diff --git a/common/src/java/org/apache/hive/http/HttpServer.java b/common/src/java/org/apache/hive/http/HttpServer.java index 0624a7e15c..6a23db47f5 100644 --- a/common/src/java/org/apache/hive/http/HttpServer.java +++ b/common/src/java/org/apache/hive/http/HttpServer.java @@ -259,7 +259,7 @@ public static boolean isInstrumentationAccessAllowed( * @return true if admin-authorized, false otherwise * @throws IOException */ - static boolean hasAdministratorAccess( + public static boolean hasAdministratorAccess( ServletContext servletContext, HttpServletRequest request, HttpServletResponse response) throws IOException { Configuration conf = diff --git a/service/src/resources/hive-webapps/hiveserver2/hiveserver2.jsp b/service/src/resources/hive-webapps/hiveserver2/hiveserver2.jsp index c0ece6da97..2e53916f3a 100644 --- a/service/src/resources/hive-webapps/hiveserver2/hiveserver2.jsp +++ b/service/src/resources/hive-webapps/hiveserver2/hiveserver2.jsp @@ -22,6 +22,7 @@ import="org.apache.hadoop.hive.conf.HiveConf" import="org.apache.hadoop.hive.conf.HiveConf.ConfVars" import="org.apache.hive.common.util.HiveVersionInfo" + import="org.apache.hive.http.HttpServer" import="org.apache.hive.service.cli.operation.Operation" import="org.apache.hive.service.cli.operation.SQLOperation" import="org.apache.hadoop.hive.ql.QueryInfo" @@ -109,6 +110,10 @@ if (sessionManager != null) { <% Collection hiveSessions = sessionManager.getSessions(); for (HiveSession hiveSession: hiveSessions) { + if (!HttpServer.hasAdministratorAccess(ctx, request, response)) + { + break; + } %> <%= hiveSession.getUserName() %> @@ -143,6 +148,10 @@ for (HiveSession hiveSession: hiveSessions) { int queries = 0; Collection operations = sessionManager.getOperationManager().getLiveQueryInfos(); for (QueryInfo operation : operations) { + if (!HttpServer.hasAdministratorAccess(ctx, request, response)) + { + break; + } queries++; %> @@ -184,6 +193,10 @@ for (HiveSession hiveSession: hiveSessions) { queries = 0; operations = sessionManager.getOperationManager().getHistoricalQueryInfos(); for (QueryInfo operation : operations) { + if (!HttpServer.hasAdministratorAccess(ctx, request, response)) + { + break; + } queries++; %>