Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Intergrating / Authenticating Hive through ACTIVE DIRECTORY

Highlighted

Intergrating / Authenticating Hive through ACTIVE DIRECTORY

New Contributor

I am currently using HIVE, authorization with LDAP. But I wanted to integrate with Active Directory, authorization users through AD. I went through the hue.ini file, but no luck. Is there any documentation for this, else HIVE actually supports AD authentication..? 

4 REPLIES 4

Re: Intergrating / Authenticating Hive through ACTIVE DIRECTORY

Super Guru

Hi @jackson ,

 

Before we can suggest some possible solutions, it would be good to be sure we understand what it is you are trying to do.

 

You mention authorization but I think you mean authentication as LDAP itself does not perform authorization.  Hive supports authentication to Active Directory via AD's support of LDAP

 

Hue can be configured to use a username and password to authenticate to Hue if you are not using Kerberos and wish to allow authentication to Hue via LDAP.

 

Based on what you mentioned, I think you are trying to configure Hue to use LDAP username/password to access HiveServer2.  Is that correct?

Re: Intergrating / Authenticating Hive through ACTIVE DIRECTORY

New Contributor

thạnks

Kaiser Land

Re: Intergrating / Authenticating Hive through ACTIVE DIRECTORY

New Contributor

Hi @bgooley 

 

Thanks for reverting with a query... Right now I am using LDAP to authenticate. I would like to use AD authentication instead of LDAP.

 

As you mentioned, "Hive supports authentication to Active Directory via AD's support of LDAP". Is there any docs available, so I could try on that.

 

I'm trying to configure Hue to use my AD username/password. Hope that I am able to make my query understandable... 

 

Kindly let me know if any further information is required to debug more. Thanks @bgooley  

Re: Intergrating / Authenticating Hive through ACTIVE DIRECTORY

Super Guru

@jackson,

This documentation explains the basic configuration:


https://docs.cloudera.com/documentation/enterprise/latest/topics/cdh_sg_hiveserver2_security.html#to...


My point regarding AD or LDAP is that the terms are a bit misleading since both use LDAP. The difference in HiveServer2 AD auth is that you supply the LDAP url and the domain and HS2 will concatenate the username supplied with the domain to form a user@domain string that can be used for authentication to the LDAP server.

 

In Hue, you can configure Hue to use the ldap username and password via the following in hue.ini:


[desktop]
auth_username=
auth_password=

 

(this will set the ldap user and pass for both Hive and Impala.)

Or you can set it specifically for Hive with:


[desktop]
[beeswax]
auth_username=
auth_password=
Don't have an account?
Coming from Hortonworks? Activate your account here