
编程入门 行业动态 更新时间:2024-10-18 19:23:40

四、<a href=https://www.elefans.com/category/jswz/34/1668324.html style=openldap整合hive"/>




2018-08-23 13:59:48,304 ERROR [HiveServer2-Handler-Pool: Thread-29]: transport.TSaslTransport (TSaslTransport.java:open(315)) - SASL negotiation failure
javax.security.sasl.SaslException: Error validating the login [Caused by javax.security.sasl.AuthenticationException: LDAP Authentication failed for user [Caused by javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]]]
at org.apache.hive.service.auth.PlainSaslServer.evaluateResponse(PlainSaslServer.java:109)
at org.apache.thrift.transport.TSaslTransport S a s l P a r t i c i p a n t . e v a l u a t e C h a l l e n g e O r R e s p o n s e ( T S a s l T r a n s p o r t . j a v a : 539 ) a t o r g . a p a c h e . t h r i f t . t r a n s p o r t . T S a s l T r a n s p o r t . o p e n ( T S a s l T r a n s p o r t . j a v a : 283 ) a t o r g . a p a c h e . t h r i f t . t r a n s p o r t . T S a s l S e r v e r T r a n s p o r t . o p e n ( T S a s l S e r v e r T r a n s p o r t . j a v a : 41 ) a t o r g . a p a c h e . t h r i f t . t r a n s p o r t . T S a s l S e r v e r T r a n s p o r t SaslParticipant.evaluateChallengeOrResponse(TSaslTransport.java:539) at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:283) at org.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41) at org.apache.thrift.transport.TSaslServerTransport SaslParticipant.evaluateChallengeOrResponse(TSaslTransport.java:539)atorg.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:283)atorg.apache.thrift.transport.TSaslServerTransport.open(TSaslServerTransport.java:41)atorg.apache.thrift.transport.TSaslServerTransportFactory.getTransport(TSaslServerTransport.java:216)
at org.apache.thrift.server.TThreadPoolServer W o r k e r P r o c e s s . r u n ( T T h r e a d P o o l S e r v e r . j a v a : 268 ) a t j a v a . u t i l . c o n c u r r e n t . T h r e a d P o o l E x e c u t o r . r u n W o r k e r ( T h r e a d P o o l E x e c u t o r . j a v a : 1142 ) a t j a v a . u t i l . c o n c u r r e n t . T h r e a d P o o l E x e c u t o r WorkerProcess.run(TThreadPoolServer.java:268) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor WorkerProcess.run(TThreadPoolServer.java:268)atjava.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)atjava.util.concurrent.ThreadPoolExecutorWorker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.security.sasl.AuthenticationException: LDAP Authentication failed for user [Caused by javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]]
at org.apache.hive.service.auth.LdapAuthenticationProviderImpl.Authenticate(LdapAuthenticationProviderImpl.java:266)
at org.apache.hive.service.auth.PlainSaslHelper$PlainServerCallbackHandler.handle(PlainSaslHelper.java:106)
at org.apache.hive.service.auth.PlainSaslServer.evaluateResponse(PlainSaslServer.java:102)
… 8 more
Caused by: javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3077)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797)
at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.InitialContext.(InitialContext.java:216)
at javax.naming.directory.InitialDirContext.(InitialDirContext.java:101)
at org.apache.hive.service.auth.LdapAuthenticationProviderImpl.Authenticate(LdapAuthenticationProviderImpl.java:159)
… 10 more


dn: ou=hive,dc=bigdata,dc=ly
ou: hive
objectClass: top
objectClass: organizationalUnit
dn: cn=People,ou=hive,dc=bigdata,dc=ly
cn: People
objectClass: organizationalRole
dn: uid=fight,cn=People,ou=hive,dc=bigdata,dc=ly
objectClass: inetOrgPerson
uid: fight
sn: fight
cn: fight
userPassword: {SSHA}oFRigOdzHpq7laDh6E+OOqJQT36gubNF
dn: uid=biadmin,cn=People,ou=hive,dc=bigdata,dc=ly
objectClass: inetOrgPerson
uid: biadmin
sn: biadmin
cn: biadmin
userPassword: {SSHA}oFRigOdzHpq7laDh6E+OOqJQT36gubNF
dn: uid=train,cn=People,ou=hive,dc=bigdata,dc=ly
objectClass: inetOrgPerson
uid: train
sn: train
cn: train
userPassword: {SSHA}oFRigOdzHpq7laDh6E+OOqJQT36gubNF
dn: cn=System,ou=hive,dc=bigdata,dc=ly
cn: System
objectClass: organizationalRole
dn: uid=hive_read,cn=System,ou=hive,dc=bigdata,dc=ly
objectClass: inetOrgPerson
uid: hive_read
sn: hive_read
cn: hive_read
userPassword: {SSHA}oFRigOdzHpq7laDh6E+OOqJQT36gubNF
dn: uid=hive_write,cn=System,ou=hive,dc=bigdata,dc=ly
objectClass: inetOrgPerson
uid: hive_write
sn: hive_write
cn: hive_write
userPassword: {SSHA}oFRigOdzHpq7laDh6E+OOqJQT36gubNF


ldapadd -x -D "cn=admin,dc=bigdata,dc=ly" -w 1234 -f hive_user.ldif -H ldap://


dn: olcDatabase={2}mdb,cn=config
changetype: modify
add: olcAccess
olcAccess: to dn.subtree="ou=hive,dc=bigdata,dc=ly"by dn.base="uid=hive_read,cn=System,ou=hive,dc=bigdata,dc=ly" readby dn.base="uid=hive_write,cn=System,ou=hive,dc=bigdata,dc=ly" writeby dn.children="cn=People,ou=hive,dc=bigdata,dc=ly" readby * auth


ldapmodify -x -D "cn=config" -w 1234 -f hive_acl.ldif -H ldap://





nohup hive --service hiveserver2 &


!connect jdbc:hive2://
$HIVE_HOME/bin/beeline -u jdbc:hive2:// -n train -p 1234



本文发布于:2024-02-12 01:14:26,感谢您对本站的认可!
本文标签:openldap   hive


评论列表 (有 0 条评论)


编程频道|电子爱好者 - 技术资讯及电子产品介绍!