[ https://issues.apache.org/jira/browse/HIVE-13590?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chaoyu Tang updated HIVE-13590: ------------------------------- Attachment: HIVE-13590.patch [~szehon], [~spena] could you help review the patch? Thanks. > Kerberized HS2 with LDAP auth enabled fails in multi-domain LDAP case > --------------------------------------------------------------------- > > Key: HIVE-13590 > URL: https://issues.apache.org/jira/browse/HIVE-13590 > Project: Hive > Issue Type: Bug > Components: Authentication, Security > Reporter: Chaoyu Tang > Assignee: Chaoyu Tang > Attachments: HIVE-13590.patch > > > In a kerberized HS2 with LDAP authentication enabled, LDAP user usually logs > in using username in form of username@domain in LDAP multi-domain case. But > it fails if the domain was not in the Hadoop auth_to_local mapping rule, the > error is as following: > {code} > Caused by: > org.apache.hadoop.security.authentication.util.KerberosName$NoMatchingRule: > No rules applied to ct...@mydomain.com > at > org.apache.hadoop.security.authentication.util.KerberosName.getShortName(KerberosName.java:389) > at org.apache.hadoop.security.User.<init>(User.java:48) > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)