zabetak commented on code in PR #3609:
URL: https://github.com/apache/hive/pull/3609#discussion_r976373915
##########
hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java:
##########
@@ -306,18 +308,30 @@ private Connector createChannelConnector(Server server) {
public FilterHolder makeAuthFilter() throws IOException {
FilterHolder authFilter = new FilterHolder(AuthFilter.class);
UserNameHandler.allowAnonymous(authFilter);
+
+ // compatible with Hadoop 3.3.x.
Review Comment:
Can you elaborate a bit more what compatible means.
If I understand well the changes are required after upgrading to hadoop
3.3.x onwards otherwise the Authentication filter will not work but what
happens with versions before 3.3.x. I guess that the new code will not work if
an earlier version of hadoop is used.
##########
hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java:
##########
@@ -306,18 +308,30 @@ private Connector createChannelConnector(Server server) {
public FilterHolder makeAuthFilter() throws IOException {
FilterHolder authFilter = new FilterHolder(AuthFilter.class);
UserNameHandler.allowAnonymous(authFilter);
+
+ // compatible with Hadoop 3.3.x.
+ // https://issues.apache.org/jira/browse/HIVE-24083
Review Comment:
Please remove the link to the JIRA. We will pre-pend it to the commit
message so developers will be able to find it.
##########
hcatalog/webhcat/svr/src/main/java/org/apache/hive/hcatalog/templeton/Main.java:
##########
@@ -306,18 +308,30 @@ private Connector createChannelConnector(Server server) {
public FilterHolder makeAuthFilter() throws IOException {
FilterHolder authFilter = new FilterHolder(AuthFilter.class);
UserNameHandler.allowAnonymous(authFilter);
+
+ // compatible with Hadoop 3.3.x.
+ // https://issues.apache.org/jira/browse/HIVE-24083
+ String confPrefix = "dfs.web.authentication";
+ String prefix = confPrefix + ".";
+ authFilter.setInitParameter(AuthenticationFilter.CONFIG_PREFIX,
confPrefix);
+ authFilter.setInitParameter(prefix + AuthenticationFilter.COOKIE_PATH,
"/");
+
if (UserGroupInformation.isSecurityEnabled()) {
+ authFilter.setInitParameter(prefix + AuthenticationFilter.AUTH_TYPE,
KerberosAuthenticationHandler.TYPE);
+
//http://hadoop.apache.org/docs/r1.1.1/api/org/apache/hadoop/security/authentication/server/AuthenticationFilter.html
Review Comment:
Please remove the links towards Hadoop source code; they are obsolete and do
not really provide any useful information right now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
