You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hive.apache.org by rh...@apache.org on 2014/04/15 02:42:36 UTC
svn commit: r1587375 - /hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java

Author: rhbutani
Date: Tue Apr 15 00:42:35 2014
New Revision: 1587375

URL: http://svn.apache.org/r1587375
Log:
HIVE-6907 HiveServer2 - wrong user gets used for metastore operation with embedded metastore (Thejas Nair via Jitendra Pandey)

Modified:
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java

Modified: hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java?rev=1587375&r1=1587374&r2=1587375&view=diff
==============================================================================
--- hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java (original)
+++ hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/operation/SQLOperation.java Tue Apr 15 00:42:35 2014
@@ -21,6 +21,7 @@ package org.apache.hive.service.cli.oper
 import java.io.IOException;
 import java.io.Serializable;
 import java.io.UnsupportedEncodingException;
+import java.security.PrivilegedExceptionAction;
 import java.sql.SQLException;
 import java.util.ArrayList;
 import java.util.List;
@@ -49,7 +50,9 @@ import org.apache.hadoop.hive.serde2.laz
 import org.apache.hadoop.hive.serde2.objectinspector.ObjectInspector;
 import org.apache.hadoop.hive.serde2.objectinspector.StructField;
 import org.apache.hadoop.hive.serde2.objectinspector.StructObjectInspector;
+import org.apache.hadoop.hive.shims.ShimLoader;
 import org.apache.hadoop.io.BytesWritable;
+import org.apache.hadoop.security.UserGroupInformation;
 import org.apache.hive.service.cli.FetchOrientation;
 import org.apache.hive.service.cli.HiveSQLException;
 import org.apache.hive.service.cli.OperationState;
@@ -165,26 +168,47 @@ public class SQLOperation extends Execut
   @Override
   public void run() throws HiveSQLException {
     setState(OperationState.PENDING);
-    prepare(getConfigForOperation());
+    final HiveConf opConfig = getConfigForOperation();
+    prepare(opConfig);
     if (!shouldRunAsync()) {
-      runInternal(getConfigForOperation());
+      runInternal(opConfig);
     } else {
       final SessionState parentSessionState = SessionState.get();
+      // current Hive object needs to be set in aysnc thread in case of remote metastore.
+      // The metastore client in Hive is associated with right user
       final Hive sessionHive = getCurrentHive();
+      // current UGI will get used by metastore when metsatore is in embedded mode
+      // so this needs to get passed to the new async thread
+      final UserGroupInformation currentUGI = getCurrentUGI(opConfig);
+
       // Runnable impl to call runInternal asynchronously,
       // from a different thread
       Runnable backgroundOperation = new Runnable() {
+
         @Override
         public void run() {
-          // Storing the current Hive object necessary when doAs is enabled
-          // User information is part of the metastore client member in Hive
-          Hive.set(sessionHive);
-          SessionState.setCurrentSessionState(parentSessionState);
+          PrivilegedExceptionAction<Object> doAsAction = new PrivilegedExceptionAction<Object>() {
+            @Override
+            public Object run() throws HiveSQLException {
+
+              // Storing the current Hive object necessary when doAs is enabled
+              // User information is part of the metastore client member in Hive
+              Hive.set(sessionHive);
+              SessionState.setCurrentSessionState(parentSessionState);
+              try {
+                runInternal(opConfig);
+              } catch (HiveSQLException e) {
+                setOperationException(e);
+                LOG.error("Error running hive query: ", e);
+              }
+              return null;
+            }
+          };
           try {
-            runInternal(getConfigForOperation());
-          } catch (HiveSQLException e) {
-            setOperationException(e);
-            LOG.error("Error: ", e);
+            ShimLoader.getHadoopShims().doAs(currentUGI, doAsAction);
+          } catch (Exception e) {
+            setOperationException(new HiveSQLException(e));
+            LOG.error("Error running hive query as user : " + currentUGI.getShortUserName(), e);
           }
         }
       };
@@ -201,6 +225,14 @@ public class SQLOperation extends Execut
     }
   }
 
+  private UserGroupInformation getCurrentUGI(HiveConf opConfig) throws HiveSQLException {
+    try {
+      return ShimLoader.getHadoopShims().getUGIForConf(opConfig);
+    } catch (Exception e) {
+      throw new HiveSQLException("Unable to get current user", e);
+    }
+  }
+
   private Hive getCurrentHive() throws HiveSQLException {
     try {
       return Hive.get();