[hive] branch master updated: HIVE-21573: Binary transport shall ignore principal if auth is set to delegationToken (Denes Bodo, reviewed by Zoltan Haindrich, Daniel Dai)

Mon, 08 Apr 2019 14:57:36 -0700 

This is an automated email from the ASF dual-hosted git repository.

daijy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hive.git


The following commit(s) were added to refs/heads/master by this push:
     new a3d826d  HIVE-21573: Binary transport shall ignore principal if auth 
is set to delegationToken (Denes Bodo, reviewed by Zoltan Haindrich, Daniel Dai)
a3d826d is described below

commit a3d826d54cfaedf066c430a4f83f2b04a402c3da
Author: Denes Bodo <bod.de...@gmail.com>
AuthorDate: Mon Apr 8 14:54:50 2019 -0700

    HIVE-21573: Binary transport shall ignore principal if auth is set to 
delegationToken (Denes Bodo, reviewed by Zoltan Haindrich, Daniel Dai)
    
    Signed-off-by: Daniel Dai <dai...@gmail.com>
---
 .../java/org/apache/hive/jdbc/HiveConnection.java  | 31 +++++++++++-----------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java 
b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
index 4c7119f..ec9c193 100644
--- a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
+++ b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
@@ -685,23 +685,24 @@ public class HiveConnection implements 
java.sql.Connection {
           saslProps.put(Sasl.QOP, "auth-conf,auth-int,auth");
         }
         saslProps.put(Sasl.SERVER_AUTH, "true");
-        if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) {
+        String tokenStr = null;
+        if 
(JdbcConnectionParams.AUTH_TOKEN.equals(sessConfMap.get(JdbcConnectionParams.AUTH_TYPE)))
 {
+          // If there's a delegation token available then use token based 
connection
+          tokenStr = getClientDelegationToken(sessConfMap);
+        }
+        if (tokenStr != null) {
+          transport = KerberosSaslHelper.getTokenTransport(tokenStr,
+                  host, socketTransport, saslProps);
+        } else 
if(sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)){
           transport = KerberosSaslHelper.getKerberosTransport(
-              sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host,
-              socketTransport, saslProps, assumeSubject);
+                  sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host,
+                  socketTransport, saslProps, assumeSubject);
         } else {
-          // If there's a delegation token available then use token based 
connection
-          String tokenStr = getClientDelegationToken(sessConfMap);
-          if (tokenStr != null) {
-            transport = KerberosSaslHelper.getTokenTransport(tokenStr,
-                host, socketTransport, saslProps);
-          } else {
-            // we are using PLAIN Sasl connection with user/password
-            String userName = getUserName();
-            String passwd = getPassword();
-            // Overlay the SASL transport on top of the base socket transport 
(SSL or non-SSL)
-            transport = PlainSaslHelper.getPlainTransport(userName, passwd, 
socketTransport);
-          }
+          // we are using PLAIN Sasl connection with user/password
+          String userName = getUserName();
+          String passwd = getPassword();
+          // Overlay the SASL transport on top of the base socket transport 
(SSL or non-SSL)
+          transport = PlainSaslHelper.getPlainTransport(userName, passwd, 
socketTransport);
         }
       } else {
         // Raw socket connection (non-sasl)

Reply via email to