You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by ha...@apache.org on 2013/06/17 19:57:52 UTC

svn commit: r1493860 - in /hive/trunk: common/src/java/org/apache/hadoop/hive/conf/HiveConf.java service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java

Author: hashutosh
Date: Mon Jun 17 17:57:52 2013
New Revision: 1493860

URL: http://svn.apache.org/r1493860
Log:
HIVE-4707 : Support configurable domain name for HiveServer2 LDAP authentication using Active Directory (Prasad Mujumdar via Ashutosh Chauhan)

Modified:
    hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
    hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java

Modified: hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
URL: http://svn.apache.org/viewvc/hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java?rev=1493860&r1=1493859&r2=1493860&view=diff
==============================================================================
--- hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java (original)
+++ hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java Mon Jun 17 17:57:52 2013
@@ -727,6 +727,7 @@ public class HiveConf extends Configurat
     HIVE_SERVER2_KERBEROS_PRINCIPAL("hive.server2.authentication.kerberos.principal", ""),
     HIVE_SERVER2_PLAIN_LDAP_URL("hive.server2.authentication.ldap.url", null),
     HIVE_SERVER2_PLAIN_LDAP_BASEDN("hive.server2.authentication.ldap.baseDN", null),
+    HIVE_SERVER2_PLAIN_LDAP_DOMAIN("hive.server2.authentication.ldap.Domain", null),
     HIVE_SERVER2_CUSTOM_AUTHENTICATION_CLASS("hive.server2.custom.authentication.class", null),
     HIVE_SERVER2_ENABLE_DOAS("hive.server2.enable.doAs", true),
 

Modified: hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java
URL: http://svn.apache.org/viewvc/hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java?rev=1493860&r1=1493859&r2=1493860&view=diff
==============================================================================
--- hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java (original)
+++ hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java Mon Jun 17 17:57:52 2013
@@ -29,13 +29,15 @@ import org.apache.hadoop.hive.conf.HiveC
 
 public class LdapAuthenticationProviderImpl implements PasswdAuthenticationProvider {
 
-  String ldapURL;
-  String baseDN;
+  private final String ldapURL;
+  private final String baseDN;
+  private final String ldapDomain;
 
   LdapAuthenticationProviderImpl () {
     HiveConf conf = new HiveConf();
     this.ldapURL = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_URL);
     this.baseDN = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN);
+    this.ldapDomain = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_DOMAIN);
   }
 
   @Override
@@ -46,6 +48,12 @@ public class LdapAuthenticationProviderI
     env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
     env.put(Context.PROVIDER_URL, ldapURL);
 
+    //  If the domain is supplied, then append it. LDAP providers like Active Directory
+    // use a fully qualified user name like foo@bar.com.
+    if (ldapDomain != null) {
+      user  = user + "@" + ldapDomain;
+    }
+
     // setup the security principal
     String bindDN;
     if (baseDN != null) {