[jira] [Created] (HIVE-22152) LDAP authentication failed when using username with @, example toto@mycompany.com

Jira Wed, 28 Aug 2019 00:58:10 -0700

Frédéric Guiet created HIVE-22152:
-------------------------------------

             Summary: LDAP authentication failed when using username with @, 
example t...@mycompany.com
                 Key: HIVE-22152
                 URL: https://issues.apache.org/jira/browse/HIVE-22152
             Project: Hive
          Issue Type: Bug
          Components: Authentication
    Affects Versions: 1.2.1
         Environment: Hortonworkworks Data Platform 2.6.4


 

beeline --version
Hive 1.2.1000.2.6.4.0-91
Subversion 
git://ctr-e134-1499953498516-209689-01-000004.hwx.site/grid/0/jenkins/workspace/HDP-parallel-centos7/SOURCES/hive
 -r 87f2bc04724e559819902a574e78b2beeaf9f541
Compiled by jenkins on Thu Jan 4 10:47:01 UTC 2018
>From source with checksum 73af1d20b2f8a15f36ac132297e70386
            Reporter: Frédéric Guiet


Hi,

I activated the LDAP authentication on Hive. I am using Hive 1.2.1 with 
Hortonworks Data Platform 2.6.4

Hive 1.2.1000.2.6.4.0-91
Subversion 
git://ctr-e134-1499953498516-209689-01-000004.hwx.site/grid/0/jenkins/workspace/HDP-parallel-centos7/SOURCES/hive
 -r 87f2bc04724e559819902a574e78b2beeaf9f541
Compiled by jenkins on Thu Jan 4 10:47:01 UTC 2018
>From source with checksum 73af1d20b2f8a15f36ac132297e70386

 

I have created a user on my ldap called: _f.guiet_

The LDAP DN is : _uid=f.guiet,ou=Agents 
XXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr_

 

Everything is working great, I can use beeline with the following command. The 
connection is OK.

_beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n f.guiet -p 
xxxx_

 

Here is the LDAP trace on the LDAP server when I am connecting:

Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 fd=32 TLS established 
tls_ssf=256 ssf=256

Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=0 BIND 
dn="uid=f.guiet,ou=Agents XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" 
method=128

Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=0 BIND 
dn="uid=f.guiet,ou=Agents XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" 
mech=SIMPLE ssf=0

Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=0 RESULT tag=97 err=0 text=

Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=1 SRCH base="ou=Agents 
XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" scope=2 deref=3 
filter="(uid=f.guiet)"

 

I have created another user on my ldap called : 
[f.gu...@xxxx.fr|mailto:f.gu...@xxxx.fr]

But when I launched the following beeline command:

_beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n 
f.gu...@xxxx.fr -p xxxx_

 

Here is the LDAP trace:

Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 fd=32 ACCEPT from 
IP=192.168.7.50:51814 (IP=0.0.0.0:636)

Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 fd=32 TLS established 
tls_ssf=256 ssf=256

*Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 op=0 do_bind: invalid dn 
([f.gu...@xxxx.fr|mailto:f.gu...@brgm.fr])*

Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 op=0 RESULT tag=97 err=34 
text=invalid DN

Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 fd=32 closed (connection lost)

 

As you can see, the DN is not valid...

The valid DN should be:

uid=f.gu...@xxxx.fr,ou=Agents 
XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr

 

I tried a lot of things....like:

_beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n 
f.guiet\@xxxx.fr -p xxxx_

_beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n 
"f.gu...@xxxx.fr" -p xxxx_

_beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n 
'f.gu...@xxxx.fr' -p xxxx_

 

The problem is linked with the @ character....

Can you tell me how can I use a username with a @ to connect to hive with 
beeline?

Thank you very much!

Fred

 



--
This message was sent by Atlassian Jira
(v8.3.2#803003)

[jira] [Created] (HIVE-22152) LDAP authentication failed when using username with @, example toto@mycompany.com

Reply via email to