diff --git common/src/java/org/apache/hive/http/HttpServer.java common/src/java/org/apache/hive/http/HttpServer.java index f99f18ae46..c3771a34be 100644 --- common/src/java/org/apache/hive/http/HttpServer.java +++ common/src/java/org/apache/hive/http/HttpServer.java @@ -18,24 +18,14 @@ package org.apache.hive.http; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.net.URL; -import java.util.HashMap; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import com.google.common.base.Preconditions; +import com.google.common.base.Splitter; +import com.google.common.base.Strings; +import com.google.common.collect.Sets; import org.apache.commons.math3.util.Pair; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.CommonConfigurationKeys; +import org.apache.hadoop.hive.common.classification.InterfaceAudience; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.conf.HiveConf.ConfVars; import org.apache.hadoop.security.SecurityUtil; @@ -43,7 +33,6 @@ import org.apache.hadoop.security.authentication.server.AuthenticationFilter; import org.apache.hadoop.security.authorize.AccessControlList; import org.apache.hadoop.util.Shell; -import org.apache.hadoop.hive.common.classification.InterfaceAudience; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.core.Appender; import org.apache.logging.log4j.core.Logger; @@ -59,21 +48,21 @@ import org.eclipse.jetty.server.handler.ContextHandlerCollection; import org.eclipse.jetty.server.nio.SelectChannelConnector; import org.eclipse.jetty.server.ssl.SslSelectChannelConnector; -import org.eclipse.jetty.servlet.DefaultServlet; -import org.eclipse.jetty.servlet.FilterHolder; -import org.eclipse.jetty.servlet.FilterMapping; -import org.eclipse.jetty.servlet.ServletContextHandler; -import org.eclipse.jetty.servlet.ServletHandler; -import org.eclipse.jetty.servlet.ServletHolder; +import org.eclipse.jetty.servlet.*; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.eclipse.jetty.util.thread.QueuedThreadPool; import org.eclipse.jetty.webapp.WebAppContext; - -import com.google.common.base.Splitter; -import com.google.common.base.Strings; -import com.google.common.collect.Sets; import org.slf4j.LoggerFactory; +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.net.URL; +import java.util.*; + /** * A simple embedded Jetty server to serve as HS2/HMS web UI. */ @@ -430,6 +419,23 @@ void initializeWebServer(Builder b) { ServletContextHandler logCtx = new ServletContextHandler(contexts, "/logs"); setContextAttributes(logCtx.getServletContext(), b.contextAttrs); + ServletHandler logServletHandler = logCtx.getServletHandler(); + if(b.useSPNEGO) { + Map params = new HashMap(); + try { + params.put("kerberos.principal", SecurityUtil.getServerPrincipal(b.spnegoPrincipal, b.host)); + } catch (IOException e) { + e.printStackTrace(); + } + params.put("kerberos.keytab", b.spnegoKeytab); + params.put(AuthenticationFilter.AUTH_TYPE, "kerberos"); + FilterHolder holder = new FilterHolder(); + holder.setClassName(AuthenticationFilter.class.getName()); + holder.setInitParameters(params); + + logServletHandler.addFilterWithMapping( + holder, "/*", FilterMapping.ALL); + } logCtx.addServlet(AdminAuthorizedServlet.class, "/*"); logCtx.setResourceBase(logDir); logCtx.setDisplayName("logs");