[jira] [Updated] (HIVE-11089) Hive Streaming: connection fails when using a proxy user UGI
[
https://issues.apache.org/jira/browse/HIVE-11089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Kunicki updated HIVE-11089:
Description:
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
If the goal is to determine whether this is a secure cluster, we could instead
call:
{code}
this.secureMode = ugi == null ? ugi.getRealAuthenticationMethod() != SIMPLE
{code}
This change would for both proxy users and real users.
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
was:
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
Hive Streaming: connection fails when using a proxy user UGI
Key: HIVE-11089
URL: https://issues.apache.org/jira/browse/HIVE-11089
Project: Hive
Issue Type: Bug
Components: HCatalog
Affects Versions: 0.14.0, 1.0.0, 1.2.0
Reporter: Adam Kunicki
Labels: ACID, Streaming
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
If the goal is to determine whether this is a secure cluster, we could
instead call:
{code}
this.secureMode = ugi == null ? ugi.getRealAuthenticationMethod() != SIMPLE
{code}
This change would for both proxy users and real users.
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (HIVE-11089) Hive Streaming: connection fails when using a proxy user UGI
[
https://issues.apache.org/jira/browse/HIVE-11089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Kunicki updated HIVE-11089:
Description:
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
It also seems that between 13.1 and 0.14 the newConnection() method that
includes a proxy user has been removed.
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
was:
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
If the goal is to determine whether this is a secure cluster, we could instead
call:
{code}
this.secureMode = ugi == null ? ugi.getRealAuthenticationMethod() != SIMPLE
{code}
This change would for both proxy users and real users.
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
Hive Streaming: connection fails when using a proxy user UGI
Key: HIVE-11089
URL: https://issues.apache.org/jira/browse/HIVE-11089
Project: Hive
Issue Type: Bug
Components: HCatalog
Affects Versions: 0.14.0, 1.0.0, 1.2.0
Reporter: Adam Kunicki
Labels: ACID, Streaming
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
It also seems that between 13.1 and 0.14 the newConnection() method that
includes a proxy user has been removed.
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Updated] (HIVE-11089) Hive Streaming: connection fails when using a proxy user UGI
[
https://issues.apache.org/jira/browse/HIVE-11089?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Kunicki updated HIVE-11089:
Description:
HIVE-7508 Add Kerberos Support seems to also remove the ability to specify a
proxy user.
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
It also seems that between 13.1 and 0.14 the newConnection() method that
includes a proxy user has been removed.
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
was:
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
It also seems that between 13.1 and 0.14 the newConnection() method that
includes a proxy user has been removed.
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
Hive Streaming: connection fails when using a proxy user UGI
Key: HIVE-11089
URL: https://issues.apache.org/jira/browse/HIVE-11089
Project: Hive
Issue Type: Bug
Components: HCatalog
Affects Versions: 0.14.0, 1.0.0, 1.2.0
Reporter: Adam Kunicki
Labels: ACID, Streaming
HIVE-7508 Add Kerberos Support seems to also remove the ability to specify
a proxy user.
HIVE-8427 adds a call to ugi.hasKerberosCredentials() to check whether the
connection is supposed to be a secure connection.
This however breaks support for Proxy Users as a proxy user UGI will always
return false to hasKerberosCredentials().
See lines 273, 274 of HiveEndPoint.java
{code}
this.secureMode = ugi==null ? false : ugi.hasKerberosCredentials();
this.msClient = getMetaStoreClient(endPoint, conf, secureMode);
{code}
It also seems that between 13.1 and 0.14 the newConnection() method that
includes a proxy user has been removed.
for reference:
https://github.com/apache/hive/commit/8e423a12db47759196c24535fbc32236b79f464a
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
