Szehon Ho created HIVE-6182: ------------------------------- Summary: LDAP Authentication errors need to be more informative Key: HIVE-6182 URL: https://issues.apache.org/jira/browse/HIVE-6182 Project: Hive Issue Type: Improvement Components: Authentication Affects Versions: 0.13.0 Reporter: Szehon Ho Assignee: Szehon Ho
There are a host of errors that can happen when logging into an LDAP-enabled Hive-server2 from beeline. But for any error there is only a generic log message: {code} SASL negotiation failure javax.security.sasl.SaslException: PLAIN auth failed: Error validating LDAP user at org.apache.hadoop.security.SaslPlainServer.evaluateResponse(SaslPlainServer.java:108) at org.apache.thrift.transport.TSaslTransport$SaslParticipant.evaluateChallengeOrRespons {code} And on Beeline side there is only an even more unhelpful message: {code} Error: Invalid URL: jdbc:hive2://localhost:10000/default (state=08S01,code=0) {code} It would be good to print out the underlying error message at least in the log, if not beeline. But today they are swallowed. This is bad because the underlying message is the most important, having the error codes as shown here : [LDAP error code|https://wiki.servicenow.com/index.php?title=LDAP_Error_Codes] The beeline seems to throw that exception for any error during connection, authetication or otherwise. -- This message was sent by Atlassian JIRA (v6.1.5#6160)