I have been unable to get proxyUsers to work with Livy.   I seem to have 
Kerberos configured correctly, as evidenced by the last beeline command.  When 
I start a livy session the server log will usually say something like: “owner: 
kylo, proxyUser: Some(dladmin)” so it seems the server should know what to do.  
 But no matter what I try I always get “org.apache.spark.sql.AnalysisException: 
Table not found”

# Ambari config

# Livy Configuration
livy.impersonation.enabled = true
livy.server.auth.type = kerberos
livy.server.launch.kerberos.principal = kylo/sandbox.kylo.io@KYLO
livy.server.launch.kerberos.keytab = /etc/security/keytabs/kylo.keytab
livy.server.auth.kerberos.principal = HTTP/sandbox.kylo.io@KYLO
livy.server.auth.kerberos.keytab = /etc/security/keytabs/spnego.service.keytab
livy.server.access_control.enabled = true
livy.server.access_control.users = kylo,dladmin
livy.server.access_control.modify-users = kylo
livy.superusers = kylo

# Curl connect
kinit -kt /etc/security/keytabs/kylo.keytab kylo/sandbox.kylo.io@KYLO
curl --negotiate -u : -s -X POST --data '{"kind": "spark", "proxyUser": 
"dladmin"}' -H "Content-Type: application/json" sandbox.kylo.io:8998/sessions
curl --negotiate -u : -s -X GET sandbox.kylo.io:8998/sessions
* NOTE: verify proxyUser="dladmin" in response.  it will be null if 
impersonation is not enabled

# submit this code to Livy:
sqlContext.sql("select * from default.d4").show()

# Response:
"code": "sqlContext.sql(\"select * from default.d4\").show()",
"id": 0,
"output": {
"ename": "Error",
"evalue": "org.apache.spark.sql.AnalysisException: Table not found: 

# Can "dladmin" see table data?
[root@sandbox more]# beeline -u 
Connecting to 
Connected to: Apache Hive (version 1.2.1000.
Driver: Hive JDBC (version 1.2.1000.
Beeline version 1.2.1000. by Apache Hive
0: jdbc:hive2://localhost:10000/> select * from default.d4;
| d4.d4 |
| d4 |
1 row selected (0.132 seconds)

Reply via email to