Versions Compared

Old Version 22

changes.mady.by.user Vaibhav Gumashta

Saved on

compared with

New Version 23

changes.mady.by.user Vaibhav Gumashta

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

HiveServer2 supports Anonymous (no authentication), Kerberos, pass through LDAP, pluggable custom authentication and pluggable custom authentication modules (PAM).

Configuration

Panel

hive.server2.authentication – Authentication mode, default NONE. Options are NONE, KERBEROS, LDAP, PAM and CUSTOM.

hive.server2.authentication.kerberos.principal – Kerberos principal for server.

hive.server2.authentication.kerberos.keytab – Keytab for server principal.

hive.server2.authentication.ldap.url – LDAP url.

hive.server2.authentication.ldap.baseDN – LDAP base DN.

hive.server2.custom.authentication.class – Custom authentication class that implements org.apache.hive.service.auth.PasswdAuthenticationProvider interface.

...

By default HiveServer2 performs the query processing as the user who submitted the query. But if the following parameter is set to false, the query will run as the user that the hiveserver2 process runs as.

...

To prevent memory leaks in unsecure mode, disable file system caches by setting the following parameters to true:

Panel

fs.hdfs.impl.disable.cache – Disable HDFS filesystem cache, default false.

fs.file.impl.disable.cache – Disable local filesystem cache, default false.

...

Panel

hive.server2.use.SSL – Set this to true.

hive.server2.keystore.path – Set this to your keystore path.

hive.server2.keystore.password – password – Set this to your keystore password.

Pluggable Authentication Modules (PAM)

HIVE-6466, which will be available in Hive 0.13, provides support for PAM. To configure PAM:

  • Download the JPAM native library for the relevant architecture.
  • Unzip and copy libjpam.so to a directory (<libjmap-directory>) on the system. 
  • Add the directory to the LD_LIBRARY_PATH environment variable like so: export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:<libjmap-directory> 

Finally, set the following configurations in  hive-site.xml:

Panel

hive.server2.authentication – Set this to PAM.

hive.server2.authentication.pam.services – Set this to a list of comma separated PAM services that will be used. Note that a file with the same name as the PAM service must exist in /etc/pam.d.

Python Client Driver

A Python client driver for HiveServer2 is available at https://github.com/BradRuderman/pyhs2 (thanks, Brad). It includes all the required packages such as SASL and Thrift wrappers.

...