CDH开启Kerberos安全认证后,impala的连接方式也需要进行安全认证,未进行安全认证时,impala的连接串为:
jdbc:impala://192.168.1.10:21050/default;AuthMech=0
使用的驱动类为
com.cloudera.impala.jdbc41.Driver
但当impala配置过Kerberos后,在连接时需要进行登录验证后再进行连接,下面是测试代码
/**
* 2016-3-10
*/
package com.nari.smart.common.jdbc.service;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
public class TestImpala {
private static String driverName = "org.apache.hive.jdbc.HiveDriver";//使用hive-jdbc-0.14.0.2.2.0.0-2041.jar
/**
* @param args
*/
public static void main(String[] args) {
// TODO Auto-generated method stub
String url = "jdbc:hive2://10.134.161.107:21050/pwmx;principal=impala/sjzx5.test.com@TEST.COM";//impalad使用的服务器
//impala/sjzx5.test.com@TEST.COM 为CDH注册的impala用户可以在CDH管理界面的Kerberos配置界面查看
Configuration conf = new Configuration();
conf.set("hadoop.security.authentication", "Kerberos");
//设置认证方式为Kerberos
try {
UserGroupInformation.setConfiguration(conf);
//认证的用户和对应的keytab文件
UserGroupInformation.loginUserFromKeytab("YJ100001","C:/Users/user/Desktop/pwmx/YJ100001.keytab");
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
Class.forName(driverName);
//设置系统的Kerberos配置信息
System.setProperty("java.security.krb5.conf","C:/Users/user/Desktop/pwmx/krb5.conf");;
Connection conn = DriverManager.getConnection(url);
Statement stmt = conn.createStatement();
String sql = "select * from test";
ResultSet rs = stmt.executeQuery(sql);
while(rs.next()){
System.out.println(rs.getString(1));
}
} catch (Exception e) {
e.printStackTrace();
// TODO: handle exception
}
}
}
通过以上测试可以实现impala的正常JDBC连接。使用的是hive2的连接jar。
测试环境:Redhat6.5 CDH5.4
参考文档:http://www.cloudera.com/documentation/archive/impala/2-x/2-1-x/topics/impala_jdbc.html