hive-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Siddharth Seth (JIRA)" <>
Subject [jira] [Commented] (HIVE-13442) LLAP: refactor submit API to be amenable to signing
Date Sat, 30 Apr 2016 06:51:12 GMT


Siddharth Seth commented on HIVE-13442:

Couple of comments, mostly minor.
{code}optional bytes credentials_binary = 8;{code}
After HIVE-13391 - we should stop sending any credentials from HiveServer2. That would be
a separate jira.
If HS2 is sending over any credentials - those should not be visible to the user. This would
typically include the hive token - and gives the client access to whatever they want to read.
I don't think we need to allow users to send in credentials. If we do - it would be better
to separate credentials which are setup by HS2 for LLAP into a separate field which will be
signed. A new field can be used for user specified credentials. External clients will need
access to a token to talk to LLAP - so that would have to be sent over in a readable field.

In ContainerRunnerImpl.submitWork - logging some basic information before trying to convert
to relevant fields would be useful - in case something breaks over the wire, or there's invalid
input. HistroyLogger used to do that - reading data directly of the proto, without applying
any conversions. Adding a log line here would fix that.

Rest looks good.

> LLAP: refactor submit API to be amenable to signing
> ---------------------------------------------------
>                 Key: HIVE-13442
>                 URL:
>             Project: Hive
>          Issue Type: Sub-task
>            Reporter: Sergey Shelukhin
>            Assignee: Sergey Shelukhin
>         Attachments: HIVE-13442.nogen.patch, HIVE-13442.patch, HIVE-13442.patch, HIVE-13442.protobuf.patch
> This is going to be a wire compat breaking change.

This message was sent by Atlassian JIRA

View raw message