incubator-hcatalog-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rajesh Balamohan <rajesh.balamo...@gmail.com>
Subject HCatalog Security
Date Sun, 08 Apr 2012 13:27:00 GMT
Hi All,

I am currently using HCatalog 0.4 and trying to enable security with this
build.

I have setup the following properties in /etc/hcatalog/hive-site.xml

hive.metastore.kerberos.principa;
hive.metastore.sasl.enabled
hive.metastore.kerberos.keytab.file

I tried kinit in standalone mode and it works fine. hcat_server.sh also
works fine (which means that the thrift server is working)

However, when I try ' hcat -e "show tables" ', it is not able to
communicate with the thrift server. It throws GSSAPI failed exception.


2012-04-08 06:25:28,056 DEBUG transport.TSaslServerTransport
(TSaslServerTransport.java:getTransport(212)) - transport map does not
contain key
2012-04-08 06:25:28,056 DEBUG transport.TSaslTransport
(TSaslTransport.java:open(243)) - opening transport
org.apache.thrift.transport.TSaslServerTransport@6243487e
2012-04-08 06:25:28,057 DEBUG transport.TSaslServerTransport
(TSaslServerTransport.java:getTransport(217)) - failed to open server
transport
org.apache.thrift.transport.TTransportException: Peer indicated failure:
GSS initiate failed
        at
org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:190)
        at
org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:124)
        at
org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:253)
        at
org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:40)
        at
org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:215)
        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:557)
        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:555)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:337)
        at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1110)
        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory.getTransport(HadoopThriftAuthBridge20S.java:555)
        at
org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:170)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)
2012-04-08 06:25:28,057 WARN  hive.metastore
(HiveMetaStoreClient.java:openStore(270)) - Failed to connect to the
MetaStore Server...
2012-04-08 06:25:28,057 ERROR server.TThreadPoolServer
(TThreadPoolServer.java:run(182)) - Error occurred during processing of
message.
java.lang.RuntimeException:
org.apache.thrift.transport.TTransportException: Peer indicated failure:
GSS initiate failed
        at
org.apache.thrift.transport.TSaslServerTransport$Factory.getTransport(TSaslServerTransport.java:218)
        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:557)
        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory$1.run(HadoopThriftAuthBridge20S.java:555)
        at java.security.AccessController.doPrivileged(Native Method)
        at javax.security.auth.Subject.doAs(Subject.java:337)
        at
org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1110)
        at
org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge20S$Server$TUGIAssumingTransportFactory.getTransport(HadoopThriftAuthBridge20S.java:555)
        at
org.apache.thrift.server.TThreadPoolServer$WorkerProcess.run(TThreadPoolServer.java:170)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)
Caused by: org.apache.thrift.transport.TTransportException: Peer indicated
failure: GSS initiate failed
        at
org.apache.thrift.transport.TSaslTransport.receiveSaslMessage(TSaslTransport.java:190)
        at
org.apache.thrift.transport.TSaslServerTransport.handleSaslStartMessage(TSaslServerTransport.java:124)
        at
org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:253)

Any help would be greatly appreciated.

-- 
~Rajesh.B

Mime
View raw message