hive-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xu...@apache.org
Subject hive git commit: HIVE-10312: SASL.QOP in JDBC URL is ignored for Delegation token Authentication (Mubashir via Xuefu)
Date Fri, 24 Apr 2015 22:01:23 GMT
Repository: hive
Updated Branches:
  refs/heads/master 59578d039 -> 512df3091


HIVE-10312: SASL.QOP in JDBC URL is ignored for Delegation token Authentication (Mubashir
via Xuefu)


Project: http://git-wip-us.apache.org/repos/asf/hive/repo
Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/512df309
Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/512df309
Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/512df309

Branch: refs/heads/master
Commit: 512df30911320d344d01ffd68f809de33d7303b4
Parents: 59578d0
Author: Xuefu Zhang <xzhang@xzlt>
Authored: Fri Apr 24 15:00:44 2015 -0700
Committer: Xuefu Zhang <xzhang@xzlt>
Committed: Fri Apr 24 15:00:44 2015 -0700

----------------------------------------------------------------------
 .../org/apache/hive/jdbc/HiveConnection.java    | 21 +++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hive/blob/512df309/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
----------------------------------------------------------------------
diff --git a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
index b83a3bf..7a674ab 100644
--- a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
+++ b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
@@ -415,17 +415,20 @@ public class HiveConnection implements java.sql.Connection {
         // If Kerberos
         Map<String, String> saslProps = new HashMap<String, String>();
         SaslQOP saslQOP = SaslQOP.AUTH;
-        if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) {
-          if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_QOP)) {
-            try {
-              saslQOP = SaslQOP.fromString(sessConfMap.get(JdbcConnectionParams.AUTH_QOP));
-            } catch (IllegalArgumentException e) {
-              throw new SQLException("Invalid " + JdbcConnectionParams.AUTH_QOP +
-                  " parameter. " + e.getMessage(), "42000", e);
-            }
+        if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_QOP)) {
+          try {
+            saslQOP = SaslQOP.fromString(sessConfMap.get(JdbcConnectionParams.AUTH_QOP));
+          } catch (IllegalArgumentException e) {
+            throw new SQLException("Invalid " + JdbcConnectionParams.AUTH_QOP +
+                " parameter. " + e.getMessage(), "42000", e);
           }
           saslProps.put(Sasl.QOP, saslQOP.toString());
-          saslProps.put(Sasl.SERVER_AUTH, "true");
+        } else {
+          // If the client did not specify qop then just negotiate the one supported by server
+          saslProps.put(Sasl.QOP, "auth-conf,auth-int,auth");
+        }
+        saslProps.put(Sasl.SERVER_AUTH, "true");
+        if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) {
           transport = KerberosSaslHelper.getKerberosTransport(
               sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host,
               HiveAuthFactory.getSocketTransport(host, port, loginTimeout), saslProps,


Mime
View raw message