Repository: hive Updated Branches: refs/heads/master 59578d039 -> 512df3091
HIVE-10312: SASL.QOP in JDBC URL is ignored for Delegation token Authentication (Mubashir via Xuefu) Project: http://git-wip-us.apache.org/repos/asf/hive/repo Commit: http://git-wip-us.apache.org/repos/asf/hive/commit/512df309 Tree: http://git-wip-us.apache.org/repos/asf/hive/tree/512df309 Diff: http://git-wip-us.apache.org/repos/asf/hive/diff/512df309 Branch: refs/heads/master Commit: 512df30911320d344d01ffd68f809de33d7303b4 Parents: 59578d0 Author: Xuefu Zhang <xzhang@xzlt> Authored: Fri Apr 24 15:00:44 2015 -0700 Committer: Xuefu Zhang <xzhang@xzlt> Committed: Fri Apr 24 15:00:44 2015 -0700 ---------------------------------------------------------------------- .../org/apache/hive/jdbc/HiveConnection.java | 21 +++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hive/blob/512df309/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java ---------------------------------------------------------------------- diff --git a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java index b83a3bf..7a674ab 100644 --- a/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java +++ b/jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java @@ -415,17 +415,20 @@ public class HiveConnection implements java.sql.Connection { // If Kerberos Map<String, String> saslProps = new HashMap<String, String>(); SaslQOP saslQOP = SaslQOP.AUTH; - if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) { - if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_QOP)) { - try { - saslQOP = SaslQOP.fromString(sessConfMap.get(JdbcConnectionParams.AUTH_QOP)); - } catch (IllegalArgumentException e) { - throw new SQLException("Invalid " + JdbcConnectionParams.AUTH_QOP + - " parameter. " + e.getMessage(), "42000", e); - } + if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_QOP)) { + try { + saslQOP = SaslQOP.fromString(sessConfMap.get(JdbcConnectionParams.AUTH_QOP)); + } catch (IllegalArgumentException e) { + throw new SQLException("Invalid " + JdbcConnectionParams.AUTH_QOP + + " parameter. " + e.getMessage(), "42000", e); } saslProps.put(Sasl.QOP, saslQOP.toString()); - saslProps.put(Sasl.SERVER_AUTH, "true"); + } else { + // If the client did not specify qop then just negotiate the one supported by server + saslProps.put(Sasl.QOP, "auth-conf,auth-int,auth"); + } + saslProps.put(Sasl.SERVER_AUTH, "true"); + if (sessConfMap.containsKey(JdbcConnectionParams.AUTH_PRINCIPAL)) { transport = KerberosSaslHelper.getKerberosTransport( sessConfMap.get(JdbcConnectionParams.AUTH_PRINCIPAL), host, HiveAuthFactory.getSocketTransport(host, port, loginTimeout), saslProps,
