ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aonis...@apache.org
Subject [44/64] [abbrv] ambari git commit: AMBARI-20587. Hive2: Enable LDAP support for Hive2.0. (dipayanb)
Date Wed, 29 Mar 2017 11:57:48 GMT
AMBARI-20587. Hive2: Enable LDAP support for Hive2.0. (dipayanb)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/494c26a5
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/494c26a5
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/494c26a5

Branch: refs/heads/branch-3.0-perf
Commit: 494c26a517a4b1b014860e9b7bb9a11a411161d5
Parents: fcb9d22
Author: Dipayan Bhowmick <dipayan.bhowmick@gmail.com>
Authored: Tue Mar 28 11:30:36 2017 +0530
Committer: Andrew Onishuk <aonishuk@hortonworks.com>
Committed: Wed Mar 29 14:55:56 2017 +0300

----------------------------------------------------------------------
 .../ambari/view/hive20/actor/JdbcConnector.java | 29 ++++++++----
 .../actor/message/job/AuthenticationFailed.java | 27 +++++++++++
 .../view/hive20/actor/message/job/Failure.java  |  2 +-
 .../view/hive20/client/DDLDelegatorImpl.java    |  5 ++
 .../resources/browser/ConnectionService.java    | 21 +++++++--
 .../view/hive20/resources/jobs/JobService.java  |  2 +-
 .../resources/ui/app/adapters/application.js    | 12 ++++-
 .../src/main/resources/ui/app/adapters/auth.js  | 27 +++++++++++
 .../ui/app/components/top-application-bar.js    |  3 +-
 .../resources/ui/app/controllers/application.js |  5 +-
 .../resources/ui/app/controllers/password.js    | 44 ++++++++++++++++++
 .../ui/app/controllers/service-check.js         |  8 ++++
 .../hive20/src/main/resources/ui/app/router.js  |  1 +
 .../main/resources/ui/app/routes/application.js | 17 +++++++
 .../main/resources/ui/app/routes/password.js    | 41 +++++++++++++++++
 .../resources/ui/app/routes/service-check.js    |  1 +
 .../main/resources/ui/app/services/ldap-auth.js | 35 ++++++++++++++
 .../resources/ui/app/templates/application.hbs  |  5 ++
 .../components/top-application-bar.hbs          | 10 +++-
 .../resources/ui/app/templates/password.hbs     | 48 ++++++++++++++++++++
 20 files changed, 322 insertions(+), 21 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/JdbcConnector.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/JdbcConnector.java
b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/JdbcConnector.java
index 45fc786..4b218b1 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/JdbcConnector.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/JdbcConnector.java
@@ -36,6 +36,7 @@ import org.apache.ambari.view.hive20.actor.message.ResultInformation;
 import org.apache.ambari.view.hive20.actor.message.ResultNotReady;
 import org.apache.ambari.view.hive20.actor.message.RunStatement;
 import org.apache.ambari.view.hive20.actor.message.SQLStatementJob;
+import org.apache.ambari.view.hive20.actor.message.job.AuthenticationFailed;
 import org.apache.ambari.view.hive20.actor.message.job.CancelJob;
 import org.apache.ambari.view.hive20.actor.message.job.ExecuteNextStatement;
 import org.apache.ambari.view.hive20.actor.message.job.ExecutionFailed;
@@ -397,24 +398,34 @@ public class JdbcConnector extends HiveActor {
   }
 
   private void notifyConnectFailure(Exception ex) {
+    boolean loginError = false;
     executing = false;
     isFailure = true;
     this.failure = new Failure("Cannot connect to hive", ex);
+    if(ex instanceof ConnectionException){
+      ConnectionException connectionException = (ConnectionException) ex;
+      Throwable cause = connectionException.getCause();
+      if(cause instanceof SQLException){
+        SQLException sqlException = (SQLException) cause;
+        if(isLoginError(sqlException))
+          loginError = true;
+      }
+    }
+
     if (isAsync()) {
       updateJobStatus(jobId.get(), Job.JOB_STATE_ERROR);
 
-      if(ex instanceof ConnectionException){
-        ConnectionException connectionException = (ConnectionException) ex;
-        Throwable cause = connectionException.getCause();
-        if(cause instanceof SQLException){
-          SQLException sqlException = (SQLException) cause;
-          if(isLoginError(sqlException))
-            return;
-        }
+      if (loginError) {
+        return;
       }
 
     } else {
-      sender().tell(new ExecutionFailed("Cannot connect to hive"), ActorRef.noSender());
+      if (loginError) {
+        sender().tell(new AuthenticationFailed("Hive authentication error", ex), ActorRef.noSender());
+      } else {
+        sender().tell(new ExecutionFailed("Cannot connect to hive", ex), ActorRef.noSender());
+      }
+
     }
     // Do not clean up in case of failed authorizations
     // The failure is bubbled to the user for requesting credentials

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/AuthenticationFailed.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/AuthenticationFailed.java
b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/AuthenticationFailed.java
new file mode 100644
index 0000000..c6885d1
--- /dev/null
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/AuthenticationFailed.java
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.view.hive20.actor.message.job;
+
+public class AuthenticationFailed extends Failure {
+
+  public AuthenticationFailed(String message, Throwable error) {
+    super(message, error);
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/Failure.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/Failure.java
b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/Failure.java
index 1efb132..00ea46c 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/Failure.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/actor/message/job/Failure.java
@@ -18,7 +18,7 @@
 
 package org.apache.ambari.view.hive20.actor.message.job;
 
-public class Failure {
+public class Failure extends Exception {
   private final Throwable error;
   private final String message;
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/client/DDLDelegatorImpl.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/client/DDLDelegatorImpl.java
b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/client/DDLDelegatorImpl.java
index ef4f100..d6756ef 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/client/DDLDelegatorImpl.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/client/DDLDelegatorImpl.java
@@ -29,6 +29,7 @@ import org.apache.ambari.view.hive20.actor.message.ExecuteJob;
 import org.apache.ambari.view.hive20.actor.message.GetColumnMetadataJob;
 import org.apache.ambari.view.hive20.actor.message.HiveJob;
 import org.apache.ambari.view.hive20.actor.message.SQLStatementJob;
+import org.apache.ambari.view.hive20.actor.message.job.AuthenticationFailed;
 import org.apache.ambari.view.hive20.actor.message.job.ExecutionFailed;
 import org.apache.ambari.view.hive20.actor.message.job.FetchFailed;
 import org.apache.ambari.view.hive20.actor.message.job.Next;
@@ -230,6 +231,10 @@ public class DDLDelegatorImpl implements DDLDelegator {
       LOG.error("Failed to get the table description");
       throw new ServiceFormattedException(error.getMessage(), error.getError());
 
+    } else if (submitResult instanceof AuthenticationFailed) {
+      AuthenticationFailed exception = (AuthenticationFailed) submitResult;
+      LOG.error("Failed to connect to Hive", exception.getMessage());
+      throw new ServiceFormattedException(exception.getMessage(), exception.getError(), 401);
     } else if (submitResult instanceof ResultSetHolder) {
       ResultSetHolder holder = (ResultSetHolder) submitResult;
       ActorRef iterator = holder.getIterator();

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/browser/ConnectionService.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/browser/ConnectionService.java
b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/browser/ConnectionService.java
index 30fda79..dff72af 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/browser/ConnectionService.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/browser/ConnectionService.java
@@ -18,6 +18,9 @@
 
 package org.apache.ambari.view.hive20.resources.browser;
 
+import java.util.HashMap;
+import java.util.Map;
+
 import com.google.common.base.Optional;
 import org.apache.ambari.view.ViewContext;
 import org.apache.ambari.view.hive20.AuthParams;
@@ -74,7 +77,11 @@ public class ConnectionService {
       Optional<String> password = instance.getPassword(context);
       if (!password.isPresent()) {
         // No password cached - request for one
-        return Response.status(Response.Status.UNAUTHORIZED).build();
+        JSONObject entity = new JSONObject();
+        Map<String, String> errors = new HashMap<>();
+        errors.put("message", "Ldap password required");
+        entity.put("errors", errors);
+        return Response.status(Response.Status.UNAUTHORIZED).entity(entity).build();
       }
       // if there was a password cached, make a connection attempt
       // get the password
@@ -105,9 +112,13 @@ public class ConnectionService {
           // check the message to see if the cause was a login failure
           // return a 401
           // else return a 500
-          if(isLoginError(e))
-            return Response.status(Response.Status.UNAUTHORIZED).build();
-          else
+          if(isLoginError(e)) {
+            JSONObject entity = new JSONObject();
+            Map<String, String> errors = new HashMap<>();
+            errors.put("message", "Authentication Exception");
+            entity.put("errors", errors);
+            return Response.status(Response.Status.UNAUTHORIZED).entity(entity).build();
+          } else
               throw new ServiceFormattedException(e.getMessage(), e);
         } finally {
           try {
@@ -137,7 +148,7 @@ public class ConnectionService {
             //Cache the password for the user
             ConnectionSystem instance = ConnectionSystem.getInstance();
             instance.persistCredentials(context.getUsername(),request.password);
-            return getOKResponse();
+            return attemptHiveConnection(request.password);
         } catch (WebApplicationException ex) {
             throw ex;
         } catch (Exception ex) {

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/jobs/JobService.java
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/jobs/JobService.java
b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/jobs/JobService.java
index b5f92ac..f2e4ee9 100644
--- a/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/jobs/JobService.java
+++ b/contrib/views/hive20/src/main/java/org/apache/ambari/view/hive20/resources/jobs/JobService.java
@@ -142,7 +142,7 @@ public class JobService extends BaseService {
           if(th instanceof SQLException){
             SQLException sqlException = (SQLException) th;
             if(sqlException.getSQLState().equals("AUTHFAIL") && ConnectionFactory.isLdapEnabled(context))
-              return Response.status(401).build();
+              throw new ServiceFormattedException("Hive Authentication failed", sqlException,
401);
           }
           throw new Exception(th);
         }

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/adapters/application.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/adapters/application.js b/contrib/views/hive20/src/main/resources/ui/app/adapters/application.js
index 9cc8658..42935fc 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/adapters/application.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/adapters/application.js
@@ -21,6 +21,8 @@ import DS from 'ember-data';
 import ENV from 'ui/config/environment';
 
 export default DS.RESTAdapter.extend({
+  ldapAuth: Ember.inject.service(),
+
   init: function () {
     Ember.$.ajaxSetup({
       cache: false
@@ -55,13 +57,21 @@ export default DS.RESTAdapter.extend({
       // In development mode when the UI is served using ember serve the xhr requests are
proxied to ambari server
       // by setting the proxyurl parameter in ember serve and for ambari to authenticate
the requests, it needs this
       // basic authorization. This is for default admin/admin username/password combination.
-      headers['Authorization'] = 'Basic YWRtaW46YWRtaW4=';
+      //headers['Authorization'] = 'Basic YWRtaW46YWRtaW4=';
       //headers['Authorization'] = 'Basic aGl2ZTpoaXZl';
       //headers['Authorization'] = 'Basic ZGlwYXlhbjpkaXBheWFu';
     }
     return headers;
   }),
 
+
+  handleResponse(status, headers, payload, requestData) {
+    if (status == 401) {
+      this.get('ldapAuth').askPassword();
+    }
+    return this._super(...arguments);
+  },
+
   parseErrorResponse(responseText) {
     let json = this._super(responseText);
     if (Ember.isEmpty(json.errors)) {

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/adapters/auth.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/adapters/auth.js b/contrib/views/hive20/src/main/resources/ui/app/adapters/auth.js
new file mode 100644
index 0000000..0a493b1
--- /dev/null
+++ b/contrib/views/hive20/src/main/resources/ui/app/adapters/auth.js
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import ApplicationAdapter from './application';
+
+export default ApplicationAdapter.extend({
+
+  authenticate(password){
+    let url = this.buildURL() + '/connection/auth';
+    return this.ajax(url, 'POST', {data: {'password': password}});
+  }
+});

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/components/top-application-bar.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/components/top-application-bar.js
b/contrib/views/hive20/src/main/resources/ui/app/components/top-application-bar.js
index bef9b51..f993a5e 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/components/top-application-bar.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/components/top-application-bar.js
@@ -19,5 +19,6 @@
 import Ember from 'ember';
 
 export default Ember.Component.extend({
-  service: false
+  service: false,
+  askPassword: false
 });

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/controllers/application.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/controllers/application.js b/contrib/views/hive20/src/main/resources/ui/app/controllers/application.js
index beb97e6..d5717a2 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/controllers/application.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/controllers/application.js
@@ -21,8 +21,11 @@ import ENV from 'ui/config/environment';
 
 export default Ember.Controller.extend({
   serviceCheck: Ember.inject.service(),
+  ldapAuth: Ember.inject.service(),
 
-  serviceCheckCompleted: Ember.computed('serviceCheck.transitionToApplication', function()
{
+  serviceCheckCompleted: Ember.computed('serviceCheck.transitionToApplication', 'ldapAuth.passwordRequired',
function() {
+    if(this.get('ldapAuth.passwordRequired'))
+      return false;
     return !ENV.APP.SHOULD_PERFORM_SERVICE_CHECK || this.get('serviceCheck.transitionToApplication');
   })
 });

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/controllers/password.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/controllers/password.js b/contrib/views/hive20/src/main/resources/ui/app/controllers/password.js
new file mode 100644
index 0000000..30899b6
--- /dev/null
+++ b/contrib/views/hive20/src/main/resources/ui/app/controllers/password.js
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import Ember from 'ember';
+
+export default Ember.Controller.extend({
+  loginError: null,
+
+  isValid(password) {
+    this.set('loginError');
+    this.set('error');
+    this.set('errorText');
+    if (Ember.isEmpty(password)) {
+      this.set('error', true);
+      this.set('errorText', "Password cannot be empty");
+      return false;
+    }
+    return true;
+  },
+
+  actions: {
+    login(password) {
+      if (!this.isValid(password)) {
+        return false;
+      }
+      return true;
+    }
+  }
+});

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/controllers/service-check.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/controllers/service-check.js b/contrib/views/hive20/src/main/resources/ui/app/controllers/service-check.js
index 4183c1c..e5eb48d 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/controllers/service-check.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/controllers/service-check.js
@@ -25,6 +25,14 @@ export default Ember.Controller.extend({
   atsError: null,
   hiveError: null,
 
+  reset() {
+    this.set('hdfsError');
+    this.set('userHomeError');
+    this.set('atsError');
+    this.set('hiveError');
+
+  },
+
   progressStyle: Ember.computed('serviceCheck.percentCompleted', function() {
     let percentCompleted = this.get('serviceCheck.percentCompleted');
     return `width: ${percentCompleted}%;`;

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/router.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/router.js b/contrib/views/hive20/src/main/resources/ui/app/router.js
index d5d876d..3322642 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/router.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/router.js
@@ -26,6 +26,7 @@ const Router = Ember.Router.extend({
 
 Router.map(function() {
   this.route('service-check');
+  this.route('password');
 
   this.route('jobs');
   this.route('udfs', function() {

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/routes/application.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/routes/application.js b/contrib/views/hive20/src/main/resources/ui/app/routes/application.js
index 448fad2..1baedb9 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/routes/application.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/routes/application.js
@@ -22,6 +22,14 @@ import ENV from 'ui/config/environment';
 
 export default Ember.Route.extend({
   serviceCheck: Ember.inject.service(),
+  ldapAuth: Ember.inject.service(),
+
+
+  init() {
+    this.get('ldapAuth').on('ask-password', this.askPassword.bind(this));
+    this.get('ldapAuth').on('password-provided', this.passwordProvided.bind(this));
+    return this._super(...arguments);
+  },
 
   beforeModel() {
     if (ENV.APP.SHOULD_PERFORM_SERVICE_CHECK && !this.get('serviceCheck.checkCompleted'))
{
@@ -32,6 +40,15 @@ export default Ember.Route.extend({
   setupController: function (controller, model) {
     this._super(controller, model);
     controller.set('tabs', tabs);
+  },
+
+  askPassword() {
+    this.set('ldapAuth.passwordRequired', true);
+    this.transitionTo('password');
+  },
+
+  passwordProvided() {
+    this.refresh();
   }
 
 });

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/routes/password.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/routes/password.js b/contrib/views/hive20/src/main/resources/ui/app/routes/password.js
new file mode 100644
index 0000000..b1aae6f
--- /dev/null
+++ b/contrib/views/hive20/src/main/resources/ui/app/routes/password.js
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import Ember from 'ember';
+import UILoggerMixin from '../mixins/ui-logger';
+
+export default Ember.Route.extend(UILoggerMixin, {
+  ldapAuth: Ember.inject.service(),
+
+  setupController(controller, model) {
+    controller.set('password', '');
+    this.get('logger').clearMessages();
+    this._super(...arguments);
+  },
+
+  actions: {
+    login(password) {
+      this.get('ldapAuth').authenticate(password).then(() => {
+        this.set('ldapAuth.passwordRequired', false);
+        this.get('ldapAuth').passwordProvided();
+      }).catch(() => {
+        this.controller.set('loginError', "Failed to login to hive");
+      });
+    }
+  }
+});

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/routes/service-check.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/routes/service-check.js b/contrib/views/hive20/src/main/resources/ui/app/routes/service-check.js
index b6887d1..7023a54 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/routes/service-check.js
+++ b/contrib/views/hive20/src/main/resources/ui/app/routes/service-check.js
@@ -38,6 +38,7 @@ export default Ember.Route.extend({
 
   afterModel(){
     let controller = this.controllerFor("service-check");
+    controller.reset();
     controller.set("serviceCheckPolicy", this.get("serviceCheckPolicy"));
     this.get('serviceCheck').check(this.get("serviceCheckPolicy")).then((data) => {
       if(data.userHomePromise.state === 'rejected') {

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/services/ldap-auth.js
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/services/ldap-auth.js b/contrib/views/hive20/src/main/resources/ui/app/services/ldap-auth.js
new file mode 100644
index 0000000..d64afb9
--- /dev/null
+++ b/contrib/views/hive20/src/main/resources/ui/app/services/ldap-auth.js
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import Ember from 'ember';
+
+export default Ember.Service.extend(Ember.Evented, {
+  passwordRequired: false,
+  store: Ember.inject.service(),
+  askPassword() {
+    this.trigger('ask-password');
+  },
+
+  passwordProvided() {
+    this.trigger('password-provided')
+  },
+
+  authenticate(password) {
+    return this.get('store').adapterFor('auth').authenticate(password);
+  }
+});

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/templates/application.hbs
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/templates/application.hbs b/contrib/views/hive20/src/main/resources/ui/app/templates/application.hbs
index ea532df..53b2192 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/templates/application.hbs
+++ b/contrib/views/hive20/src/main/resources/ui/app/templates/application.hbs
@@ -29,12 +29,17 @@
         {{#tabs-pane tabs=tabs as |tab|}}
           {{tabs-item tab=tab tabs=tabs}}
         {{/tabs-pane}}
+      {{else if ldapAuth.passwordRequired}}
+        {{top-application-bar askPassword=true}}
       {{else}}
         {{top-application-bar service=true}}
       {{/if}}
 
     </div>
   </div>
+  {{#if askPassword}}
+    ASKING PASSWORD
+  {{/if}}
   <div class="row">
     <div class="main-wrapper clearfix">
       <div class="col-md-12">

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/templates/components/top-application-bar.hbs
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/templates/components/top-application-bar.hbs
b/contrib/views/hive20/src/main/resources/ui/app/templates/components/top-application-bar.hbs
index 2d85558..f163dca 100644
--- a/contrib/views/hive20/src/main/resources/ui/app/templates/components/top-application-bar.hbs
+++ b/contrib/views/hive20/src/main/resources/ui/app/templates/components/top-application-bar.hbs
@@ -17,8 +17,14 @@
 }}
 
 <h3 class="clearfix">
-  <strong>HIVE {{#if service}}<small>SERVICE CHECKS</small>{{/if}}</strong>
-  {{#if (not service)}}
+  <strong>HIVE
+    {{#if service}}
+      <small>SERVICE CHECKS</small>
+    {{else if askPassword}}
+      <small>PASSWORD</small>
+    {{/if}}
+  </strong>
+  {{#if (not (or service askPassword))}}
     <span class="pull-right">
       {{#link-to 'queries.new' class="btn btn-sm btn-success"}}{{fa-icon "plus"}} NEW JOB{{/link-to}}
         {{#link-to 'databases.newtable' class="btn btn-sm btn-success"}}{{fa-icon "plus"}}
NEW TABLE{{/link-to}}

http://git-wip-us.apache.org/repos/asf/ambari/blob/494c26a5/contrib/views/hive20/src/main/resources/ui/app/templates/password.hbs
----------------------------------------------------------------------
diff --git a/contrib/views/hive20/src/main/resources/ui/app/templates/password.hbs b/contrib/views/hive20/src/main/resources/ui/app/templates/password.hbs
new file mode 100644
index 0000000..bf9f8aa
--- /dev/null
+++ b/contrib/views/hive20/src/main/resources/ui/app/templates/password.hbs
@@ -0,0 +1,48 @@
+{{!
+* Licensed to the Apache Software Foundation (ASF) under one
+* or more contributor license agreements.  See the NOTICE file
+* distributed with this work for additional information
+* regarding copyright ownership.  The ASF licenses this file
+* to you under the Apache License, Version 2.0 (the
+* "License"); you may not use this file except in compliance
+* with the License.  You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+}}
+
+<div class="col-md-offset-2 col-md-8">
+  <div class="col-md-12 text-center">
+    <div class="alert alert-danger">
+      <p class="lead">Hive Authentication Password Required</p>
+    </div>
+  </div>
+
+  <div class="col-md-offset-2 col-md-8 form-horizontal">
+    <div class="form-group {{if error 'has-error'}}">
+      <label class="col-sm-2 control-label">Password</label>
+      <div class="col-sm-8">
+        {{input type="password" class="form-control" value=password}}
+        <span class="help-block">{{errorText}}</span>
+      </div>
+      <div class="col-sm-2">
+        <button type="submit" class="btn btn-success" {{action "login" password}}>Login</button>
+      </div>
+    </div>
+    {{#if loginError}}
+      <div class="row">
+        <div class="col-md-offset-2 col-md-8 text-center">
+          <div class="alert alert-danger ">
+            <p>{{loginError}}</p>
+          </div>
+        </div>
+      </div>
+    {{/if}}
+  </div>
+
+</div>


Mime
View raw message