diff --git a/kyuubi-hive-jdbc/src/main/java/org/apache/kyuubi/jdbc/hive/auth/HttpAuthUtils.java b/kyuubi-hive-jdbc/src/main/java/org/apache/kyuubi/jdbc/hive/auth/HttpAuthUtils.java
index 09ce3bab4..ea69055f9 100644
--- a/kyuubi-hive-jdbc/src/main/java/org/apache/kyuubi/jdbc/hive/auth/HttpAuthUtils.java
+++ b/kyuubi-hive-jdbc/src/main/java/org/apache/kyuubi/jdbc/hive/auth/HttpAuthUtils.java
@@ -18,8 +18,8 @@
 package org.apache.kyuubi.jdbc.hive.auth;
 
 import java.security.PrivilegedExceptionAction;
+import java.util.Base64;
 import javax.security.auth.Subject;
-import org.apache.commons.codec.binary.Base64;
 import org.apache.hadoop.security.UserGroupInformation;
 import org.ietf.jgss.GSSContext;
 import org.ietf.jgss.GSSManager;
@@ -58,11 +58,9 @@ public final class HttpAuthUtils {
    */
   public static class HttpKerberosClientAction implements PrivilegedExceptionAction<String> {
     private final String serverPrincipal;
-    private final Base64 base64codec;
 
     public HttpKerberosClientAction(String serverPrincipal) {
       this.serverPrincipal = serverPrincipal;
-      base64codec = new Base64(0);
     }
 
     @Override
@@ -84,7 +82,7 @@ public final class HttpAuthUtils {
       byte[] outToken = gssContext.initSecContext(inToken, 0, inToken.length);
       gssContext.dispose();
       // Base64 encoded and stringified token for server
-      return new String(base64codec.encode(outToken));
+      return Base64.getEncoder().encodeToString(outToken);
     }
   }
 }
diff --git a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/util/CookieSigner.scala b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/util/CookieSigner.scala
index 0c4bca1a7..d4c8b2e8b 100644
--- a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/util/CookieSigner.scala
+++ b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/http/util/CookieSigner.scala
@@ -18,8 +18,7 @@
 package org.apache.kyuubi.server.http.util
 
 import java.security.{MessageDigest, NoSuchAlgorithmException}
-
-import org.apache.commons.codec.binary.Base64
+import java.util.Base64
 
 import org.apache.kyuubi.Logging
 
@@ -78,7 +77,7 @@ class CookieSigner(secret: Array[Byte]) extends Logging {
       md.update(str.getBytes)
       md.update(secretBytes)
       val digest = md.digest
-      new Base64(0).encodeToString(digest)
+      Base64.getEncoder.encodeToString(digest)
     } catch {
       case ex: NoSuchAlgorithmException =>
         throw new RuntimeException(