Cloudera Docs » 2.5.0 » Apache Zeppelin Component Guide
Apache Zeppelin Component Guide
Also available as:
PDF

Configuring User Impersonation for Access to Hive

For clusters with Kerberos enabled: if you want Hive queries to run under the user ID associated with the Zeppelin session, enable user impersonation for the %jdbc(hive) interpreter.

  1. Enable authentication via the Shiro configuration.

    In the Zeppelin UI, navigate to the JDBC interpreter section of the Interpreter page, and then specifying authorization type, keytab, and principal:

    1. Set zeppelin.jdbc.auth.type to KERBEROS.

    2. Set zeppelin.jdbc.principal to the value of the principal.

    3. Set zeppelin.jdbc.keytab.location to the keytab location.

  2. The JDBC interpreter automatically adds the end user as proxy user and sends the string to HiveServer2; for example:

    jdbc:hive2://HiveHost:10000/default;principal=hive/_HOST@HOST1.COM;hive.server2.proxy.user=testuser
© 2012–2021 by Cloudera, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Cloudera.com | Documentation | Support | Community