-
Type:
Bug
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 2.2.0
-
Fix Version/s: None
-
Component/s: Authentication
-
Labels:None
The logic in getAuthTransFactory() is flawed, as it will always return "Unsupported authentication type" error when authTypeStr is set to KERBEROS.
inside HiveAuthFactory class.
public TTransportFactory getAuthTransFactory()
throws LoginException
{
TTransportFactory transportFactory;
if (isSASLWithKerberizedHadoop())
{
try
catch (TTransportException e)
{ TSaslServerTransport.Factory serverTransportFactory; throw new LoginException(e.getMessage()); } TSaslServerTransport.Factory serverTransportFactory;
if (!this.authTypeStr.equalsIgnoreCase(AuthTypes.KERBEROS.getAuthName())) {
if ((this.authTypeStr.equalsIgnoreCase(AuthTypes.NONE.getAuthName())) ||
(this.authTypeStr.equalsIgnoreCase(AuthTypes.LDAP.getAuthName())) ||
(this.authTypeStr.equalsIgnoreCase(AuthTypes.PAM.getAuthName())) ||
(this.authTypeStr.equalsIgnoreCase(AuthTypes.CUSTOM.getAuthName()))) {
try
catch (AuthenticationException e)
{ throw new LoginException("Error setting callback handler" + e); }} else
{ throw new LoginException("Unsupported authentication type " + this.authTypeStr); }}
transportFactory = this.saslServer.wrapTransportFactory(serverTransportFactory);
}
else
{
TTransportFactory transportFactory;
if ((this.authTypeStr.equalsIgnoreCase(AuthTypes.NONE.getAuthName())) ||
(this.authTypeStr.equalsIgnoreCase(AuthTypes.LDAP.getAuthName())) ||
(this.authTypeStr.equalsIgnoreCase(AuthTypes.PAM.getAuthName())) ||
(this.authTypeStr.equalsIgnoreCase(AuthTypes.CUSTOM.getAuthName())))
{ transportFactory = PlainSaslHelper.getPlainTransportFactory(this.authTypeStr); }
else
{
TTransportFactory transportFactory;
if (this.authTypeStr.equalsIgnoreCase(AuthTypes.NOSASL.getAuthName())) { transportFactory = new TTransportFactory(); } else { throw new LoginException("Unsupported authentication type " + this.authTypeStr); }
}
}
TTransportFactory transportFactory;
return transportFactory;
}