[
https://issues.apache.org/jira/browse/HIVE-10312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14512073#comment-14512073
]
Mubashir Kazia commented on HIVE-10312:
---------------------------------------
Thanks [~xuefuz].
[~leftylev] Do we need clarity on the language in the current documentation
that says QOP is supported only for Kerberos authentication? Do we consider
delegation token authentication in Kerberos enabled HS2/HMS as Kerberos
authentication or pure Kerberos service ticket based authentication as Kerberos
authentication?
> SASL.QOP in JDBC URL is ignored for Delegation token Authentication
> -------------------------------------------------------------------
>
> Key: HIVE-10312
> URL: https://issues.apache.org/jira/browse/HIVE-10312
> Project: Hive
> Issue Type: Bug
> Components: JDBC
> Affects Versions: 1.2.0
> Reporter: Mubashir Kazia
> Assignee: Mubashir Kazia
> Fix For: 1.2.0
>
> Attachments: HIVE-10312.1.patch, HIVE-10312.1.patch
>
>
> When HS2 is configured for QOP other than auth (auth-int or auth-conf),
> Kerberos client connection works fine when the JDBC URL specifies the
> matching QOP, however when this HS2 is accessed through Oozie (Delegation
> token / Digest authentication), connections fails because the JDBC driver
> ignores the SASL.QOP parameters in the JDBC URL. SASL.QOP setting should be
> valid for DIGEST Auth mech.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
