Return-Path: X-Original-To: apmail-argus-commits-archive@minotaur.apache.org Delivered-To: apmail-argus-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2E00C17DD0 for ; Thu, 6 Nov 2014 01:41:30 +0000 (UTC) Received: (qmail 90880 invoked by uid 500); 6 Nov 2014 01:41:29 -0000 Delivered-To: apmail-argus-commits-archive@argus.apache.org Received: (qmail 90856 invoked by uid 500); 6 Nov 2014 01:41:29 -0000 Mailing-List: contact commits-help@argus.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@argus.incubator.apache.org Delivered-To: mailing list commits@argus.incubator.apache.org Received: (qmail 90847 invoked by uid 99); 6 Nov 2014 01:41:29 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Nov 2014 01:41:29 +0000 X-ASF-Spam-Status: No, hits=-2000.6 required=5.0 tests=ALL_TRUSTED,RP_MATCHES_RCVD X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO mail.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 06 Nov 2014 01:41:28 +0000 Received: (qmail 90666 invoked by uid 99); 6 Nov 2014 01:41:08 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Nov 2014 01:41:08 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 65F0E90A4DB; Thu, 6 Nov 2014 01:41:08 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: madhan@apache.org To: commits@argus.incubator.apache.org Message-Id: <59e542d23cd040118322c28bdfedaf6d@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: git commit: Argus-159:HiveServer2 JDBC driver in http mode is not using pre-authenticated subject credentials. Date: Thu, 6 Nov 2014 01:41:08 +0000 (UTC) X-Virus-Checked: Checked by ClamAV on apache.org Repository: incubator-argus Updated Branches: refs/heads/ranger-0.4 8dba6a3c6 -> 55a75201f Argus-159:HiveServer2 JDBC driver in http mode is not using pre-authenticated subject credentials. Project: http://git-wip-us.apache.org/repos/asf/incubator-argus/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-argus/commit/55a75201 Tree: http://git-wip-us.apache.org/repos/asf/incubator-argus/tree/55a75201 Diff: http://git-wip-us.apache.org/repos/asf/incubator-argus/diff/55a75201 Branch: refs/heads/ranger-0.4 Commit: 55a75201fd322ac4d5b3e6393f095f337a86ef37 Parents: 8dba6a3 Author: rmani Authored: Wed Nov 5 17:05:14 2014 -0800 Committer: Madhan Neethiraj Committed: Wed Nov 5 17:39:34 2014 -0800 ---------------------------------------------------------------------- .../com/xasecure/hive/client/HiveClient.java | 62 ++++++++++++++++---- 1 file changed, 52 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/55a75201/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java ---------------------------------------------------------------------- diff --git a/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java b/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java index 09abecf..ce586a5 100644 --- a/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java +++ b/lookup-client/src/main/java/com/xasecure/hive/client/HiveClient.java @@ -61,9 +61,9 @@ public class HiveClient extends BaseClient implements Closeable { } public void initHive() { - isKerberosAuth = getConfigHolder().isKerberosAuthentication(); if (isKerberosAuth) { + LOG.info("Secured Mode: JDBC Connection done with preAuthenticated Subject"); Subject.doAs(getLoginSubject(), new PrivilegedAction() { public Object run() { initConnection(); @@ -73,14 +73,28 @@ public class HiveClient extends BaseClient implements Closeable { } else { LOG.info("Since Password is NOT provided, Trying to use UnSecure client with username and password"); - String userName = getConfigHolder().getUserName() ; - String password = getConfigHolder().getPassword() ; - initConnection(userName,password); + final String userName = getConfigHolder().getUserName() ; + final String password = getConfigHolder().getPassword() ; + Subject.doAs(getLoginSubject(), new PrivilegedAction() { + public Object run() { + initConnection(userName,password); + return null; + } + }) ; } - } - public List getDatabaseList(String databaseMatching) { + public List getDatabaseList(String databaseMatching){ + final String dbMatching=databaseMatching; + List dblist = Subject.doAs(getLoginSubject(), new PrivilegedAction>() { + public List run() { + return getDBList(dbMatching); + } + }) ; + return dblist; + } + + private List getDBList(String databaseMatching) { List ret = new ArrayList() ; String errMsg = " You can still save the repository and start creating " + "policies, but you would not be able to use autocomplete for " @@ -121,8 +135,19 @@ public class HiveClient extends BaseClient implements Closeable { } return ret ; } + + public List getTableList(String database, String tableNameMatching){ + final String db=database; + final String tblNameMatching=tableNameMatching; + List tableList = Subject.doAs(getLoginSubject(), new PrivilegedAction>() { + public List run() { + return getTblList(db,tblNameMatching); + } + }) ; + return tableList; + } - public List getTableList(String database, String tableNameMatching) { + public List getTblList(String database, String tableNameMatching) { List ret = new ArrayList() ; String errMsg = " You can still save the repository and start creating " + "policies, but you would not be able to use autocomplete for " @@ -186,8 +211,20 @@ public class HiveClient extends BaseClient implements Closeable { List ret = null ; return ret ; } - + public List getColumnList(String database, String tableName, String columnNameMatching) { + final String db=database; + final String tblName=tableName; + final String clmNameMatching=columnNameMatching; + List columnList = Subject.doAs(getLoginSubject(), new PrivilegedAction>() { + public List run() { + return getClmList(db,tblName,clmNameMatching); + } + }) ; + return columnList; + } + + public List getClmList(String database, String tableName, String columnNameMatching) { List ret = new ArrayList() ; String errMsg = " You can still save the repository and start creating " + "policies, but you would not be able to use autocomplete for " @@ -254,7 +291,12 @@ public class HiveClient extends BaseClient implements Closeable { public void close() { - close(con) ; + Subject.doAs(getLoginSubject(), new PrivilegedAction(){ + public Void run() { + close(con) ; + return null; + } + }); } private void close(Statement aStat) { @@ -389,7 +431,6 @@ public class HiveClient extends BaseClient implements Closeable { System.exit(1) ; } - try { hc = new HiveClient(args[0]) ; @@ -447,6 +488,7 @@ public class HiveClient extends BaseClient implements Closeable { HiveClient connectionObj = new HiveClient(dataSource, connectionProperties); if (connectionObj != null) { + List testResult = connectionObj.getDatabaseList("*"); if (testResult != null && testResult.size() != 0) { connectivityStatus = true;