[ https://issues.apache.org/jira/browse/HIVE-22152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16917728#comment-16917728 ]
Laszlo Pinter commented on HIVE-22152: -------------------------------------- [~fguiet] you could try changing the jdbc url to contain the credentials as well. Something like this: beeline -u "jdbc:hive2://srv210.xxxx.fr:100000?tez.queue.name=DEV;user=_f.gu...@xxxx.fr;password=xxxx"_ > LDAP authentication failed when using username with @, example > t...@mycompany.com > --------------------------------------------------------------------------------- > > Key: HIVE-22152 > URL: https://issues.apache.org/jira/browse/HIVE-22152 > Project: Hive > Issue Type: Bug > Components: Authentication > Affects Versions: 1.2.1 > Environment: Hortonworkworks Data Platform 2.6.4 > > beeline --version > Hive 1.2.1000.2.6.4.0-91 > Subversion > git://ctr-e134-1499953498516-209689-01-000004.hwx.site/grid/0/jenkins/workspace/HDP-parallel-centos7/SOURCES/hive > -r 87f2bc04724e559819902a574e78b2beeaf9f541 > Compiled by jenkins on Thu Jan 4 10:47:01 UTC 2018 > From source with checksum 73af1d20b2f8a15f36ac132297e70386 > Reporter: Frédéric Guiet > Priority: Major > > Hi, > I activated the LDAP authentication on Hive. I am using Hive 1.2.1 with > Hortonworks Data Platform 2.6.4 > Hive 1.2.1000.2.6.4.0-91 > Subversion > git://ctr-e134-1499953498516-209689-01-000004.hwx.site/grid/0/jenkins/workspace/HDP-parallel-centos7/SOURCES/hive > -r 87f2bc04724e559819902a574e78b2beeaf9f541 > Compiled by jenkins on Thu Jan 4 10:47:01 UTC 2018 > From source with checksum 73af1d20b2f8a15f36ac132297e70386 > > I have created a user on my ldap called: _f.guiet_ > The LDAP DN is : _uid=f.guiet,ou=Agents > XXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr_ > > Everything is working great, I can use beeline with the following command. > The connection is OK. > _beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n f.guiet > -p xxxx_ > > Here is the LDAP trace on the LDAP server when I am connecting: > Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 fd=32 TLS established > tls_ssf=256 ssf=256 > Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=0 BIND > dn="uid=f.guiet,ou=Agents > XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" method=128 > Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=0 BIND > dn="uid=f.guiet,ou=Agents > XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" mech=SIMPLE ssf=0 > Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=0 RESULT tag=97 err=0 text= > Aug 27 14:26:09 vmrh90 slapd[13999]: conn=1352 op=1 SRCH base="ou=Agents > XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" scope=2 deref=3 > filter="(uid=f.guiet)" > > I have created another user on my ldap called : > [f.gu...@xxxx.fr|mailto:f.gu...@xxxx.fr] > But when I launched the following beeline command: > _beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n > f.gu...@xxxx.fr -p xxxx_ > > Here is the LDAP trace: > Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 fd=32 ACCEPT from > IP=192.168.7.50:51814 (IP=0.0.0.0:636) > Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 fd=32 TLS established > tls_ssf=256 ssf=256 > *Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 op=0 do_bind: invalid dn > ([f.gu...@xxxx.fr|mailto:f.gu...@brgm.fr])* > Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 op=0 RESULT tag=97 err=34 > text=invalid DN > Aug 27 14:27:58 vmrh90 slapd[13999]: conn=1356 fd=32 closed (connection lost) > > As you can see, the DN is not valid... > The valid DN should be: > uid=f.gu...@xxxx.fr,ou=Agents > XXXX,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr > > I tried a lot of things....like: > _beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n > f.guiet\@xxxx.fr -p xxxx_ > _beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n > "f.gu...@xxxx.fr" -p xxxx_ > _beeline -u jdbc:hive2://srv210.xxxx.fr:10000?tez.queue.name=DEV -n > 'f.gu...@xxxx.fr' -p xxxx_ > > The problem is linked with the @ character.... > Can you tell me how can I use a username with a @ to connect to hive with > beeline? > Thank you very much! > Fred > -- This message was sent by Atlassian Jira (v8.3.2#803003)