diff --git common/src/java/org/apache/hadoop/hive/conf/HiveConf.java common/src/java/org/apache/hadoop/hive/conf/HiveConf.java index a809f17..dcfbf51 100644 --- common/src/java/org/apache/hadoop/hive/conf/HiveConf.java +++ common/src/java/org/apache/hadoop/hive/conf/HiveConf.java @@ -1774,6 +1774,7 @@ public void setSparkConfigUpdated(boolean isSparkConfigUpdated) { " order specified until a connection is successful."), HIVE_SERVER2_PLAIN_LDAP_BASEDN("hive.server2.authentication.ldap.baseDN", null, "LDAP base DN"), HIVE_SERVER2_PLAIN_LDAP_DOMAIN("hive.server2.authentication.ldap.Domain", null, ""), + HIVE_SERVER2_PLAIN_LDAP_USERNAME_ATTRIBUTE("hive.server2.authentication.ldap.usernameAttribute", "uid", ""), HIVE_SERVER2_CUSTOM_AUTHENTICATION_CLASS("hive.server2.custom.authentication.class", null, "Custom authentication class. Used when property\n" + "'hive.server2.authentication' is set to 'CUSTOM'. Provided class\n" + diff --git service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java index 7292cd9..a49f3f3 100644 --- service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java +++ service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java @@ -31,12 +31,14 @@ private final String ldapURL; private final String baseDN; private final String ldapDomain; + private final String usernameAttribute; LdapAuthenticationProviderImpl() { HiveConf conf = new HiveConf(); ldapURL = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_URL); baseDN = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN); ldapDomain = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_DOMAIN); + usernameAttribute = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_USERNAME_ATTRIBUTE); } @Override @@ -58,7 +60,7 @@ public void Authenticate(String user, String password) throws AuthenticationExce if (baseDN == null) { bindDN = user; } else { - bindDN = "uid=" + user + "," + baseDN; + bindDN = usernameAttribute + "=" + user + "," + baseDN; } env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, bindDN);