Hi Vinay Thanks for the quick answer. I am a bit puzzled by your proposal. For the time being, I have been succesful configuring Zeppelin without shiro by adding properties to the Spark interpreter directly.
Would it be possible to to the same with appropriate property settings for the jdbc setting? One colleague also suggested to go through normal user/password but pointing to a Knox URI instead of the normal hive one (+ some options) Cheers Guillaume On Tuesday, 16 August 2016, Vinay Shukla <[email protected]> wrote: > Guillaume, > > Can you try this? > > Enable Zeppelin authentication, via Shiro config and have Kerberos setup > for Zeppelin. Zeppelin JDBC interpreter should automatically add logged in > user's identity to the JDBC connection after this confg. > > > Note the settings below. > > Thanks, > Vinay > > > > ÃIdentity Propagation with JDBC (Hive) > 1.Enable Authentication via Shiro Config > –zeppelin.jdbc.auth.type = KERBEROS > –zeppelin.jdbc.principal = principal value > –zeppelin.jdbc.keytab.location = keytab location > •JDBC Interpreter will add end-user as > jdbc:hive2://HiveHost:10000/default;principal=hive/[email protected] > <javascript:;> > ;hive.server2.proxy.user=<$USER_NAME> > > On Tue, Aug 16, 2016 at 9:36 AM, Guillaume Alleon < > [email protected] <javascript:;>> wrote: > > > Hi > > > > I am a bit confused on the way to set up Zeppelin to use hive to access > my > > data on a kerberized cluster. > > I looked at the doc and there is no mention about Kerberos settings. The > > only place where I find some traces about that was in that pull request > > from June: https://issues.apache.org/jira/plugins/servlet/mobile# > > issue/ZEPPELIN-1146 > > > > Could someone confirm the properties that need to be set-up to configure > > the jdbc interpreter so that I can use hive on a kerberized cluster. > > > > Thanks > > Guillaume > > > > > > > > Sent from a small device > -- PGP KeyID: 2048R/EA31CFC9 subkeys.pgp.net
