hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Prasad Mujumdar" <pras...@cloudera.com>
Subject Re: Review Request 13845: HIVE-5155: Support secure proxy user access to HiveServer2
Date Wed, 11 Sep 2013 03:55:45 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/13845/
-----------------------------------------------------------

(Updated Sept. 11, 2013, 3:55 a.m.)


Review request for hive.


Changes
-------

Minor formatting update.
(Diff doesn't include code generated by Thrift)


Bugs: HIVE-5155
    https://issues.apache.org/jira/browse/HIVE-5155


Repository: hive-git


Description
-------

Delegation token support -
Enable delegation token connection for HiveServer2
Enhance the TCLIService interface to support delegation token requests
Support passing the delegation token connection type via JDBC URL and Beeline option

Direct proxy access -
Define new proxy user property
Shim interfaces to validate proxy access for a given user

Note that the diff doesn't include thrift generated code.


Diffs (updated)
-----

  beeline/src/java/org/apache/hive/beeline/BeeLine.java 4c6eb9b 
  beeline/src/java/org/apache/hive/beeline/BeeLineOpts.java 61bdeee 
  beeline/src/java/org/apache/hive/beeline/Commands.java c574cd4 
  beeline/src/java/org/apache/hive/beeline/DatabaseConnection.java c70003d 
  common/src/java/org/apache/hadoop/hive/conf/HiveConf.java abbc655 
  jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java 9fbc8ad 
  jdbc/src/java/org/apache/hive/jdbc/Utils.java 3df3bd7 
  service/if/TCLIService.thrift 8dc2a90 
  service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java 5a66a6c 
  service/src/java/org/apache/hive/service/auth/KerberosSaslHelper.java 519556c 
  service/src/java/org/apache/hive/service/cli/CLIService.java 035e689 
  service/src/java/org/apache/hive/service/cli/CLIServiceClient.java fe49025 
  service/src/java/org/apache/hive/service/cli/EmbeddedCLIServiceClient.java 38d64c8 
  service/src/java/org/apache/hive/service/cli/ICLIService.java 7e863b5 
  service/src/java/org/apache/hive/service/cli/session/HiveSession.java 5fa8fa1 
  service/src/java/org/apache/hive/service/cli/session/HiveSessionImpl.java 7254491 
  service/src/java/org/apache/hive/service/cli/session/HiveSessionImplwithUGI.java ae7bb6b

  service/src/java/org/apache/hive/service/cli/session/SessionManager.java 47023ad 
  service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java 0788ead 
  service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIServiceClient.java 5eb6157

  shims/src/0.20/java/org/apache/hadoop/hive/shims/Hadoop20Shims.java d2bb34d 
  shims/src/common-secure/java/org/apache/hadoop/hive/shims/HadoopShimsSecure.java 28843e0

  shims/src/common/java/org/apache/hadoop/hive/shims/HadoopShims.java 30c9fc1 

Diff: https://reviews.apache.org/r/13845/diff/


Testing
-------

Since this requires kerberos setup, its tested by a standalone test program that runs various
existing and new secure connection scenarios. The test code is attached to the ticket at https://issues.apache.org/jira/secure/attachment/12600119/ProxyAuth.java


Thanks,

Prasad Mujumdar


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message