Accessing from JDBC to Kerberized Hive

Normally, JDBC connection URL with username and password pairs which are use for accessing database would be enough. But, Kerberized Hive accessing defines some limitations.

AuthMech which is using as parameter on connection URL defines 5 different connection types.

  • 0 for No Authentication.
  • 1 for Kerberos.
  • 2 for User Name.
  • 3 for User Name And Password.
  • 6 for Hadoop Delegation Token.

Due to driver communicates with Hive server through SSL-enabled socket, ssl property will be used as true.

The full path of the Java TrustStore containing the server certificate for one-way SSL authentication. If jssecacerts exists, it is used. But, not, cacerts is used.

public static final String CONNECTION_STRING = "jdbc:hive2://hive-server:10000/";
public static final String SECURED = "ssl=true;AuthMech=3;SSLTrustStore=/usr/java/java_version/jre/lib/security/jssecacerts";

Username and password pair which can access to AD is used on DriverManager class’s getConnection method.

 Connection connection = DriverManager.getConnection(CONNECTION_STRING
                    + databaseName + ";" + SECURED, USER, PASSWORD);
Statement statement = connection.createStatement();