diff --git a/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java b/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java index 02b9db9e99..bdf6979058 100644 --- a/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java +++ b/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java @@ -39,6 +39,7 @@ import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.security.authentication.client.PseudoAuthenticator; import org.apache.hadoop.security.authentication.server.PseudoAuthenticationHandler; +import org.apache.hadoop.security.SecurityUtil; import org.apache.hadoop.util.GenericOptionsParser; import org.eclipse.jetty.rewrite.handler.RedirectPatternRule; import org.eclipse.jetty.rewrite.handler.RewriteHandler; @@ -176,7 +177,8 @@ public Server runServer(int port) //Authenticate using keytab if (UserGroupInformation.isSecurityEnabled()) { - UserGroupInformation.loginUserFromKeytab(conf.kerberosPrincipal(), + String serverPrincipal = SecurityUtil.getServerPrincipal(conf.kerberosPrincipal(), "0.0.0.0"); + UserGroupInformation.loginUserFromKeytab(serverPrincipal, conf.kerberosKeytab()); } @@ -260,8 +262,9 @@ public FilterHolder makeAuthFilter() { authFilter.setInitParameter("dfs.web.authentication.signature.secret", conf.kerberosSecret()); //https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2/src/packages/templates/conf/hdfs-site.xml + String serverPrincipal = SecurityUtil.getServerPrincipal(conf.kerberosPrincipal(), "0.0.0.0"); authFilter.setInitParameter("dfs.web.authentication.kerberos.principal", - conf.kerberosPrincipal()); + serverPrincipal); //http://https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2/src/packages/templates/conf/hdfs-site.xml authFilter.setInitParameter("dfs.web.authentication.kerberos.keytab", conf.kerberosKeytab());