Search in sources :

Example 46 with TTransport

use of org.apache.thrift.transport.TTransport in project hive by apache.

the class TestThriftHttpCLIServiceFeatures method testIncorrectHttpPath.

/**
 * Configure a wrong service endpoint for the client transport,
 * and test for error.
 * @throws Exception
 */
@Test
public void testIncorrectHttpPath() throws Exception {
    thriftHttpPath = "wrongPath";
    TTransport transport = getHttpTransport();
    TCLIService.Client httpClient = getClient(transport);
    // This will throw an expected exception since
    // client is communicating with the wrong http service endpoint
    testOpenSessionExpectedException(httpClient);
    // Reset to correct http path
    thriftHttpPath = "cliservice";
}
Also used : TTransport(org.apache.thrift.transport.TTransport) TCLIService(org.apache.hive.service.rpc.thrift.TCLIService) Test(org.junit.Test)

Example 47 with TTransport

use of org.apache.thrift.transport.TTransport in project hive by apache.

the class TestThriftHttpCLIServiceFeatures method verifyForwardedHeaders.

private void verifyForwardedHeaders(ArrayList<String> headerIPs, String cmd) throws Exception {
    TTransport transport;
    DefaultHttpClient hClient = new DefaultHttpClient();
    String httpUrl = getHttpUrl();
    // add an interceptor that adds the X-Forwarded-For header with given ips
    if (!headerIPs.isEmpty()) {
        Header xForwardHeader = new BasicHeader("X-Forwarded-For", Joiner.on(",").join(headerIPs));
        RequestDefaultHeaders headerInterceptor = new RequestDefaultHeaders(Arrays.asList(xForwardHeader));
        hClient.addRequestInterceptor(headerInterceptor);
    }
    // interceptor for adding username, pwd
    HttpBasicAuthInterceptor authInt = new HttpBasicAuthInterceptor(ThriftCLIServiceTest.USERNAME, ThriftCLIServiceTest.PASSWORD, null, null, false, null, null);
    hClient.addRequestInterceptor(authInt);
    transport = new THttpClient(httpUrl, hClient);
    TCLIService.Client httpClient = getClient(transport);
    // Create a new open session request object
    TOpenSessionReq openReq = new TOpenSessionReq();
    TOpenSessionResp openResp = httpClient.OpenSession(openReq);
    // execute a query
    TExecuteStatementReq execReq = new TExecuteStatementReq(openResp.getSessionHandle(), "show tables");
    httpClient.ExecuteStatement(execReq);
    // capture arguments to authorizer impl call and verify ip addresses passed
    ArgumentCaptor<HiveAuthzContext> contextCapturer = ArgumentCaptor.forClass(HiveAuthzContext.class);
    verify(mockedAuthorizer).checkPrivileges(any(HiveOperationType.class), Matchers.anyListOf(HivePrivilegeObject.class), Matchers.anyListOf(HivePrivilegeObject.class), contextCapturer.capture());
    HiveAuthzContext context = contextCapturer.getValue();
    System.err.println("Forwarded IP Addresses " + context.getForwardedAddresses());
    List<String> auditIPAddresses = new ArrayList<String>(context.getForwardedAddresses());
    Collections.sort(auditIPAddresses);
    Collections.sort(headerIPs);
    Assert.assertEquals("Checking forwarded IP Address", headerIPs, auditIPAddresses);
}
Also used : RequestDefaultHeaders(org.apache.http.client.protocol.RequestDefaultHeaders) HiveAuthzContext(org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzContext) ArrayList(java.util.ArrayList) THttpClient(org.apache.thrift.transport.THttpClient) TExecuteStatementReq(org.apache.hive.service.rpc.thrift.TExecuteStatementReq) HiveOperationType(org.apache.hadoop.hive.ql.security.authorization.plugin.HiveOperationType) HivePrivilegeObject(org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) TCLIService(org.apache.hive.service.rpc.thrift.TCLIService) Header(org.apache.http.Header) BasicHeader(org.apache.http.message.BasicHeader) TTransport(org.apache.thrift.transport.TTransport) TOpenSessionReq(org.apache.hive.service.rpc.thrift.TOpenSessionReq) TOpenSessionResp(org.apache.hive.service.rpc.thrift.TOpenSessionResp) BasicHeader(org.apache.http.message.BasicHeader) HttpBasicAuthInterceptor(org.apache.hive.jdbc.HttpBasicAuthInterceptor)

Example 48 with TTransport

use of org.apache.thrift.transport.TTransport in project hive by apache.

the class HiveConnection method createUnderlyingTransport.

/**
 * Create underlying SSL or non-SSL transport
 *
 * @return TTransport
 * @throws TTransportException
 */
private TTransport createUnderlyingTransport() throws TTransportException {
    TTransport transport = null;
    // if dynamic service discovery is configured.
    if (isSslConnection()) {
        // get SSL socket
        String sslTrustStore = sessConfMap.get(JdbcConnectionParams.SSL_TRUST_STORE);
        String sslTrustStorePassword = sessConfMap.get(JdbcConnectionParams.SSL_TRUST_STORE_PASSWORD);
        if (sslTrustStore == null || sslTrustStore.isEmpty()) {
            transport = HiveAuthUtils.getSSLSocket(host, port, loginTimeout);
        } else {
            transport = HiveAuthUtils.getSSLSocket(host, port, loginTimeout, sslTrustStore, sslTrustStorePassword);
        }
    } else {
        // get non-SSL socket transport
        transport = HiveAuthUtils.getSocketTransport(host, port, loginTimeout);
    }
    return transport;
}
Also used : TTransport(org.apache.thrift.transport.TTransport)

Example 49 with TTransport

use of org.apache.thrift.transport.TTransport in project hive by apache.

the class HiveConnection method createBinaryTransport.

/**
 * Create transport per the connection options
 * Supported transport options are:
 *   - SASL based transports over
 *      + Kerberos
 *      + Delegation token
 *      + SSL
 *      + non-SSL
 *   - Raw (non-SASL) socket
 *
 *   Kerberos and Delegation token supports SASL QOP configurations
 * @throws SQLException, TTransportException
 */
private TTransport createBinaryTransport() throws SQLException, TTransportException {
    try {
        TTransport socketTransport = createUnderlyingTransport();
        // handle secure connection if specified
        if (!JdbcConnectionParams.AUTH_SIMPLE.equals(sessConfMap.get(JdbcConnectionParams.AUTH_TYPE))) {
            // If Kerberos
            Map<String, String> saslProps = new HashMap<String, String>();
            SaslQOP saslQOP = SaslQOP.AUTH;
            if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_QOP)) {
                try {
                    saslQOP = SaslQOP.fromString(sessConfMap.get(JdbcConnectionParams.AUTH_QOP));
                } catch (IllegalArgumentException e) {
                    throw new SQLException("Invalid " + JdbcConnectionParams.AUTH_QOP + " parameter. " + e.getMessage(), "42000", e);
                }
                saslProps.put(Sasl.QOP, saslQOP.toString());
            } else {
                // If the client did not specify qop then just negotiate the one supported by server
                saslProps.put(Sasl.QOP, "auth-conf,auth-int,auth");
            }
            saslProps.put(Sasl.SERVER_AUTH, "true");
            if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) {
                transport = KerberosSaslHelper.getKerberosTransport(sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host, socketTransport, saslProps, assumeSubject);
            } else {
                // If there's a delegation token available then use token based connection
                String tokenStr = getClientDelegationToken(sessConfMap);
                if (tokenStr != null) {
                    transport = KerberosSaslHelper.getTokenTransport(tokenStr, host, socketTransport, saslProps);
                } else {
                    // we are using PLAIN Sasl connection with user/password
                    String userName = getUserName();
                    String passwd = getPassword();
                    // Overlay the SASL transport on top of the base socket transport (SSL or non-SSL)
                    transport = PlainSaslHelper.getPlainTransport(userName, passwd, socketTransport);
                }
            }
        } else {
            // Raw socket connection (non-sasl)
            transport = socketTransport;
        }
    } catch (SaslException e) {
        throw new SQLException("Could not create secure connection to " + jdbcUriString + ": " + e.getMessage(), " 08S01", e);
    }
    return transport;
}
Also used : HashMap(java.util.HashMap) SQLException(java.sql.SQLException) SaslQOP(org.apache.hive.service.auth.SaslQOP) TTransport(org.apache.thrift.transport.TTransport) SaslException(javax.security.sasl.SaslException)

Example 50 with TTransport

use of org.apache.thrift.transport.TTransport in project vcell by virtualcell.

the class SimpleClient method main.

public static void main(String[] args) {
    try {
        TTransport transport;
        transport = new TSocket("localhost", 9091);
        transport.open();
        TProtocol protocol = new TBinaryProtocol(transport);
        SimulationService.Client client = new SimulationService.Client(protocol);
        perform(client);
        transport.close();
    } catch (TException x) {
        x.printStackTrace();
    }
}
Also used : TException(org.apache.thrift.TException) TBinaryProtocol(org.apache.thrift.protocol.TBinaryProtocol) TProtocol(org.apache.thrift.protocol.TProtocol) TTransport(org.apache.thrift.transport.TTransport) SimulationService(org.vcell.vcellij.api.SimulationService) TSocket(org.apache.thrift.transport.TSocket)

Aggregations

TTransport (org.apache.thrift.transport.TTransport)99 TSocket (org.apache.thrift.transport.TSocket)43 TProtocol (org.apache.thrift.protocol.TProtocol)42 TBinaryProtocol (org.apache.thrift.protocol.TBinaryProtocol)36 TFramedTransport (org.apache.thrift.transport.TFramedTransport)28 TTransportException (org.apache.thrift.transport.TTransportException)20 Test (org.junit.Test)20 TException (org.apache.thrift.TException)18 IOException (java.io.IOException)12 TCompactProtocol (org.apache.thrift.protocol.TCompactProtocol)10 ArrayList (java.util.ArrayList)9 TIOStreamTransport (org.apache.thrift.transport.TIOStreamTransport)8 HashMap (java.util.HashMap)6 Socket (java.net.Socket)5 TCLIService (org.apache.hive.service.rpc.thrift.TCLIService)5 THttpClient (org.apache.thrift.transport.THttpClient)4 TSaslClientTransport (org.apache.thrift.transport.TSaslClientTransport)4 ChannelBuffer (com.alibaba.dubbo.remoting.buffer.ChannelBuffer)3 Request (com.alibaba.dubbo.remoting.exchange.Request)3 Demo (com.alibaba.dubbo.rpc.gen.thrift.Demo)3