This section describes the connection properties used to configure Kerberos authentication.

Table 1. Kerberos Authentication Properties
Property Characteristic

AuthenticationMethod

Determines which authentication method the driver uses when establishing a connection.

If set to delegationToken, the driver uses Hadoop delegation token authentication. See "Hadoop delegation token authentication" for additional information.

If set to kerberos, the driver uses Kerberos authentication.

If set to userIdPassword, the driver uses user ID/password authentication.

If set to none, the driver does not attempt to verify the user ID and password. When a packet is passed to the server, a value of Anonymous is specified for the user ID and password. This setting is used when the server is not configured to authenticate user logon information.

The default is userIdPassword.
DelegationToken Specifies the delegation token used to authenticate processes to the server when Hadoop Delegation Token Authentication is enabled (AuthenticationMethod=delegationToken).
LoginConfigName Specifies the name of the entry in the JAAS login configuration file that contains the authentication technology used by the driver to establish a Kerberos connection.

Password

Specifies a password that is used to connect to your database.

ServicePrincipalName

Specifies the service principal name to be used for Kerberos authentication.

The driver builds the default value based on the setting of the ServerName option, using the format hive/server_name.
SASLQOP Specifies the quality of protection used for SASL mechanisms when Kerberos authentication is enabled (AuthenticationMethod=kerberos).

If set to auth, the driver uses authentication for SASL mechanisms.

If set to auth-int, the driver uses authentication and integrity protection for SASL mechanisms.

If set to auth-conf, the driver uses authentication and confidentiality protection for SASL mechanisms.

The default is auth.

User

Specifies the user name that is used to connect to the database.