System.setProperty("java.security.krb5.conf", "/etc/krb5.conf"); System.setProperty("sun.security.krb5.debug", "true"); // optional String url = "jdbc:hive2://host:10000/default;principal=hive/host@YOUR.REALM"; Connection conn = DriverManager.getConnection(url); jdbc:hive2://host:10000/default;user=alice;password=secret Or provide via DriverManager.getConnection(url, "alice", "secret") . d) HTTP Mode (for firewalls / load balancers) jdbc:hive2://host:10001/default;transportMode=http;httpPath=cliservice 6. Common Connection Errors & Fixes | Error | Likely cause | Fix | |------------------------------------|---------------------------------------|--------------------------------------| | Could not open client transport | Wrong port / HS2 not running | Check with netstat -tulnp \| grep 10000 | | SASL negotiation failure | Missing auth=noSasl or Kerberos | Use correct auth parameter | | No appropriate protocol | Hive version mismatch (TLS) | Match hive-jdbc version with server | | Peer indicated failure: Unsupported mechanism type PLAIN | Server expects Kerberos/LDAP | Use auth=noSasl only if server allows | 7. Advanced: High Availability (ZooKeeper) If Hive is configured with ZooKeeper service discovery:
beeline -u "jdbc:hive2://<host>:<port>/<db>;auth=noSasl" Or with Kerberos: hive server address java
<dependency> <groupId>org.apache.hive</groupId> <artifactId>hive-jdbc</artifactId> <version>3.1.3</version> <!-- Use your Hive version --> </dependency> System
String url = "jdbc:hive2://hive-secure.myco.com:10000/secure_db;" + "principal=hive/hive-secure.myco.com@MYCO.REALM;" + "ssl=true;" + "sslTrustStore=/path/to/truststore.jks;" + "trustStorePassword=changeit"; try (Connection conn = DriverManager.getConnection(url); Statement stmt = conn.createStatement()) ResultSet rs = stmt.executeQuery("SELECT * FROM sales LIMIT 10"); while (rs.next()) System.out.println(rs.getString(1) + "\t" + rs.getInt(2)); auth=noSasl" Or with Kerberos: <
a) No SASL (plain, insecure – test only) jdbc:hive2://host:10000/default;auth=noSasl Use empty user/pass. b) Kerberos (production, secure) jdbc:hive2://host:10000/default;principal=hive/_HOST@REALM.COM Java side:
