Return-Path: X-Original-To: apmail-hive-dev-archive@www.apache.org Delivered-To: apmail-hive-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id B0D0EF0D3 for ; Thu, 4 Apr 2013 19:34:17 +0000 (UTC) Received: (qmail 62535 invoked by uid 500); 4 Apr 2013 19:34:17 -0000 Delivered-To: apmail-hive-dev-archive@hive.apache.org Received: (qmail 62466 invoked by uid 500); 4 Apr 2013 19:34:17 -0000 Mailing-List: contact dev-help@hive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@hive.apache.org Delivered-To: mailing list dev@hive.apache.org Received: (qmail 62454 invoked by uid 500); 4 Apr 2013 19:34:17 -0000 Delivered-To: apmail-hadoop-hive-dev@hadoop.apache.org Received: (qmail 62451 invoked by uid 99); 4 Apr 2013 19:34:17 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Apr 2013 19:34:17 +0000 Date: Thu, 4 Apr 2013 19:34:16 +0000 (UTC) From: "Prasad Mujumdar (JIRA)" To: hive-dev@hadoop.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13622693#comment-13622693 ] Prasad Mujumdar commented on HIVE-4232: --------------------------------------- [~cdrome] Thanks for looking into it further. I agree with your comment regarding JDBC application explicitly adding "nosasl". In such case the application is doing a customization by overriding the default, so they should know what they are doing .. Also you are correct about this details not being well documented. I will go ahead and add new advance/custom configuratoin sections to [Setting Up Hive Server|https://cwiki.apache.org/Hive/adminmanual-settinguphiveserver.html] as well as [HiveServer2 Clients|https://cwiki.apache.org/Hive/hiveserver2-clients.html]. Thanks for bringing that out! [~cwsteinbach] Thanks for providing feedback. I would still like to argue that the "PLAIN" is more tied to the internal implementation and not indicative of the behavior, especially when its a default. We can perhaps change NOSASL to RAW or THRIFT, or leave it with the 'sasl' reference as its more of advance option. Another thing to keep in mind that was available as a patch for HiveServer2 for a very long time. Even though its committed to trunk in 0.11, the community has started using the patch on top of Hive 0.10 as well as through multiple popular distros. Changing the configuration will be a backward incompatible change for such users. This one is not just flipping a config switch, but would also require changing JDBC code and recompiling/redeploying the application. > JDBC2 HiveConnection has odd defaults > ------------------------------------- > > Key: HIVE-4232 > URL: https://issues.apache.org/jira/browse/HIVE-4232 > Project: Hive > Issue Type: Bug > Components: HiveServer2, JDBC > Affects Versions: 0.11.0 > Reporter: Chris Drome > Assignee: Chris Drome > Fix For: 0.11.0 > > Attachments: HIVE-4232-1.patch, HIVE-4232.patch > > > HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira