diff --git a/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java b/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java index 665266896f..6f2f48b8cb 100644 --- a/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java +++ b/service/src/java/org/apache/hive/service/cli/thrift/ThriftHttpCLIService.java @@ -192,6 +192,7 @@ public void onClosed(Connection connection) { server.setHandler(context); } context.addServlet(new ServletHolder(thriftHttpServlet), httpPath); + constrainHttpMethods(context); // TODO: check defaults: maxTimeout, keepalive, maxBodySize, // bodyRecieveDuration, etc. @@ -269,6 +270,20 @@ private String getHttpPath(String httpPath) { return httpPath; } + public void constrainHttpMethods(ServletContextHandler ctxHandler) { + Constraint c = new Constraint(); + c.setAuthenticate(true); + + ConstraintMapping cmt = new ConstraintMapping(); + cmt.setConstraint(c); + cmt.setMethod("TRACE"); + cmt.setPathSpec("/*"); + + ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); + securityHandler.setConstraintMappings(new ConstraintMapping[] { cmt }); + ctxHandler.setSecurityHandler(securityHandler); + } + @Override protected void stopServer() { if((server != null) && server.isStarted()) {