Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

user hive/host1 is not allowed to impersonate sentry/host2

SOLVED Go to solution

user hive/host1 is not allowed to impersonate sentry/host2

Rising Star

Hello,

 

In my kerberized and Sentry-protected CDH, I started getting the following errors on hive metastore:

 

Caused by: org.apache.hadoop.security.authorize.AuthorizationException: 
User: hive/master.hadoop.local@HADOOP.LOCAL is not allowed to 
impersonate sentry/worker1.hadoop.local@HADOOP.LOCAL

In core-site.xml I have:

 

hadoop.proxyuser.hive.groups=*
hadoop.proxyuser.hive.users=*

The error started after I was playing around with LDAP integration, though I rollback my configurations to the previous no-LDAP state. I am trying to figure out what I missed.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: user hive/host1 is not allowed to impersonate sentry/host2

Rising Star

core-site.xml had empty values not *.

 

No issue.

1 REPLY 1
Highlighted

Re: user hive/host1 is not allowed to impersonate sentry/host2

Rising Star

core-site.xml had empty values not *.

 

No issue.