예제 #1
0
  /** Setup authentication and authorization plugins for this session. */
  private void setupAuth() {

    if (authenticator != null) {
      // auth has been initialized
      return;
    }

    try {
      authenticator =
          HiveUtils.getAuthenticator(conf, HiveConf.ConfVars.HIVE_AUTHENTICATOR_MANAGER);
      authenticator.setSessionState(this);

      String clsStr = HiveConf.getVar(conf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
      authorizer = HiveUtils.getAuthorizeProviderManager(conf, clsStr, authenticator, true);

      if (authorizer == null) {
        // if it was null, the new authorization plugin must be specified in
        // config
        HiveAuthorizerFactory authorizerFactory =
            HiveUtils.getAuthorizerFactory(conf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);

        HiveAuthzSessionContext.Builder authzContextBuilder = new HiveAuthzSessionContext.Builder();
        authzContextBuilder.setClientType(
            isHiveServerQuery() ? CLIENT_TYPE.HIVESERVER2 : CLIENT_TYPE.HIVECLI);
        authzContextBuilder.setSessionString(getSessionId());

        authorizerV2 =
            authorizerFactory.createHiveAuthorizer(
                new HiveMetastoreClientFactoryImpl(),
                conf,
                authenticator,
                authzContextBuilder.build());

        authorizerV2.applyAuthorizationConfigPolicy(conf);
      }
      // create the create table grants with new config
      createTableGrants = CreateTableAutomaticGrant.create(conf);

    } catch (HiveException e) {
      throw new RuntimeException(e);
    }

    if (LOG.isDebugEnabled()) {
      Object authorizationClass = getActiveAuthorizer();
      LOG.debug("Session is using authorization class " + authorizationClass.getClass());
    }
    return;
  }
예제 #2
0
  /**
   * set current session to existing session object if a thread is running multiple sessions - it
   * must call this method with the new session object when switching from one session to another.
   *
   * @throws HiveException
   */
  public static SessionState start(SessionState startSs) {

    tss.set(startSs);

    if (StringUtils.isEmpty(startSs.getConf().getVar(HiveConf.ConfVars.HIVESESSIONID))) {
      startSs.getConf().setVar(HiveConf.ConfVars.HIVESESSIONID, makeSessionId());
    }

    if (startSs.hiveHist == null) {
      startSs.hiveHist = new HiveHistory(startSs);
    }

    if (startSs.getTmpOutputFile() == null) {
      // per-session temp file containing results to be sent from HiveServer to HiveClient
      File tmpDir =
          new File(HiveConf.getVar(startSs.getConf(), HiveConf.ConfVars.HIVEHISTORYFILELOC));
      String sessionID = startSs.getConf().getVar(HiveConf.ConfVars.HIVESESSIONID);
      try {
        File tmpFile = File.createTempFile(sessionID, ".pipeout", tmpDir);
        tmpFile.deleteOnExit();
        startSs.setTmpOutputFile(tmpFile);
      } catch (IOException e) {
        throw new RuntimeException(e);
      }
    }

    try {
      startSs.authenticator = HiveUtils.getAuthenticator(startSs.getConf());
      startSs.authorizer =
          HiveUtils.getAuthorizeProviderManager(startSs.getConf(), startSs.authenticator);
      startSs.createTableGrants = CreateTableAutomaticGrant.create(startSs.getConf());
    } catch (HiveException e) {
      throw new RuntimeException(e);
    }

    return startSs;
  }