Access to WebHCat with error “User: HTTP/full-domain@REALM is not allowed to impersonate username”

Last week I was dealing with an issue that when connecting to WebHCat using the following command: curl -i -u : –negotiate 'http://<webhcat-domina>:50111/templeton/v1/ddl/database' user got the following error: {"error":"User: HTTP/<domain-name>@<REALM> is not allowed to impersonate <username>"} After doing some research, it turned out to be caused by the auth_to_local rules …