deniskuzZ commented on code in PR #5652:
URL: https://github.com/apache/hive/pull/5652#discussion_r2014511091
##########
service/src/java/org/apache/hive/service/server/HiveServer2.java:
##########
@@ -402,90 +403,9 @@ public synchronized void init(HiveConf hiveConf) {
// Set the default JspFactory to avoid NPE while opening the home
page
JspFactory.setDefaultFactory(new
org.apache.jasper.runtime.JspFactoryImpl());
}
- HttpServer.Builder builder = new HttpServer.Builder("hiveserver2");
- builder.setPort(webUIPort).setConf(hiveConf);
- builder.setHost(webHost);
- builder.setMaxThreads(
- hiveConf.getIntVar(ConfVars.HIVE_SERVER2_WEBUI_MAX_THREADS));
- builder.setAdmins(hiveConf.getVar(ConfVars.USERS_IN_ADMIN_ROLE));
- // SessionManager is initialized
- builder.setContextAttribute("hive.sm",
- cliService.getSessionManager());
- hiveConf.set("startcode",
- String.valueOf(System.currentTimeMillis()));
- if (hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_WEBUI_USE_SSL)) {
- String keyStorePath = hiveConf.getVar(
- ConfVars.HIVE_SERVER2_WEBUI_SSL_KEYSTORE_PATH);
- if (StringUtils.isBlank(keyStorePath)) {
- throw new IllegalArgumentException(
- ConfVars.HIVE_SERVER2_WEBUI_SSL_KEYSTORE_PATH.varname
- + " Not configured for SSL connection");
- }
-
builder.setKeyStorePassword(ShimLoader.getHadoopShims().getPassword(
- hiveConf,
ConfVars.HIVE_SERVER2_WEBUI_SSL_KEYSTORE_PASSWORD.varname));
- builder.setKeyStorePath(keyStorePath);
-
builder.setKeyStoreType(hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_SSL_KEYSTORE_TYPE));
- builder.setKeyManagerFactoryAlgorithm(
-
hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_SSL_KEYMANAGERFACTORY_ALGORITHM));
- builder.setExcludeCiphersuites(
-
hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_SSL_EXCLUDE_CIPHERSUITES));
- builder.setUseSSL(true);
- }
- if (hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_WEBUI_USE_SPNEGO)) {
- String spnegoPrincipal = hiveConf.getVar(
- ConfVars.HIVE_SERVER2_WEBUI_SPNEGO_PRINCIPAL);
- String spnegoKeytab = hiveConf.getVar(
- ConfVars.HIVE_SERVER2_WEBUI_SPNEGO_KEYTAB);
- if (StringUtils.isBlank(spnegoPrincipal) ||
StringUtils.isBlank(spnegoKeytab)) {
- throw new IllegalArgumentException(
- ConfVars.HIVE_SERVER2_WEBUI_SPNEGO_PRINCIPAL.varname
- + "/" + ConfVars.HIVE_SERVER2_WEBUI_SPNEGO_KEYTAB.varname
- + " Not configured for SPNEGO authentication");
- }
- builder.setSPNEGOPrincipal(spnegoPrincipal);
- builder.setSPNEGOKeytab(spnegoKeytab);
- builder.setUseSPNEGO(true);
- }
- if (hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_WEBUI_ENABLE_CORS)) {
- builder.setEnableCORS(true);
- String allowedOrigins =
hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_CORS_ALLOWED_ORIGINS);
- String allowedMethods =
hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_CORS_ALLOWED_METHODS);
- String allowedHeaders =
hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_CORS_ALLOWED_HEADERS);
- if (StringUtils.isBlank(allowedOrigins) ||
StringUtils.isBlank(allowedMethods) || StringUtils.isBlank(allowedHeaders)) {
- throw new IllegalArgumentException("CORS enabled. But " +
- ConfVars.HIVE_SERVER2_WEBUI_CORS_ALLOWED_ORIGINS.varname + "/"
+
- ConfVars.HIVE_SERVER2_WEBUI_CORS_ALLOWED_METHODS.varname + "/"
+
- ConfVars.HIVE_SERVER2_WEBUI_CORS_ALLOWED_HEADERS.varname + "/"
+
- " is not configured");
- }
- builder.setAllowedOrigins(allowedOrigins);
- builder.setAllowedMethods(allowedMethods);
- builder.setAllowedHeaders(allowedHeaders);
- LOG.info("CORS enabled - allowed-origins: {} allowed-methods: {}
allowed-headers: {}", allowedOrigins,
- allowedMethods, allowedHeaders);
- }
- if(hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_WEBUI_XFRAME_ENABLED)){
-
builder.configureXFrame(true).setXFrameOption(hiveConf.getVar(ConfVars.HIVE_SERVER2_WEBUI_XFRAME_VALUE));
- }
- if (hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_WEBUI_USE_PAM)) {
- if (hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_WEBUI_USE_SSL)) {
- String hiveServer2PamServices =
hiveConf.getVar(ConfVars.HIVE_SERVER2_PAM_SERVICES);
- if (hiveServer2PamServices == null ||
hiveServer2PamServices.isEmpty()) {
- throw new
IllegalArgumentException(ConfVars.HIVE_SERVER2_PAM_SERVICES.varname + " are not
configured.");
- }
- builder.setPAMAuthenticator(pamAuthenticator == null ? new
PamAuthenticator(hiveConf) : pamAuthenticator);
- builder.setUsePAM(true);
- } else if (hiveConf.getBoolVar(ConfVars.HIVE_IN_TEST)) {
- builder.setPAMAuthenticator(pamAuthenticator == null ? new
PamAuthenticator(hiveConf) : pamAuthenticator);
- builder.setUsePAM(true);
- } else {
- throw new
IllegalArgumentException(ConfVars.HIVE_SERVER2_WEBUI_USE_SSL.varname + " has
false value. It is recommended to set to true when PAM is used.");
- }
- }
+ HttpServer.Builder builder = initBuilder(webHost, webUIPort,
"hiveserver2", "/", hiveConf);
Review Comment:
Why do you need to pass constants ("hiveserver2", "/") to a private builder
method?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
