Skip to main content

Connecting SQuirreL SQL to HiveServer2 with Kerberos (Updated)

By Anonymous
Kerberos-secured HiveServer2 environments require proper JAAS configuration, a valid Kerberos ticket and the correct Hive JDBC driver. This updated guide explains how to configure SQuirreL SQL with current Hive JDBC drivers, how Kerberos authentication works today and how to avoid the outdated manual classpath and script edits used in early Hadoop distributions.

SQuirreL SQL remains a lightweight and reliable JDBC client for connecting to HiveServer2, especially in on-prem Kerberized clusters. While older Hadoop versions required assembling dozens of JAR dependencies manually, modern Hive distributions ship a shaded JDBC driver that simplifies configuration significantly.

Prerequisites for Kerberos Authentication

Before launching SQuirreL, ensure that you obtain a valid Kerberos ticket: 

kinit your_user@YOUR.REALM

Most Hadoop distributions automatically pick up krb5.conf from system paths (/etc/krb5.conf on Linux, /Library/Preferences on macOS).

If you need to override these settings, create a small JAAS file such as: 

KrbClient {
  com.sun.security.auth.module.Krb5LoginModule required
  useTicketCache=true
  renewTGT=true;
};

Then launch SQuirreL with the JAAS and Kerberos system properties: 

export JAVA_OPTS="-Djava.security.auth.login.config=jaas.conf \
  -Djavax.security.auth.useSubjectCredsOnly=false"

Modern SQuirreL installations allow you to add JAVA_OPTS via the launcher rather than editing startup scripts.

Adding the Hive JDBC Driver

Use the current “shaded” Hive JDBC driver, which bundles most dependencies: 

hive-jdbc-version-standalone.jar

This avoids the large dependency list required by older CDH 4.x and Hive 0.10 clients. Add the shaded JAR via:

  1. Open Drivers in SQuirreL.
  2. Click + to create a new driver.
  3. Enter a name, e.g., HiveServer2 Kerberos.
  4. Driver Class: org.apache.hive.jdbc.HiveDriver
  5. Extra Class Path → Add the shaded JAR.

Connection URL for Kerberos

Use the HiveServer2 Kerberos-enabled URL format: 

jdbc:hive2://HOST:PORT/DB;principal=hive/HOST@YOUR.REALM

If you are not using Kerberos, remove the principal portion: 

jdbc:hive2://HOST:PORT/DB

No additional JAAS settings are required in non-Kerberos mode.

Java Version Compatibility

Kerberos authentication can fail if the client JVM version mismatches the server’s expectations. If you encounter GSS errors, try matching the JDK major version used on the HiveServer2 host.

Historical Context

Early Hadoop deployments (circa 2014) required:

  • modifying SQuirreL’s startup script
  • manually inserting 15–20 JAR files from CDH or HDP
  • hardcoding Kerberos system properties

Modern distributions ship shaded Hive JDBC drivers and rely on system-level Kerberos configuration, making the process far simpler and more reliable.

For reference, SQuirreL SQL is available at: http://squirrel-sql.sourceforge.net

Related guides:

If you need help with distributed systems, backend engineering, or data platforms, check my Services.

Labels:

Most read articles

Why Is Customer Obsession Disappearing?

By
Many companies trade real customer-obsession for automated, low-empathy support. Through examples from Coinbase, PayPal, GO Telecommunications and AT&T, this article shows how reliance on AI chatbots, outsourced call centers, and KPI-driven workflows erodes trust, NPS and customer retention. It argues that human-centric support—treating support as strategic investment instead of cost—is still a core growth engine in competitive markets. It's wild that even with all the cool tech we've got these days, like AI solving complex equations and doing business across time zones in a flash, so many companies are still struggling with the basics: taking care of their customers. The drama around Coinbase's customer support is a prime example of even tech giants messing up. And it's not just Coinbase — it's a big-picture issue for the whole industry. At some point, the idea of "customer obsession" got replaced with "customer automation," and no...
Read more

What the Heck is Superposition and Entanglement?

By
This post is about superposition and interference in simple, intuitive terms. It describes how quantum states combine, how probability amplitudes add, and why interference patterns appear in systems such as electrons, photons and waves. The goal is to give a clear, non mathematical understanding of how quantum behavior emerges from the rules of wave functions and measurement. If you’ve ever heard the words superposition or entanglement thrown around in conversations about quantum physics, you may have nodded politely while your brain quietly filed them away in the "too confusing to deal with" folder.  These aren't just theoretical quirks; they're the foundation of mind-bending tech like Google's latest quantum chip, the Willow with its 105 qubits. Superposition challenges our understanding of reality, suggesting that particles don't have definite states until observed. This principle is crucial in quantum technologies, enabling phenomena like quantum comp...
Read more

SynthLink Compared to Google’s Natural Questions: A Practical Evaluation

By
SynthLink evaluates reasoning, synthesis and internal consistency across diverse question types. Google’s Natural Questions evaluates extractive QA: finding short text spans inside structured documents. Because real workloads require interpretation, abstraction and multi-step logic, SynthLink exposes capabilities and failure modes that NQ cannot measure. The two benchmarks are complementary, but SynthLink is more aligned with production tasks. Benchmarks such as Google’s Natural Questions (NQ) dominate model evaluation. They provide a reliable, academically stable test for extractive question answering: short queries, grounded answers, and constrained context ranges. But real workloads rarely look like NQ. Production systems must handle ambiguous inputs, multi-step reasoning, poorly structured prompts, and cases where no canonical answer exists. SynthLink was designed for this broader landscape. It focuses on evaluating reasoning, synthesis and internal consistency rather than snippe...
Read more