/** * For a kerberized cluster, we dynamically set up the client's JAAS conf. * * @param hiveConf * @return * @throws Exception */ private void setUpZooKeeperAuth(HiveConf hiveConf) throws Exception { if (UserGroupInformation.isSecurityEnabled()) { String principal = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL); if (principal.isEmpty()) { throw new IOException("HiveServer2 Kerberos principal is empty"); } String keyTabFile = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_KEYTAB); if (keyTabFile.isEmpty()) { throw new IOException("HiveServer2 Kerberos keytab is empty"); } // Install the JAAS Configuration for the runtime Utils.setZookeeperClientKerberosJaasConfig(principal, keyTabFile); } }
/** * For a kerberized cluster, we dynamically set up the client's JAAS conf. * * @param hiveConf * @return * @throws Exception */ private void setUpZooKeeperAuth(HiveConf hiveConf) throws Exception { if (UserGroupInformation.isSecurityEnabled()) { String principal = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL); if (principal.isEmpty()) { throw new IOException("HiveServer2 Kerberos principal is empty"); } String keyTabFile = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_KEYTAB); if (keyTabFile.isEmpty()) { throw new IOException("HiveServer2 Kerberos keytab is empty"); } // Install the JAAS Configuration for the runtime Utils.setZookeeperClientKerberosJaasConfig(principal, keyTabFile); } }
/** * For a kerberized cluster, we dynamically set up the client's JAAS conf. * * @param hiveConf * @return * @throws Exception */ private void setUpZooKeeperAuth(HiveConf hiveConf) throws Exception { if (UserGroupInformation.isSecurityEnabled()) { String principal = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL); if (principal.isEmpty()) { throw new IOException("HiveServer2 Kerberos principal is empty"); } String keyTabFile = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_KEYTAB); if (keyTabFile.isEmpty()) { throw new IOException("HiveServer2 Kerberos keytab is empty"); } // Install the JAAS Configuration for the runtime Utils.setZookeeperClientKerberosJaasConfig(principal, keyTabFile); } }
/** * For a kerberized cluster, we dynamically set up the client's JAAS conf. * * @param hiveConf * @return * @throws Exception */ private void setUpZooKeeperAuth(HiveConf hiveConf) throws Exception { if (UserGroupInformation.isSecurityEnabled()) { String principal = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_PRINCIPAL); if (principal.isEmpty()) { throw new IOException("HiveServer2 Kerberos principal is empty"); } String keyTabFile = hiveConf.getVar(ConfVars.HIVE_SERVER2_KERBEROS_KEYTAB); if (keyTabFile.isEmpty()) { throw new IOException("HiveServer2 Kerberos keytab is empty"); } // Install the JAAS Configuration for the runtime Utils.setZookeeperClientKerberosJaasConfig(principal, keyTabFile); } }
private void setupJAASConfig(Configuration conf) throws IOException { if (!UserGroupInformation.getLoginUser().isFromKeytab()) { // The process has not logged in using keytab // this should be a test mode, can't use keytab to authenticate // with zookeeper. LOGGER.warn("Login is not from keytab"); return; } String principal; String keytab; switch (serverMode) { case METASTORE: principal = getNonEmptyConfVar(conf, "hive.metastore.kerberos.principal"); keytab = getNonEmptyConfVar(conf, "hive.metastore.kerberos.keytab.file"); break; case HIVESERVER2: principal = getNonEmptyConfVar(conf, "hive.server2.authentication.kerberos.principal"); keytab = getNonEmptyConfVar(conf, "hive.server2.authentication.kerberos.keytab"); break; default: throw new AssertionError("Unexpected server mode " + serverMode); } Utils.setZookeeperClientKerberosJaasConfig(principal, keytab); }
private void setupJAASConfig(Configuration conf) throws IOException { if (!UserGroupInformation.getLoginUser().isFromKeytab()) { // The process has not logged in using keytab // this should be a test mode, can't use keytab to authenticate // with zookeeper. LOGGER.warn("Login is not from keytab"); return; } String principal; String keytab; switch (serverMode) { case METASTORE: principal = getNonEmptyConfVar(conf, "hive.metastore.kerberos.principal"); keytab = getNonEmptyConfVar(conf, "hive.metastore.kerberos.keytab.file"); break; case HIVESERVER2: principal = getNonEmptyConfVar(conf, "hive.server2.authentication.kerberos.principal"); keytab = getNonEmptyConfVar(conf, "hive.server2.authentication.kerberos.keytab"); break; default: throw new AssertionError("Unexpected server mode " + serverMode); } Utils.setZookeeperClientKerberosJaasConfig(principal, keytab); }