...
HiveServer2 supports Anonymous (no authentication), Kerberos, pass through LDAP, pluggable custom authentication and pluggable authentication modules (PAMPluggable Custom Authentication and Pluggable Authentication Modules (supported Hive 0.13 onwards).
Configuration
Panel |
---|
hive.server2.authentication – Authentication mode, default NONE. Options are NONE, KERBEROS, LDAP, PAM and CUSTOM. hive.server2.authentication.kerberos.principal – Kerberos principal for server. hive.server2.authentication.kerberos.keytab – Keytab for server principal. hive.server2.authentication.ldap.url – LDAP url. hive.server2.authentication.ldap.baseDN – LDAP base DN. hive.server2.custom.authentication.class – Custom authentication class that implements org.apache.hive.service.auth.PasswdAuthenticationProvider interface. |
...
Panel |
---|
hive.server2.enable.doAs – Impersonate the connected user, default true. |
To prevent memory leaks in unsecure mode, disable file system caches by setting the following parameters to true:
...
Panel |
---|
hive.server2.authentication – Set this to PAM. hive.server2.authentication.pam.services – Set this to a list of comma separated PAM services that will be used. Note that a file with the same name as the PAM service must exist in /etc/pam.d. |
Python Client Driver
A Python client driver for HiveServer2 is available at https://github.com/BradRuderman/pyhs2 (thanks, Brad). It includes all the required packages such as SASL and Thrift wrappers.
...