Using HiveServer2 - Authentication

To configure Hive for use with HiveServer2, include the following configuration properties in the .../hive-site.xml configuration file.

<property>

  <name>hive.support.concurrency</name>

  <description>Enable Hive's Table Lock Manager Service</description>

  <value>true</value>

</property>

<property>

  <name>hive.zookeeper.quorum</name>

  <description>Zookeeper quorum used by Hive's Table Lock Manager</description>

  <value><zk node1>,<zk node2>,...,<zk nodeN></value>

</property>

<property>

  <name>hive.zookeeper.client.port</name>

  <value>5181</value>

  <description>The Zookeeper client port. The MapR default clientPort is 5181.</description>

</property>

To implement custom authentication for HiveServer2, create a custom Authenticator class derived from the following interface:

public interface PasswdAuthenticationProvider {

  /**

   * The Authenticate method is called by the HiveServer2 authentication layer

   * to authenticate users for their requests.

   * If a user is to be granted, return nothing/throw nothing.

   * When a user is to be disallowed, throw an appropriate {@link AuthenticationException}.

   *

   * For an example implementation, see {@link LdapAuthenticationProviderImpl}.

   *

   * @param user - The username received over the connection request

   * @param password - The password received over the connection request

   * @throws AuthenticationException - When a user is found to be

   * invalid by the implementation

   */

  void Authenticate(String user, String password) throws AuthenticationException;

}

e.g.

ackage org.apache.hadoop.hive.contrib.auth;

import javax.security.sasl.AuthenticationException;

import org.apache.commons.logging.Log;

import org.apache.commons.logging.LogFactory;

import org.apache.hadoop.conf.Configurable;

import org.apache.hadoop.conf.Configuration;

import org.apache.hadoop.hive.contrib.utils.MD5Util;

import org.apache.hive.service.auth.PasswdAuthenticationProvider;

public class XXXXPasswdAuthenticator implements PasswdAuthenticationProvider,Configurable {

  private static final Log LOG=LogFactory.getLog(XXXXPasswdAuthenticator.class);

  private Configuration conf=null;

  private static final String HIVE_JDBC_PASSWD_AUTH_PREFIX="hive.jdbc_passwd.auth.%s";

  public XXXXPasswdAuthenticator() {

    init();

  }

  /**

   *

   */

  public void init(){

  }

  @Override

  public void Authenticate(String userName, String passwd)

      throws AuthenticationException {

    LOG.info("user: "+userName+" try login.");

    String passwdMD5 = getConf().get(String.format(HIVE_JDBC_PASSWD_AUTH_PREFIX, userName));

    if(passwdMD5==null){

      String message = "user's ACL configration is not found. user:"+userName;

      LOG.info(message);

      throw new AuthenticationException(message);

    }

    String md5 = MD5Util.md5Hex(passwd);

    if(!md5.equals(passwdMD5)){

      String message = "user name and password is mismatch. user:"+userName;

      throw new AuthenticationException(message);

    }

    LOG.info("user "+userName+" login system successfully.");

  }

  @Override

  public Configuration getConf() {

    if(conf==null){

      this.conf=new Configuration();

    }

    return conf;

  }

  @Override

  public void setConf(Configuration arg0) {

    this.conf=arg0;

  }

}

Add the following properties to the hive-site.xml file, then restart Hiveserver2:

<property>

  <name>hive.server2.authentication</name>

  <value>CUSTOM</value>

</property>

<property>

  <name>hive.server2.custom.authentication.class</name>

  <value>org.apache.hadoop.hive.contrib.auth.XXXXPasswdAuthenticator</value>

</property>

User name and password would be set in hive-site.xml

<property>

    <name>hive.jdbc_passwd.auth.hive_user1</name>

    <value>b531c271de4552ca2dec510d318c87f9</value>

    <description/>

</property>

<property>

    <name>hive.jdbc_passwd.auth.hive_user2</name>

    <value>b531c271de4552ca2dec510d318c87f9</value>

    <description/>

</property>

巴特西

Using HiveServer2 - Authentication

最新文章

热门文章