You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@hive.apache.org by Christian Schneider <cs...@gmail.com> on 2013/08/12 14:55:30 UTC

Simple User/Password authentication for HiveServer2 (without Kerberos/LDAP)

Hi,
how to provide a simple propertyfile or database user/password
authentication for HiveServer2?

Since it is a small research project, we don't have Kerberos or LDAP.
I already found this [0] presentation about it, but it's not in English :(.

On the Cloudera reference manual [1] I found smth. about the
hive.server2.authentication property. It supports CUSTOM implementations of
the interface hive.server2.custom.authentication.

But I don't know whether this is the way to go.

Best Regards,
Christian.

[0] http://julingks.tistory.com/entry/Hive-Authorization

[1]
http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH4/4.2.1/CDH4-Security-Guide/cdh4sg_topic_9_1.html

Re: Simple User/Password authentication for HiveServer2 (without Kerberos/LDAP)

Posted by 박서은 <se...@gmail.com>.

You can create CustomAuthenticator implements
PasswordAuthenticationProvider.

However, there is a bug to use CustomAuthenticator,
you should apply patch from https://issues.apache.org/jira/browse/HIVE-4778


And then register on hive-site.xml:
--------------------------------
<property>
        <name>hive.server2.authentication</name>
        <value>CUSTOM</value>
    </property>

    <property>
        <name>hive.server2.custom.authentication.class</name>

<value>org.apache.hive.service.auth.NexrAuthenticationProviderImpl</value>
    </property>
------------------------------

Here is very simple implements:
-----------------------------------------------
public class NexrAuthenticationProviderImpl implements
PasswdAuthenticationProvider {
    private static final Log LOG =
LogFactory.getLog(NexrAuthenticationProviderImpl.class);
    //user, password
    private Map<String, String> userMap = new HashMap<String, String>();

    public NexrAuthenticationProviderImpl() {
        init();
    }

    private void init(){
        userMap.put("azrael","azrael");
        userMap.put("seoeun","seoeun");
    }

    @Override
    public void Authenticate(String user, String password) throws
AuthenticationException {

        if(!userMap.containsKey(user)){
            throw new AuthenticationException("Invalid user : "+user);
        }
        if(!userMap.get(user).toString().equals(password)){
            throw new AuthenticationException("Invalid passwd : "+password);
        }
        return;
    }

}
--------------------------------------------------------


On Mon, Aug 12, 2013 at 9:55 PM, Christian Schneider <
cschneiderpublic@gmail.com> wrote:

> Hi,
> how to provide a simple propertyfile or database user/password
> authentication for HiveServer2?
>
> Since it is a small research project, we don't have Kerberos or LDAP.
> I already found this [0] presentation about it, but it's not in English :(.
>
> On the Cloudera reference manual [1] I found smth. about the
> hive.server2.authentication property. It supports CUSTOM implementations
> of the interface hive.server2.custom.authentication.
>
> But I don't know whether this is the way to go.
>
> Best Regards,
> Christian.
>
> [0] http://julingks.tistory.com/entry/Hive-Authorization
>
> [1]
> http://www.cloudera.com/content/cloudera-content/cloudera-docs/CDH4/4.2.1/CDH4-Security-Guide/cdh4sg_topic_9_1.html
>