hive-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From the...@apache.org
Subject svn commit: r1576689 [1/6] - in /hive/branches/branch-0.13: beeline/ beeline/src/java/org/apache/hive/beeline/ beeline/src/test/org/apache/hive/beeline/ common/src/java/org/apache/hadoop/hive/conf/ conf/ data/files/ itests/hive-unit/src/test/java/org/a...
Date Wed, 12 Mar 2014 10:59:56 GMT
Author: thejas
Date: Wed Mar 12 10:59:54 2014
New Revision: 1576689

URL: http://svn.apache.org/r1576689
Log:
HIVE-5155 : Support secure proxy user access to HiveServer2 (Prasad Mujumdar via Thejas Nair)

Added:
    hive/branches/branch-0.13/beeline/src/test/org/apache/hive/beeline/ProxyAuthTest.java
    hive/branches/branch-0.13/data/files/ProxyAuth.res
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TCancelDelegationTokenReq.java
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TCancelDelegationTokenResp.java
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TGetDelegationTokenReq.java
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TGetDelegationTokenResp.java
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TRenewDelegationTokenReq.java
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TRenewDelegationTokenResp.java
Modified:
    hive/branches/branch-0.13/beeline/pom.xml
    hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLine.java
    hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java
    hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/Commands.java
    hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java
    hive/branches/branch-0.13/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
    hive/branches/branch-0.13/conf/hive-default.xml.template
    hive/branches/branch-0.13/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
    hive/branches/branch-0.13/jdbc/src/java/org/apache/hadoop/hive/jdbc/HiveConnection.java
    hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
    hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/Utils.java
    hive/branches/branch-0.13/service/if/TCLIService.thrift
    hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.cpp
    hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.h
    hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService_server.skeleton.cpp
    hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService_types.cpp
    hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService_types.h
    hive/branches/branch-0.13/service/src/gen/thrift/gen-javabean/org/apache/hive/service/cli/thrift/TCLIService.java
    hive/branches/branch-0.13/service/src/gen/thrift/gen-php/TCLIService.php
    hive/branches/branch-0.13/service/src/gen/thrift/gen-py/TCLIService/TCLIService-remote
    hive/branches/branch-0.13/service/src/gen/thrift/gen-py/TCLIService/TCLIService.py
    hive/branches/branch-0.13/service/src/gen/thrift/gen-py/TCLIService/ttypes.py
    hive/branches/branch-0.13/service/src/gen/thrift/gen-rb/t_c_l_i_service.rb
    hive/branches/branch-0.13/service/src/gen/thrift/gen-rb/t_c_l_i_service_types.rb
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/auth/KerberosSaslHelper.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/auth/PlainSaslHelper.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/CLIService.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/CLIServiceClient.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/EmbeddedCLIServiceClient.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/ICLIService.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/session/HiveSession.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/session/HiveSessionImpl.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/session/HiveSessionImplwithUGI.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/session/SessionManager.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java
    hive/branches/branch-0.13/service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIServiceClient.java
    hive/branches/branch-0.13/service/src/test/org/apache/hive/service/auth/TestPlainSaslHelper.java
    hive/branches/branch-0.13/service/src/test/org/apache/hive/service/cli/session/TestSessionHooks.java
    hive/branches/branch-0.13/shims/0.20/src/main/java/org/apache/hadoop/hive/shims/Hadoop20Shims.java
    hive/branches/branch-0.13/shims/common-secure/src/main/java/org/apache/hadoop/hive/shims/HadoopShimsSecure.java
    hive/branches/branch-0.13/shims/common-secure/src/main/java/org/apache/hadoop/hive/thrift/DelegationTokenSecretManager.java
    hive/branches/branch-0.13/shims/common-secure/src/main/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge20S.java
    hive/branches/branch-0.13/shims/common/src/main/java/org/apache/hadoop/hive/shims/HadoopShims.java
    hive/branches/branch-0.13/shims/common/src/main/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge.java

Modified: hive/branches/branch-0.13/beeline/pom.xml
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/beeline/pom.xml?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/beeline/pom.xml (original)
+++ hive/branches/branch-0.13/beeline/pom.xml Wed Mar 12 10:59:54 2014
@@ -145,6 +145,19 @@
   <build>
     <sourceDirectory>${basedir}/src/java</sourceDirectory>
     <testSourceDirectory>${basedir}/src/test</testSourceDirectory>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-jar-plugin</artifactId>
+        <executions>
+          <execution>
+            <goals>
+              <goal>test-jar</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
   </build>
 
 </project>

Modified: hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLine.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLine.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLine.java (original)
+++ hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLine.java Wed Mar 12 10:59:54 2014
@@ -502,6 +502,7 @@ public class BeeLine {
     List<String> commands = new LinkedList<String>();
     List<String> files = new LinkedList<String>();
     String driver = null, user = null, pass = null, url = null, cmd = null;
+    String auth = null;
 
     for (int i = 0; i < args.length; i++) {
       if (args[i].equals("--help") || args[i].equals("-h")) {
@@ -554,6 +555,9 @@ public class BeeLine {
         driver = args[i++ + 1];
       } else if (args[i].equals("-n")) {
         user = args[i++ + 1];
+      } else if (args[i].equals("-a")) {
+        auth = args[i++ + 1];
+        getOpts().setAuthType(auth);
       } else if (args[i].equals("-p")) {
         pass = args[i++ + 1];
       } else if (args[i].equals("-u")) {

Modified: hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java (original)
+++ hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java Wed Mar 12 10:59:54 2014
@@ -86,6 +86,8 @@ class BeeLineOpts implements Completor {
   private String historyFile = new File(saveDir(), "history").getAbsolutePath();
 
   private String scriptFile = null;
+  private String authType = null;
+
 
   private Map<String, String> hiveVariables = new HashMap<String, String>();
   private Map<String, String> hiveConfVariables = new HashMap<String, String>();
@@ -248,6 +250,13 @@ class BeeLineOpts implements Completor {
     this.fastConnect = fastConnect;
   }
 
+  public String getAuthType() {
+    return authType;
+  }
+
+  public void setAuthType(String authType) {
+    this.authType = authType;
+  }
 
   public boolean getFastConnect() {
     return fastConnect;

Modified: hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/Commands.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/Commands.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/Commands.java (original)
+++ hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/Commands.java Wed Mar 12 10:59:54 2014
@@ -876,6 +876,7 @@ public class Commands {
     if (pass != null) {
       props.setProperty("password", pass);
     }
+
     return connect(props);
   }
 
@@ -922,6 +923,7 @@ public class Commands {
         "javax.jdo.option.ConnectionPassword",
         "ConnectionPassword",
     });
+    String auth = getProperty(props, new String[] {"auth"});
 
     if (url == null || url.length() == 0) {
       return beeLine.error("Property \"url\" is required");
@@ -937,14 +939,23 @@ public class Commands {
     if (username == null) {
       username = beeLine.getConsoleReader().readLine("Enter username for " + url + ": ");
     }
+    props.setProperty("user", username);
     if (password == null) {
       password = beeLine.getConsoleReader().readLine("Enter password for " + url + ": ",
           new Character('*'));
     }
+    props.setProperty("password", password);
+
+    if (auth == null) {
+      auth = beeLine.getOpts().getAuthType();
+    }
+    if (auth != null) {
+      props.setProperty("auth", auth);
+    }
 
     try {
       beeLine.getDatabaseConnections().setConnection(
-          new DatabaseConnection(beeLine, driver, url, username, password));
+          new DatabaseConnection(beeLine, driver, url, props));
       beeLine.getDatabaseConnection().getConnection();
 
       beeLine.setCompletions();
@@ -1171,8 +1182,8 @@ public class Commands {
     } catch (Exception e) {
       beeLine.handleException(e);
     }
-    beeLine.output(beeLine.loc("record-closed", beeLine.getRecordOutputFile()));
     beeLine.setRecordOutputFile(null);
+    beeLine.output(beeLine.loc("record-closed", beeLine.getRecordOutputFile()));
     return true;
   }
 
@@ -1191,8 +1202,9 @@ public class Commands {
     }
 
     try {
-      beeLine.setRecordOutputFile(new OutputFile(parts[1]));
-      beeLine.output(beeLine.loc("record-started", beeLine.getRecordOutputFile()));
+      OutputFile recordOutput = new OutputFile(parts[1]);
+      beeLine.output(beeLine.loc("record-started", recordOutput));
+      beeLine.setRecordOutputFile(recordOutput);
       return true;
     } catch (Exception e) {
       return beeLine.error(e);

Modified: hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java (original)
+++ hive/branches/branch-0.13/beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java Wed Mar 12 10:59:54 2014
@@ -30,6 +30,7 @@ import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.Properties;
 import java.util.Map;
 import java.util.Properties;
 import java.util.Set;
@@ -49,19 +50,17 @@ class DatabaseConnection {
   private DatabaseMetaData meta;
   private final String driver;
   private final String url;
-  private final String username;
-  private final String password;
+  private final Properties info;
   private Schema schema = null;
   private Completor sqlCompletor = null;
 
 
   public DatabaseConnection(BeeLine beeLine, String driver, String url,
-      String username, String password) throws SQLException {
+       Properties info) throws SQLException {
     this.beeLine = beeLine;
     this.driver = driver;
-    this.username = username;
-    this.password = password;
     this.url = url;
+    this.info = info;
   }
 
   @Override
@@ -133,9 +132,6 @@ class DatabaseConnection {
       return beeLine.error(e);
     }
 
-    Properties info = new Properties();
-    info.put(HIVE_AUTH_USER, username);
-    info.put(HIVE_AUTH_PASSWD, password);
     Map<String, String> hiveVars = beeLine.getOpts().getHiveVariables();
     for (Map.Entry<String, String> var : hiveVars.entrySet()) {
       info.put(HIVE_VAR_PREFIX + var.getKey(), var.getValue());
@@ -312,4 +308,4 @@ class DatabaseConnection {
       }
     }
   }
-}
\ No newline at end of file
+}

Added: hive/branches/branch-0.13/beeline/src/test/org/apache/hive/beeline/ProxyAuthTest.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/beeline/src/test/org/apache/hive/beeline/ProxyAuthTest.java?rev=1576689&view=auto
==============================================================================
--- hive/branches/branch-0.13/beeline/src/test/org/apache/hive/beeline/ProxyAuthTest.java (added)
+++ hive/branches/branch-0.13/beeline/src/test/org/apache/hive/beeline/ProxyAuthTest.java Wed Mar 12 10:59:54 2014
@@ -0,0 +1,382 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hive.beeline;
+
+import java.io.*;
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.ResultSet;
+import java.sql.ResultSetMetaData;
+import java.sql.SQLException;
+import java.sql.Statement;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.IOUtils;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hive.jdbc.HiveConnection;
+import org.apache.hive.beeline.BeeLine;
+import org.apache.hadoop.hive.shims.ShimLoader;
+import org.apache.hive.service.auth.HiveAuthFactory;
+
+/**
+ * Simple client application to test various direct and proxy connection to HiveServer2
+ * Note that it's not an automated test at this point. It requires a manually configured
+ * secure HivServer2. It also requires a super user and a normal user principal.
+ * Steps to run the test -
+ *   kinit <super-user>
+ *   hive --service jar beeline/target/hive-beeline-0.13.0-SNAPSHOT-tests.jar \
+ *      org.apache.hive.beeline.ProxyAuthTest \
+ *      <HS2host> <HS2Port> <HS2-Server-principal> <client-principal>
+ */
+public class ProxyAuthTest {
+  private static final String driverName = "org.apache.hive.jdbc.HiveDriver";
+  private static final String BEELINE_EXIT = "beeline.system.exit";
+  private static Connection con = null;
+  private static boolean noClose = false;
+  private static String tabName = "jdbc_test";
+  private static String tabDataFileName;
+  private static String scriptFileName;
+  private static String [] dmlStmts;
+  private static String [] dfsStmts;
+  private static String [] selectStmts;
+  private static String [] cleanUpStmts;
+  private static InputStream inpStream = null;
+  private static int tabCount = 1;
+  private static File resultFile= null;
+
+  public static void main(String[] args) throws Exception {
+    if (args.length < 4) {
+      System.out.println("Usage ProxyAuthTest <host> <port> <server_principal> <proxy_user> [testTab]");
+      System.exit(1);
+    }
+
+    File currentResultFile = null;
+    String [] beeLineArgs = {};
+
+    Class.forName(driverName);
+    String host = args[0];
+    String port = args[1];
+    String serverPrincipal = args[2];
+    String proxyUser = args[3];
+    String url = null;
+    if (args.length > 4) {
+       tabName = args[4];
+    }
+
+    generateData();
+    generateSQL(null);
+
+    try {
+    /*
+     * Connect via kerberos and get delegation token
+     */
+    url = "jdbc:hive2://" + host + ":" + port + "/default;principal=" + serverPrincipal;
+    con = DriverManager.getConnection(url);
+    System.out.println("Connected successfully to " + url);
+    // get delegation token for the given proxy user
+    String token = ((HiveConnection)con).getDelegationToken(proxyUser, serverPrincipal);
+    if ("true".equals(System.getProperty("proxyAuth.debug", "false"))) {
+      System.out.println("Got token: " + token);
+    }
+    con.close();
+
+    // so that beeline won't kill the JVM
+    System.setProperty(BEELINE_EXIT, "true");
+
+    // connect using principal via Beeline with inputStream
+    url = "jdbc:hive2://" + host + ":" + port + "/default;principal=" + serverPrincipal;
+    currentResultFile = generateSQL(null);
+    beeLineArgs = new String[] { "-u", url, "-n", "foo", "-p", "bar"};
+    System.out.println("Connection with kerberos, user/password via args, using input rediction");
+    BeeLine.mainWithInputRedirection(beeLineArgs, inpStream);
+    compareResults( currentResultFile);
+
+    // connect using principal via Beeline with inputStream
+    url = "jdbc:hive2://" + host + ":" + port + "/default;principal=" + serverPrincipal;
+    currentResultFile = generateSQL(null);
+    beeLineArgs = new String[] { "-u", url, "-n", "foo", "-p", "bar", "-f" , scriptFileName};
+    System.out.println("Connection with kerberos, user/password via args, using input script");
+    BeeLine.main(beeLineArgs);
+    compareResults( currentResultFile);
+
+    // connect using principal via Beeline with inputStream
+    url = "jdbc:hive2://" + host + ":" + port + "/default;principal=" + serverPrincipal;
+    currentResultFile = generateSQL(url+ " foo bar ");
+    beeLineArgs = new String[] { "-u", url, "-f" , scriptFileName};
+    System.out.println("Connection with kerberos, user/password via connect, using input script");
+    BeeLine.main(beeLineArgs);
+    compareResults( currentResultFile);
+
+    // connect using principal via Beeline with inputStream
+    url = "jdbc:hive2://" + host + ":" + port + "/default;principal=" + serverPrincipal;
+    currentResultFile = generateSQL(url+ " foo bar ");
+    beeLineArgs = new String[] { "-u", url, "-f" , scriptFileName};
+    System.out.println("Connection with kerberos, user/password via connect, using input redirect");
+    BeeLine.mainWithInputRedirection(beeLineArgs, inpStream);
+    compareResults( currentResultFile);
+
+    /*
+     * Connect using the delegation token passed via configuration object
+     */
+    System.out.println("Store token into ugi and try");
+    storeTokenInJobConf(token);
+    url = "jdbc:hive2://" + host + ":" + port + "/default;auth=delegationToken";
+    con = DriverManager.getConnection(url);
+    System.out.println("Connecting to " + url);
+    runTest();
+    con.close();
+
+    // connect using token via Beeline with inputStream
+    url = "jdbc:hive2://" + host + ":" + port + "/default";
+    currentResultFile = generateSQL(null);
+    beeLineArgs = new String[] { "-u", url, "-n", "foo", "-p", "bar", "-a", "delegationToken" };
+    System.out.println("Connection with token, user/password via args, using input redirection");
+    BeeLine.mainWithInputRedirection(beeLineArgs, inpStream);
+    compareResults( currentResultFile);
+
+    // connect using token via Beeline using script
+    url = "jdbc:hive2://" + host + ":" + port + "/default";
+    currentResultFile = generateSQL(null);
+    beeLineArgs = new String[] { "-u", url, "-n", "foo", "-p", "bar", "-a", "delegationToken",
+        "-f", scriptFileName};
+    System.out.println("Connection with token, user/password via args, using input script");
+    BeeLine.main(beeLineArgs);
+    compareResults( currentResultFile);
+
+    // connect using token via Beeline using script
+    url = "jdbc:hive2://" + host + ":" + port + "/default";
+    currentResultFile = generateSQL(url + " foo bar ");
+    beeLineArgs = new String [] {"-a", "delegationToken", "-f", scriptFileName};
+    System.out.println("Connection with token, user/password via connect, using input script");
+    BeeLine.main(beeLineArgs);
+    compareResults( currentResultFile);
+
+    // connect using token via Beeline using script
+    url = "jdbc:hive2://" + host + ":" + port + "/default";
+    currentResultFile = generateSQL(url + " foo bar ");
+    System.out.println("Connection with token, user/password via connect, using input script");
+    beeLineArgs = new String [] {"-f", scriptFileName, "-a", "delegationToken"};
+    BeeLine.main(beeLineArgs);
+    compareResults( currentResultFile);
+
+    /*
+     * Connect via kerberos with trusted proxy user
+     */
+    url = "jdbc:hive2://" + host + ":" + port + "/default;principal=" + serverPrincipal
+          + ";hive.server2.proxy.user=" + proxyUser;
+    con = DriverManager.getConnection(url);
+    System.out.println("Connected successfully to " + url);
+    runTest();
+
+    ((HiveConnection)con).cancelDelegationToken(token);
+    con.close();
+    } catch (SQLException e) {
+      System.out.println("*** SQLException: " + e.getMessage() + " : " + e.getSQLState());
+      e.printStackTrace();
+    }
+
+    /* verify the connection fails after canceling the token */
+    try {
+      url = "jdbc:hive2://" + host + ":" + port + "/default;auth=delegationToken";
+      con = DriverManager.getConnection(url);
+      throw new Exception ("connection should have failed after token cancelation");
+    } catch (SQLException e) {
+      // Expected to fail due to canceled token
+    }
+  }
+
+  private static void storeTokenInJobConf(String tokenStr) throws Exception {
+    ShimLoader.getHadoopShims().setTokenStr(ShimLoader.getHadoopShims().getUGIForConf(new Configuration()),
+          tokenStr, HiveAuthFactory.HS2_CLIENT_TOKEN);
+    System.out.println("Stored token " + tokenStr);
+  }
+
+  // run sql operations
+  private static void runTest() throws Exception {
+    // craete table and check dir ownership
+    runDMLs();
+
+    // run queries
+    for (String stmt: dfsStmts) {
+      runQuery(stmt);
+    }
+
+    // run queries
+    for (String stmt: selectStmts) {
+      runQuery(stmt);
+    }
+
+    // delete all the objects created
+    cleanUp();
+  }
+
+  // create tables and load data
+  private static void runDMLs() throws Exception {
+    for (String stmt : dmlStmts) {
+      exStatement(stmt);
+    }
+  }
+
+  // drop tables
+  private static void cleanUp() throws Exception {
+    for (String stmt : cleanUpStmts) {
+      exStatement(stmt);
+    }
+  }
+
+  private static void runQuery(String sqlStmt) throws Exception {
+    Statement stmt = con.createStatement();
+    ResultSet res = stmt.executeQuery(sqlStmt);
+
+    ResultSetMetaData meta = res.getMetaData();
+    System.out.println("Resultset has " + meta.getColumnCount() + " columns");
+    for (int i = 1; i <= meta.getColumnCount(); i++) {
+      System.out.println("Column #" + i + " Name: " + meta.getColumnName(i) +
+            " Type: " + meta.getColumnType(i));
+    }
+
+    while (res.next()) {
+      for (int i = 1; i <= meta.getColumnCount(); i++) {
+        System.out.println("Column #" + i + ": " + res.getString(i));
+      }
+    }
+    res.close();
+    stmt.close();
+  }
+
+  // Execute the given sql statement
+  private static void exStatement(String query) throws Exception {
+    Statement stmt = con.createStatement();
+    stmt.execute(query);
+    if (!noClose) {
+      stmt.close();
+    }
+  }
+
+  // generate SQL stmts to execute
+  private static File generateSQL(String url) throws Exception {
+    String current = new java.io.File( "." ).getCanonicalPath();
+    String currentDir = System.getProperty("user.dir");
+    String queryTab = tabName + "_" + (tabCount++);
+    dmlStmts = new String[] {
+    "USE default",
+    "drop table if exists  " + queryTab,
+    "create table " + queryTab + "(id int, name string) " +
+        "ROW FORMAT DELIMITED FIELDS TERMINATED BY '|'",
+    "load data local inpath '" + tabDataFileName + "' into table " + queryTab
+    };
+    selectStmts = new String[] {
+      "select * from " + queryTab + " limit 5",
+      "select name, id from " + queryTab + " where id < 3",
+    };
+    dfsStmts = new String[] {
+//      "set " + SESSION_USER_NAME,
+//      "dfs -ls -d ${hiveconf:hive.metastore.warehouse.dir}/" + queryTab
+    };
+    cleanUpStmts = new String[] {
+      "drop table if exists  " + queryTab
+    };
+
+    // write sql statements to file
+    return writeArrayToByteStream(url);
+  }
+
+  // generate data file for test
+  private static void generateData() throws Exception {
+    String fileData[] = {
+      "1|aaa",
+      "2|bbb",
+      "3|ccc",
+      "4|ddd",
+      "5|eee",
+    };
+
+    File tmpFile = File.createTempFile(tabName, ".data");
+    tmpFile.deleteOnExit();
+    tabDataFileName = tmpFile.getPath();
+    FileWriter fstream = new FileWriter(tabDataFileName);
+    BufferedWriter out = new BufferedWriter(fstream);
+    for (String line: fileData) {
+      out.write(line);
+      out.newLine();
+    }
+    out.close();
+    tmpFile.setWritable(true, true);
+  }
+
+  // Create a input stream of given name.ext  and write sql statements to to it
+  // Returns the result File object which will contain the query results
+  private static File writeArrayToByteStream(String url) throws Exception {
+    ByteArrayOutputStream out = new ByteArrayOutputStream();
+
+    if (url != null) {
+      writeCmdLine("!connect " + url, out);
+    }
+    writeCmdLine("!brief", out);
+    writeCmdLine("!set silent true", out);
+    resultFile = File.createTempFile(tabName, ".out");
+    if (!"true".equals(System.getProperty("proxyAuth.debug", "false"))) {
+      resultFile.deleteOnExit();
+    }
+    writeCmdLine("!record " + resultFile.getPath(), out);
+
+    for (String stmt: dmlStmts) {
+      writeSqlLine(stmt, out);
+    }
+
+    for (String stmt: selectStmts) {
+      writeSqlLine(stmt, out);
+    }
+
+    for (String stmt: cleanUpStmts) {
+      writeSqlLine(stmt, out);
+    }
+    writeCmdLine("!record", out);
+    writeCmdLine("!quit", out);
+
+    File tmpFile = File.createTempFile(tabName, ".q");
+    tmpFile.deleteOnExit();
+    scriptFileName = tmpFile.getPath();
+    FileOutputStream fstream = new FileOutputStream(scriptFileName);
+    out.writeTo(fstream);
+
+    inpStream = new ByteArrayInputStream(out.toByteArray());
+    return resultFile;
+  }
+
+  // write stmt + ";" + System.getProperty("line.separator")
+  private static void writeSqlLine(String stmt, OutputStream out) throws Exception {
+    out.write(stmt.getBytes());
+    out.write(";".getBytes());
+    out.write(System.getProperty("line.separator").getBytes());
+  }
+
+  private static void writeCmdLine(String cmdLine, OutputStream out) throws Exception {
+    out.write(cmdLine.getBytes());
+    out.write(System.getProperty("line.separator").getBytes());
+  }
+
+  private static void compareResults(File file2)  throws IOException {
+    // load the expected results
+    File baseResultFile = new File(System.getProperty("proxyAuth.res.file"), "data/files/ProxyAuth.res");
+    if (!FileUtils.contentEquals(baseResultFile, file2)) {
+      throw new IOException("File compare failed: " + file2.getPath() + " differs");
+    }
+  }
+}
+

Modified: hive/branches/branch-0.13/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java (original)
+++ hive/branches/branch-0.13/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java Wed Mar 12 10:59:54 2014
@@ -868,6 +868,7 @@ public class HiveConf extends Configurat
     // HiveServer2 auth configuration
     HIVE_SERVER2_AUTHENTICATION("hive.server2.authentication", "NONE",
         new StringsValidator("NOSASL", "NONE", "LDAP", "KERBEROS", "PAM", "CUSTOM")),
+    HIVE_SERVER2_ALLOW_USER_SUBSTITUTION("hive.server2.allow.user.substitution", true),
     HIVE_SERVER2_KERBEROS_KEYTAB("hive.server2.authentication.kerberos.keytab", ""),
     HIVE_SERVER2_KERBEROS_PRINCIPAL("hive.server2.authentication.kerberos.principal", ""),
     HIVE_SERVER2_PLAIN_LDAP_URL("hive.server2.authentication.ldap.url", null),

Modified: hive/branches/branch-0.13/conf/hive-default.xml.template
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/conf/hive-default.xml.template?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/conf/hive-default.xml.template (original)
+++ hive/branches/branch-0.13/conf/hive-default.xml.template Wed Mar 12 10:59:54 2014
@@ -2436,4 +2436,12 @@
   </description>
 </property>
 
+<property>
+  <name>hive.server2.allow.user.substitution</name>
+  <value>true</value>
+  <description>
+    Allow alternate user to be specified as part of HiveServer2 open connection request
+  </description>
+</property>
+
 </configuration>

Added: hive/branches/branch-0.13/data/files/ProxyAuth.res
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/data/files/ProxyAuth.res?rev=1576689&view=auto
==============================================================================
--- hive/branches/branch-0.13/data/files/ProxyAuth.res (added)
+++ hive/branches/branch-0.13/data/files/ProxyAuth.res Wed Mar 12 10:59:54 2014
@@ -0,0 +1,15 @@
++-----+-------+
+| id  | name  |
++-----+-------+
+| 1   | aaa   |
+| 2   | bbb   |
+| 3   | ccc   |
+| 4   | ddd   |
+| 5   | eee   |
++-----+-------+
++-------+-----+
+| name  | id  |
++-------+-----+
+| aaa   | 1   |
+| bbb   | 2   |
++-------+-----+

Modified: hive/branches/branch-0.13/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java (original)
+++ hive/branches/branch-0.13/itests/hive-unit/src/test/java/org/apache/hive/jdbc/TestJdbcDriver2.java Wed Mar 12 10:59:54 2014
@@ -260,7 +260,7 @@ public class TestJdbcDriver2 {
     try{
       DriverManager.getConnection(url, "", "");
       fail("should have thrown IllegalArgumentException but did not ");
-    }catch(IllegalArgumentException i){
+    } catch(SQLException i) {
       assertTrue(i.getMessage().contains("Bad URL format. Hostname not found "
           + " in authority part of the url"));
     }

Modified: hive/branches/branch-0.13/jdbc/src/java/org/apache/hadoop/hive/jdbc/HiveConnection.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/jdbc/src/java/org/apache/hadoop/hive/jdbc/HiveConnection.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/jdbc/src/java/org/apache/hadoop/hive/jdbc/HiveConnection.java (original)
+++ hive/branches/branch-0.13/jdbc/src/java/org/apache/hadoop/hive/jdbc/HiveConnection.java Wed Mar 12 10:59:54 2014
@@ -121,7 +121,6 @@ public class HiveConnection implements j
     isClosed = false;
     configureConnection();
   }
-  
  
   public void abort(Executor executor) throws SQLException {
     // JDK 1.7

Modified: hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java (original)
+++ hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java Wed Mar 12 10:59:54 2014
@@ -19,6 +19,7 @@
 package org.apache.hive.jdbc;
 
 import java.io.FileInputStream;
+import java.io.IOException;
 import java.security.KeyStore;
 import java.sql.Array;
 import java.sql.Blob;
@@ -54,16 +55,23 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.hadoop.hive.conf.HiveConf;
 import org.apache.hadoop.hive.ql.session.SessionState;
+import org.apache.hadoop.hive.shims.ShimLoader;
 import org.apache.hive.service.auth.HiveAuthFactory;
 import org.apache.hive.service.auth.KerberosSaslHelper;
 import org.apache.hive.service.auth.PlainSaslHelper;
 import org.apache.hive.service.auth.SaslQOP;
 import org.apache.hive.service.cli.thrift.EmbeddedThriftBinaryCLIService;
 import org.apache.hive.service.cli.thrift.TCLIService;
+import org.apache.hive.service.cli.thrift.TCancelDelegationTokenReq;
+import org.apache.hive.service.cli.thrift.TCancelDelegationTokenResp;
 import org.apache.hive.service.cli.thrift.TCloseSessionReq;
+import org.apache.hive.service.cli.thrift.TGetDelegationTokenReq;
+import org.apache.hive.service.cli.thrift.TGetDelegationTokenResp;
 import org.apache.hive.service.cli.thrift.TOpenSessionReq;
 import org.apache.hive.service.cli.thrift.TOpenSessionResp;
 import org.apache.hive.service.cli.thrift.TProtocolVersion;
+import org.apache.hive.service.cli.thrift.TRenewDelegationTokenReq;
+import org.apache.hive.service.cli.thrift.TRenewDelegationTokenResp;
 import org.apache.hive.service.cli.thrift.TSessionHandle;
 import org.apache.http.HttpRequestInterceptor;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
@@ -85,6 +93,7 @@ public class HiveConnection implements j
   private static final String HIVE_AUTH_TYPE= "auth";
   private static final String HIVE_AUTH_QOP = "sasl.qop";
   private static final String HIVE_AUTH_SIMPLE = "noSasl";
+  private static final String HIVE_AUTH_TOKEN = "delegationToken";
   private static final String HIVE_AUTH_USER = "user";
   private static final String HIVE_AUTH_PRINCIPAL = "principal";
   private static final String HIVE_AUTH_PASSWD = "password";
@@ -121,7 +130,12 @@ public class HiveConnection implements j
     setupLoginTimeout();
     jdbcURI = uri;
     // parse the connection uri
-    Utils.JdbcConnectionParams connParams = Utils.parseURL(jdbcURI);
+    Utils.JdbcConnectionParams connParams;
+    try {
+      connParams = Utils.parseURL(uri);
+    } catch (IllegalArgumentException e) {
+      throw new SQLException(e);
+    }
     // extract parsed connection parameters:
     // JDBC URL: jdbc:hive2://<host>:<port>/dbName;sess_var_list?hive_conf_list#hive_var_list
     // each list: <key1>=<val1>;<key2>=<val2> and so on
@@ -150,13 +164,17 @@ public class HiveConnection implements j
     if (isEmbeddedMode) {
       client = new EmbeddedThriftBinaryCLIService();
     } else {
-      // extract user/password from JDBC connection properties if its not supplied in the connection URL
+      // extract user/password from JDBC connection properties if its not supplied in the
+      // connection URL
       if (info.containsKey(HIVE_AUTH_USER)) {
         sessConfMap.put(HIVE_AUTH_USER, info.getProperty(HIVE_AUTH_USER));
         if (info.containsKey(HIVE_AUTH_PASSWD)) {
           sessConfMap.put(HIVE_AUTH_PASSWD, info.getProperty(HIVE_AUTH_PASSWD));
         }
       }
+      if (info.containsKey(HIVE_AUTH_TYPE)) {
+        sessConfMap.put(HIVE_AUTH_TYPE, info.getProperty(HIVE_AUTH_TYPE));
+      }
       // open the client transport
       openTransport();
       // set up the client
@@ -172,7 +190,7 @@ public class HiveConnection implements j
     supportedProtocols.add(TProtocolVersion.HIVE_CLI_SERVICE_PROTOCOL_V6);
 
     // open client session
-    openSession();
+    openSession(connParams.getSessionVars());
 
     configureConnection(connParams.getDbName());
   }
@@ -261,14 +279,26 @@ public class HiveConnection implements j
     }
   }
 
+  /**
+   * Create transport per the connection options
+   * Supported transport options are:
+   *   - SASL based transports over
+   *      + Kerberos
+   *      + Delegation token
+   *      + SSL
+   *      + non-SSL
+   *   - Raw (non-SASL) socket
+   *
+   *   Kerberos and Delegation token supports SASL QOP configurations
+   */
   private TTransport createBinaryTransport() throws SQLException {
     try {
       // handle secure connection if specified
       if (!HIVE_AUTH_SIMPLE.equals(sessConfMap.get(HIVE_AUTH_TYPE))) {
         // If Kerberos
+        Map<String, String> saslProps = new HashMap<String, String>();
+        SaslQOP saslQOP = SaslQOP.AUTH;
         if (sessConfMap.containsKey(HIVE_AUTH_PRINCIPAL)) {
-          Map<String, String> saslProps = new HashMap<String, String>();
-          SaslQOP saslQOP = SaslQOP.AUTH;
           if (sessConfMap.containsKey(HIVE_AUTH_QOP)) {
             try {
               saslQOP = SaslQOP.fromString(sessConfMap.get(HIVE_AUTH_QOP));
@@ -284,30 +314,42 @@ public class HiveConnection implements j
               sessConfMap.get(HIVE_AUTH_PRINCIPAL), host,
               HiveAuthFactory.getSocketTransport(host, port, loginTimeout), saslProps, assumeSubject);
         } else {
-          String userName = sessConfMap.get(HIVE_AUTH_USER);
-          if ((userName == null) || userName.isEmpty()) {
-            userName = HIVE_ANONYMOUS_USER;
-          }
-          String passwd = sessConfMap.get(HIVE_AUTH_PASSWD);
-          if ((passwd == null) || passwd.isEmpty()) {
-            passwd = HIVE_ANONYMOUS_PASSWD;
-          }
-          String useSslStr = sessConfMap.get(HIVE_USE_SSL);
-          if ("true".equalsIgnoreCase(useSslStr)) {
-            String sslTrustStore = sessConfMap.get(HIVE_SSL_TRUST_STORE);
-            String sslTrustStorePassword = sessConfMap.get(HIVE_SSL_TRUST_STORE_PASSWORD);
-            if (sslTrustStore == null || sslTrustStore.isEmpty()) {
-              transport = HiveAuthFactory.getSSLSocket(host, port, loginTimeout);
-            } else {
-              transport = HiveAuthFactory.getSSLSocket(host, port, loginTimeout,
+          // If there's a delegation token available then use token based connection
+          String tokenStr = getClientDelegationToken(sessConfMap);
+          if (tokenStr != null) {
+            transport = KerberosSaslHelper.getTokenTransport(tokenStr,
+                  host, HiveAuthFactory.getSocketTransport(host, port, loginTimeout), saslProps);
+          } else {
+            // we are using PLAIN Sasl connection with user/password
+            String userName = sessConfMap.get(HIVE_AUTH_USER);
+            if ((userName == null) || userName.isEmpty()) {
+              userName = HIVE_ANONYMOUS_USER;
+            }
+            String passwd = sessConfMap.get(HIVE_AUTH_PASSWD);
+            if ((passwd == null) || passwd.isEmpty()) {
+              passwd = HIVE_ANONYMOUS_PASSWD;
+            }
+            String useSslStr = sessConfMap.get(HIVE_USE_SSL);
+            if ("true".equalsIgnoreCase(useSslStr)) {
+              // get SSL socket
+              String sslTrustStore = sessConfMap.get(HIVE_SSL_TRUST_STORE);
+              String sslTrustStorePassword = sessConfMap.get(HIVE_SSL_TRUST_STORE_PASSWORD);
+              if (sslTrustStore == null || sslTrustStore.isEmpty()) {
+                transport = HiveAuthFactory.getSSLSocket(host, port, loginTimeout);
+              } else {
+                transport = HiveAuthFactory.getSSLSocket(host, port, loginTimeout,
                   sslTrustStore, sslTrustStorePassword);
+              }
+            } else {
+              // get non-SSL socket transport
+              transport = HiveAuthFactory.getSocketTransport(host, port, loginTimeout);
             }
-          } else {
-            transport = HiveAuthFactory.getSocketTransport(host, port, loginTimeout);
-          }
+          // Overlay the SASL transport on top of the base socket transport (SSL or non-SSL)
           transport = PlainSaslHelper.getPlainTransport(userName, passwd, transport);
+          }
         }
       } else {
+        // Raw socket connection (non-sasl)
         transport = HiveAuthFactory.getSocketTransport(host, port, loginTimeout);
       }
     } catch (SaslException e) {
@@ -330,11 +372,32 @@ public class HiveConnection implements j
     return false;
   }
 
-  private void openSession() throws SQLException {
+  // Lookup the delegation token. First in the connection URL, then Configuration
+  private String getClientDelegationToken(Map<String, String> jdbcConnConf)
+      throws SQLException {
+    String tokenStr = null;
+    if (HIVE_AUTH_TOKEN.equalsIgnoreCase(jdbcConnConf.get(HIVE_AUTH_TYPE))) {
+      // check delegation token in job conf if any
+      try {
+        tokenStr = ShimLoader.getHadoopShims().
+            getTokenStrForm(HiveAuthFactory.HS2_CLIENT_TOKEN);
+      } catch (IOException e) {
+        throw new SQLException("Error reading token ", e);
+      }
+    }
+    return tokenStr;
+  }
+
+  private void openSession(Map<String, String> sessVars) throws SQLException {
     TOpenSessionReq openReq = new TOpenSessionReq();
 
     // set the session configuration
-    // openReq.setConfiguration(null);
+    if (sessVars.containsKey(HiveAuthFactory.HS2_PROXY_USER)) {
+      Map<String, String> openConf = new HashMap<String, String>();
+      openConf.put(HiveAuthFactory.HS2_PROXY_USER,
+          sessVars.get(HiveAuthFactory.HS2_PROXY_USER));
+      openReq.setConfiguration(openConf);
+    }
 
     try {
       TOpenSessionResp openResp = client.OpenSession(openReq);
@@ -423,6 +486,44 @@ public class HiveConnection implements j
     throw new SQLException("Method not supported");
   }
 
+  public String getDelegationToken(String owner, String renewer) throws SQLException {
+    TGetDelegationTokenReq req = new TGetDelegationTokenReq(sessHandle, owner, renewer);
+    try {
+      TGetDelegationTokenResp tokenResp = client.GetDelegationToken(req);
+      Utils.verifySuccess(tokenResp.getStatus());
+      return tokenResp.getDelegationToken();
+    } catch (TException e) {
+      throw new SQLException("Could not retrieve token: " +
+            e.getMessage(), " 08S01", e);
+    }
+  }
+
+  public void cancelDelegationToken(String tokenStr) throws SQLException {
+    TCancelDelegationTokenReq cancelReq = new TCancelDelegationTokenReq(sessHandle, tokenStr);
+    try {
+      TCancelDelegationTokenResp cancelResp =
+              client.CancelDelegationToken(cancelReq);
+      Utils.verifySuccess(cancelResp.getStatus());
+      return;
+    } catch (TException e) {
+      throw new SQLException("Could not cancel token: " +
+            e.getMessage(), " 08S01", e);
+    }
+  }
+
+  public void renewDelegationToken(String tokenStr) throws SQLException {
+    TRenewDelegationTokenReq cancelReq = new TRenewDelegationTokenReq(sessHandle, tokenStr);
+    try {
+      TRenewDelegationTokenResp renewResp =
+              client.RenewDelegationToken(cancelReq);
+      Utils.verifySuccess(renewResp.getStatus());
+      return;
+    } catch (TException e) {
+      throw new SQLException("Could not renew token: " +
+            e.getMessage(), " 08S01", e);
+    }
+  }
+
   /*
    * (non-Javadoc)
    *

Modified: hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/Utils.java
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/Utils.java?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/Utils.java (original)
+++ hive/branches/branch-0.13/jdbc/src/java/org/apache/hive/jdbc/Utils.java Wed Mar 12 10:59:54 2014
@@ -145,7 +145,7 @@ public class Utils {
     JdbcConnectionParams connParams = new JdbcConnectionParams();
 
     if (!uri.startsWith(URL_PREFIX)) {
-      throw new IllegalArgumentException("Bad URL format");
+      throw new IllegalArgumentException("Bad URL format: Missing prefix " + URL_PREFIX);
     }
 
     // For URLs with no other configuration
@@ -197,7 +197,9 @@ public class Utils {
         if (sessVars != null) {
           Matcher sessMatcher = pattern.matcher(sessVars);
           while (sessMatcher.find()) {
-            connParams.getSessionVars().put(sessMatcher.group(1), sessMatcher.group(2));
+            if (connParams.getSessionVars().put(sessMatcher.group(1), sessMatcher.group(2)) != null) {
+              throw new IllegalArgumentException("Bad URL format: Multiple values for property " + sessMatcher.group(1));
+            }
           }
         }
       }

Modified: hive/branches/branch-0.13/service/if/TCLIService.thrift
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/service/if/TCLIService.thrift?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/service/if/TCLIService.thrift (original)
+++ hive/branches/branch-0.13/service/if/TCLIService.thrift Wed Mar 12 10:59:54 2014
@@ -1066,6 +1066,57 @@ struct TFetchResultsResp {
   3: optional TRowSet results
 }
 
+// GetDelegationToken()
+// Retrieve delegation token for the current user
+struct  TGetDelegationTokenReq {
+  // session handle
+  1: required TSessionHandle sessionHandle
+
+  // userid for the proxy user
+  2: required string owner
+
+  // designated renewer userid
+  3: required string renewer
+}
+
+struct TGetDelegationTokenResp {
+  // status of the request
+  1: required TStatus status
+
+  // delegation token string
+  2: optional string delegationToken
+}
+
+// CancelDelegationToken()
+// Cancel the given delegation token
+struct TCancelDelegationTokenReq {
+  // session handle
+  1: required TSessionHandle sessionHandle
+
+  // delegation token to cancel
+  2: required string delegationToken
+}
+
+struct TCancelDelegationTokenResp {
+  // status of the request
+  1: required TStatus status
+}
+
+// RenewDelegationToken()
+// Renew the given delegation token
+struct TRenewDelegationTokenReq {
+  // session handle
+  1: required TSessionHandle sessionHandle
+
+  // delegation token to renew
+  2: required string delegationToken
+}
+
+struct TRenewDelegationTokenResp {
+  // status of the request
+  1: required TStatus status
+}
+
 service TCLIService {
 
   TOpenSessionResp OpenSession(1:TOpenSessionReq req);
@@ -1097,6 +1148,12 @@ service TCLIService {
   TCloseOperationResp CloseOperation(1:TCloseOperationReq req);
 
   TGetResultSetMetadataResp GetResultSetMetadata(1:TGetResultSetMetadataReq req);
-  
+
   TFetchResultsResp FetchResults(1:TFetchResultsReq req);
+
+  TGetDelegationTokenResp GetDelegationToken(1:TGetDelegationTokenReq req);
+
+  TCancelDelegationTokenResp CancelDelegationToken(1:TCancelDelegationTokenReq req);
+
+  TRenewDelegationTokenResp RenewDelegationToken(1:TRenewDelegationTokenReq req);
 }

Modified: hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.cpp
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.cpp?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.cpp (original)
+++ hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.cpp Wed Mar 12 10:59:54 2014
@@ -2600,6 +2600,492 @@ uint32_t TCLIService_FetchResults_presul
   return xfer;
 }
 
+uint32_t TCLIService_GetDelegationToken_args::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 1:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += this->req.read(iprot);
+          this->__isset.req = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_GetDelegationToken_args::write(::apache::thrift::protocol::TProtocol* oprot) const {
+  uint32_t xfer = 0;
+  xfer += oprot->writeStructBegin("TCLIService_GetDelegationToken_args");
+
+  xfer += oprot->writeFieldBegin("req", ::apache::thrift::protocol::T_STRUCT, 1);
+  xfer += this->req.write(oprot);
+  xfer += oprot->writeFieldEnd();
+
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_GetDelegationToken_pargs::write(::apache::thrift::protocol::TProtocol* oprot) const {
+  uint32_t xfer = 0;
+  xfer += oprot->writeStructBegin("TCLIService_GetDelegationToken_pargs");
+
+  xfer += oprot->writeFieldBegin("req", ::apache::thrift::protocol::T_STRUCT, 1);
+  xfer += (*(this->req)).write(oprot);
+  xfer += oprot->writeFieldEnd();
+
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_GetDelegationToken_result::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 0:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += this->success.read(iprot);
+          this->__isset.success = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_GetDelegationToken_result::write(::apache::thrift::protocol::TProtocol* oprot) const {
+
+  uint32_t xfer = 0;
+
+  xfer += oprot->writeStructBegin("TCLIService_GetDelegationToken_result");
+
+  if (this->__isset.success) {
+    xfer += oprot->writeFieldBegin("success", ::apache::thrift::protocol::T_STRUCT, 0);
+    xfer += this->success.write(oprot);
+    xfer += oprot->writeFieldEnd();
+  }
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_GetDelegationToken_presult::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 0:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += (*(this->success)).read(iprot);
+          this->__isset.success = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_CancelDelegationToken_args::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 1:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += this->req.read(iprot);
+          this->__isset.req = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_CancelDelegationToken_args::write(::apache::thrift::protocol::TProtocol* oprot) const {
+  uint32_t xfer = 0;
+  xfer += oprot->writeStructBegin("TCLIService_CancelDelegationToken_args");
+
+  xfer += oprot->writeFieldBegin("req", ::apache::thrift::protocol::T_STRUCT, 1);
+  xfer += this->req.write(oprot);
+  xfer += oprot->writeFieldEnd();
+
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_CancelDelegationToken_pargs::write(::apache::thrift::protocol::TProtocol* oprot) const {
+  uint32_t xfer = 0;
+  xfer += oprot->writeStructBegin("TCLIService_CancelDelegationToken_pargs");
+
+  xfer += oprot->writeFieldBegin("req", ::apache::thrift::protocol::T_STRUCT, 1);
+  xfer += (*(this->req)).write(oprot);
+  xfer += oprot->writeFieldEnd();
+
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_CancelDelegationToken_result::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 0:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += this->success.read(iprot);
+          this->__isset.success = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_CancelDelegationToken_result::write(::apache::thrift::protocol::TProtocol* oprot) const {
+
+  uint32_t xfer = 0;
+
+  xfer += oprot->writeStructBegin("TCLIService_CancelDelegationToken_result");
+
+  if (this->__isset.success) {
+    xfer += oprot->writeFieldBegin("success", ::apache::thrift::protocol::T_STRUCT, 0);
+    xfer += this->success.write(oprot);
+    xfer += oprot->writeFieldEnd();
+  }
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_CancelDelegationToken_presult::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 0:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += (*(this->success)).read(iprot);
+          this->__isset.success = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_RenewDelegationToken_args::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 1:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += this->req.read(iprot);
+          this->__isset.req = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_RenewDelegationToken_args::write(::apache::thrift::protocol::TProtocol* oprot) const {
+  uint32_t xfer = 0;
+  xfer += oprot->writeStructBegin("TCLIService_RenewDelegationToken_args");
+
+  xfer += oprot->writeFieldBegin("req", ::apache::thrift::protocol::T_STRUCT, 1);
+  xfer += this->req.write(oprot);
+  xfer += oprot->writeFieldEnd();
+
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_RenewDelegationToken_pargs::write(::apache::thrift::protocol::TProtocol* oprot) const {
+  uint32_t xfer = 0;
+  xfer += oprot->writeStructBegin("TCLIService_RenewDelegationToken_pargs");
+
+  xfer += oprot->writeFieldBegin("req", ::apache::thrift::protocol::T_STRUCT, 1);
+  xfer += (*(this->req)).write(oprot);
+  xfer += oprot->writeFieldEnd();
+
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_RenewDelegationToken_result::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 0:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += this->success.read(iprot);
+          this->__isset.success = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
+uint32_t TCLIService_RenewDelegationToken_result::write(::apache::thrift::protocol::TProtocol* oprot) const {
+
+  uint32_t xfer = 0;
+
+  xfer += oprot->writeStructBegin("TCLIService_RenewDelegationToken_result");
+
+  if (this->__isset.success) {
+    xfer += oprot->writeFieldBegin("success", ::apache::thrift::protocol::T_STRUCT, 0);
+    xfer += this->success.write(oprot);
+    xfer += oprot->writeFieldEnd();
+  }
+  xfer += oprot->writeFieldStop();
+  xfer += oprot->writeStructEnd();
+  return xfer;
+}
+
+uint32_t TCLIService_RenewDelegationToken_presult::read(::apache::thrift::protocol::TProtocol* iprot) {
+
+  uint32_t xfer = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TType ftype;
+  int16_t fid;
+
+  xfer += iprot->readStructBegin(fname);
+
+  using ::apache::thrift::protocol::TProtocolException;
+
+
+  while (true)
+  {
+    xfer += iprot->readFieldBegin(fname, ftype, fid);
+    if (ftype == ::apache::thrift::protocol::T_STOP) {
+      break;
+    }
+    switch (fid)
+    {
+      case 0:
+        if (ftype == ::apache::thrift::protocol::T_STRUCT) {
+          xfer += (*(this->success)).read(iprot);
+          this->__isset.success = true;
+        } else {
+          xfer += iprot->skip(ftype);
+        }
+        break;
+      default:
+        xfer += iprot->skip(ftype);
+        break;
+    }
+    xfer += iprot->readFieldEnd();
+  }
+
+  xfer += iprot->readStructEnd();
+
+  return xfer;
+}
+
 void TCLIServiceClient::OpenSession(TOpenSessionResp& _return, const TOpenSessionReq& req)
 {
   send_OpenSession(req);
@@ -3528,6 +4014,180 @@ void TCLIServiceClient::recv_FetchResult
   throw ::apache::thrift::TApplicationException(::apache::thrift::TApplicationException::MISSING_RESULT, "FetchResults failed: unknown result");
 }
 
+void TCLIServiceClient::GetDelegationToken(TGetDelegationTokenResp& _return, const TGetDelegationTokenReq& req)
+{
+  send_GetDelegationToken(req);
+  recv_GetDelegationToken(_return);
+}
+
+void TCLIServiceClient::send_GetDelegationToken(const TGetDelegationTokenReq& req)
+{
+  int32_t cseqid = 0;
+  oprot_->writeMessageBegin("GetDelegationToken", ::apache::thrift::protocol::T_CALL, cseqid);
+
+  TCLIService_GetDelegationToken_pargs args;
+  args.req = &req;
+  args.write(oprot_);
+
+  oprot_->writeMessageEnd();
+  oprot_->getTransport()->writeEnd();
+  oprot_->getTransport()->flush();
+}
+
+void TCLIServiceClient::recv_GetDelegationToken(TGetDelegationTokenResp& _return)
+{
+
+  int32_t rseqid = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TMessageType mtype;
+
+  iprot_->readMessageBegin(fname, mtype, rseqid);
+  if (mtype == ::apache::thrift::protocol::T_EXCEPTION) {
+    ::apache::thrift::TApplicationException x;
+    x.read(iprot_);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+    throw x;
+  }
+  if (mtype != ::apache::thrift::protocol::T_REPLY) {
+    iprot_->skip(::apache::thrift::protocol::T_STRUCT);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+  }
+  if (fname.compare("GetDelegationToken") != 0) {
+    iprot_->skip(::apache::thrift::protocol::T_STRUCT);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+  }
+  TCLIService_GetDelegationToken_presult result;
+  result.success = &_return;
+  result.read(iprot_);
+  iprot_->readMessageEnd();
+  iprot_->getTransport()->readEnd();
+
+  if (result.__isset.success) {
+    // _return pointer has now been filled
+    return;
+  }
+  throw ::apache::thrift::TApplicationException(::apache::thrift::TApplicationException::MISSING_RESULT, "GetDelegationToken failed: unknown result");
+}
+
+void TCLIServiceClient::CancelDelegationToken(TCancelDelegationTokenResp& _return, const TCancelDelegationTokenReq& req)
+{
+  send_CancelDelegationToken(req);
+  recv_CancelDelegationToken(_return);
+}
+
+void TCLIServiceClient::send_CancelDelegationToken(const TCancelDelegationTokenReq& req)
+{
+  int32_t cseqid = 0;
+  oprot_->writeMessageBegin("CancelDelegationToken", ::apache::thrift::protocol::T_CALL, cseqid);
+
+  TCLIService_CancelDelegationToken_pargs args;
+  args.req = &req;
+  args.write(oprot_);
+
+  oprot_->writeMessageEnd();
+  oprot_->getTransport()->writeEnd();
+  oprot_->getTransport()->flush();
+}
+
+void TCLIServiceClient::recv_CancelDelegationToken(TCancelDelegationTokenResp& _return)
+{
+
+  int32_t rseqid = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TMessageType mtype;
+
+  iprot_->readMessageBegin(fname, mtype, rseqid);
+  if (mtype == ::apache::thrift::protocol::T_EXCEPTION) {
+    ::apache::thrift::TApplicationException x;
+    x.read(iprot_);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+    throw x;
+  }
+  if (mtype != ::apache::thrift::protocol::T_REPLY) {
+    iprot_->skip(::apache::thrift::protocol::T_STRUCT);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+  }
+  if (fname.compare("CancelDelegationToken") != 0) {
+    iprot_->skip(::apache::thrift::protocol::T_STRUCT);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+  }
+  TCLIService_CancelDelegationToken_presult result;
+  result.success = &_return;
+  result.read(iprot_);
+  iprot_->readMessageEnd();
+  iprot_->getTransport()->readEnd();
+
+  if (result.__isset.success) {
+    // _return pointer has now been filled
+    return;
+  }
+  throw ::apache::thrift::TApplicationException(::apache::thrift::TApplicationException::MISSING_RESULT, "CancelDelegationToken failed: unknown result");
+}
+
+void TCLIServiceClient::RenewDelegationToken(TRenewDelegationTokenResp& _return, const TRenewDelegationTokenReq& req)
+{
+  send_RenewDelegationToken(req);
+  recv_RenewDelegationToken(_return);
+}
+
+void TCLIServiceClient::send_RenewDelegationToken(const TRenewDelegationTokenReq& req)
+{
+  int32_t cseqid = 0;
+  oprot_->writeMessageBegin("RenewDelegationToken", ::apache::thrift::protocol::T_CALL, cseqid);
+
+  TCLIService_RenewDelegationToken_pargs args;
+  args.req = &req;
+  args.write(oprot_);
+
+  oprot_->writeMessageEnd();
+  oprot_->getTransport()->writeEnd();
+  oprot_->getTransport()->flush();
+}
+
+void TCLIServiceClient::recv_RenewDelegationToken(TRenewDelegationTokenResp& _return)
+{
+
+  int32_t rseqid = 0;
+  std::string fname;
+  ::apache::thrift::protocol::TMessageType mtype;
+
+  iprot_->readMessageBegin(fname, mtype, rseqid);
+  if (mtype == ::apache::thrift::protocol::T_EXCEPTION) {
+    ::apache::thrift::TApplicationException x;
+    x.read(iprot_);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+    throw x;
+  }
+  if (mtype != ::apache::thrift::protocol::T_REPLY) {
+    iprot_->skip(::apache::thrift::protocol::T_STRUCT);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+  }
+  if (fname.compare("RenewDelegationToken") != 0) {
+    iprot_->skip(::apache::thrift::protocol::T_STRUCT);
+    iprot_->readMessageEnd();
+    iprot_->getTransport()->readEnd();
+  }
+  TCLIService_RenewDelegationToken_presult result;
+  result.success = &_return;
+  result.read(iprot_);
+  iprot_->readMessageEnd();
+  iprot_->getTransport()->readEnd();
+
+  if (result.__isset.success) {
+    // _return pointer has now been filled
+    return;
+  }
+  throw ::apache::thrift::TApplicationException(::apache::thrift::TApplicationException::MISSING_RESULT, "RenewDelegationToken failed: unknown result");
+}
+
 bool TCLIServiceProcessor::dispatchCall(::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, const std::string& fname, int32_t seqid, void* callContext) {
   ProcessMap::iterator pfn;
   pfn = processMap_.find(fname);
@@ -4411,6 +5071,168 @@ void TCLIServiceProcessor::process_Fetch
   }
 }
 
+void TCLIServiceProcessor::process_GetDelegationToken(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext)
+{
+  void* ctx = NULL;
+  if (this->eventHandler_.get() != NULL) {
+    ctx = this->eventHandler_->getContext("TCLIService.GetDelegationToken", callContext);
+  }
+  ::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(), ctx, "TCLIService.GetDelegationToken");
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->preRead(ctx, "TCLIService.GetDelegationToken");
+  }
+
+  TCLIService_GetDelegationToken_args args;
+  args.read(iprot);
+  iprot->readMessageEnd();
+  uint32_t bytes = iprot->getTransport()->readEnd();
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->postRead(ctx, "TCLIService.GetDelegationToken", bytes);
+  }
+
+  TCLIService_GetDelegationToken_result result;
+  try {
+    iface_->GetDelegationToken(result.success, args.req);
+    result.__isset.success = true;
+  } catch (const std::exception& e) {
+    if (this->eventHandler_.get() != NULL) {
+      this->eventHandler_->handlerError(ctx, "TCLIService.GetDelegationToken");
+    }
+
+    ::apache::thrift::TApplicationException x(e.what());
+    oprot->writeMessageBegin("GetDelegationToken", ::apache::thrift::protocol::T_EXCEPTION, seqid);
+    x.write(oprot);
+    oprot->writeMessageEnd();
+    oprot->getTransport()->writeEnd();
+    oprot->getTransport()->flush();
+    return;
+  }
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->preWrite(ctx, "TCLIService.GetDelegationToken");
+  }
+
+  oprot->writeMessageBegin("GetDelegationToken", ::apache::thrift::protocol::T_REPLY, seqid);
+  result.write(oprot);
+  oprot->writeMessageEnd();
+  bytes = oprot->getTransport()->writeEnd();
+  oprot->getTransport()->flush();
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->postWrite(ctx, "TCLIService.GetDelegationToken", bytes);
+  }
+}
+
+void TCLIServiceProcessor::process_CancelDelegationToken(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext)
+{
+  void* ctx = NULL;
+  if (this->eventHandler_.get() != NULL) {
+    ctx = this->eventHandler_->getContext("TCLIService.CancelDelegationToken", callContext);
+  }
+  ::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(), ctx, "TCLIService.CancelDelegationToken");
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->preRead(ctx, "TCLIService.CancelDelegationToken");
+  }
+
+  TCLIService_CancelDelegationToken_args args;
+  args.read(iprot);
+  iprot->readMessageEnd();
+  uint32_t bytes = iprot->getTransport()->readEnd();
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->postRead(ctx, "TCLIService.CancelDelegationToken", bytes);
+  }
+
+  TCLIService_CancelDelegationToken_result result;
+  try {
+    iface_->CancelDelegationToken(result.success, args.req);
+    result.__isset.success = true;
+  } catch (const std::exception& e) {
+    if (this->eventHandler_.get() != NULL) {
+      this->eventHandler_->handlerError(ctx, "TCLIService.CancelDelegationToken");
+    }
+
+    ::apache::thrift::TApplicationException x(e.what());
+    oprot->writeMessageBegin("CancelDelegationToken", ::apache::thrift::protocol::T_EXCEPTION, seqid);
+    x.write(oprot);
+    oprot->writeMessageEnd();
+    oprot->getTransport()->writeEnd();
+    oprot->getTransport()->flush();
+    return;
+  }
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->preWrite(ctx, "TCLIService.CancelDelegationToken");
+  }
+
+  oprot->writeMessageBegin("CancelDelegationToken", ::apache::thrift::protocol::T_REPLY, seqid);
+  result.write(oprot);
+  oprot->writeMessageEnd();
+  bytes = oprot->getTransport()->writeEnd();
+  oprot->getTransport()->flush();
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->postWrite(ctx, "TCLIService.CancelDelegationToken", bytes);
+  }
+}
+
+void TCLIServiceProcessor::process_RenewDelegationToken(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext)
+{
+  void* ctx = NULL;
+  if (this->eventHandler_.get() != NULL) {
+    ctx = this->eventHandler_->getContext("TCLIService.RenewDelegationToken", callContext);
+  }
+  ::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(), ctx, "TCLIService.RenewDelegationToken");
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->preRead(ctx, "TCLIService.RenewDelegationToken");
+  }
+
+  TCLIService_RenewDelegationToken_args args;
+  args.read(iprot);
+  iprot->readMessageEnd();
+  uint32_t bytes = iprot->getTransport()->readEnd();
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->postRead(ctx, "TCLIService.RenewDelegationToken", bytes);
+  }
+
+  TCLIService_RenewDelegationToken_result result;
+  try {
+    iface_->RenewDelegationToken(result.success, args.req);
+    result.__isset.success = true;
+  } catch (const std::exception& e) {
+    if (this->eventHandler_.get() != NULL) {
+      this->eventHandler_->handlerError(ctx, "TCLIService.RenewDelegationToken");
+    }
+
+    ::apache::thrift::TApplicationException x(e.what());
+    oprot->writeMessageBegin("RenewDelegationToken", ::apache::thrift::protocol::T_EXCEPTION, seqid);
+    x.write(oprot);
+    oprot->writeMessageEnd();
+    oprot->getTransport()->writeEnd();
+    oprot->getTransport()->flush();
+    return;
+  }
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->preWrite(ctx, "TCLIService.RenewDelegationToken");
+  }
+
+  oprot->writeMessageBegin("RenewDelegationToken", ::apache::thrift::protocol::T_REPLY, seqid);
+  result.write(oprot);
+  oprot->writeMessageEnd();
+  bytes = oprot->getTransport()->writeEnd();
+  oprot->getTransport()->flush();
+
+  if (this->eventHandler_.get() != NULL) {
+    this->eventHandler_->postWrite(ctx, "TCLIService.RenewDelegationToken", bytes);
+  }
+}
+
 ::boost::shared_ptr< ::apache::thrift::TProcessor > TCLIServiceProcessorFactory::getProcessor(const ::apache::thrift::TConnectionInfo& connInfo) {
   ::apache::thrift::ReleaseHandler< TCLIServiceIfFactory > cleanup(handlerFactory_);
   ::boost::shared_ptr< TCLIServiceIf > handler(handlerFactory_->getHandler(connInfo), cleanup);

Modified: hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.h
URL: http://svn.apache.org/viewvc/hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.h?rev=1576689&r1=1576688&r2=1576689&view=diff
==============================================================================
--- hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.h (original)
+++ hive/branches/branch-0.13/service/src/gen/thrift/gen-cpp/TCLIService.h Wed Mar 12 10:59:54 2014
@@ -31,6 +31,9 @@ class TCLIServiceIf {
   virtual void CloseOperation(TCloseOperationResp& _return, const TCloseOperationReq& req) = 0;
   virtual void GetResultSetMetadata(TGetResultSetMetadataResp& _return, const TGetResultSetMetadataReq& req) = 0;
   virtual void FetchResults(TFetchResultsResp& _return, const TFetchResultsReq& req) = 0;
+  virtual void GetDelegationToken(TGetDelegationTokenResp& _return, const TGetDelegationTokenReq& req) = 0;
+  virtual void CancelDelegationToken(TCancelDelegationTokenResp& _return, const TCancelDelegationTokenReq& req) = 0;
+  virtual void RenewDelegationToken(TRenewDelegationTokenResp& _return, const TRenewDelegationTokenReq& req) = 0;
 };
 
 class TCLIServiceIfFactory {
@@ -108,6 +111,15 @@ class TCLIServiceNull : virtual public T
   void FetchResults(TFetchResultsResp& /* _return */, const TFetchResultsReq& /* req */) {
     return;
   }
+  void GetDelegationToken(TGetDelegationTokenResp& /* _return */, const TGetDelegationTokenReq& /* req */) {
+    return;
+  }
+  void CancelDelegationToken(TCancelDelegationTokenResp& /* _return */, const TCancelDelegationTokenReq& /* req */) {
+    return;
+  }
+  void RenewDelegationToken(TRenewDelegationTokenResp& /* _return */, const TRenewDelegationTokenReq& /* req */) {
+    return;
+  }
 };
 
 typedef struct _TCLIService_OpenSession_args__isset {
@@ -1838,6 +1850,330 @@ class TCLIService_FetchResults_presult {
 
 };
 
+typedef struct _TCLIService_GetDelegationToken_args__isset {
+  _TCLIService_GetDelegationToken_args__isset() : req(false) {}
+  bool req;
+} _TCLIService_GetDelegationToken_args__isset;
+
+class TCLIService_GetDelegationToken_args {
+ public:
+
+  TCLIService_GetDelegationToken_args() {
+  }
+
+  virtual ~TCLIService_GetDelegationToken_args() throw() {}
+
+  TGetDelegationTokenReq req;
+
+  _TCLIService_GetDelegationToken_args__isset __isset;
+
+  void __set_req(const TGetDelegationTokenReq& val) {
+    req = val;
+  }
+
+  bool operator == (const TCLIService_GetDelegationToken_args & rhs) const
+  {
+    if (!(req == rhs.req))
+      return false;
+    return true;
+  }
+  bool operator != (const TCLIService_GetDelegationToken_args &rhs) const {
+    return !(*this == rhs);
+  }
+
+  bool operator < (const TCLIService_GetDelegationToken_args & ) const;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+
+class TCLIService_GetDelegationToken_pargs {
+ public:
+
+
+  virtual ~TCLIService_GetDelegationToken_pargs() throw() {}
+
+  const TGetDelegationTokenReq* req;
+
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+typedef struct _TCLIService_GetDelegationToken_result__isset {
+  _TCLIService_GetDelegationToken_result__isset() : success(false) {}
+  bool success;
+} _TCLIService_GetDelegationToken_result__isset;
+
+class TCLIService_GetDelegationToken_result {
+ public:
+
+  TCLIService_GetDelegationToken_result() {
+  }
+
+  virtual ~TCLIService_GetDelegationToken_result() throw() {}
+
+  TGetDelegationTokenResp success;
+
+  _TCLIService_GetDelegationToken_result__isset __isset;
+
+  void __set_success(const TGetDelegationTokenResp& val) {
+    success = val;
+  }
+
+  bool operator == (const TCLIService_GetDelegationToken_result & rhs) const
+  {
+    if (!(success == rhs.success))
+      return false;
+    return true;
+  }
+  bool operator != (const TCLIService_GetDelegationToken_result &rhs) const {
+    return !(*this == rhs);
+  }
+
+  bool operator < (const TCLIService_GetDelegationToken_result & ) const;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+typedef struct _TCLIService_GetDelegationToken_presult__isset {
+  _TCLIService_GetDelegationToken_presult__isset() : success(false) {}
+  bool success;
+} _TCLIService_GetDelegationToken_presult__isset;
+
+class TCLIService_GetDelegationToken_presult {
+ public:
+
+
+  virtual ~TCLIService_GetDelegationToken_presult() throw() {}
+
+  TGetDelegationTokenResp* success;
+
+  _TCLIService_GetDelegationToken_presult__isset __isset;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+
+};
+
+typedef struct _TCLIService_CancelDelegationToken_args__isset {
+  _TCLIService_CancelDelegationToken_args__isset() : req(false) {}
+  bool req;
+} _TCLIService_CancelDelegationToken_args__isset;
+
+class TCLIService_CancelDelegationToken_args {
+ public:
+
+  TCLIService_CancelDelegationToken_args() {
+  }
+
+  virtual ~TCLIService_CancelDelegationToken_args() throw() {}
+
+  TCancelDelegationTokenReq req;
+
+  _TCLIService_CancelDelegationToken_args__isset __isset;
+
+  void __set_req(const TCancelDelegationTokenReq& val) {
+    req = val;
+  }
+
+  bool operator == (const TCLIService_CancelDelegationToken_args & rhs) const
+  {
+    if (!(req == rhs.req))
+      return false;
+    return true;
+  }
+  bool operator != (const TCLIService_CancelDelegationToken_args &rhs) const {
+    return !(*this == rhs);
+  }
+
+  bool operator < (const TCLIService_CancelDelegationToken_args & ) const;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+
+class TCLIService_CancelDelegationToken_pargs {
+ public:
+
+
+  virtual ~TCLIService_CancelDelegationToken_pargs() throw() {}
+
+  const TCancelDelegationTokenReq* req;
+
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+typedef struct _TCLIService_CancelDelegationToken_result__isset {
+  _TCLIService_CancelDelegationToken_result__isset() : success(false) {}
+  bool success;
+} _TCLIService_CancelDelegationToken_result__isset;
+
+class TCLIService_CancelDelegationToken_result {
+ public:
+
+  TCLIService_CancelDelegationToken_result() {
+  }
+
+  virtual ~TCLIService_CancelDelegationToken_result() throw() {}
+
+  TCancelDelegationTokenResp success;
+
+  _TCLIService_CancelDelegationToken_result__isset __isset;
+
+  void __set_success(const TCancelDelegationTokenResp& val) {
+    success = val;
+  }
+
+  bool operator == (const TCLIService_CancelDelegationToken_result & rhs) const
+  {
+    if (!(success == rhs.success))
+      return false;
+    return true;
+  }
+  bool operator != (const TCLIService_CancelDelegationToken_result &rhs) const {
+    return !(*this == rhs);
+  }
+
+  bool operator < (const TCLIService_CancelDelegationToken_result & ) const;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+typedef struct _TCLIService_CancelDelegationToken_presult__isset {
+  _TCLIService_CancelDelegationToken_presult__isset() : success(false) {}
+  bool success;
+} _TCLIService_CancelDelegationToken_presult__isset;
+
+class TCLIService_CancelDelegationToken_presult {
+ public:
+
+
+  virtual ~TCLIService_CancelDelegationToken_presult() throw() {}
+
+  TCancelDelegationTokenResp* success;
+
+  _TCLIService_CancelDelegationToken_presult__isset __isset;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+
+};
+
+typedef struct _TCLIService_RenewDelegationToken_args__isset {
+  _TCLIService_RenewDelegationToken_args__isset() : req(false) {}
+  bool req;
+} _TCLIService_RenewDelegationToken_args__isset;
+
+class TCLIService_RenewDelegationToken_args {
+ public:
+
+  TCLIService_RenewDelegationToken_args() {
+  }
+
+  virtual ~TCLIService_RenewDelegationToken_args() throw() {}
+
+  TRenewDelegationTokenReq req;
+
+  _TCLIService_RenewDelegationToken_args__isset __isset;
+
+  void __set_req(const TRenewDelegationTokenReq& val) {
+    req = val;
+  }
+
+  bool operator == (const TCLIService_RenewDelegationToken_args & rhs) const
+  {
+    if (!(req == rhs.req))
+      return false;
+    return true;
+  }
+  bool operator != (const TCLIService_RenewDelegationToken_args &rhs) const {
+    return !(*this == rhs);
+  }
+
+  bool operator < (const TCLIService_RenewDelegationToken_args & ) const;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+
+class TCLIService_RenewDelegationToken_pargs {
+ public:
+
+
+  virtual ~TCLIService_RenewDelegationToken_pargs() throw() {}
+
+  const TRenewDelegationTokenReq* req;
+
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+typedef struct _TCLIService_RenewDelegationToken_result__isset {
+  _TCLIService_RenewDelegationToken_result__isset() : success(false) {}
+  bool success;
+} _TCLIService_RenewDelegationToken_result__isset;
+
+class TCLIService_RenewDelegationToken_result {
+ public:
+
+  TCLIService_RenewDelegationToken_result() {
+  }
+
+  virtual ~TCLIService_RenewDelegationToken_result() throw() {}
+
+  TRenewDelegationTokenResp success;
+
+  _TCLIService_RenewDelegationToken_result__isset __isset;
+
+  void __set_success(const TRenewDelegationTokenResp& val) {
+    success = val;
+  }
+
+  bool operator == (const TCLIService_RenewDelegationToken_result & rhs) const
+  {
+    if (!(success == rhs.success))
+      return false;
+    return true;
+  }
+  bool operator != (const TCLIService_RenewDelegationToken_result &rhs) const {
+    return !(*this == rhs);
+  }
+
+  bool operator < (const TCLIService_RenewDelegationToken_result & ) const;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+  uint32_t write(::apache::thrift::protocol::TProtocol* oprot) const;
+
+};
+
+typedef struct _TCLIService_RenewDelegationToken_presult__isset {
+  _TCLIService_RenewDelegationToken_presult__isset() : success(false) {}
+  bool success;
+} _TCLIService_RenewDelegationToken_presult__isset;
+
+class TCLIService_RenewDelegationToken_presult {
+ public:
+
+
+  virtual ~TCLIService_RenewDelegationToken_presult() throw() {}
+
+  TRenewDelegationTokenResp* success;
+
+  _TCLIService_RenewDelegationToken_presult__isset __isset;
+
+  uint32_t read(::apache::thrift::protocol::TProtocol* iprot);
+
+};
+
 class TCLIServiceClient : virtual public TCLIServiceIf {
  public:
   TCLIServiceClient(boost::shared_ptr< ::apache::thrift::protocol::TProtocol> prot) :
@@ -1906,6 +2242,15 @@ class TCLIServiceClient : virtual public
   void FetchResults(TFetchResultsResp& _return, const TFetchResultsReq& req);
   void send_FetchResults(const TFetchResultsReq& req);
   void recv_FetchResults(TFetchResultsResp& _return);
+  void GetDelegationToken(TGetDelegationTokenResp& _return, const TGetDelegationTokenReq& req);
+  void send_GetDelegationToken(const TGetDelegationTokenReq& req);
+  void recv_GetDelegationToken(TGetDelegationTokenResp& _return);
+  void CancelDelegationToken(TCancelDelegationTokenResp& _return, const TCancelDelegationTokenReq& req);
+  void send_CancelDelegationToken(const TCancelDelegationTokenReq& req);
+  void recv_CancelDelegationToken(TCancelDelegationTokenResp& _return);
+  void RenewDelegationToken(TRenewDelegationTokenResp& _return, const TRenewDelegationTokenReq& req);
+  void send_RenewDelegationToken(const TRenewDelegationTokenReq& req);
+  void recv_RenewDelegationToken(TRenewDelegationTokenResp& _return);
  protected:
   boost::shared_ptr< ::apache::thrift::protocol::TProtocol> piprot_;
   boost::shared_ptr< ::apache::thrift::protocol::TProtocol> poprot_;
@@ -1937,6 +2282,9 @@ class TCLIServiceProcessor : public ::ap
   void process_CloseOperation(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext);
   void process_GetResultSetMetadata(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext);
   void process_FetchResults(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext);
+  void process_GetDelegationToken(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext);
+  void process_CancelDelegationToken(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext);
+  void process_RenewDelegationToken(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext);
  public:
   TCLIServiceProcessor(boost::shared_ptr<TCLIServiceIf> iface) :
     iface_(iface) {
@@ -1956,6 +2304,9 @@ class TCLIServiceProcessor : public ::ap
     processMap_["CloseOperation"] = &TCLIServiceProcessor::process_CloseOperation;
     processMap_["GetResultSetMetadata"] = &TCLIServiceProcessor::process_GetResultSetMetadata;
     processMap_["FetchResults"] = &TCLIServiceProcessor::process_FetchResults;
+    processMap_["GetDelegationToken"] = &TCLIServiceProcessor::process_GetDelegationToken;
+    processMap_["CancelDelegationToken"] = &TCLIServiceProcessor::process_CancelDelegationToken;
+    processMap_["RenewDelegationToken"] = &TCLIServiceProcessor::process_RenewDelegationToken;
   }
 
   virtual ~TCLIServiceProcessor() {}
@@ -2144,6 +2495,36 @@ class TCLIServiceMultiface : virtual pub
     return;
   }
 
+  void GetDelegationToken(TGetDelegationTokenResp& _return, const TGetDelegationTokenReq& req) {
+    size_t sz = ifaces_.size();
+    size_t i = 0;
+    for (; i < (sz - 1); ++i) {
+      ifaces_[i]->GetDelegationToken(_return, req);
+    }
+    ifaces_[i]->GetDelegationToken(_return, req);
+    return;
+  }
+
+  void CancelDelegationToken(TCancelDelegationTokenResp& _return, const TCancelDelegationTokenReq& req) {
+    size_t sz = ifaces_.size();
+    size_t i = 0;
+    for (; i < (sz - 1); ++i) {
+      ifaces_[i]->CancelDelegationToken(_return, req);
+    }
+    ifaces_[i]->CancelDelegationToken(_return, req);
+    return;
+  }
+
+  void RenewDelegationToken(TRenewDelegationTokenResp& _return, const TRenewDelegationTokenReq& req) {
+    size_t sz = ifaces_.size();
+    size_t i = 0;
+    for (; i < (sz - 1); ++i) {
+      ifaces_[i]->RenewDelegationToken(_return, req);
+    }
+    ifaces_[i]->RenewDelegationToken(_return, req);
+    return;
+  }
+
 };
 
 }}}}} // namespace



Mime
View raw message