The driver supports Kerberos SASL-QOP data integrity and confidentiality. SASL-QOP is configured on the server side as a part of SparkSQL Kerberos configuration. When Kerberos authentication is enabled through the driver (AuthenticationMethod=kerberos), the driver automatically detects and abides by the server's SASL-QOP configuration at connection time. In addition to supporting the auth value, the driver supports the auth-int and auth-conf SASL-QOP values. SASL-QOP values are defined as follows:

  • auth: authentication only (default)
  • auth-int: authentication with integrity protection
  • auth-conf: authentication with confidentiality protection