Return-Path: 
 <issues-return-5630-apmail-hive-issues-archive=hive.apache.org@hive.apache.org>
X-Original-To: apmail-hive-issues-archive@minotaur.apache.org
Delivered-To: apmail-hive-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 963B518B05
	for <apmail-hive-issues-archive@minotaur.apache.org>;
 Sat, 25 Apr 2015 00:12:38 +0000 (UTC)
Received: (qmail 25441 invoked by uid 500); 25 Apr 2015 00:12:38 -0000
Delivered-To: apmail-hive-issues-archive@hive.apache.org
Received: (qmail 25417 invoked by uid 500); 25 Apr 2015 00:12:38 -0000
Mailing-List: contact issues-help@hive.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@hive.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@hive.apache.org>
List-Post: <mailto:issues@hive.apache.org>
List-Id: <issues.hive.apache.org>
Reply-To: dev@hive.apache.org
Delivered-To: mailing list issues@hive.apache.org
Received: (qmail 25405 invoked by uid 99); 25 Apr 2015 00:12:38 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 25 Apr 2015 00:12:38 +0000
Date: Sat, 25 Apr 2015 00:12:38 +0000 (UTC)
From: "Mubashir Kazia (JIRA)" <jira@apache.org>
To: issues@hive.apache.org
Message-ID: <JIRA.12820406.1428856333000.24857.1429920758416@Atlassian.JIRA>
In-Reply-To: <JIRA.12820406.1428856333000@Atlassian.JIRA>
References: <JIRA.12820406.1428856333000@Atlassian.JIRA>
 <JIRA.12820406.1428856333290@arcas>
Subject: [jira] [Commented] (HIVE-10312) SASL.QOP in JDBC URL is ignored for
 Delegation token Authentication
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/HIVE-10312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14512073#comment-14512073 ] 

Mubashir Kazia commented on HIVE-10312:
---------------------------------------

Thanks [~xuefuz]. 
[~leftylev] Do we need clarity on the language in the current documentation that says QOP is supported only for Kerberos authentication? Do we consider delegation token authentication in Kerberos enabled HS2/HMS as Kerberos authentication or pure Kerberos service ticket based authentication as Kerberos authentication?

> SASL.QOP in JDBC URL is ignored for Delegation token Authentication
> -------------------------------------------------------------------
>
>                 Key: HIVE-10312
>                 URL: https://issues.apache.org/jira/browse/HIVE-10312
>             Project: Hive
>          Issue Type: Bug
>          Components: JDBC
>    Affects Versions: 1.2.0
>            Reporter: Mubashir Kazia
>            Assignee: Mubashir Kazia
>             Fix For: 1.2.0
>
>         Attachments: HIVE-10312.1.patch, HIVE-10312.1.patch
>
>
> When HS2 is configured for QOP other than auth (auth-int or auth-conf), Kerberos client connection works fine when the JDBC URL specifies the matching QOP, however when this HS2 is accessed through Oozie (Delegation token / Digest authentication), connections fails because the JDBC driver ignores the SASL.QOP parameters in the JDBC URL. SASL.QOP setting should be valid for DIGEST Auth mech.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)