This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »


HiveServer2 (HS2) is a server interface that enables remote clients to execute queries against hive and retrieve the results. The current thirft RPC based implementation is an improved version of HiveServer that supports multi-client concurrency and authentication. It is designed to provide better support for open API clients like JDBC and ODBC. The thrift IDL is available at

This document describes how to setup the server. How to use a client with this server is described in Hive client setup doc .


Introduced in Hive version 0.11. See HIVE-2935.

How to configure

Configuration properties in hive-site.xml

hive.server2.thrift.min.worker.threads - Number of minimum worker threads, default 5.
hive.server2.thrift.max.worker.threads - Number of minimum worker threads, default 100
hive.server2.thrift.port - Tcp port to listen on , default 10000 - Tcp interface to bind to

Optional Environment settings

HIVE_SERVER2_THRIFT_BIND_HOST - optional tcp host interface to bind to. Overrides the config file setting
HIVE_SERVER2_THRIFT_PORT - optional tcp port# to listen on, default 10000. Overrides the config file setting

How to start



$HIVE_HOME/bin/hive --service hiveserver2


HiveServer2 support Anonymous (no auth), Kerberos, pass through LDAP and pluggable custom authentication.


hive.server2.authentication - Authentication mode, default NONE. Options are NONE, KERBEROS, LDAP and CUSTOM
hive.server2.authentication.kerberos.principal - Kerberos principal for server
hive.server2.authentication.kerberos.keytab - Keytab for server principal
hive.server2.authentication.ldap.url - LDAP url
hive.server2.authentication.ldap.baseDN - LDAP base DN
hive.server2.custom.authentication.class - Custom authentication class that implements org.apache.hive.service.auth.PasswdAuthenticationProvider interface


By default HiveServer2 performs the query processing as the user who submitted the query. If this parameter is set to false, the query would run as user hiveserver2 process runs as.

hive.server2.enable.doAs - Impersonate the connected user, default true

To prevent memory leak in unsecure mode, disable file system caches, by setting following params to true

fs.hdfs.impl.disable.cache - Disable hdfs filesystem cache, default false
fs.file.impl.disable.cache - Disable local filesystem cache, default false

  • No labels