You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by Vaibhav Gumashta <vg...@hortonworks.com> on 2014/04/04 09:43:11 UTC
Re: Review Request 13845: HIVE-5155: Support secure proxy user access to HiveServer2

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/13845/#review39522
-----------------------------------------------------------



service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java
<https://reviews.apache.org/r/13845/#comment71937>

    What does (hiveAuthFactory == null) mean?
    


- Vaibhav Gumashta


On March 10, 2014, 6:39 p.m., Prasad Mujumdar wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/13845/
> -----------------------------------------------------------
> 
> (Updated March 10, 2014, 6:39 p.m.)
> 
> 
> Review request for hive, Brock Noland, Carl Steinbach, and Thejas Nair.
> 
> 
> Bugs: HIVE-5155
>     https://issues.apache.org/jira/browse/HIVE-5155
> 
> 
> Repository: hive-git
> 
> 
> Description
> -------
> 
> Delegation token support -
> Enable delegation token connection for HiveServer2
> Enhance the TCLIService interface to support delegation token requests
> Support passing the delegation token connection type via JDBC URL and Beeline option
> 
> Direct proxy access -
> Define new proxy user property
> Shim interfaces to validate proxy access for a given user
> 
> Note that the diff doesn't include thrift generated code.
> 
> 
> Diffs
> -----
> 
>   beeline/pom.xml 02bfaaa 
>   beeline/src/java/org/apache/hive/beeline/BeeLine.java e63a3b0 
>   beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java 91e20ec 
>   beeline/src/java/org/apache/hive/beeline/Commands.java d2d7fd3 
>   beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java 94178ef 
>   beeline/src/test/org/apache/hive/beeline/ProxyAuthTest.java PRE-CREATION 
>   common/src/java/org/apache/hadoop/hive/conf/HiveConf.java edc3d38 
>   conf/hive-default.xml.template a5a85b4 
>   data/files/ProxyAuth.res PRE-CREATION 
>   itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java 8210e75 
>   jdbc/src/java/org/apache/hadoop/hive/jdbc/HiveConnection.java d08e05b 
>   jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java 607fc7a 
>   jdbc/src/java/org/apache/hive/jdbc/Utils.java 608837e 
>   service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java d8ba3aa 
>   service/src/java/org/apache/hive/service/auth/KerberosSaslHelper.java 71dc592 
>   service/src/java/org/apache/hive/service/auth/PlainSaslHelper.java 15b1675 
>   service/src/java/org/apache/hive/service/cli/CLIService.java 2b1e712 
>   service/src/java/org/apache/hive/service/cli/CLIServiceClient.java b9d1489 
>   service/src/java/org/apache/hive/service/cli/EmbeddedCLIServiceClient.java a31ea94 
>   service/src/java/org/apache/hive/service/cli/ICLIService.java 621d689 
>   service/src/java/org/apache/hive/service/cli/session/HiveSession.java c8fb8ec 
>   service/src/java/org/apache/hive/service/cli/session/HiveSessionImpl.java d6d0d27 
>   service/src/java/org/apache/hive/service/cli/session/HiveSessionImplwithUGI.java b934ebe 
>   service/src/java/org/apache/hive/service/cli/session/SessionManager.java cec3b04 
>   service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java 26bda5a 
>   service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIServiceClient.java 3675e86 
>   service/src/test/org/apache/hive/service/auth/TestPlainSaslHelper.java 8fa4afd 
>   service/src/test/org/apache/hive/service/cli/session/TestSessionHooks.java 2fac800 
>   shims/0.20/src/main/java/org/apache/hadoop/hive/shims/Hadoop20Shims.java 51c8051 
>   shims/common-secure/src/main/java/org/apache/hadoop/hive/shims/HadoopShimsSecure.java e205caa 
>   shims/common-secure/src/main/java/org/apache/hadoop/hive/thrift/DelegationTokenSecretManager.java 29114f0 
>   shims/common-secure/src/main/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge20S.java dc89de1 
>   shims/common/src/main/java/org/apache/hadoop/hive/shims/HadoopShims.java e15ab4e 
>   shims/common/src/main/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge.java 03f4e51 
> 
> Diff: https://reviews.apache.org/r/13845/diff/
> 
> 
> Testing
> -------
> 
> Since this requires kerberos setup, its tested by a standalone test program that runs various existing and new secure connection scenarios. The test code is attached to the ticket at https://issues.apache.org/jira/secure/attachment/12600119/ProxyAuth.java
> 
> 
> Thanks,
> 
> Prasad Mujumdar
> 
>