Hello,
I'am using apache Drill 1.14 on a kerberized Cloudera cluster (CDH 5.14). When I activate kerberos authentification, drill server refuse to start with error: org.apache.drill.exec.exception.DrillbitStartupException: Authentication is enabled for WebServer but none of the security mechanism was configured properly. Please verify the configurations and try again. I can see in the logs that the kerberos authentification is ok: [main] INFO o.a.d.exec.server.BootStrapContext - Process user name: 'root' and logged in successfully as 'tata/xx.yy...@xx.yy?' Can you help me please? Based on the Apache Drill documentation, there is my conf/drill-override.conf: drill.exec: { cluster-id: "drillbits1", zk.connect: "xx.yy.zz:2181", service_name: "service1", impersonation: { enabled: true, max_chained_user_hops: 3 }, security: { user.auth.enabled:true, auth.mechanisms:["KERBEROS"], auth.principal:"tata/xx.yy...@xx.yy", auth.keytab:"keytab1.keytab", drill.exec.security.auth.auth_to_local:hive, auth.realm: "XX.YY", user.encryption.sasl.enabled: true, user.encryption.sasl.max_wrapped_size: 65536 }, security.user.encryption.ssl: { enabled: true, keyPassword: "XXXXX", handshakeTimeout: 10000, provider: "JDK" }, ssl: { keyStorePath: "XXXXX", keyStorePassword: "XXXXX", trustStorePath: "XXXXX", trustStorePassword: "XXXXX" }, http: { enabled: true, auth.enabled: false, auth.mechanisms: ["KERBEROS"], ssl_enabled: true, port: 8047 session_max_idle_secs: 3600, # Default value 1hr cors: { enabled: false, allowedOrigins: ["null"], allowedMethods: ["GET", "POST", "HEAD", "OPTIONS"], allowedHeaders: ["X-Requested-With", "Content-Type", "Accept", "Origin"], credentials: true } } } Thank you