[
https://issues.apache.org/jira/browse/HIVE-6182?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13872791#comment-13872791
]
Szehon Ho commented on HIVE-6182:
---------------------------------
[~xuefuz] can this be committed when you have the cycles? Thanks!
> LDAP Authentication errors need to be more informative
> ------------------------------------------------------
>
> Key: HIVE-6182
> URL: https://issues.apache.org/jira/browse/HIVE-6182
> Project: Hive
> Issue Type: Improvement
> Components: Authentication
> Affects Versions: 0.13.0
> Reporter: Szehon Ho
> Assignee: Szehon Ho
> Attachments: HIVE-6182.patch
>
>
> There are a host of errors that can happen when logging into an LDAP-enabled
> Hive-server2 from beeline. But for any error there is only a generic log
> message:
> {code}
> SASL negotiation failure
> javax.security.sasl.SaslException: PLAIN auth failed: Error validating LDAP
> user
> at
> org.apache.hadoop.security.SaslPlainServer.evaluateResponse(SaslPlainServer.java:108)
> at
> org.apache.thrift.transport.TSaslTransport$SaslParticipant.evaluateChallengeOrRespons
> {code}
> And on Beeline side there is only an even more unhelpful message:
> {code}
> Error: Invalid URL: jdbc:hive2://localhost:10000/default (state=08S01,code=0)
> {code}
> It would be good to print out the underlying error message at least in the
> log, if not beeline. But today they are swallowed. This is bad because the
> underlying message is the most important, having the error codes as shown
> here : [LDAP error
> code|https://wiki.servicenow.com/index.php?title=LDAP_Error_Codes]
> The beeline seems to throw that exception for any error during connection,
> authetication or otherwise.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
