您好,登录后才能下订单哦!
本篇内容介绍了“java怎么访问配置kerberos”的有关知识,在实际案例的操作过程中,不少人都会遇到这样的困境,接下来就让小编带领大家学习一下如何处理这些情况吧!希望大家仔细阅读,能够学有所成!
1.准备
1.1 生成主体hive/hive的keytab文件到指定目录/var/keytab/hive.keytab
[root@fan102 ~]# kadmin.local -q "xst -k /var/keytab/hive.keytab hive/hive@HADOOP.COM"
1.2 查看keytab内容
[root@fan102 ~]# cd var/keytab
[root@fan102 keytab]# klist -e -k hive.keytab
Keytab name: FILE:hive.keytab
KVNO Principal
---- --------------------------------------------------------------------------
3 hive/hive@HADOOP.COM (aes128-cts-hmac-sha1-96)
3 hive/hive@HADOOP.COM (des3-cbc-sha1)
3 hive/hive@HADOOP.COM (arcfour-hmac)
3 hive/hive@HADOOP.COM (camellia256-cts-cmac)
3 hive/hive@HADOOP.COM (camellia128-cts-cmac)
3 hive/hive@HADOOP.COM (des-hmac-sha1)
3 hive/hive@HADOOP.COM (des-cbc-md5)
1.3 验证是否登录成功
[root@fan102 ~]# kinit -kt /var/keytab/hive.keytab hive/hive@HADOOP.COM
[root@fan102 ~]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: hive/hive@HADOOP.COM
Valid starting Expires Service principal
07/14/2020 14:08:26 07/15/2020 14:08:26 krbtgt/HADOOP.COM@HADOOP.COM
renew until 07/21/2020 14:08:26
1.4 将kerberos配置文件和keytab文件拷贝到Windows本地(我的路径是:D:\keytab)
[root@fan102 ~]# cat /etc/krb5.conf
[root@fan102 ~]# cat /var/keytab/hive.keytab
1.5 查看krb5.conf文件中realms下IP位置内容,如果是服务器名,则要替换成服务器的IP地址,原本是IP
地址无需修改
[realms]
HADOOP.COM = {
kdc = IP
admin_server = IP
}
2.java连接部分
2.1 依赖(我的版本是2.6)
<dependencies>
<!-- https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-common -->
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
<version>2.6.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.hive/hive-jdbc -->
<dependency>
<groupId>org.apache.hive</groupId>
<artifactId>hive-jdbc</artifactId>
<version>1.1.1</version>
</dependency>
</dependencies>
2.2 代码(IP处替换为自己IP)
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import java.sql.*;
public class KerberosTest {
private static String JDBC_DRIVER = "org.apache.hive.jdbc.HiveDriver";
private static String CONNECTION_URL =
"jdbc:hive2://IP:10000/;principal=hive/fan102@HADOOP.COM";
static {
try {
Class.forName(JDBC_DRIVER);
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
public static void main(String[] args) throws Exception {
Class.forName(JDBC_DRIVER);
//登录Kerberos账号
System.setProperty("java.security.krb5.conf", "D:\\keytab\\krb5.conf");
Configuration configuration = new Configuration();
configuration.set("hadoop.security.authentication", "Kerberos");
UserGroupInformation.setConfiguration(configuration);
UserGroupInformation.loginUserFromKeytab("hive/hive@HADOOP.COM",
"D:\\keytab\\hive.keytab");
Connection connection = null;
ResultSet rs = null;
PreparedStatement ps = null;
try {
connection = DriverManager.getConnection(CONNECTION_URL);
ps = connection.prepareStatement("show databases");
rs = ps.executeQuery();
ResultSetMetaData metaData = null;
while (rs.next()) {
metaData = rs.getMetaData();
System.err.println(rs.getString(1));
}
System.err.println(metaData.getColumnName(1));
} catch (Exception e) {
e.printStackTrace();
}
}
}
3 结果
3.1 java查询结果
3.2 Linux上,beeline验证结果
注:1.3 步骤操作无异常
[root@fan102 ~]# beeline -u "jdbc:hive2://fan102:10000/;principal=hive/fan102@HADOOP.COM"
> show databases;
“java怎么访问配置kerberos”的内容就介绍到这里了,感谢大家的阅读。如果想了解更多行业相关的知识可以关注亿速云网站,小编将为大家输出更多高质量的实用文章!
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。