/** Setup authentication and authorization plugins for this session. */
private void setupAuth() {
if (authenticator != null) {
// auth has been initialized
return;
}
try {
authenticator =
HiveUtils.getAuthenticator(conf, HiveConf.ConfVars.HIVE_AUTHENTICATOR_MANAGER);
authenticator.setSessionState(this);
String clsStr = HiveConf.getVar(conf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
authorizer = HiveUtils.getAuthorizeProviderManager(conf, clsStr, authenticator, true);
if (authorizer == null) {
// if it was null, the new authorization plugin must be specified in
// config
HiveAuthorizerFactory authorizerFactory =
HiveUtils.getAuthorizerFactory(conf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
HiveAuthzSessionContext.Builder authzContextBuilder = new HiveAuthzSessionContext.Builder();
authzContextBuilder.setClientType(
isHiveServerQuery() ? CLIENT_TYPE.HIVESERVER2 : CLIENT_TYPE.HIVECLI);
authzContextBuilder.setSessionString(getSessionId());
authorizerV2 =
authorizerFactory.createHiveAuthorizer(
new HiveMetastoreClientFactoryImpl(),
conf,
authenticator,
authzContextBuilder.build());
authorizerV2.applyAuthorizationConfigPolicy(conf);
}
// create the create table grants with new config
createTableGrants = CreateTableAutomaticGrant.create(conf);
} catch (HiveException e) {
throw new RuntimeException(e);
}
if (LOG.isDebugEnabled()) {
Object authorizationClass = getActiveAuthorizer();
LOG.debug("Session is using authorization class " + authorizationClass.getClass());
}
return;
}
/**
* set current session to existing session object if a thread is running multiple sessions - it
* must call this method with the new session object when switching from one session to another.
*
* @throws HiveException
*/
public static SessionState start(SessionState startSs) {
tss.set(startSs);
if (StringUtils.isEmpty(startSs.getConf().getVar(HiveConf.ConfVars.HIVESESSIONID))) {
startSs.getConf().setVar(HiveConf.ConfVars.HIVESESSIONID, makeSessionId());
}
if (startSs.hiveHist == null) {
startSs.hiveHist = new HiveHistory(startSs);
}
if (startSs.getTmpOutputFile() == null) {
// per-session temp file containing results to be sent from HiveServer to HiveClient
File tmpDir =
new File(HiveConf.getVar(startSs.getConf(), HiveConf.ConfVars.HIVEHISTORYFILELOC));
String sessionID = startSs.getConf().getVar(HiveConf.ConfVars.HIVESESSIONID);
try {
File tmpFile = File.createTempFile(sessionID, ".pipeout", tmpDir);
tmpFile.deleteOnExit();
startSs.setTmpOutputFile(tmpFile);
} catch (IOException e) {
throw new RuntimeException(e);
}
}
try {
startSs.authenticator = HiveUtils.getAuthenticator(startSs.getConf());
startSs.authorizer =
HiveUtils.getAuthorizeProviderManager(startSs.getConf(), startSs.authenticator);
startSs.createTableGrants = CreateTableAutomaticGrant.create(startSs.getConf());
} catch (HiveException e) {
throw new RuntimeException(e);
}
return startSs;
}