環境：浙江移動華為云平臺

云平臺大數據采用了?Kerberos 認證。

開發歷程：

1、在寧波大數據實驗環境測試通過了JDBC實現從Hive抽取數據導入Oracle功能。

2、通過查看其它項目的數據庫訪問配置，知道了云平臺上的oracle配置。

3、獲取hive的jdbc訪問配置。但是無人知道，說保密不告知。

但是方法還是有的，從訪問前source的shell文件里，找到了眉目。

[deepen@vd26wyjl01 ~]$ cat login.sh 
source /app/deepen/jc_client/bigdata_env
export KRB5CCNAME=/app/deepen/user_keytab/jc_deepen.cc
kinit -kt /app/deepen/user_keytab/user.keytab jc_deepen
klist

[deepen@vd26wyjl01 ~]$ beeline
Connecting to jdbc:hive2://ip:24002,ip:24002,ip:24002,ip:24002,ip:24002/;serviceDiscoveryMode=zooKeeper;zooKeeperNamespace=hiveserver2;sasl.qop=auth-conf;auth=KERBEROS;principal=hive/hadoop.hadoop.com@HADOOP.COM
Debug is  true storeKey false useTicketCache true useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Acquire TGT from Cache
Principal is jc_deepen@HADOOP.COM
Commit Succeeded 0: jdbc:hive2://ip:21066/> 

通過辛苦的調配后，最后的配置如下：

// 創建連接private Connection getConnnection() throws Exception {/** 使用Hadoop安全登錄 **/org.apache.hadoop.conf.Configuration conf = new org.apache.hadoop.conf.Configuration();conf.set("hadoop.security.authentication", "Kerberos");//System.setProperty("java.security.krb5.conf", "/app/deepen/user_keytab/krb5.conf");System.setProperty("java.security.krb5.conf", krb5_conf);try {UserGroupInformation.setConfiguration(conf);//UserGroupInformation.loginUserFromKeytab("hive/hadoop.hadoop.com@HADOOP.COM", "/app/deepen/user_keytab/user.keytab");UserGroupInformation.loginUserFromKeytab(user, krb5_Keytab);} catch (IOException e1) {e1.printStackTrace();}Class.forName(driverName);Connection conn = DriverManager.getConnection(url);System.out.println("#####獲取Kerberos-Hive-conn成功：---"+conn.toString());return conn;}