[jira] [Commented] (NIFI-5714) Hive[3]ConnectionPool - Kerberos Authentication issue/misleading

Wed, 17 Oct 2018 10:13:25 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-5714?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16653884#comment-16653884
 ] 

ASF GitHub Bot commented on NIFI-5714:
--------------------------------------

Github user pvillard31 commented on the issue:

    https://github.com/apache/nifi/pull/3086
  
    The unit test is working fine locally on my side but does not work in 
Travis. I assume it could be because I've Kerberos related configs on my 
laptop. Didn't find any similar testing in other processors? Not sure how to 
address it (tried few things). What do you think? Just adding @Ignore on the 
test? =/


> Hive[3]ConnectionPool - Kerberos Authentication issue/misleading
> ----------------------------------------------------------------
>
>                 Key: NIFI-5714
>                 URL: https://issues.apache.org/jira/browse/NIFI-5714
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Extensions
>    Affects Versions: 1.1.0, 1.2.0, 1.1.1, 1.0.1, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 
> 1.7.0, 1.7.1
>            Reporter: Pierre Villard
>            Assignee: Pierre Villard
>            Priority: Major
>
> In {{HiveConnectionPool}} and {{Hive3ConnectionPool}}, in the {{@OnEnabled}} 
> method, we have:
> {code:java}
> log.info("Hive Security Enabled, logging in as principal {} with keytab {}", 
> new Object[] {resolvedPrincipal, resolvedKeytab});
> try {
>     ugi = hiveConfigurator.authenticate(hiveConfig, resolvedPrincipal, 
> resolvedKeytab);
> } catch (AuthenticationFailedException ae) {
>     log.error(ae.getMessage(), ae);
> }
> getLogger().info("Successfully logged in as principal {} with keytab {}", new 
> Object[] {resolvedPrincipal, resolvedKeytab});{code}
> Which causes two issues:
>  * we're logging the successful message even though the authentication failed
>  * the Hive connection is created using the NiFi user identity (this would 
> need to be confirmed but that's what I observed during a test - it could be 
> due to the environment though)
> In my opinion, an {{InitializationException}} should be thrown so that the 
> controller service is not enabled.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to