diff --git ql/src/java/org/apache/hadoop/hive/ql/Driver.java ql/src/java/org/apache/hadoop/hive/ql/Driver.java index ec82ede..740d545 100644 --- ql/src/java/org/apache/hadoop/hive/ql/Driver.java +++ ql/src/java/org/apache/hadoop/hive/ql/Driver.java @@ -1334,7 +1334,8 @@ public int execute() throws CommandNeedRetryException { resStream = null; SessionState ss = SessionState.get(); - HookContext hookContext = new HookContext(plan, conf, ctx.getPathToCS(), ss.getUserName(), ss.getUserIpAddress()); + HookContext hookContext = new HookContext(plan, conf, ctx.getPathToCS(), + SessionState.getUserFromAuthenticator(), ss.getUserIpAddress()); hookContext.setHookType(HookContext.HookType.PRE_EXEC_HOOK); for (Hook peh : getHooks(HiveConf.ConfVars.PREEXECHOOKS)) { diff --git ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionTask.java ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionTask.java index 569c125..e43491b 100644 --- ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionTask.java +++ ql/src/java/org/apache/hadoop/hive/ql/exec/FunctionTask.java @@ -26,7 +26,6 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.fs.FileSystem; -import org.apache.hadoop.hive.common.JavaUtils; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.api.Function; import org.apache.hadoop.hive.metastore.api.PrincipalType; @@ -148,7 +147,7 @@ private int createPermanentFunction(Hive db, CreateFunctionDesc createFunctionDe funcName, dbName, className, - SessionState.get().getUserName(), + SessionState.getUserFromAuthenticator(), PrincipalType.USER, (int) (System.currentTimeMillis() / 1000), org.apache.hadoop.hive.metastore.api.FunctionType.JAVA, diff --git ql/src/java/org/apache/hadoop/hive/ql/security/HadoopDefaultAuthenticator.java ql/src/java/org/apache/hadoop/hive/ql/security/HadoopDefaultAuthenticator.java index d68d19d..bfe1adb 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/HadoopDefaultAuthenticator.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/HadoopDefaultAuthenticator.java @@ -46,23 +46,26 @@ public String getUserName() { @Override public void setConf(Configuration conf) { + UserGroupInformation ugi = getUGIForConf(conf); this.conf = conf; - UserGroupInformation ugi = null; + this.userName = ShimLoader.getHadoopShims().getShortUserName(ugi); + if (ugi.getGroupNames() != null) { + this.groupNames = Arrays.asList(ugi.getGroupNames()); + } + } + + public static UserGroupInformation getUGIForConf(Configuration conf) { + UserGroupInformation ugi; try { ugi = ShimLoader.getHadoopShims().getUGIForConf(conf); } catch (Exception e) { throw new RuntimeException(e); } - if (ugi == null) { throw new RuntimeException( "Can not initialize HadoopDefaultAuthenticator."); } - - this.userName = ShimLoader.getHadoopShims().getShortUserName(ugi); - if (ugi.getGroupNames() != null) { - this.groupNames = Arrays.asList(ugi.getGroupNames()); - } + return ugi; } @Override diff --git ql/src/java/org/apache/hadoop/hive/ql/security/SessionStateUserAuthenticator.java ql/src/java/org/apache/hadoop/hive/ql/security/SessionStateUserAuthenticator.java index a77e93f..0a9ffbe 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/SessionStateUserAuthenticator.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/SessionStateUserAuthenticator.java @@ -43,7 +43,12 @@ @Override public String getUserName() { - return sessionState.getUserName(); + String username = sessionState.getUserName(); + if (username == null) { + // use login user instead + return HadoopDefaultAuthenticator.getUGIForConf(sessionState.getConf()).getUserName(); + } + return username; } @Override diff --git ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveV1Authorizer.java ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveV1Authorizer.java index ac1cc47..06477a8 100644 --- ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveV1Authorizer.java +++ ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveV1Authorizer.java @@ -21,7 +21,6 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Set; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.Warehouse; @@ -350,21 +349,14 @@ public void setCurrentRole(String roleName) throws HiveAccessControlException, H @Override public List getCurrentRoleNames() throws HiveAuthzPluginException { - - String userName = SessionState.get().getUserName(); - if (userName == null) { - userName = SessionState.getUserFromAuthenticator(); - } - if (userName == null) { - throw new HiveAuthzPluginException("Cannot resolve current user name"); - } try { + String userName = SessionState.getUserFromAuthenticator(); List roleNames = new ArrayList(); for (Role role : hive.listRoles(userName, PrincipalType.USER)) { roleNames.add(role.getRoleName()); } return roleNames; - } catch (HiveException e) { + } catch (Exception e) { throw new HiveAuthzPluginException(e); } }