hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Naveen Gangam (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (HIVE-9144) Beeline + Kerberos shouldn't prompt for unused username + password
Date Wed, 11 May 2016 20:43:12 GMT

     [ https://issues.apache.org/jira/browse/HIVE-9144?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Naveen Gangam reassigned HIVE-9144:
-----------------------------------

    Assignee: Naveen Gangam

> Beeline + Kerberos shouldn't prompt for unused username + password
> ------------------------------------------------------------------
>
>                 Key: HIVE-9144
>                 URL: https://issues.apache.org/jira/browse/HIVE-9144
>             Project: Hive
>          Issue Type: Bug
>          Components: Beeline
>    Affects Versions: 0.13.0
>         Environment: Hive 0.13 on MapR 4.0.1
>            Reporter: Hari Sekhon
>            Assignee: Naveen Gangam
>            Priority: Minor
>
> When using beeline to connect to a kerberized HiveServer2 it still prompts for a username
and password that aren't used. It should be changed to not prompt when using Kerberos:
> {code}/opt/mapr/hive/hive-0.13/bin/beeline
> Beeline version 0.13.0-mapr-1409 by Apache Hive
> beeline> !connect jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM
> scan complete in 6ms
> Connecting to jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM
> Enter username for jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM:
wronguser
> Enter password for jdbc:hive2://<host>:10000/default;principal=hive/<host>@REALM:
<enter>
> Connected to: Apache Hive (version 0.13.0-mapr-1409)
> Driver: Hive JDBC (version 0.13.0-mapr-1409)
> Transaction isolation: TRANSACTION_REPEATABLE_READ
> {code}
> Hive conf includes (as concisely shown by set):
> {code}hive.server2.authentication = KERBEROS
> hive.server2.enable.doAs = true
> hive.server2.enable.impersonation = true
> {code}
> I can't see how to demonstrate in HQL session that I am not connected as "wronguser"
(which obviously doesn't exist either locally or as a Kerberos principal or account in my
LDAP directory), so I've raised another ticket for that HIVE-9143, but it should be clear
given I specifed a non-existent user and a completely blank password just hitting enter that
it's not using those credentials. Same happens with <enter>, <enter> for both
username and password.
> Regards,
> Hari Sekhon
> http://www.linkedin.com/in/harisekhon



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message