"GSSException: No valid credentials provided" Error When Connecting to the BDA from R After Adding Kerberos Using JDBC Hive or Impala Drivers from Client
(Doc ID 2057381.1)
Last updated on AUGUST 03, 2021
Applies to:
Big Data Appliance Integrated Software - Version 4.2.0 and laterLinux x86-64
Symptoms
Having connection issues using the jdbc driver for Hive or Impala from R code after enabling Kerberos. Prior to enabling Kerberos it was possible to connect and run queries against the BDA hiveserver2 via this connection string of R code:
That no longer works since enabling Kerberos.
When trying with the following connection string an error like below is observed:
Observe an error like this:
javax.security.sasl.SaslException: GSS initiate failed [Caused by GSSException: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt)]
...
Checking the encryption types as a user that can kinit with the command below shows a different type than on the BDA:
Example: this shows the encryption on the client:
Compared to the BDA which would show something more like:
...
Etype (skey, tkt): aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
...
Checking security policies may show older policies on the client.
# ls -ltr
Check the following policy files under /usr/java/default/jre/lib/security and compare to the BDA cluster nodes for date/size:
US_export_policy.jar
local_policy.jar
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |