Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

How to pass user with Phoenix url?

avatar
author-rank hfaouaz
Rising Star

Created ‎11-06-2015 05:46 PM

Currently Have Hbase protected by Ranger. I am not able to connect to Hbase via Phoenix from an external java client since its picking up my machine userid and that is not an authorized user. Is there a way to pass in the user in phoenix connection url?

5,719 Views
1 ACCEPTED SOLUTION

avatar
author-rank nsabharwal
Master Mentor

Created ‎11-08-2015 01:06 PM

@Josh Elser @terry@hortonworks.com

@hfaouaz@hortonworks.com

Please see this.

[root@nsfed01 ~]# /usr/hdp/2.3.2.0-2950/phoenix/bin/sqlline.py n1:2181:/hbase-unsecure:neeraj

Setting property: [isolation, TRANSACTION_READ_COMMITTED]

issuing: !connect jdbc:phoenix:n1:2181:/hbase-unsecure:neeraj none none org.apache.phoenix.jdbc.PhoenixDriver

Connecting to jdbc:phoenix:n1:2181:/hbase-unsecure:neeraj

15/11/08 05:04:50 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java classes where applicable

15/11/08 05:04:51 WARN impl.MetricsConfig: Cannot locate configuration: tried hadoop-metrics2-phoenix.properties,hadoop-metrics2.properties

Connected to: Phoenix (version 4.4)

Driver: PhoenixEmbeddedDriver (version 4.4)

Autocommit status: true

Transaction isolation: TRANSACTION_READ_COMMITTED

Building list of tables and columns for tab-completion (set fastconnect to true to skip)...

93/93 (100%) Done

Done

sqlline version 1.1.8

0: jdbc:phoenix:n1:2181:/hbase-unsecure:neera>

0: jdbc:phoenix:n1:2181:/hbase-unsecure:neera> !list

1 active connection:

#0 open jdbc:phoenix:n1:2181:/hbase-unsecure:neeraj

0: jdbc:phoenix:n1:2181:/hbase-unsecure:neera>

View solution in original post

3,605 Views
8 REPLIES 8

avatar
author-rank TerryP author-rank
Super Collaborator

Created ‎11-06-2015 06:02 PM

Is Kerberos also in play? The docs page here gives an example for connecting with the HBase service principal.

Have you tried a connection URL like?

jdbc:phoenix:<Zookeeper_host_name>:<port_number>:<secured_Zookeeper_node>:<user_name>
3,605 Views

avatar
author-rank hfaouaz
Rising Star

Created ‎11-06-2015 06:14 PM

my cluster is not yet secured. so I have non secure zooker node.

I tried this:

"jdbc:phoenix:<zookeper-host>:2181:/hbase-unsecure:<uid>"

but no luck. would that work with non-secure zookeeper node?

3,605 Views
0 Kudos

avatar
author-rank elserj author-rank
Super Guru

Created ‎11-06-2015 06:26 PM

It should work even without Kerberos. I'm not sure how the Ranger authorization fits into the picture.

3,605 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎11-08-2015 01:06 PM

@Josh Elser @terry@hortonworks.com

@hfaouaz@hortonworks.com

Please see this.

[root@nsfed01 ~]# /usr/hdp/2.3.2.0-2950/phoenix/bin/sqlline.py n1:2181:/hbase-unsecure:neeraj

Setting property: [isolation, TRANSACTION_READ_COMMITTED]

issuing: !connect jdbc:phoenix:n1:2181:/hbase-unsecure:neeraj none none org.apache.phoenix.jdbc.PhoenixDriver

Connecting to jdbc:phoenix:n1:2181:/hbase-unsecure:neeraj

15/11/08 05:04:50 WARN util.NativeCodeLoader: Unable to load native-hadoop library for your platform... using builtin-java classes where applicable

15/11/08 05:04:51 WARN impl.MetricsConfig: Cannot locate configuration: tried hadoop-metrics2-phoenix.properties,hadoop-metrics2.properties

Connected to: Phoenix (version 4.4)

Driver: PhoenixEmbeddedDriver (version 4.4)

Autocommit status: true

Transaction isolation: TRANSACTION_READ_COMMITTED

Building list of tables and columns for tab-completion (set fastconnect to true to skip)...

93/93 (100%) Done

Done

sqlline version 1.1.8

0: jdbc:phoenix:n1:2181:/hbase-unsecure:neera>

0: jdbc:phoenix:n1:2181:/hbase-unsecure:neera> !list

1 active connection:

#0 open jdbc:phoenix:n1:2181:/hbase-unsecure:neeraj

0: jdbc:phoenix:n1:2181:/hbase-unsecure:neera>

3,606 Views

avatar
author-rank hfaouaz
Rising Star

Created ‎11-10-2015 02:52 PM

thanks @Neeraj. this helps from the command line, though if I want to do it from java, the client is still picking up the computer username not that one you pass in...

3,605 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎11-11-2015 08:39 PM

@hfaouaz@hortonworks.com

Kerberos is your best bet.

Now, without kerberos

You have to login as that particular user to run java program.

example: Based on testing in my lab env.

login as OS user, for example user abc and if you are dealing with ranger then make sure that os user has permission in HBase policies.

Conclusion: Phoenix is picking up OS user as user opening the connection.

3,605 Views
0 Kudos

avatar
author-rank hfaouaz
Rising Star

Created ‎11-11-2015 08:42 PM

yep I agree. thanks for the follow up.

3,605 Views
0 Kudos

avatar
author-rank nsabharwal
Master Mentor

Created ‎11-10-2015 02:57 PM

@hfaouaz@hortonworks.com

Good example

Example

You may have pass username with in the Java call

3,605 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements