diff --git a/service/src/java/org/apache/hive/service/auth/PlainSaslHelper.java b/service/src/java/org/apache/hive/service/auth/PlainSaslHelper.java index 15b1675..c4f7b60 100644 --- a/service/src/java/org/apache/hive/service/auth/PlainSaslHelper.java +++ b/service/src/java/org/apache/hive/service/auth/PlainSaslHelper.java @@ -29,6 +29,7 @@ import javax.security.sasl.SaslException; import org.apache.hadoop.hive.conf.HiveConf; +import org.apache.hadoop.hive.shims.ShimLoader; import org.apache.hive.service.auth.PlainSaslServer.ExternalAuthenticationCallback; import org.apache.hive.service.auth.PlainSaslServer.SaslPlainProvider; import org.apache.hive.service.cli.thrift.TCLIService; @@ -109,8 +110,11 @@ public SQLPlainProcessorFactory(ThriftCLIService service) { @Override public TProcessor getProcessor(TTransport trans) { TProcessor baseProcessor = new TCLIService.Processor(service); - return doAsEnabled ? new TUGIContainingProcessor(baseProcessor, conf) : - new TSetIpAddressProcessor(service); + if (doAsEnabled && !ShimLoader.getHadoopShims().isSecurityEnabled()) { + return new TUGIContainingProcessor(baseProcessor, conf); + } else { + return new TSetIpAddressProcessor(service); + } } } diff --git a/service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java b/service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java index 857e627..1890b8e 100644 --- a/service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java +++ b/service/src/java/org/apache/hive/service/cli/thrift/ThriftCLIService.java @@ -29,6 +29,7 @@ import org.apache.commons.logging.LogFactory; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.conf.HiveConf.ConfVars; +import org.apache.hadoop.hive.shims.ShimLoader; import org.apache.hive.service.AbstractService; import org.apache.hive.service.auth.HiveAuthFactory; import org.apache.hive.service.cli.CLIService; @@ -143,14 +144,8 @@ SessionHandle getSessionHandle(TOpenSessionReq req) String userName = getUserName(req); SessionHandle sessionHandle = null; - if ( - cliService.getHiveConf().getVar(ConfVars.HIVE_SERVER2_AUTHENTICATION) - .equals(HiveAuthFactory.AuthTypes.KERBEROS.toString()) - && - cliService.getHiveConf(). - getBoolVar(ConfVars.HIVE_SERVER2_ENABLE_DOAS) - ) - { + if (cliService.getHiveConf().getBoolVar(ConfVars.HIVE_SERVER2_ENABLE_DOAS) && + ShimLoader.getHadoopShims().isSecurityEnabled()) { String delegationTokenStr = null; try { delegationTokenStr = cliService.getDelegationTokenFromMetaStore(userName);