Hive connection problem with Kerberos and pre-authentication

Hi,

I try to connect Toad (1.5.3) to Apache Hive secured by Kerberos but unfortunately I encounter the following problem:

java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://<HOST>:10000/;principal=hive/_HOST@<REALM>;sasl.qop=auth;auth=kerberos;kerberosAuthType=fromSubject: GSS initiate failed

Important:
It is not the JCE encryption policy, because I can connect to HDFS, Logs, Charts using my Kerberos credentials. Also other tools like SQL Workbench work fine.

The problem is the following as I tested it in beeline directly on the edge node:

kerberosAuthType=fromSubject

The connection string would work either without this, adding a dot to the end or setting kerberosAuthType=none

I have seen already threads about this, but without any proposal for a solution. Could you help me out? Is the possibly a new release that will handle this as optional?

Thanks a lot everybody!

Short edit:
- I use full qualified domain names

- I use TOAD for Windows

Exception appended:

2016-11-18 20:23:45 ERROR HiveDriverHDP2:119 - Unable to create a Hive connection
java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://<HOST>:10000/;principal=hive/_HOST@<REALM>;sasl.qop=auth;auth=kerberos;kerberosAuthType=fromSubject: GSS initiate failed
    at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:210)
    at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:156)
    at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:105)
    at java.sql.DriverManager.getConnection(Unknown Source)
    at java.sql.DriverManager.getConnection(Unknown Source)
    at com.dell.tfh.library.hive.hdp2.HiveDriverHDP2.newHiveConnection(HiveDriverHDP2.java:115)
    at com.dell.tfh.control.hive.JDBCClient$1.run(JDBCClient.java:373)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Unknown Source)
    at com.dell.tfh.control.hive.JDBCClient.createClient(JDBCClient.java:363)
    at com.dell.tfh.control.hive.JDBCClient.testConnection(JDBCClient.java:1868)
    at com.dell.tfh.control.connection.test.HiveTester.testConnection(HiveTester.java:40)
    at com.dell.tfh.control.connection.TestableConfiguration.testConfiguration(TestableConfiguration.java:45)
    at com.dell.tfh.control.service.ConnectionTesterCallable.call(ConnectionTesterCallable.java:43)
    at com.dell.tfh.control.service.ConnectionTesterCallable.call(ConnectionTesterCallable.java:1)
    at java.util.concurrent.FutureTask.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.thrift.transport.TTransportException: GSS initiate failed
    at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232)
    at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:316)
    at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
    at org.apache.hive.service.auth.TSubjectAssumingTransport$1.run(TSubjectAssumingTransport.java:49)
    at org.apache.hive.service.auth.TSubjectAssumingTransport$1.run(TSubjectAssumingTransport.java:46)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Unknown Source)
    at org.apache.hive.service.auth.TSubjectAssumingTransport.open(TSubjectAssumingTransport.java:46)
    at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:185)
    ... 16 common frames omitted
2016-11-18 20:23:45 INFO  DefaultExceptionParser:58 - com.dell.tfh.control.connection.test.TestException
    at com.dell.tfh.control.connection.test.HiveTester.testConnection(HiveTester.java:42)
    at com.dell.tfh.control.connection.TestableConfiguration.testConfiguration(TestableConfiguration.java:45)
    at com.dell.tfh.control.service.ConnectionTesterCallable.call(ConnectionTesterCallable.java:43)
    at com.dell.tfh.control.service.ConnectionTesterCallable.call(ConnectionTesterCallable.java:1)
    at java.util.concurrent.FutureTask.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
Caused by: java.security.PrivilegedActionException: com.dell.tfh.library.hadoop.exception.HadoopDriverException: java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://despp-shrk-m0.node.eu-west.dev-espp.intranet.eon.com:10000/;principal=hive/_HOST@DEV.SHARK.EON.COM;sasl.qop=auth;auth=kerberos;kerberosAuthType=fromSubject: GSS initiate failed
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Unknown Source)
    at com.dell.tfh.control.hive.JDBCClient.createClient(JDBCClient.java:363)
    at com.dell.tfh.control.hive.JDBCClient.testConnection(JDBCClient.java:1868)
    at com.dell.tfh.control.connection.test.HiveTester.testConnection(HiveTester.java:40)
    ... 5 more
Caused by: com.dell.tfh.library.hadoop.exception.HadoopDriverException: java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://despp-shrk-m0.node.eu-west.dev-espp.intranet.eon.com:10000/;principal=hive/_HOST@DEV.SHARK.EON.COM;sasl.qop=auth;auth=kerberos;kerberosAuthType=fromSubject: GSS initiate failed
    at com.dell.tfh.library.hive.hdp2.HiveDriverHDP2.newHiveConnection(HiveDriverHDP2.java:120)
    at com.dell.tfh.control.hive.JDBCClient$1.run(JDBCClient.java:373)
    ... 10 more
Caused by: java.sql.SQLException: Could not open client transport with JDBC Uri: jdbc:hive2://despp-shrk-m0.node.eu-west.dev-espp.intranet.eon.com:10000/;principal=hive/_HOST@DEV.SHARK.EON.COM;sasl.qop=auth;auth=kerberos;kerberosAuthType=fromSubject: GSS initiate failed
    at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:210)
    at org.apache.hive.jdbc.HiveConnection.<init>(HiveConnection.java:156)
    at org.apache.hive.jdbc.HiveDriver.connect(HiveDriver.java:105)
    at java.sql.DriverManager.getConnection(Unknown Source)
    at java.sql.DriverManager.getConnection(Unknown Source)
    at com.dell.tfh.library.hive.hdp2.HiveDriverHDP2.newHiveConnection(HiveDriverHDP2.java:115)
    ... 11 more
Caused by: org.apache.thrift.transport.TTransportException: GSS initiate failed
    at org.apache.thrift.transport.TSaslTransport.sendAndThrowMessage(TSaslTransport.java:232)
    at org.apache.thrift.transport.TSaslTransport.open(TSaslTransport.java:316)
    at org.apache.thrift.transport.TSaslClientTransport.open(TSaslClientTransport.java:37)
    at org.apache.hive.service.auth.TSubjectAssumingTransport$1.run(TSubjectAssumingTransport.java:49)
    at org.apache.hive.service.auth.TSubjectAssumingTransport$1.run(TSubjectAssumingTransport.java:46)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAs(Unknown Source)
    at org.apache.hive.service.auth.TSubjectAssumingTransport.open(TSubjectAssumingTransport.java:46)
    at org.apache.hive.jdbc.HiveConnection.openTransport(HiveConnection.java:185)
    ... 16 more