Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
0.7-incubating, 0.8-incubating
-
None
Description
In a kerberized environment, Atlas hook uses JAAS configuration section named "KakfaClient" to authenticate with Kafka broker. In a typical Hive deployment this configuration section is set to use the keytab and principal of HiveServer2 process. The hook running in HiveCLI might fail to authenticate with Kafka if the user can't read the configured keytab.
Given that HiveCLI users would have performed kinit, the hook in HiveCLI should use the ticket-cache generated by kinit. When ticket cache is not available (for example in HiveServer2), the hook should use the configuration provided in KafkaClient JAAS section.
Attachments
Attachments
Issue Links
- duplicates
-
AMBARI-19790 HiveCLI and AtlasHook do not work correctly
- Resolved
- links to