Ok sorted it out :(
In hive-site.xml need to set the parameter hive.server2.enable.doAs to false <property> <name>hive.server2.enable.doAs</name> <value>FALSE</value> <description> Setting this property to true will have HiveServer2 execute Hive operations as the user making the calls to it. </description> </property> And then restart hive server2 and connect with beeline Connecting to jdbc:hive2://rhes564:10010/default Connected to: Apache Hive (version 2.0.0) Driver: Hive JDBC (version 2.0.0) 16/02/22 17:30:22 [main]: WARN jdbc.HiveConnection: Request to set autoCommit to false; Hive does not support autoCommit=false. Transaction isolation: TRANSACTION_REPEATABLE_READ Running init script /home/hduser/dba/bin/hive_on_spark_init.hql 0: jdbc:hive2://rhes564:10010/default> No rows affected (0.126 seconds) 0: jdbc:hive2://rhes564:10010/default> No rows affected (0.004 seconds) 0: jdbc:hive2://rhes564:10010/default> No rows affected (0.003 seconds) 0: jdbc:hive2://rhes564:10010/default> No rows affected (0.002 seconds) 0: jdbc:hive2://rhes564:10010/default> 0: jdbc:hive2://rhes564:10010/default> 0: jdbc:hive2://rhes564:10010/default> Beeline version 2.0.0 by Apache Hive 0: jdbc:hive2://rhes564:10010/default> On 22/02/2016 16:56, Mich Talebzadeh wrote: > Hi, > > Just upgraded from Hive 1.2.1 to Hive 2. Hive connection works OK and Hive > server started OK as well. > > When I use beeline command below it used to work in Hive 1.2.1 However, now I > get this error message: > > BEELINE -U JDBC:HIVE2://RHES564:10010/DEFAULT ORG.APACHE.HIVE.JDBC.HIVEDRIVER > -N HDUSER -P XXXX > > Error: Failed to open new session: java.lang.RuntimeException: > org.apache.hadoop.ipc.RemoteException(org.apache.hadoop.security.authorize.AuthorizationException): > User: hduser is not allowed to impersonate hduser (state=,code=0) > Beeline version 2.0.0 by Apache Hive > > I have these in hive-site.xml > > <property> > <name>hive.metastore.sasl.enabled</name> > <value>false</value> > <description>If true, the metastore Thrift interface will be secured with > SASL. Clients must authenticate with Kerberos.</description> > </property> > > <property> > <name>hive.server2.authentication</name> > <value>NONE</value> > <description> > Expects one of [nosasl, none, ldap, kerberos, pam, custom]. > Client authentication types. > NONE: no authentication check > LDAP: LDAP/AD based authentication > KERBEROS: Kerberos/GSSAPI authentication > CUSTOM: Custom authentication provider > (Use with property hive.server2.custom.authentication.class) > PAM: Pluggable authentication module > NOSASL: Raw transport > </description> > </property> > > Any ideas what has changed? > > Thanks > > -- > > Dr Mich Talebzadeh > > LinkedIn > https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw > > http://talebzadehmich.wordpress.com > > NOTE: The information in this email is proprietary and confidential. This > message is for the designated recipient only, if you are not the intended > recipient, you should destroy it immediately. Any information in this message > shall not be understood as given or endorsed by Cloud Technology Partners > Ltd, its subsidiaries or their employees, unless expressly so stated. It is > the responsibility of the recipient to ensure that this email is virus free, > therefore neither Cloud Technology partners Ltd, its subsidiaries nor their > employees accept any responsibility. -- Dr Mich Talebzadeh LinkedIn https://www.linkedin.com/profile/view?id=AAEAAAAWh2gBxianrbJd6zP6AcPCCdOABUrV8Pw http://talebzadehmich.wordpress.com NOTE: The information in this email is proprietary and confidential. This message is for the designated recipient only, if you are not the intended recipient, you should destroy it immediately. Any information in this message shall not be understood as given or endorsed by Cloud Technology Partners Ltd, its subsidiaries or their employees, unless expressly so stated. It is the responsibility of the recipient to ensure that this email is virus free, therefore neither Cloud Technology partners Ltd, its subsidiaries nor their employees accept any responsibility.
