Using HiveServer2 - Authentication
2024-09-22 08:46:59
To configure Hive for use with HiveServer2, include the following configuration properties in the .../hive-site.xml
configuration file.
<property>
<name>hive.support.concurrency</name>
<description>Enable Hive's Table Lock Manager Service</description>
<value>true</value>
</property> <property>
<name>hive.zookeeper.quorum</name>
<description>Zookeeper quorum used by Hive's Table Lock Manager</description>
<value><zk node1>,<zk node2>,...,<zk nodeN></value>
</property> <property>
<name>hive.zookeeper.client.port</name>
<value>5181</value>
<description>The Zookeeper client port. The MapR default clientPort is 5181.</description>
</property>
To implement custom authentication for HiveServer2, create a custom Authenticator class derived from the following interface:
public interface PasswdAuthenticationProvider {
/**
* The Authenticate method is called by the HiveServer2 authentication layer
* to authenticate users for their requests.
* If a user is to be granted, return nothing/throw nothing.
* When a user is to be disallowed, throw an appropriate {@link AuthenticationException}.
*
* For an example implementation, see {@link LdapAuthenticationProviderImpl}.
*
* @param user - The username received over the connection request
* @param password - The password received over the connection request
* @throws AuthenticationException - When a user is found to be
* invalid by the implementation
*/
void Authenticate(String user, String password) throws AuthenticationException;
}
e.g.
ackage org.apache.hadoop.hive.contrib.auth; import javax.security.sasl.AuthenticationException; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configurable;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.contrib.utils.MD5Util;
import org.apache.hive.service.auth.PasswdAuthenticationProvider; public class XXXXPasswdAuthenticator implements PasswdAuthenticationProvider,Configurable {
private static final Log LOG=LogFactory.getLog(XXXXPasswdAuthenticator.class);
private Configuration conf=null; private static final String HIVE_JDBC_PASSWD_AUTH_PREFIX="hive.jdbc_passwd.auth.%s"; public XXXXPasswdAuthenticator() {
init();
} /**
*
*/
public void init(){ } @Override
public void Authenticate(String userName, String passwd)
throws AuthenticationException {
LOG.info("user: "+userName+" try login."); String passwdMD5 = getConf().get(String.format(HIVE_JDBC_PASSWD_AUTH_PREFIX, userName)); if(passwdMD5==null){
String message = "user's ACL configration is not found. user:"+userName;
LOG.info(message);
throw new AuthenticationException(message);
} String md5 = MD5Util.md5Hex(passwd); if(!md5.equals(passwdMD5)){
String message = "user name and password is mismatch. user:"+userName;
throw new AuthenticationException(message);
} LOG.info("user "+userName+" login system successfully."); } @Override
public Configuration getConf() {
if(conf==null){
this.conf=new Configuration();
} return conf;
} @Override
public void setConf(Configuration arg0) {
this.conf=arg0;
} }
Add the following properties to the hive-site.xml file, then restart Hiveserver2:
<property>
<name>hive.server2.authentication</name>
<value>CUSTOM</value>
</property> <property>
<name>hive.server2.custom.authentication.class</name>
<value>org.apache.hadoop.hive.contrib.auth.XXXXPasswdAuthenticator</value>
</property>
User name and password would be set in hive-site.xml
<property>
<name>hive.jdbc_passwd.auth.hive_user1</name>
<value>b531c271de4552ca2dec510d318c87f9</value>
<description/>
</property>
<property>
<name>hive.jdbc_passwd.auth.hive_user2</name>
<value>b531c271de4552ca2dec510d318c87f9</value>
<description/>
</property>
最新文章
- 《PHP中的Math函数》笔记
- 简易版的TimSort排序算法
- 我在使用vs进行C#编程中常用的几个快捷键
- 关于 redis、memcache mongoDB 的对比
- UIScrollView增加刷新
- WebKit内核分析之Page
- CSS选择器特殊性与重要性
- 关于Xcode6 Segue 的疑问,没有解决!
- 解决 “invalid resource directory name”, resource “crunch”
- FZU 2233 ~APTX4869 贪心+并查集
- eclipse问题解决(link方式安装插件失败)
- C#access数据库操作
- uva 129
- 利用XCode来进行IOS的程序开发
- launchMode 和 onNewIntent 关系 任务栈知识.
- 计算机基础--Java中int char byte的关系
- Maven 结合 IDEA 入门实践
- Salesforce 超大量数据导入优化策略
- ae:org.apache.shiro.authc.AuthenticationException: Authentication token of type [class org.apache.shiro.authc.UsernamePasswordToken] could not be authenticated by any configured realms. Please ensure
- vuejs实现瀑布流布局(三)
热门文章
- Java程序员的日常—— 《编程思想》关于类的使用常识
- 01_JavaScript简介
- paip.获取文件名从路径uapi java python php总结...
- android 给空白包签名
- Leetcode 66 Plus One STL
- SpringCloud+Consul 服务注册与服务发现
- Linux/Unix 怎样找出并删除某一时间点的文件(转)
- lpxelinux启动linux
- Java 模板引擎 jetbrick-template
- 在Linq to Entity 中使用lambda表达式来实现Left Join和Join