This is an automated email from the ASF dual-hosted git repository.
guyuqi pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/bigtop.git
The following commit(s) were added to refs/heads/master by this push:
new 611be24e BIGTOP-3778: Fix Hive3.1.3 WebHCat service compatible issue
with Hadoop3.3.x (#983)
611be24e is described below
commit 611be24e2494cbed71cd2ea66ef8778a33b4fb25
Author: 吴治国 <[email protected]>
AuthorDate: Tue Aug 16 14:55:38 2022 +0800
BIGTOP-3778: Fix Hive3.1.3 WebHCat service compatible issue with
Hadoop3.3.x (#983)
* BIGTOP-3778: Fix Hive3.1.3 WebHCat service compatible issue with
Hadoop3.3.x
Co-authored-by: wuzhiguo <[email protected]>
---
...11-HIVE-24083-webhcat-compatible-hadoop334.diff | 51 ++++++++++++++++++++++
1 file changed, 51 insertions(+)
diff --git
a/bigtop-packages/src/common/hive/patch11-HIVE-24083-webhcat-compatible-hadoop334.diff
b/bigtop-packages/src/common/hive/patch11-HIVE-24083-webhcat-compatible-hadoop334.diff
new file mode 100644
index 00000000..162a1f16
--- /dev/null
+++
b/bigtop-packages/src/common/hive/patch11-HIVE-24083-webhcat-compatible-hadoop334.diff
@@ -0,0 +1,51 @@
+diff --git
a/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java
b/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java
+index d183b2e61b..441038bdd0 100644
+---
a/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java
++++
b/hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java
+@@ -28,6 +28,8 @@
+ import java.util.EnumSet;
+ import java.util.HashMap;
+
++import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
++import
org.apache.hadoop.security.authentication.server.KerberosAuthenticationHandler;
+ import org.slf4j.Logger;
+ import org.slf4j.LoggerFactory;
+ import org.apache.commons.lang3.StringUtils;
+@@ -257,18 +259,31 @@ public FilterHolder makeXSRFFilter() {
+ public FilterHolder makeAuthFilter() throws IOException {
+ FilterHolder authFilter = new FilterHolder(AuthFilter.class);
+ UserNameHandler.allowAnonymous(authFilter);
++
++ // compatible with Hadoop 3.3.x.
++ // https://issues.apache.org/jira/browse/HIVE-24083
++ String confPrefix = "dfs.web.authentication";
++ String prefix = confPrefix + ".";
++ authFilter.setInitParameter(AuthenticationFilter.CONFIG_PREFIX,
confPrefix);
++ authFilter.setInitParameter(prefix + AuthenticationFilter.COOKIE_PATH,
"/");
++
+ if (UserGroupInformation.isSecurityEnabled()) {
++ authFilter.setInitParameter(prefix + AuthenticationFilter.AUTH_TYPE,
KerberosAuthenticationHandler.TYPE);
++
+
//http://hadoop.apache.org/docs/r1.1.1/api/org/apache/hadoop/security/authentication/server/AuthenticationFilter.html
+- authFilter.setInitParameter("dfs.web.authentication.signature.secret",
+- conf.kerberosSecret());
++ authFilter.setInitParameter(prefix +
AuthenticationFilter.SIGNATURE_SECRET, conf.kerberosSecret());
++
+
//https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2/src/packages/templates/conf/hdfs-site.xml
+ String serverPrincipal =
SecurityUtil.getServerPrincipal(conf.kerberosPrincipal(), "0.0.0.0");
+- authFilter.setInitParameter("dfs.web.authentication.kerberos.principal",
+- serverPrincipal);
++
++ authFilter.setInitParameter(prefix +
KerberosAuthenticationHandler.PRINCIPAL, serverPrincipal);
++
+
//http://https://svn.apache.org/repos/asf/hadoop/common/branches/branch-1.2/src/packages/templates/conf/hdfs-site.xml
+- authFilter.setInitParameter("dfs.web.authentication.kerberos.keytab",
+- conf.kerberosKeytab());
++ authFilter.setInitParameter(prefix +
KerberosAuthenticationHandler.KEYTAB, conf.kerberosKeytab());
++ } else {
++ authFilter.setInitParameter(prefix + AuthenticationFilter.AUTH_TYPE,
PseudoAuthenticationHandler.TYPE);
+ }
++
+ return authFilter;
+ }
+
