[Michał Kabocik]

Hello,

Current configuration looks like that:

livy.conf:

livy.impersonation.enabled = true
livy.server.csrf_protection.enabled = true
livy.server.port = 8998
livy.server.session.timeout = 3600000
livy.server.auth.type = kerberos
livy.server.launch.kerberos.principal = livy/hostn...@domain.com
livy.server.launch.kerberos.keytab = /etc/security/keytabs/livy.service.keytab
livy.server.auth.kerberos.principal = HTTP/hostn...@domain.com
livy.server.auth.kerberos.keytab = /etc/security/keytabs/spnego.service.keytab
livy.server.access_control.enabled true
livy.server.access_control.users  livy,zeppelin
livy.superusers = zeppelin
livy.server.session.factory = yarn

livy interpreter on zeppelin:

livy.impersonation.enabled      true
livy.spark.master       yarn-client
livy.superusers zeppelin
zeppelin.interpreter.localRepo  
/usr/hdp/current/zeppelin-server/local-repo/2C42AQ9SU
zeppelin.livy.keytab    /etc/security/keytabs/zeppelin.service.keytab
zeppelin.livy.principal zeppelin/hostn...@domain.com
zeppelin.livy.url       http://hostname:8998

And when I try to execute:

%livy.spark
sc.textFile("hdfs:///user/my_user/file.txt")
file.take(1)

I get:
Error running rest call; nested exception is 
org.springframework.web.client.HttpClientErrorException: 401 User not 
authorised to use Livy.

When I look into zeppelin-interpterer-livy log file I see:

 - http-outgoing-1 >> "}, "proxyUser": "my_u...@domain.com"}"
 - http-outgoing-1 << "HTTP/1.1 401 User not authorised to use Livy.[\r][\n]"

my_u...@domain.com is my user from AD which I'm logged into Zeppelin.
What am I doing wrong?

I'll appreciate your help.
Michał