This is an automated email from the ASF dual-hosted git repository. daijy pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/hive.git
The following commit(s) were added to refs/heads/master by this push: new a3d826d HIVE-21573: Binary transport shall ignore principal if auth is set to delegationToken (Denes Bodo, reviewed by Zoltan Haindrich, Daniel Dai) a3d826d is described below commit a3d826d54cfaedf066c430a4f83f2b04a402c3da Author: Denes Bodo <bod.de...@gmail.com> AuthorDate: Mon Apr 8 14:54:50 2019 -0700 HIVE-21573: Binary transport shall ignore principal if auth is set to delegationToken (Denes Bodo, reviewed by Zoltan Haindrich, Daniel Dai) Signed-off-by: Daniel Dai <dai...@gmail.com> --- .../java/org/apache/hive/jdbc/HiveConnection.java | 31 +++++++++++----------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java index 4c7119f..ec9c193 100644 --- a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java +++ b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java @@ -685,23 +685,24 @@ public class HiveConnection implements java.sql.Connection { saslProps.put(Sasl.QOP, "auth-conf,auth-int,auth"); } saslProps.put(Sasl.SERVER_AUTH, "true"); - if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) { + String tokenStr = null; + if (JdbcConnectionParams.AUTH_TOKEN.equals(sessConfMap.get(JdbcConnectionParams.AUTH_TYPE))) { + // If there's a delegation token available then use token based connection + tokenStr = getClientDelegationToken(sessConfMap); + } + if (tokenStr != null) { + transport = KerberosSaslHelper.getTokenTransport(tokenStr, + host, socketTransport, saslProps); + } else if(sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)){ transport = KerberosSaslHelper.getKerberosTransport( - sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host, - socketTransport, saslProps, assumeSubject); + sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host, + socketTransport, saslProps, assumeSubject); } else { - // If there's a delegation token available then use token based connection - String tokenStr = getClientDelegationToken(sessConfMap); - if (tokenStr != null) { - transport = KerberosSaslHelper.getTokenTransport(tokenStr, - host, socketTransport, saslProps); - } else { - // we are using PLAIN Sasl connection with user/password - String userName = getUserName(); - String passwd = getPassword(); - // Overlay the SASL transport on top of the base socket transport (SSL or non-SSL) - transport = PlainSaslHelper.getPlainTransport(userName, passwd, socketTransport); - } + // we are using PLAIN Sasl connection with user/password + String userName = getUserName(); + String passwd = getPassword(); + // Overlay the SASL transport on top of the base socket transport (SSL or non-SSL) + transport = PlainSaslHelper.getPlainTransport(userName, passwd, socketTransport); } } else { // Raw socket connection (non-sasl)