The Hortonworks Community Connection is now live. A completely rebuilt Q&A forum, Knowledge Base, Code Hub and more, backed by the experts in the industry.

You will be redirected here in 10 seconds. If your are not redirected, click here to visit the new site.

The legacy Hortonworks Forum is now closed. You can view a read-only version of the former site by clicking here. The site will be taken offline on January 31,2016

Security Forum

HDP Advanced Security – hive connector

  • #57600
    Krzysztof Adamski

    I am struggling to make advanced security work with hive. I wonder if there is a mistake in the documentation.
    Point Configure Hive

    Property name: change from to

    Looks exactly the same. Which authorization provider should be chosen here?

  • Author
  • #57658
    Don Bosco Durai

    Apologize for the typo. We will fix the document.

    Here is the value you need to use:


    If you copy/pasting values from the PDF document, then make sure you there are no spaces between word (e.g. with a class path)

    Krzysztof Adamski

    Thanks. The agent is now connected.
    However I get an error when starting hive. Any ideas?

    [EL Warning]: metadata: 2014-07-23 11:44:09.354–ServerSession(2076218862)–Class [com.xasecure.audit.entity.XXBaseAuditEvent] specifies discriminatorType=INTEGER and uses [XXBaseAuditEvent] as the discriminatorValue. That value cannot be converted to an integer. We will attempt to use this value in String format.
    FAILED: RuntimeException org.apache.hadoop.hive.ql.metadata.HiveException: java.lang.ClassCastException: com.xasecure.authorization.hive.authorizer.XaSecureAuthorizer cannot be cast to

    Don Bosco Durai

    Can you check your hive.server2.custom.authentication.class property in Ambari? It should be com.xasecure.authentication.hive.LoginNameAuthenticator

    Krzysztof Adamski

    Yes. The value for this property is set as expected.
    Nevertheless we are now struggling making kerberos work and since it is really difficult for a beginner to debug this Advanced Security (connection problem error, any details?) we will go rather with standard ACLs in HDFS and roles in hive.

    We will get back to this tool in future.

    Logging initialized using configuration in file:/etc/hive/conf.dist/
    hive> show databases;
    [EL Warning]: metadata: 2014-07-31 07:16:02.298–ServerSession(256152745)–Class [com.xasecure.audit.entity.XXBaseAuditEvent] specifies discriminatorType=INTEGER and uses [XXBaseAuditEvent] as the discriminatorValue. That value cannot be converted to an integer. We will attempt to use this value in String format.
    Time taken: 3.391 seconds, Fetched: 1 row(s)

The forum ‘Security’ is closed to new topics and replies.

Support from the Experts

A HDP Support Subscription connects you experts with deep experience running Apache Hadoop in production, at-scale on the most demanding workloads.

Enterprise Support »

Become HDP Certified

Real world training designed by the core architects of Hadoop. Scenario-based training courses are available in-classroom or online from anywhere in the world

Training »

Hortonworks Data Platform
The Hortonworks Data Platform is a 100% open source distribution of Apache Hadoop that is truly enterprise grade having been built, tested and hardened with enterprise rigor.
Get started with Sandbox
Hortonworks Sandbox is a self-contained virtual machine with Apache Hadoop pre-configured alongside a set of hands-on, step-by-step Hadoop tutorials.
Modern Data Architecture
Tackle the challenges of big data. Hadoop integrates with existing EDW, RDBMS and MPP systems to deliver lower cost, higher capacity infrastructure.