So I've been able to configure a Spark Hiveserver2 server on MapR 6 secure cluster with MAPRSASL authentication.
It works in beeline:
[myuser@zzzz01 ~]$ /opt/mapr/spark/spark-2.1.0/bin/beeline
Beeline version 1.2.0-mapr-1710 by Apache Hive
beeline> !connect jdbc:hive2://zzzz02.com:10022/default;auth=MAPRSASL
Connecting to jdbc:hive2://zzzz02.com:10022/default;auth=MAPRSASL
Enter username for jdbc:hive2://zzzz02.com:10022/default;auth=MAPRSASL: MYUSER
Enter password for jdbc:hive2://zzzz02.com:10022/default;auth=MAPRSASL:
18/03/19 02:31:37 WARN MaprSaslClient: SASL Server qopProperty: auth-confis different from Client: auth-conf,auth-int,auth.Using Server one
Connected to: Spark SQL (version 2.1.0-mapr-1710)
Driver: Hive JDBC (version 1.2.0-mapr-1710)
Transaction isolation: TRANSACTION_REPEATABLE_READ
All good so far. Now I'm trying to configure a Simba Spark ODBC driver on a Linux server, which is not a part of this cluster, and create a DSN there. I used to successfully configure it for other (unsecure) clusters or different modes of authentication.
So in .odbc.ini I put:
Description=MapR Spark (Simba) ODBC Connector (64-bit) DSN
# UserName and Password authentication?
The error I'm getting on MapR side, when trying to connect is "Unsupported mechanism type PLAIN". Fair enough, as I haven't specified for the driver that the auth mechanism is MAPRSASL. But there's nothing in the documentation for both Spark and Hive ODBC drivers that would tell how to connect using MAPRSASL auth mechanism. There is something on Drill ODBC driver, that suggests that I:
1. Install mapr-client and maprlogin on that "not in the cluster" server.
2. Obtain a ticket.
Alternatively, I could reconfigure hiveserver2 to PAM/custom/none authentication, but as MAPRSASL is recommended by MapR, I'd prefer to stick to it.
Could someone give a guidance?