This is an automated email from the ASF dual-hosted git repository.
stoty pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/phoenix.git
The following commit(s) were added to refs/heads/master by this push:
new ebf79fe696 PHOENIX-7470 Simplify Kerberos login in ConnectionInfo
(#2085)
ebf79fe696 is described below
commit ebf79fe6966cbf39ba938a13760a085e4e75ce0e
Author: Istvan Toth <[email protected]>
AuthorDate: Tue Mar 11 15:18:34 2025 +0100
PHOENIX-7470 Simplify Kerberos login in ConnectionInfo (#2085)
---
.../org/apache/phoenix/jdbc/ConnectionInfo.java | 32 ++--------------------
.../org/apache/phoenix/query/QueryServices.java | 2 ++
2 files changed, 5 insertions(+), 29 deletions(-)
diff --git
a/phoenix-core-client/src/main/java/org/apache/phoenix/jdbc/ConnectionInfo.java
b/phoenix-core-client/src/main/java/org/apache/phoenix/jdbc/ConnectionInfo.java
index af35ebeb99..cdcfe9b0be 100644
---
a/phoenix-core-client/src/main/java/org/apache/phoenix/jdbc/ConnectionInfo.java
+++
b/phoenix-core-client/src/main/java/org/apache/phoenix/jdbc/ConnectionInfo.java
@@ -29,6 +29,7 @@ import java.util.StringTokenizer;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.security.User;
import org.apache.hadoop.hbase.util.VersionInfo;
+import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosUtil;
import org.apache.phoenix.exception.SQLExceptionCode;
@@ -493,11 +494,8 @@ public abstract class ConnectionInfo {
LOGGER.info("Trying to connect to a secure
cluster as {} "
+ "with keytab {}",
principal, keytab);
- final Configuration newConfig =
getConfiguration(principal, keytab);
- // We are intentionally changing the passed in
Configuration object
-
UserGroupInformation.setConfiguration(newConfig);
- User.login(newConfig,
QueryServices.HBASE_CLIENT_KEYTAB,
- QueryServices.HBASE_CLIENT_PRINCIPAL,
null);
+ User.login(keytab,
+ SecurityUtil.getServerPrincipal(principal,
(String) null));
user = User.getCurrent();
LOGGER.info("Successful login to secure
cluster");
}
@@ -516,30 +514,6 @@ public abstract class ConnectionInfo {
}
}
- private Configuration getConfiguration( String principal, String
keytab) {
- final Configuration config =
HBaseFactoryProvider.getConfigurationFactory().getConfiguration();
- // Add QueryServices properties
- if (props != null) {
- for (Entry<String,String> entry : props) {
- config.set(entry.getKey(), entry.getValue());
- }
- }
- // Add any user-provided properties (via DriverManager)
- if (info != null) {
- for (Object key : info.keySet()) {
- config.set((String) key, info.getProperty((String) key));
- }
- }
- // Set the principal and keytab if provided from the URL
(overriding those provided in Properties)
- if (null != principal) {
- config.set(QueryServices.HBASE_CLIENT_PRINCIPAL, principal);
- }
- if (null != keytab) {
- config.set(QueryServices.HBASE_CLIENT_KEYTAB, keytab);
- }
- return config;
- }
-
protected String normalizeHostsList(String quorum, Integer defaultPort)
throws SQLException {
// The input host:port separator char is "=" (after unescaping)
diff --git
a/phoenix-core-client/src/main/java/org/apache/phoenix/query/QueryServices.java
b/phoenix-core-client/src/main/java/org/apache/phoenix/query/QueryServices.java
index 7035d17bc6..80e8bca6b1 100644
---
a/phoenix-core-client/src/main/java/org/apache/phoenix/query/QueryServices.java
+++
b/phoenix-core-client/src/main/java/org/apache/phoenix/query/QueryServices.java
@@ -54,7 +54,9 @@ public interface QueryServices extends SQLCloseable {
"phoenix.query.client.join.spooling.enabled";
public static final String SERVER_ORDERBY_SPOOLING_ENABLED_ATTRIB =
"phoenix.query.server.orderBy.spooling.enabled";
+ @Deprecated
public static final String HBASE_CLIENT_KEYTAB = "hbase.myclient.keytab";
+ @Deprecated
public static final String HBASE_CLIENT_PRINCIPAL =
"hbase.myclient.principal";
String QUERY_SERVICES_NAME = "phoenix.query.services.name";
public static final String SPOOL_DIRECTORY = "phoenix.spool.directory";
