I have a hive connection via JDBC in RStudio without problems, I create Kerberos ticket in Tools < Shell: kinit
and all working fine, I can use Kerberos TGT.
But if I make the same method via shell/ssh and loading R in terminal (Not RStudio), R can't use Kerberos TGT File and fails.
How can i use the Kerberos ticket?
> [user@server ~]$: kinit
>
> Password for user@domain: --i put the password--
>
> [user@server ~]$: R
>
> -- R load --
>
> \> source('samecode.r')
>
> Error Caused by: java.sql.SQLException: Could not create secure connection to jdbc:hive2:....etc
Any idea? This error happens in RStudio if we not create the ticket, but when it's created in tools>shell all work fine, in console its impossible. I try to create it with
system('kinit');
And create the ticket fine, but can't use it in the rest of the code.
To create a ticket, use the kinit command. The kinit command prompts you for your password. For the full syntax of the kinit command, see the kinit(1) man page. This example shows a user, kdoe, creating a ticket on her own system.
The klist tool displays the entries in the local credentials cache and key table. After you modify the credentials cache with the kinit tool or modify the keytab with the ktab tool, the only way to verify the changes is to view the contents of the credentials cache or keytab using the klist tool.
There are two main types of Kerberos tickets used in Active Directory: Ticket Granting Ticket (TGT) and service tickets. Service tickets are obtained from the Ticket Granting Service (TGS). The TGT is used to authenticate the identity of a particular entity in Active Directory, such as a user account.
Forwarding tickets allows you to “chain” your network transactions. You can, for example, remotely log in to one machine and then remotely log in from it to another machine. The -f option allows you to forward a ticket, while the -F option allows you to reforward a forwarded ticket.
Hi you can create a kerberos ticket within R with a keytab
file and this command :
system("kinit [email protected] -k -t username.keytab")
To create the keytab
you have to do this via shell :
ktutil
ktutil: addent -password -p [email protected] -k 1 -e rc4-hmac
Password for [email protected]: [enter your password]
ktutil: addent -password -p [email protected] -k 1 -e aes256-cts
Password for [email protected]: [enter your password]
ktutil: wkt username.keytab
ktutil: quit
All the steps for creating a keytab
are explained here
And the keytab
file must be in your working directory.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With