AnsweredAssumed Answered

Cannot connect to secured HiveServer2 from remote client

Question asked by bencetamas on Jun 10, 2015
Latest reply on Jul 22, 2017 by arjunkr
Hello,

I've setup a secure cluster with HiveServer2 (with the newest packages), using Mapr-SASL. It seems everything works fine, I can authenticate with maprlogin utility from remote clients and submit jobs, etc.
But I cannot connect to HiveServer2 using with my java application. I get error, at the line

    Connection con = DriverManager.getConnection("jdbc:hive2://docker.rapidminer.com:10000/default;auth=maprsasl;sasl.qop=auth-conf","mapr","mapr");

I get the following error:

    Exception in thread "main" java.lang.NullPointerException
     at java.lang.Class.forName0(Native Method)
     at java.lang.Class.forName(Class.java:270)
     at org.apache.hadoop.conf.Configuration.getClassByNameOrNull(Configuration.java:1857)
     at org.apache.hadoop.conf.Configuration.getClassByName(Configuration.java:1822)
     at org.apache.hadoop.security.SecurityUtil.getCustomRpcAuthMethod(SecurityUtil.java:630)
     at org.apache.hadoop.security.UserGroupInformation.initialize(UserGroupInformation.java:208)
     at org.apache.hadoop.security.UserGroupInformation.setConfiguration(UserGroupInformation.java:349)
     at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge25Sasl.createClientWithConf(HadoopThriftAuthBridge25Sasl.java:68)
     at org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge25Sasl.createClientWithConf(HadoopThriftAuthBridge25Sasl.java:52)
     at org.apache.hive.service.auth.MapRSecSaslHelper.getTransport(MapRSecSaslHelper.java:63)
     at org.apache.hive.jdbc.HiveConnection.createBinaryTransport(HiveConnection.java:343)
     at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:202)
     at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:180)
     at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:105)
     at java.sql.DriverManager.getConnection(DriverManager.java:571)
     at java.sql.DriverManager.getConnection(DriverManager.java:215)
     at test.Program.main(Program.java:21)

After some debugging it seems that the SecurityUtil.getCustomRpcAuthMethod method uses a configuration property "hadoop.security.custom.auth.principal.class", which is not set. But I found nothing about this property, how can I set, and what value it needs.

I also set the JVM properties described in [http://doc.mapr.com/display/MapR/Configuring+MapR+Security][1]. First I've put these jars from the hadoop cluster to the classpath:

    commons-collections-3.2.1-mapr-1503.jar
    commons-configuration-1.6-mapr-1503.jar
    commons-logging-1.1.3-mapr-1503.jar
    hadoop-auth-2.5.1-mapr-1503.jar
    hadoop-common-2.5.1-mapr-1503.jar
    hive-exec-0.13.0-mapr-1504.jar
    hive-jdbc-0.13.0-mapr-1504.jar
    hive-metastore-0.13.0-mapr-1504.jar
    hive-service-0.13.0-mapr-1504.jar
    httpclient-4.2-mapr-1503.jar
    httpcore-4.2-mapr-1503.jar
    log4j-1.2.15.jar
    slf4j-api-1.6.0.jar
    slf4j-log4j12-1.7.5.jar

I also tried to put the hive-shims-*jar-s to the classpath, and other jars too, with no success.
I also tried jdbc:hive2://docker.rapidminer.com:10000/default;auth=maprsasl;sasl.qop=auth-conf and
jdbc:hive2://docker.rapidminer.com:10000/default;auth=maprsasl as connection strings.

Has anyone some idea, what could be the problem?

Thank you!
Bence Tamas

  [1]: http://doc.mapr.com/display/MapR/Configuring+MapR+Security

Outcomes