How to login kerberos in Hive Connector

Hi, I want to connect Hive using Kerberos. How to login the kerberos?
Whern im using in Preference >> Kerberos >> Login always status : no supported default etypes for default_tkt_encytpes.

Also when I setting the Hive connector and I use kerberos have error like this
ERROR Hive Connector 3:469 Execute failed: LoginException: Not logged into Kerberos. Please login first.

And when use username & password has eror
ERROR Hive Connector 3:469 Execute failed: Could not open client transport with JDBC Uri: jdbc:hive2://cdpgatewaylnswdc:10000/default;principal=hive/cdpgatewaylnswdc@LNSWCDP.ID;sslTrustStore=/Users/galihbahtera/Documents/Document/cm-auto-global_truststore.jks;ssl=true: GSS initiate failed

Hi @galihbahtera,

You can find more information and how to access the Kerberos debug logs here: Kerberos User Guide

no supported default etypes for default_tkt_encytpes

This depends on your setup and supported encryption types. What KNIME version are you using and what Kerberos Server?

Cheers,
Sascha

1 Like

Hi @sascha.wolke

I setting my Kerberos like the user guide.
Im using Knime 4.7.3 and Im using Microsoft AD

Hi @galihbahtera,

There is View debug link at the bottom of your screenshot that might contain more details about the problem. You might switch the debug logging from INFO to DEBUG, restart KNIME and repeat the steps to produce some debug logs.

Cheers,
Sascha

Hi @sascha.wolke

Here the debug log,

Hi @galihbahtera,

Your Microsoft AD and KNIME/Java have to find some encryption type that boot support. Java e.g. does not support RC-4 anymore, as it is considered less secure. KNIME 4.7 uses Java 17.

Can you ask your Microsoft AD administrator about this?

Some more background:

Possible related thread: connect HDFS WITH KERBEROS

Cheers,
Sascha

Hi @sascha.wolke

Do you have any encrytiption recommendation that I can use?

Hi @galihbahtera,

The linked troubleshooting guide from Microsoft might have some recommendations (see the link above).

Cheers,
Sascha

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.