Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Fail to connect to keberosized hive via JDBC from windows

avatar
author-rank xpelive
Contributor

Created on ‎08-30-2018 07:10 AM - edited ‎09-16-2022 06:39 AM

Hi all,

I'd like to connect to hive with keberos enabled via JDBC from windows. MIT is installed and ticket tis reterieved.

The smoke test java code is

public class HiveJDBC2 {
  private static String driverName = "org.apache.hive.jdbc.HiveDriver";
  public static void main(String[] args) throws SQLException, IOException, ClassNotFoundException {
    try {
      Class.forName(driverName);
    } catch (ClassNotFoundException e) {
      e.printStackTrace();
      System.exit(1);
    }
    System.setProperty("java.security.auth.login.config", "gss-jaas.conf");
    System.setProperty("sun.security.jgss.debug", "true");
    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
    System.setProperty("java.security.krb5.conf", "krb5.conf");
    Connection con = DriverManager.getConnection("jdbc:hive2://10.2.29.102:10000/default;principal=hive/lhq0363.abcd.com@ABCD.COM");
    System.out.println("Connected");
    con.close();
  }
}

The error log is:

 Search Subject for Kerberos V5 INIT cred (<<DEF>>, sun.security.jgss.krb5.Krb5InitCredential)
Debug is  true storeKey false useTicketCache true useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is hive/lhq0363.abcd.com@ABCD.COM tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
Principal is hive/lhq0363.abcd.com@ABCD.COM
Commit Succeeded 
Exception in thread "main" java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://10.2.29.102:10000/default;principal=hive/lhq0363.abcd.com@ABCD.COM: GSS initiate failed
 at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:218)
 at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:156)
 at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:105)
 at java.sql.DriverManager.getConnection(DriverManager.java:664)
 at java.sql.DriverManager.getConnection(DriverManager.java:270)
 at com.test.HiveJDBC2.main(HiveJDBC2.java:26)
Caused by: org.apache.thrift.transport.TTransportException: GSS initiate failed
 at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232)
 at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:316)
 at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
 at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:52)
 at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport$1.run(TUGIAssumingTransport.java:49)
 at java.security.AccessController.doPrivileged(Native Method)
 at javax.security.auth.Subject.doAs(Subject.java:422)
 at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1866)
 at org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport.open(TUGIAssumingTransport.java:49)
 at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:194)
 ... 5 more

I have searched quite a few threads but no luck. would someone give me any ideas?

87435-kerberios.png

3,797 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank euricanaciara20
New Contributor

Created ‎08-30-2018 07:22 AM

We got this working. For those utilizing Horton works Timeserver with Kerosene, this is the thing that you have to do (giving you're Kerosene/present is substantial on your objective host.

top essay writing service

View solution in original post

3,623 Views
0 Kudos
3 REPLIES 3

avatar
author-rank euricanaciara20
New Contributor

Created ‎08-30-2018 07:22 AM

We got this working. For those utilizing Horton works Timeserver with Kerosene, this is the thing that you have to do (giving you're Kerosene/present is substantial on your objective host.

top essay writing service

3,624 Views
0 Kudos

avatar
author-rank xpelive
Contributor

Created ‎08-30-2018 07:29 AM

The same program runs succefully on an edgenode with hive2 client.

3,623 Views
0 Kudos

avatar
author-rank xpelive
Contributor

Created ‎08-30-2018 07:38 AM

thanks your hints @euricana . it really caused by server time is 5 min earlier than host time

3,623 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements