Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.2.0
-
None
-
None
Description
Configure openLDAP server with following configurations(enable ldap, ldap URI, baseDN, userDNPattern, groupDNPattern and groupFilter). If the specified groupFilter case is different than the actual one in directory than Hive cannot find a match and errors out.
Provided groupFilter value <groupTest>
Actual group name in directory server - grouptest.
Similar search works by using ldapsearch (ldap searches are case insensitive).
Error message snippet -
avax.security.sasl.AuthenticationException: Authentication failed: User not a member of listed groups]
at org.apache.hive.service.auth.PlainSaslServer.evaluateResponse(PlainSaslServer.java:109)