zabetak opened a new pull request, #4430: URL: https://github.com/apache/hive/pull/4430
### What changes were proposed in this pull request? 1. Pick-up user defined security.protocol to obtain the delegation token. 2. Propagate all necessary SSL properties to Kafka client retrieving the token. 3. Add KafkaUtils#securityProtocol utility function for fetching the protocol from properties and refactor `KafkaDagCredentialSupplier#isTokenRequired` to use it. 4. Accept fetching Kafka stores from any location; the main motivation is to accept paths to the local file system to facilitate testing without having to setup a DFS cluster. Anyways if the copy fails a proper IO exception will be raised with more details about what went wrong. 5. Adapt exception in KafkaUtilsTest based on changes in store fetching 6. Create and configure a SAML_SSL enabled listener in KafkaBrokerResource to allow tests with SSL. ### Why are the changes needed? The Kafka client that is used to obtain the token from the Kafka broker ignores the user defined `security.protocol` defined in the table properties (and pretty much every SSL configuration) thus the connection between the two cannot be established and an exception is raised. In order to avoid the problem, all the user-defined SSL properties must be propagated to the Kafka client retrieving the token. ### Does this PR introduce _any_ user-facing change? No ### Is the change a dependency upgrade? No ### How was this patch tested? New + existing tests of the Kafka storage handler `cd kafka-handler/ && mvn test` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
