diff --git itests/hive-minikdc/src/test/java/org/apache/hive/minikdc/TestHiveAuthFactory.java itests/hive-minikdc/src/test/java/org/apache/hive/minikdc/TestHiveAuthFactory.java new file mode 100644 index 0000000..a30ec7e --- /dev/null +++ itests/hive-minikdc/src/test/java/org/apache/hive/minikdc/TestHiveAuthFactory.java @@ -0,0 +1,66 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hive.minikdc; + +import org.junit.Assert; +import org.apache.hadoop.hive.conf.HiveConf; +import org.apache.hadoop.hive.conf.HiveConf.ConfVars; +import org.apache.hive.service.auth.HiveAuthFactory; +import org.junit.AfterClass; +import org.junit.BeforeClass; +import org.junit.Test; + + +public class TestHiveAuthFactory { + private static HiveConf hiveConf; + private static MiniHiveKdc miniHiveKdc = null; + + @BeforeClass + public static void setUp() throws Exception { + hiveConf = new HiveConf(); + miniHiveKdc = MiniHiveKdc.getMiniHiveKdc(hiveConf); + } + + @AfterClass + public static void tearDown() throws Exception { + } + + /** + * Verify that delegation token manager is started with no exception + * @throws Exception + */ + @Test + public void testStartTokenManager() throws Exception { + hiveConf.setVar(ConfVars.HIVE_SERVER2_AUTHENTICATION, HiveAuthFactory.AuthTypes.KERBEROS.getAuthName()); + String principalName = miniHiveKdc.getFullHiveServicePrincipal(); + System.out.println("Principal: " + principalName); + + hiveConf.setVar(ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL, principalName); + String keyTabFile = miniHiveKdc.getKeyTabFile(miniHiveKdc.getHiveServicePrincipal()); + System.out.println("keyTabFile: " + keyTabFile); + Assert.assertNotNull(keyTabFile); + hiveConf.setVar(ConfVars.HIVE_SERVER2_KERBEROS_KEYTAB, keyTabFile); + + System.out.println("rawStoreClassName =" + hiveConf.getVar(ConfVars.METASTORE_RAW_STORE_IMPL)); + + HiveAuthFactory authFactory = new HiveAuthFactory(hiveConf); + Assert.assertNotNull(authFactory); + Assert.assertEquals("org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge$Server$TUGIAssumingTransportFactory", + authFactory.getAuthTransFactory().getClass().getName()); + } +} diff --git service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java index 8352951..22c309f 100644 --- service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java +++ service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java @@ -18,7 +18,6 @@ package org.apache.hive.service.auth; import java.io.IOException; -import java.net.InetAddress; import java.net.InetSocketAddress; import java.net.UnknownHostException; import java.util.ArrayList; @@ -33,6 +32,9 @@ import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.conf.HiveConf.ConfVars; +import org.apache.hadoop.hive.metastore.HiveMetaStore; +import org.apache.hadoop.hive.metastore.HiveMetaStore.HMSHandler; +import org.apache.hadoop.hive.metastore.api.MetaException; import org.apache.hadoop.hive.shims.HadoopShims.KerberosNameShim; import org.apache.hadoop.hive.shims.ShimLoader; import org.apache.hadoop.hive.thrift.HadoopThriftAuthBridge; @@ -108,8 +110,11 @@ public HiveAuthFactory(HiveConf conf) throws TTransportException { conf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL)); // start delegation token manager try { - saslServer.startDelegationTokenSecretManager(conf, null, ServerMode.HIVESERVER2); - } catch (IOException e) { + HMSHandler baseHandler = new HiveMetaStore.HMSHandler( + "new db based metaserver", conf, true); + saslServer.startDelegationTokenSecretManager(conf, baseHandler.getMS(), ServerMode.HIVESERVER2); + } + catch (MetaException|IOException e) { throw new TTransportException("Failed to start token manager", e); } }