This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: minor edits

...

Running in HTTP mode

Starting in Hive 0.13, HiveServer2 provides support for sending Thrift RPC messages over http HTTP transport (HIVE-4752). This is particularly useful to support a proxying intermediary between the client and the server (for example, for load balancing or security reasons). Currently, you can run HiveServer2 in either TCP mode or the HTTP mode, but not in both. For the corresponding JDBC urlURL, check this link: HiveServer2 Clients -- JDBC urlConnection URLs. Use the following settings to enable http HTTP mode:

Panel

hive.server2.transport.mode – Set this to http.

...

HiveServer2 supports Anonymous (no authentication), Kerberos, pass through LDAP, Pluggable Custom Authentication and Pluggable Authentication Modules (PAM, supported Hive 0.13 onwards).

...

Panel

hive.server2.authentication – Authentication mode, default NONE. Options are NONE, KERBEROS, LDAP, PAM and CUSTOM.

hive.server2.authentication.kerberos.principal – Kerberos principal for server.

hive.server2.authentication.kerberos.keytab – Keytab for server principal.

hive.server2.authentication.ldap.url – LDAP urlURL.

hive.server2.authentication.ldap.baseDN – LDAP base DN.

hive.server2.custom.authentication.class – Custom authentication class that implements org.apache.hive.service.auth.PasswdAuthenticationProvider interface.

...

Changes in HIVE-5351, which will be available in Hive 0.13, provides support for SSL encryption. To enable, set the following configurations in  in hive-site.xml:

Panel

hive.server2.use.SSL – Set this to true.

hive.server2.keystore.path – Set this to your keystore path.

hive.server2.keystore.password – Set this to your keystore password.

...

  • Download the JPAM native library for the relevant architecture.
  • Unzip and copy libjpam.so to a directory (<libjmap-directory>) on the system. 
  • Add the directory to the LD_LIBRARY_PATH environment variable like so: export  export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:<libjmap-directory> directory> 

Finally, set the following configurations in  in hive-site.xml:

Panel

hive.server2.authentication – Set this to PAM.

hive.server2.authentication.pam.services – Set this to a list of comma-separated PAM services that will be used. Note that a file with the same name as the PAM service must exist in /etc/pam.d.

...