Support Questions

Find answers, ask questions, and share your expertise

Hortonworks (Hive - ldap integration failure)

avatar
Explorer
[hdfs@xyz ~]$ beeline
Beeline version 1.2.1000.2.6.3.0-235 by Apache Hive
beeline> !connect jdbc:hive2://xyz:10000/default;
Connecting to jdbc:hive2://xyz:10000/default;
Enter username for jdbc:hive2://xyz:10000/default;: *************
Enter password for jdbc:hive2://xyz:10000/default;: *************
20/01/08 19:08:10 [main]: WARN jdbc.HiveConnection: Failed to connect to xyz:10000
Error: Could not open client transport with JDBC Uri: jdbc:hive2://xyz:10000/default;: Peer indicated failure: Error validating the login (state=08S01,code=0)
0: jdbc:hive2://xyz:10000/default (closed)>
1 ACCEPTED SOLUTION

avatar
Expert Contributor

@pratik_ 

 

I think some configuration parameters have to be taken at Hive side.

 

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.4/securing-hive/content/hive_secure_hiveserver_u...

 

https://community.cloudera.com/t5/Community-Articles/Hive-and-LDAP-integration/ta-p/245449

 

Please refer these articles and make sure all the required parameters are configured properly.

View solution in original post

5 REPLIES 5

avatar
Explorer

Hiveserver2 logs:

 

2020-01-08 19:08:10,448 ERROR [HiveServer2-Handler-Pool: Thread-60]: server.TThreadPoolServer (TThreadPoolServer.java:run(297)) - Error occurred during processing of message.
java.lang.RuntimeException: org.apache.thrift.transport.TTransportException: Error validating the login
at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:219)
at org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:269)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.thrift.transport.TTransportException: Error validating the login
at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232)
at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:316)
at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41)
at org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:216)
... 4 more

 

Note: ldapsearch results shows up just fine.

avatar
Contributor

Hello, 

Are you using AD or OpenLDAP. Although related for an older version, please check this thread:
http://mail-archives.apache.org/mod_mbox/hive-user/201308.mbox/%3CCAHxLZBX1OrUgY4RJCd6TkZ1xrV2ekKLb9...

 

HTH

avatar
Expert Contributor

@pratik_ 

 

I think some configuration parameters have to be taken at Hive side.

 

https://docs.cloudera.com/HDPDocuments/HDP3/HDP-3.1.4/securing-hive/content/hive_secure_hiveserver_u...

 

https://community.cloudera.com/t5/Community-Articles/Hive-and-LDAP-integration/ta-p/245449

 

Please refer these articles and make sure all the required parameters are configured properly.

avatar
Explorer

Thanks for your response , the ldap config had missing info on OU.

ldap auth. works fine now.

avatar
Explorer

ldap config had missing OU info , ldap auth works fine now.