01:05 PM
Also my kerbros token is active
Created 10-24-2019 09:00 AM
Can you share the configuration value for "hadoop_authorized_users"?
Is it left to the default value, or was there any modification?
Created on 10-24-2019 12:56 PM - edited 10-24-2019 01:15 PM
For sure when you kerberize your cluster your are hardening security access to all components Hive,hbase, Kafka etc .
The problem you are encountering is related to Ranger because security has been toggled to Ranger after Kerberization,can you check your hive config like below show my hive authorization is now delegated to Ranger
So will need to use Ranger to give access to hive databases and tables
Can you check whether the hive plugin has been enabled? If thats the case then your authorization will have to be through Ranger
Created 10-24-2019 10:43 PM
It seems you are trying to connect to Hive using either spark-sql or Spark Thriftserver.
Can you please avoid involving spark and confirm if you are facing the issue via hive.
Try accessing the table via Hive CLI or beeline when connected to Hiveserver2.
Created 10-26-2019 09:19 AM