Error creating login context using ticket cache



Search

0) Install DBeaver

You can find installation instructions here

1) Download the latest drivers

You can find the latest drivers on the Cloudera website

2) Create a folder to store the drivers

3) Extract driver jars and move to the folder we made earlier

4) Create a New Driver in DBeaver

  1. Navigate to Database > Driver Manager > New
  2. Add all the files from

/.dbeaver-drivers/cloudera-hive/

  • Driver name: Hive-Cloudera (for labeling only)
  • Class name: com.cloudera.hive.jdbc41.HS2Driver (at the time of this writing)
  • Default port: 10000
  • URL template: jdbc:hive2://:/;AuthMech=1;KrbRealm=FOO.BAR;KrbHostFQDN=; KrbServiceName=hive;KrbAuthType=2
    • Note you need to change FOO.BAR to match your krb5.conf settings
  • 5) Create a New Connection

    1. In the menu bar Navigate to Database > New Connection
    2. Select Hive-Cloudera
    3. Fill in the appropriate values for host & database (I set database to default)
    4. Set server to be your KrbHostFQDN
    5. Leave your user name & password blank
    6. Test connection
    7. Press next, next, & change the name of this connection as you see fit
    8. Press finish

    Congrats you’ve successfully connected to hive using kerberos authentication!

    6) Troubleshooting

    If you are receiving [Cloudera][HiveJDBCDriver](500168) Error creating login context using ticket cache: Unable to obtain Principal Name for authentication make sure to check the following

    1. Ensure that you have the latest cryptography libraries installed
      • Java 9 includes these libraries by default
    2. That you’ve configured your /etc/krb5.conf successfully
      • If you’ve done this correctly you should be able to run kinit in terminal and create a ticket without issue

    Источник

    Error creating login context using ticket cache: Unable to obtain Principal Name for authentication . #4676

    Comments

    ngyebi commented Nov 23, 2018 •

    I added the ff to dbeaver.ini
    -Djavax.security.auth.useSubjectCredsOnly=false
    -Djava.security.krb5.conf=»/etc/krb5.conf»
    -Djava.security.auth.login.config=

    and created jaas.conf with the ff entries
    Client <
    com.sun.security.auth.module.Krb5LoginModule required
    useKeyTab=true
    doNotPrompt=true
    keyTab=»

    /myuser.keytab»
    debug=true
    useTicketCache=true
    renewTGT=true
    principal=»myuser@FOO.COM»;
    >;

    but still getting the following error:
    Caused by: com.cloudera.hiveserver2.support.exceptions.GeneralException: [Cloudera]HiveJDBCDriver Error creating login context using ticket cache: Unable to obtain Principal Name for authentication .
    . 10 more
    Caused by: javax.security.auth.login.LoginException: Unable to obtain Principal Name for authentication
    at com.sun.security.auth.module.Krb5LoginModule.promptForName(Krb5LoginModule.java:841)
    at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:704)
    at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:617)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
    at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
    at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
    at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
    at com.cloudera.hiveserver2.jdbc.kerberos.Kerberos.getSubjectViaTicketCache(Unknown Source)
    at com.cloudera.hiveserver2.hivecommon.api.HiveServer2ClientFactory.createTransport(Unknown Source)
    at com.cloudera.hiveserver2.hivecommon.api.ServiceDiscoveryFactory.createClient(Unknown Source)
    at com.cloudera.hiveserver2.hivecommon.core.HiveJDBCCommonConnection.establishConnection(Unknown Source)
    at com.cloudera.hiveserver2.jdbc.core.LoginTimeoutConnection.connect(Unknown Source)
    at com.cloudera.hiveserver2.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
    at com.cloudera.hiveserver2.jdbc.common.AbstractDriver.connect(Unknown Source)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$0(JDBCDataSource.java:147)
    at org.jkiss.dbeaver.utils.RuntimeUtils$MonitoringTask.run(RuntimeUtils.java:271)
    at org.jkiss.dbeaver.utils.RuntimeUtils$1.run(RuntimeUtils.java:217)
    at org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:95)
    at org.eclipse.core.internal.jobs.Worker.run(Worker.java:56)

    The text was updated successfully, but these errors were encountered:

    Источник

    Support Questions

    • Subscribe to RSS Feed
    • Mark Question as New
    • Mark Question as Read
    • Float this Question for Current User
    • Bookmark
    • Subscribe
    • Mute
    • Printer Friendly Page

    Created on ‎03-15-2020 09:04 PM — last edited on ‎03-18-2020 01:29 AM by VidyaSargur

    • Mark as New
    • Bookmark
    • Subscribe
    • Mute
    • Subscribe to RSS Feed
    • Permalink
    • Print
    • Report Inappropriate Content

    The authentication is based on Kerberos Authentication.

    Have get the kerberos ticket in Windows MIT, but receiving the error message as follow when tried to connection the Cloudera Hive with DBeaver:

    Mar 16 11:56:00.397 TRACE 33 com.cloudera.hive.jdbc.kerberos.Kerberos.getSubjectViaAccessControlContext(): +++++ enter +++++
    Mar 16 11:56:00.398 TRACE 33 com.cloudera.hive.jdbc.kerberos.Kerberos.getSubjectViaJAASConfig(): +++++ enter +++++
    Mar 16 11:56:00.399 ERROR 33 com.cloudera.hive.hivecommon.api.HiveServer2ClientFactory.createTransport: Kerberos subject retrieved via JAAS config
    Mar 16 11:56:00.920 ERROR 33 com.cloudera.hive.exceptions.ExceptionConverter.toSQLException: [Cloudera][HiveJDBCDriver](500164) Error initialized or created transport for authentication: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed.
    java.sql.SQLException: [Cloudera][HiveJDBCDriver](500164) Error initialized or created transport for authentication: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed.
    at com.cloudera.hive.hivecommon.api.HiveServer2ClientFactory.createTransport(Unknown Source)
    at com.cloudera.hive.hivecommon.api.ZooKeeperEnabledExtendedHS2Factory.createClient(Unknown Source)
    at com.cloudera.hive.hivecommon.core.HiveJDBCCommonConnection.connect(Unknown Source)
    at com.cloudera.hive.hive.core.HiveJDBCConnection.connect(Unknown Source)
    at com.cloudera.hive.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
    at com.cloudera.hive.jdbc.common.AbstractDriver.connect(Unknown Source)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$0(JDBCDataSource.java:157)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.openConnection(JDBCDataSource.java:174)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource.openConnection(GenericDataSource.java:124)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext.connect(JDBCExecutionContext.java:91)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance.initializeMainContext(JDBCRemoteInstance.java:86)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance. (JDBCRemoteInstance.java:52)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.initializeRemoteInstance(JDBCDataSource.java:109)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource. (GenericDataSource.java:106)
    at org.jkiss.dbeaver.ext.generic.model.meta.GenericMetaModel.createDataSourceImpl(GenericMetaModel.java:72)
    at org.jkiss.dbeaver.ext.generic.GenericDataSourceProvider.openDataSource(GenericDataSourceProvider.java:95)
    at org.jkiss.dbeaver.registry.DataSourceDescriptor.connect(DataSourceDescriptor.java:801)
    at org.jkiss.dbeaver.runtime.jobs.ConnectJob.run(ConnectJob.java:70)
    at org.jkiss.dbeaver.ui.dialogs.connection.ConnectionWizard$ConnectionTester.run(ConnectionWizard.java:247)
    at org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:103)
    Caused by: com.cloudera.hive.support.exceptions.GeneralException: [Cloudera][HiveJDBCDriver](500164) Error initialized or created transport for authentication: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed.
    . 20 more
    Caused by: java.lang.RuntimeException: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed
    at com.cloudera.hive.hivecommon.api.HiveServerPrivilegedAction.run(Unknown Source)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at java.base/javax.security.auth.Subject.doAs(Unknown Source)
    at com.cloudera.hive.hivecommon.api.HiveServer2ClientFactory.createTransport(Unknown Source)
    at com.cloudera.hive.hivecommon.api.ZooKeeperEnabledExtendedHS2Factory.createClient(Unknown Source)
    at com.cloudera.hive.hivecommon.core.HiveJDBCCommonConnection.connect(Unknown Source)
    at com.cloudera.hive.hive.core.HiveJDBCConnection.connect(Unknown Source)
    at com.cloudera.hive.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
    at com.cloudera.hive.jdbc.common.AbstractDriver.connect(Unknown Source)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$0(JDBCDataSource.java:157)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.openConnection(JDBCDataSource.java:174)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource.openConnection(GenericDataSource.java:124)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext.connect(JDBCExecutionContext.java:91)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance.initializeMainContext(JDBCRemoteInstance.java:86)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance. (JDBCRemoteInstance.java:52)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.initializeRemoteInstance(JDBCDataSource.java:109)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource. (GenericDataSource.java:106)
    at org.jkiss.dbeaver.ext.generic.model.meta.GenericMetaModel.createDataSourceImpl(GenericMetaModel.java:72)
    at org.jkiss.dbeaver.ext.generic.GenericDataSourceProvider.openDataSource(GenericDataSourceProvider.java:95)
    at org.jkiss.dbeaver.registry.DataSourceDescriptor.connect(DataSourceDescriptor.java:801)
    at org.jkiss.dbeaver.runtime.jobs.ConnectJob.run(ConnectJob.java:70)
    at org.jkiss.dbeaver.ui.dialogs.connection.ConnectionWizard$ConnectionTester.run(ConnectionWizard.java:247)
    at org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:103)
    at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63)
    Caused by: org.apache.thrift.transport.TTransportException: GSS initiate failed
    at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:221)
    at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:297)
    at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
    . 24 more

    Created ‎03-15-2020 09:13 PM

    • Mark as New
    • Bookmark
    • Subscribe
    • Mute
    • Subscribe to RSS Feed
    • Permalink
    • Print
    • Report Inappropriate Content

    Can you please share your JDBC connection string?

    Created on ‎03-16-2020 01:20 AM — last edited on ‎03-17-2020 04:12 PM by lwang

    • Mark as New
    • Bookmark
    • Subscribe
    • Mute
    • Subscribe to RSS Feed
    • Permalink
    • Print
    • Report Inappropriate Content

    Are you referring to the JDBC URL? If yes, below is the JDBC URL that i am using:

    jdbc:hive2://10.11.121.20:10001/default;AuthMech=1;principal= hive/domain@domain ;KrbHostFQDN=10.11.121.21;KrbServiceName=hive;KrbAuthType=2;LogLevel=6;LogPath=c:\ProgramData\MIT\Kerberos5\log.log

    and below is the error log during my latest testing:

    Источник

    Support Questions

    • Subscribe to RSS Feed
    • Mark Question as New
    • Mark Question as Read
    • Float this Question for Current User
    • Bookmark
    • Subscribe
    • Mute
    • Printer Friendly Page

    Created on ‎03-15-2020 09:04 PM — last edited on ‎03-18-2020 01:29 AM by VidyaSargur

    • Mark as New
    • Bookmark
    • Subscribe
    • Mute
    • Subscribe to RSS Feed
    • Permalink
    • Print
    • Report Inappropriate Content

    The authentication is based on Kerberos Authentication.

    Have get the kerberos ticket in Windows MIT, but receiving the error message as follow when tried to connection the Cloudera Hive with DBeaver:

    Mar 16 11:56:00.397 TRACE 33 com.cloudera.hive.jdbc.kerberos.Kerberos.getSubjectViaAccessControlContext(): +++++ enter +++++
    Mar 16 11:56:00.398 TRACE 33 com.cloudera.hive.jdbc.kerberos.Kerberos.getSubjectViaJAASConfig(): +++++ enter +++++
    Mar 16 11:56:00.399 ERROR 33 com.cloudera.hive.hivecommon.api.HiveServer2ClientFactory.createTransport: Kerberos subject retrieved via JAAS config
    Mar 16 11:56:00.920 ERROR 33 com.cloudera.hive.exceptions.ExceptionConverter.toSQLException: [Cloudera][HiveJDBCDriver](500164) Error initialized or created transport for authentication: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed.
    java.sql.SQLException: [Cloudera][HiveJDBCDriver](500164) Error initialized or created transport for authentication: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed.
    at com.cloudera.hive.hivecommon.api.HiveServer2ClientFactory.createTransport(Unknown Source)
    at com.cloudera.hive.hivecommon.api.ZooKeeperEnabledExtendedHS2Factory.createClient(Unknown Source)
    at com.cloudera.hive.hivecommon.core.HiveJDBCCommonConnection.connect(Unknown Source)
    at com.cloudera.hive.hive.core.HiveJDBCConnection.connect(Unknown Source)
    at com.cloudera.hive.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
    at com.cloudera.hive.jdbc.common.AbstractDriver.connect(Unknown Source)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$0(JDBCDataSource.java:157)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.openConnection(JDBCDataSource.java:174)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource.openConnection(GenericDataSource.java:124)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext.connect(JDBCExecutionContext.java:91)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance.initializeMainContext(JDBCRemoteInstance.java:86)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance. (JDBCRemoteInstance.java:52)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.initializeRemoteInstance(JDBCDataSource.java:109)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource. (GenericDataSource.java:106)
    at org.jkiss.dbeaver.ext.generic.model.meta.GenericMetaModel.createDataSourceImpl(GenericMetaModel.java:72)
    at org.jkiss.dbeaver.ext.generic.GenericDataSourceProvider.openDataSource(GenericDataSourceProvider.java:95)
    at org.jkiss.dbeaver.registry.DataSourceDescriptor.connect(DataSourceDescriptor.java:801)
    at org.jkiss.dbeaver.runtime.jobs.ConnectJob.run(ConnectJob.java:70)
    at org.jkiss.dbeaver.ui.dialogs.connection.ConnectionWizard$ConnectionTester.run(ConnectionWizard.java:247)
    at org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:103)
    Caused by: com.cloudera.hive.support.exceptions.GeneralException: [Cloudera][HiveJDBCDriver](500164) Error initialized or created transport for authentication: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed.
    . 20 more
    Caused by: java.lang.RuntimeException: [Cloudera][HiveJDBCDriver](500168) Unable to connect to server: GSS initiate failed
    at com.cloudera.hive.hivecommon.api.HiveServerPrivilegedAction.run(Unknown Source)
    at java.base/java.security.AccessController.doPrivileged(Native Method)
    at java.base/javax.security.auth.Subject.doAs(Unknown Source)
    at com.cloudera.hive.hivecommon.api.HiveServer2ClientFactory.createTransport(Unknown Source)
    at com.cloudera.hive.hivecommon.api.ZooKeeperEnabledExtendedHS2Factory.createClient(Unknown Source)
    at com.cloudera.hive.hivecommon.core.HiveJDBCCommonConnection.connect(Unknown Source)
    at com.cloudera.hive.hive.core.HiveJDBCConnection.connect(Unknown Source)
    at com.cloudera.hive.jdbc.common.BaseConnectionFactory.doConnect(Unknown Source)
    at com.cloudera.hive.jdbc.common.AbstractDriver.connect(Unknown Source)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.lambda$0(JDBCDataSource.java:157)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.openConnection(JDBCDataSource.java:174)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource.openConnection(GenericDataSource.java:124)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCExecutionContext.connect(JDBCExecutionContext.java:91)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance.initializeMainContext(JDBCRemoteInstance.java:86)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCRemoteInstance. (JDBCRemoteInstance.java:52)
    at org.jkiss.dbeaver.model.impl.jdbc.JDBCDataSource.initializeRemoteInstance(JDBCDataSource.java:109)
    at org.jkiss.dbeaver.ext.generic.model.GenericDataSource. (GenericDataSource.java:106)
    at org.jkiss.dbeaver.ext.generic.model.meta.GenericMetaModel.createDataSourceImpl(GenericMetaModel.java:72)
    at org.jkiss.dbeaver.ext.generic.GenericDataSourceProvider.openDataSource(GenericDataSourceProvider.java:95)
    at org.jkiss.dbeaver.registry.DataSourceDescriptor.connect(DataSourceDescriptor.java:801)
    at org.jkiss.dbeaver.runtime.jobs.ConnectJob.run(ConnectJob.java:70)
    at org.jkiss.dbeaver.ui.dialogs.connection.ConnectionWizard$ConnectionTester.run(ConnectionWizard.java:247)
    at org.jkiss.dbeaver.model.runtime.AbstractJob.run(AbstractJob.java:103)
    at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63)
    Caused by: org.apache.thrift.transport.TTransportException: GSS initiate failed
    at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:221)
    at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:297)
    at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
    . 24 more

    Created ‎03-15-2020 09:13 PM

    • Mark as New
    • Bookmark
    • Subscribe
    • Mute
    • Subscribe to RSS Feed
    • Permalink
    • Print
    • Report Inappropriate Content

    Can you please share your JDBC connection string?

    Created on ‎03-16-2020 01:20 AM — last edited on ‎03-17-2020 04:12 PM by lwang

    • Mark as New
    • Bookmark
    • Subscribe
    • Mute
    • Subscribe to RSS Feed
    • Permalink
    • Print
    • Report Inappropriate Content

    Are you referring to the JDBC URL? If yes, below is the JDBC URL that i am using:

    jdbc:hive2://10.11.121.20:10001/default;AuthMech=1;principal= hive/domain@domain ;KrbHostFQDN=10.11.121.21;KrbServiceName=hive;KrbAuthType=2;LogLevel=6;LogPath=c:\ProgramData\MIT\Kerberos5\log.log

    and below is the error log during my latest testing:

    Источник

    Читайте также:  Task sequence has failed with the error code 0x80070490
    Оцените статью
    toolgir.ru
    Adblock
    detector