You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by ha...@apache.org on 2013/06/17 19:57:52 UTC
svn commit: r1493860 - in /hive/trunk:
common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java
Author: hashutosh
Date: Mon Jun 17 17:57:52 2013
New Revision: 1493860
URL: http://svn.apache.org/r1493860
Log:
HIVE-4707 : Support configurable domain name for HiveServer2 LDAP authentication using Active Directory (Prasad Mujumdar via Ashutosh Chauhan)
Modified:
hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java
Modified: hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
URL: http://svn.apache.org/viewvc/hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java?rev=1493860&r1=1493859&r2=1493860&view=diff
==============================================================================
--- hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java (original)
+++ hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java Mon Jun 17 17:57:52 2013
@@ -727,6 +727,7 @@ public class HiveConf extends Configurat
HIVE_SERVER2_KERBEROS_PRINCIPAL("hive.server2.authentication.kerberos.principal", ""),
HIVE_SERVER2_PLAIN_LDAP_URL("hive.server2.authentication.ldap.url", null),
HIVE_SERVER2_PLAIN_LDAP_BASEDN("hive.server2.authentication.ldap.baseDN", null),
+ HIVE_SERVER2_PLAIN_LDAP_DOMAIN("hive.server2.authentication.ldap.Domain", null),
HIVE_SERVER2_CUSTOM_AUTHENTICATION_CLASS("hive.server2.custom.authentication.class", null),
HIVE_SERVER2_ENABLE_DOAS("hive.server2.enable.doAs", true),
Modified: hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java
URL: http://svn.apache.org/viewvc/hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java?rev=1493860&r1=1493859&r2=1493860&view=diff
==============================================================================
--- hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java (original)
+++ hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java Mon Jun 17 17:57:52 2013
@@ -29,13 +29,15 @@ import org.apache.hadoop.hive.conf.HiveC
public class LdapAuthenticationProviderImpl implements PasswdAuthenticationProvider {
- String ldapURL;
- String baseDN;
+ private final String ldapURL;
+ private final String baseDN;
+ private final String ldapDomain;
LdapAuthenticationProviderImpl () {
HiveConf conf = new HiveConf();
this.ldapURL = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_URL);
this.baseDN = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN);
+ this.ldapDomain = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_DOMAIN);
}
@Override
@@ -46,6 +48,12 @@ public class LdapAuthenticationProviderI
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapURL);
+ // If the domain is supplied, then append it. LDAP providers like Active Directory
+ // use a fully qualified user name like foo@bar.com.
+ if (ldapDomain != null) {
+ user = user + "@" + ldapDomain;
+ }
+
// setup the security principal
String bindDN;
if (baseDN != null) {