commit b8a08db73b4e96f6b778ac477584040a4d283f3e Author: Denes Bodo Date: Thu Apr 4 15:30:49 2019 +0200 HIVE-21573 Binary transport shall ignore principal if auth is set to delegationToken Change-Id: Ie36594bf550ad6264285fcb184f26b78a717018e diff --git a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java index 4c7119f112..c7b3535454 100644 --- a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java +++ b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java @@ -685,16 +685,12 @@ private TTransport createBinaryTransport() throws SQLException, TTransportExcept saslProps.put(Sasl.QOP, "auth-conf,auth-int,auth"); } saslProps.put(Sasl.SERVER_AUTH, "true"); - if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) { - transport = KerberosSaslHelper.getKerberosTransport( - sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host, - socketTransport, saslProps, assumeSubject); - } else { + if (JdbcConnectionParams.AUTH_TOKEN.equals(sessConfMap.get(JdbcConnectionParams.AUTH_TYPE))) { // If there's a delegation token available then use token based connection String tokenStr = getClientDelegationToken(sessConfMap); if (tokenStr != null) { transport = KerberosSaslHelper.getTokenTransport(tokenStr, - host, socketTransport, saslProps); + host, socketTransport, saslProps); } else { // we are using PLAIN Sasl connection with user/password String userName = getUserName(); @@ -702,6 +698,13 @@ private TTransport createBinaryTransport() throws SQLException, TTransportExcept // Overlay the SASL transport on top of the base socket transport (SSL or non-SSL) transport = PlainSaslHelper.getPlainTransport(userName, passwd, socketTransport); } + + } else if(sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)){ + transport = KerberosSaslHelper.getKerberosTransport( + sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host, + socketTransport, saslProps, assumeSubject); + } else { + LOG.error("Unable to create binary transport"); } } else { // Raw socket connection (non-sasl)