You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hive.apache.org by Shivaraju Gowda <sh...@cisco.com> on 2014/03/01 00:33:21 UTC

Re: Review Request 18464: Support secure Subject.doAs() in HiveServer2 JDBC client


> On Feb. 28, 2014, 12:59 a.m., Vaibhav Gumashta wrote:
> > jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java, line 136
> > <https://reviews.apache.org/r/18464/diff/1/?file=503360#file503360line136>
> >
> >     I think, instead of having to do identityContext equals "fromKerberosSubject", we can just use assumeSubject equals true/false, keeping the default to false.
> 
> Shivaraju Gowda wrote:
>     Passing it as "assumeSubject" boolean url property was my first cut. However I thought "assumeSubject" itself doesn't convey the message for its intended use in and off by itself(need to refer to the documentation) and making it key-value pair might give it some more meaning and there is also a possibility of it being later used for other use cases (say hypothetically the value can be fromKeyTab, fromTicketCache or fromLogin etc.).

Do you think it might better if we use auth property here, i.e auth=fromKerberosSubject. Right now the only values for auth=noSasl.


- Shivaraju


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/18464/#review35730
-----------------------------------------------------------


On Feb. 25, 2014, 2:50 p.m., Kevin Minder wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/18464/
> -----------------------------------------------------------
> 
> (Updated Feb. 25, 2014, 2:50 p.m.)
> 
> 
> Review request for hive, Kevin Minder and Vaibhav Gumashta.
> 
> 
> Bugs: HIVE-6486
>     https://issues.apache.org/jira/browse/HIVE-6486
> 
> 
> Repository: hive-git
> 
> 
> Description
> -------
> 
> Support secure Subject.doAs() in HiveServer2 JDBC client
> 
> 
> Diffs
> -----
> 
>   jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java 17b4d39 
>   service/src/java/org/apache/hive/service/auth/KerberosSaslHelper.java 379dafb 
>   service/src/java/org/apache/hive/service/auth/TSubjectAssumingTransport.java PRE-CREATION 
> 
> Diff: https://reviews.apache.org/r/18464/diff/
> 
> 
> Testing
> -------
> 
> Manual testing
> 
> 
> Thanks,
> 
> Kevin Minder
> 
>