[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13777938#comment-13777938 ] Vaibhav Gumashta commented on HIVE-4232: Hi [~prasadm], possible to take a look at this again? I feel the way auth parameters are passed in JDBC uri is quite confusing and not very clean. NONE/NOSASL is also misleading and exposes a risk of misinterpretation while developing, which will compound as more stuff is built on this. My proposal (similar to [~thejas]): 1. Have all comparison case insensitive. 2. While parsing the uri in Utils#parseURL, set the auth config parameter for each mode. When it is not specified, set it to the default of PLAINSASL. This cleans HiveConnection#openTransport. 3. hive.server2.authentication=NOSASL - Raw transport - jdbc:hive2://host:port/dbname;auth=nosasl 4. hive.server2.authentication=PLAINSASL - Plain SASL transport - jdbc:hive2://host:port/dbname;auth=plainsasl(or no-auth specified) 5. hive.server2.authentication=KERBEROS - Kerberos SASL transport - jdbc:hive2://host:port/dbname;auth=kerberos;principal=principal;qop=auth|auth-int|auth-conf JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0, 0.12.0 Reporter: Chris Drome Assignee: Chris Drome Attachments: HIVE-4232-1.patch, HIVE-4232-2.patch, HIVE-4232-3-0.11.patch, HIVE-4232-3-trunk.patch, HIVE-4232-4-0.11.patch, HIVE-4232-4-trunk.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13628347#comment-13628347 ] Thejas M Nair commented on HIVE-4232: - [~mithun] THRIFT-1774 is the unfortunate reality, and I don't see anybody having signed up to fix it. From a user experience perspective, it would be better to get an error message (well, a stack trace in this case!) instead of the command hanging if the user tries to connect to a kerberos-secure server without specifying the correct auth. I don't see any advantages of using raw transport as default (one client and server). I agree that the auth names are misleading and we should change that. Here is my proposal - hive-site.xml - transport - JDBC connection string 1. (fix to make compare case insensitive for all auth types ) hive.server2.authentication=NOSASL - raw transport - jdbc:hive2://host:port/dbname;auth=nosasl 2. (change the param name, this remains default) hive.server2.authentication=PLAINSASL - plain SASL transport - jdbc:hive2://host:port/dbname (DEFAULT) 3. (check/support auth=kerberos in jdbc url) hive.server2.authentication=KERBEROS - Kerberos SASL transport - jdbc:hive2://host:port/dbname;auth=kerberos,principal=principal JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13625557#comment-13625557 ] Mithun Radhakrishnan commented on HIVE-4232: Hello, [~cwsteinbach]. Hi, [~prasadm]. Could you please help us understand the rationale behind the choice of default (plainsasl, i.e. erstwhile NONE)? I mean, before the Thrift-hang. The manner in which the auth-protocol is deduced is far from intuitive. The Thrift-1774 bug is an unfortunate aside that one wishes could be resolved in Thrift. While I concede HiveServer2 has been in trunk for a while (and might well have customers using it), it's not been in an official Hive release prior to 0.11. Surely, now (i.e. before 0.11 release) is the opportune moment to change the defaults and fix the format of the jdbc-connect-string? [~cdrome] does make a valid point about the client needing to be in sync with the server's auth method anyway. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13621909#comment-13621909 ] Carl Steinbach commented on HIVE-4232: -- @Chris: I left a comment on phabricator. Also, can you please respond to the point Prasad raised about changing the default from PLAIN to NONE? Thanks. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13621923#comment-13621923 ] Chris Drome commented on HIVE-4232: --- [~prasadm][~cwsteinbach]: I think Prasad's point is fair. It explains why the defaults were set the way they were and should probably be documented somewhere in the code. We have a follow-up patch which adds functionality to set the QOP of the transport, so that data encryption can be enabled on the client-server transport. This will require some changes to the JDBC connection string and I wanted to get buy-in to modify the existing format of the connection string before posting that patch. I still feel the naming conventions are a little misleading and the JDBC connection string tries to infer the state. However, if everyone agrees that NOSASL should generally not be used, then I won't push that issue. Although it doesn't help in the case a client library adds auth=nosasl, resulting in the connection hanging. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13622637#comment-13622637 ] Carl Steinbach commented on HIVE-4232: -- Just to clarify I'm fine with changing the names of the property values (e.g. NOSASL -- NONE, NONE -- PLAIN), but I think we should probably stick with the current default value (PLAIN) since it makes it less likely that a user will encounter the hang issue described in THRIFT-1774. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13622693#comment-13622693 ] Prasad Mujumdar commented on HIVE-4232: --- [~cdrome] Thanks for looking into it further. I agree with your comment regarding JDBC application explicitly adding nosasl. In such case the application is doing a customization by overriding the default, so they should know what they are doing .. Also you are correct about this details not being well documented. I will go ahead and add new advance/custom configuratoin sections to [Setting Up Hive Server|https://cwiki.apache.org/Hive/adminmanual-settinguphiveserver.html] as well as [HiveServer2 Clients|https://cwiki.apache.org/Hive/hiveserver2-clients.html]. Thanks for bringing that out! [~cwsteinbach] Thanks for providing feedback. I would still like to argue that the PLAIN is more tied to the internal implementation and not indicative of the behavior, especially when its a default. We can perhaps change NOSASL to RAW or THRIFT, or leave it with the 'sasl' reference as its more of advance option. Another thing to keep in mind that was available as a patch for HiveServer2 for a very long time. Even though its committed to trunk in 0.11, the community has started using the patch on top of Hive 0.10 as well as through multiple popular distros. Changing the configuration will be a backward incompatible change for such users. This one is not just flipping a config switch, but would also require changing JDBC code and recompiling/redeploying the application. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13622931#comment-13622931 ] Chris Drome commented on HIVE-4232: --- I was thinking about this a little more and would like to summarize the current state: hive-site.xml - transport - JDBC connection string 1. hive.server2.authentication=NOSASL - raw transport - jdbc:hive2://host:port/dbname;auth=noSasl 2. hive.server2.authentication=NONE - plain SASL transport - jdbc:hive2://host:port/dbname (*DEFAULT*) 3. hive.server2.authentication=KERBEROS - Kerberos SASL transport - jdbc:hive2://host:port/dbname;principal=principal So we need to set auth=noSasl to disable SASL instead of auth=plainsasl|kerberos to enable SASL. Now if the server is set to Kerberos, then the client still has to know this because it if they exclude the principal parameter it will happily initialize a plain SASL transport because the code infers SASL/Kerberos based on the existence of that value. Granted, in this case the connection throws an exception. If it was a requirement to include say auth=plainsasl|kerberos in the connection string, then the code wouldn't have to guess what the intent was and could communicate an error if auth=kerberos and principal is not present. Furthermore, from what I can see, the plain SASL is really just a no-op as it is not doing anything when authentication=NONE. In the end, it comes down to the fact that the client still needs to know the authentication method of the server. That is why I asked whether we had data about the average use case. Do we know how often people are using raw vs plain vs kerberos? It seems that the real issue is that a SASL transport doesn't play nicely with a raw transport. If it would be possible to remove the need to support the raw transport, that would resolve this discussion. Even the raw transport much speak thrift, so that isn't an issue. Rather it is a question of whether client should be forced to implement a SASL transport. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13620702#comment-13620702 ] Chris Drome commented on HIVE-4232: --- In the process of writing some unit tests for the connection string changes I noticed that the connection type for HiveServer2 defaults to NONE, which uses the Plain SASL Transport Factory. So in this sense the original implementation of HiveConnection matches for the default case. hive.server2.authentication can take one of the following values: NOSASL NONE (default) LDAP KERBEROS CUSTOM I think NONE is misleading and should be renamed PLAIN (or something similar), and NOSASL should be labelled NONE. And that the default usage of Plain SASL Transport Factory seems odd. The default behavior of HiveConnection should match that of HiveServer2. I'd like to ask your opinion of what the default behavior should be. Should it default to the Plain SASL transport or no authentication at all? JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13620756#comment-13620756 ] Chris Drome commented on HIVE-4232: --- Working on some test cases, but need to resolve a classpath issue before I can include them. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13621074#comment-13621074 ] Ashutosh Chauhan commented on HIVE-4232: I agree with your nomenclature. NONE should really mean no special setting is required and raw thrift sockets are used. And lets call PLAIN (of new world) as PLAINSASL to make it clear that its sasl without auth. And lets make NONE (which uses raw thrift sockets) the default (ie if user has not specified anything we will assume NONE) JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13621823#comment-13621823 ] Prasad Mujumdar commented on HIVE-4232: --- [~ashutoshc] thanks for the feedback. Here are a couple of things to consider. Thrift SASL transport doesn't detect if the other peer is not using the SASL transport ([THRIFT-1774|https://issues.apache.org/jira/browse/THRIFT-1774]). Hence if the hiveserver and client are not using the same transport then the connection simply hangs. Hence its using SASL transport as default and NOSASL is more of a backdoor if you are using some non-java bindings that doesn't have thrift sasl transport (and hence not listed in the hive-defaults). IMO making non-sasl as default will lead to more problems than what it intends to solve. For an end user , it doesn't matter what underlying authentication libraries are used for the implementation. The normal authentication options None, LDAP, Kerberos and Custom are self explanatory from point of view. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232-1.patch, HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13619624#comment-13619624 ] Chris Drome commented on HIVE-4232: --- Phabricator link: https://reviews.facebook.net/D9879 JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13620118#comment-13620118 ] Chris Drome commented on HIVE-4232: --- Hi Ashutosh, I will be out of the office from Thursday, so I was wondering if I could get your feedback on the HIVE-4232 patch as soon as possible. That way I would be able to make changes or address concerns before I leave. I've created the fabricator ticket. https://reviews.facebook.net/D9879 Thanks, chris JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13620250#comment-13620250 ] Thejas M Nair commented on HIVE-4232: - +1 (non binding) JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13620254#comment-13620254 ] Ashutosh Chauhan commented on HIVE-4232: +1 looks good to me too. It will be good to add a testcase, especially since there is no existing testcase for url strings. You can spin off a HiveServer2 in a thread and then have a jdbc client connect to it with urls having plain and default connection string, passing on username and password where supported. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13619072#comment-13619072 ] Ashutosh Chauhan commented on HIVE-4232: [~cdrome] can you create a phabricator or RB link for this change? JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Fix For: 0.11.0 Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults
[ https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13613592#comment-13613592 ] Chris Drome commented on HIVE-4232: --- The patch proposes that if auth is not specified or auth=none the transport will default to TSocket. If auth=kerberos|plain then the Kerberos SASL transport or the Plain SASL transport will be used. If auth=kerberos then principal must also be specified. We propose controlling the QOP with another parameter qop=auth|auth-int|auth-conf. The patch also takes care of case-sensitive value comparisons. I feel that these changes result in a more reasonable set of defaults and don't rely upon inferring Kerberos or plain based on the existence of other parameters. I will rebase HIVE-4225 if these proposed changes are accepted. JDBC2 HiveConnection has odd defaults - Key: HIVE-4232 URL: https://issues.apache.org/jira/browse/HIVE-4232 Project: Hive Issue Type: Bug Components: HiveServer2, JDBC Affects Versions: 0.11.0 Reporter: Chris Drome Assignee: Chris Drome Attachments: HIVE-4232.patch HiveConnection defaults to using a plain SASL transport if auth is not set. To get a raw transport auth must be set to noSasl; furthermore noSasl is case sensitive. Code tries to infer Kerberos or plain authentication based on the presence of principal. There is no provision for specifying QOP level. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira
