hzxiongyinke commented on code in PR #4821:
URL: https://github.com/apache/hive/pull/4821#discussion_r1383433677
##########
ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java:
##########
@@ -765,6 +768,32 @@ private static void start(SessionState startSs, boolean
isAsync, LogHelper conso
}
}
+ /**
+ * Set hive metastore delegation token in current UGI
+ */
+ private void setHiveMetastoreDelegationTokenToUGI() {
+ if (this.isHiveServerQuery) {
+ return;
+ }
+ if (!getSessionConf().getBoolVar(ConfVars.METASTORE_USE_THRIFT_SASL)) {
+ return;
+ }
+ try {
+ UserGroupInformation UGI = Utils.getUGI();
+ String hmsDelegationTokenStr =
Hive.get().getDelegationToken(UGI.getShortUserName(), UGI.getShortUserName());
Review Comment:
> `hive.metastore.sasl.enabled = true` means HiveMetastore thrift interface
will be secured with SASL. Clients must authenticate with Kerberos. so
`UserGroupInformation.isSecurityEnabled()` is not necessary
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
