How to use Hue with Hive and Impala configured with LDAP authentication and SSL

12 December 2014 in Administration / Querying - 2 minutes read

We previously showed in detail how to use SSL encryption with the Impala or Hive Editors. Here is now a step by step guide about how to use LDAP authentication instead of no authentication or Kerberos.

Note: this requires Hue 3.7 or CDH5.2

1.

HiveServer2 had SSL enabled so Hive Editor could not connect to HiveServer2. HiveServer2 logs showed SSL errors indicating that it received plaintext (good hint at the cause)

Solved by adding this to the Hue Safety Valve:

(validate was false since their certificates used wildcards and this caused other errors)

Note: If not using SSL, you will hit this bug: HUE-2484

2.

The same Hue behavior occurred after making the change, but now the HiveServer2 log showed authentication failure due to err=49

So, we added the following to the Hue Safety Valve:



[beeswax]

[[ssl]]

\## Path to Certificate Authority certificates.

cacerts=/etc/hue/cacerts.pem

\## Choose whether Hue should validate certificates received from the server.

validate=false

or



[impala]

[[ssl]]

\## SSL communication enabled for this server.

enabled=false

\## Path to Certificate Authority certificates.

cacerts=/etc/hue/cacerts.pem

\## Choose whether Hue should validate certificates received from the server.

validate=false

3.

Hue still showed the same behavior. HiveServer2 logs showed:



 is not allowed to impersonate bob

We solved this by adding the following to the HDFS > Service-Wide ->Advanced>Safety Valve for core-site.xml.





hadoop.proxyuser..hosts

*





hadoop.proxyuser..groups

*



4.

After this, the default database was displayed, but we could not do a show tables; or anything else. Beeline had the same behavior.

We did a grant for the group to which the user who was attempting the Hive actions and then that problem went away.

All queries were working and Hue is querying Hive/Impala and returning results!

 

As usual feel free to comment and send feedback on the hue-user list or @gethue!


comments powered by Disqus

More recent stories

25 December 2019
A more collaborating Datawarehousing Experience with SQL query sharing via links or gists
Read More
05 December 2019
Hue 4.6 and its improvements are out!
Read More
13 November 2019
Visually surfacing SQL information like Primary Keys, Foreign Keys, Views and Complex Types
Read More