Return-Path: X-Original-To: apmail-hive-dev-archive@www.apache.org Delivered-To: apmail-hive-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B49C1109B0 for ; Wed, 15 Jan 2014 23:40:24 +0000 (UTC) Received: (qmail 66557 invoked by uid 500); 15 Jan 2014 23:40:22 -0000 Delivered-To: apmail-hive-dev-archive@hive.apache.org Received: (qmail 66503 invoked by uid 500); 15 Jan 2014 23:40:22 -0000 Mailing-List: contact dev-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@hive.apache.org Delivered-To: mailing list dev@hive.apache.org Received: (qmail 66324 invoked by uid 500); 15 Jan 2014 23:40:22 -0000 Delivered-To: apmail-hadoop-hive-dev@hadoop.apache.org Received: (qmail 66215 invoked by uid 99); 15 Jan 2014 23:40:20 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Jan 2014 23:40:20 +0000 Date: Wed, 15 Jan 2014 23:40:20 +0000 (UTC) From: "Xuefu Zhang (JIRA)" To: hive-dev@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (HIVE-6182) LDAP Authentication errors need to be more informative MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HIVE-6182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xuefu Zhang updated HIVE-6182: ------------------------------ Resolution: Fixed Fix Version/s: 0.13.0 Status: Resolved (was: Patch Available) Patch committed to trunk. Thanks to Szehon for the contribution. > LDAP Authentication errors need to be more informative > ------------------------------------------------------ > > Key: HIVE-6182 > URL: https://issues.apache.org/jira/browse/HIVE-6182 > Project: Hive > Issue Type: Improvement > Components: Authentication > Affects Versions: 0.13.0 > Reporter: Szehon Ho > Assignee: Szehon Ho > Fix For: 0.13.0 > > Attachments: HIVE-6182.patch > > > There are a host of errors that can happen when logging into an LDAP-enabled Hive-server2 from beeline. But for any error there is only a generic log message: > {code} > SASL negotiation failure > javax.security.sasl.SaslException: PLAIN auth failed: Error validating LDAP user > at org.apache.hadoop.security.SaslPlainServer.evaluateResponse(SaslPlainServer.java:108) > at org.apache.thrift.transport.TSaslTransport$SaslParticipant.evaluateChallengeOrRespons > {code} > And on Beeline side there is only an even more unhelpful message: > {code} > Error: Invalid URL: jdbc:hive2://localhost:10000/default (state=08S01,code=0) > {code} > It would be good to print out the underlying error message at least in the log, if not beeline. But today they are swallowed. This is bad because the underlying message is the most important, having the error codes as shown here : [LDAP error code|https://wiki.servicenow.com/index.php?title=LDAP_Error_Codes] > The beeline seems to throw that exception for any error during connection, authetication or otherwise. -- This message was sent by Atlassian JIRA (v6.1.5#6160)