use of org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory in project hive by apache.
the class TestSQLStdHiveAccessControllerCLI method testAuthEnable.
/**
* Verify that no exception is thrown if authorization is enabled from hive cli,
* when sql std auth is used
*/
@Test
public void testAuthEnable() throws Exception {
HiveConf processedConf = new HiveConf();
processedConf.setBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED, true);
HiveAuthorizerFactory authorizerFactory = new SQLStdHiveAuthorizerFactory();
HiveAuthorizer authorizer = authorizerFactory.createHiveAuthorizer(null, processedConf, new HadoopDefaultAuthenticator(), getCLISessionCtx());
}
use of org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory in project hive by apache.
the class HiveUtils method getAuthorizerFactory.
/**
* Return HiveAuthorizerFactory used by new authorization plugin interface.
* @param conf
* @param authorizationProviderConfKey
* @return
* @throws HiveException if HiveAuthorizerFactory specified in configuration could not
*/
public static HiveAuthorizerFactory getAuthorizerFactory(Configuration conf, HiveConf.ConfVars authorizationProviderConfKey) throws HiveException {
Class<? extends HiveAuthorizerFactory> cls = conf.getClass(authorizationProviderConfKey.varname, SQLStdHiveAuthorizerFactory.class, HiveAuthorizerFactory.class);
if (cls == null) {
//should not happen as default value is set
throw new HiveException("Configuration value " + authorizationProviderConfKey.varname + " is not set to valid HiveAuthorizerFactory subclass");
}
HiveAuthorizerFactory authFactory = ReflectionUtils.newInstance(cls, conf);
return authFactory;
}
use of org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthorizerFactory in project hive by apache.
the class ResourceMaps method setupAuth.
/**
* Setup authentication and authorization plugins for this session.
*/
private void setupAuth() {
if (authenticator != null) {
// auth has been initialized
return;
}
try {
authenticator = HiveUtils.getAuthenticator(sessionConf, HiveConf.ConfVars.HIVE_AUTHENTICATOR_MANAGER);
authenticator.setSessionState(this);
String clsStr = HiveConf.getVar(sessionConf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
authorizer = HiveUtils.getAuthorizeProviderManager(sessionConf, clsStr, authenticator, true);
if (authorizer == null) {
// if it was null, the new (V2) authorization plugin must be specified in
// config
HiveAuthorizerFactory authorizerFactory = HiveUtils.getAuthorizerFactory(sessionConf, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
HiveAuthzSessionContext.Builder authzContextBuilder = new HiveAuthzSessionContext.Builder();
authzContextBuilder.setClientType(isHiveServerQuery() ? CLIENT_TYPE.HIVESERVER2 : CLIENT_TYPE.HIVECLI);
authzContextBuilder.setSessionString(getSessionId());
authorizerV2 = authorizerFactory.createHiveAuthorizer(new HiveMetastoreClientFactoryImpl(), sessionConf, authenticator, authzContextBuilder.build());
setAuthorizerV2Config();
}
// create the create table grants with new config
createTableGrants = CreateTableAutomaticGrant.create(sessionConf);
} catch (HiveException e) {
LOG.error("Error setting up authorization: " + e.getMessage(), e);
throw new RuntimeException(e);
}
if (LOG.isDebugEnabled()) {
Object authorizationClass = getActiveAuthorizer();
LOG.debug("Session is using authorization class " + authorizationClass.getClass());
}
return;
}
Aggregations