[ 
https://issues.apache.org/jira/browse/HIVE-24543?focusedWorklogId=531388&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-531388
 ]

ASF GitHub Bot logged work on HIVE-24543:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 05/Jan/21 18:07
            Start Date: 05/Jan/21 18:07
    Worklog Time Spent: 10m 
      Work Description: nrg4878 commented on a change in pull request #1791:
URL: https://github.com/apache/hive/pull/1791#discussion_r552102961



##########
File path: jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java
##########
@@ -476,12 +511,18 @@ private String getServerHttpUrl(boolean useSsl) {
   private TTransport createHttpTransport() throws SQLException, 
TTransportException {
     CloseableHttpClient httpClient;
     boolean useSsl = isSslConnection();
-    // Create an http client from the configs
+    validateSslForBrowserMode();
     httpClient = getHttpClient(useSsl);
     transport = new THttpClient(getServerHttpUrl(useSsl), httpClient);
     return transport;
   }
 
+  protected void validateSslForBrowserMode() throws SQLException {
+    if (isBrowserAuthMode() && !isSslConnection()) {
+      throw new SQLException("Browser mode is only supported with SSL is 
enabled");

Review comment:
       I understand why this is done but feels odd that this throws a 
SQLException. Can we throw something else here and then wrap it in a 
SQLException in the calling method? Even a TTransportException would make sense 
over SQLException (though it is not thrown from thrift).




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]


Issue Time Tracking
-------------------

    Worklog Id:     (was: 531388)
    Time Spent: 40m  (was: 0.5h)

> Support SAML 2.0 as an authentication mechanism
> -----------------------------------------------
>
>                 Key: HIVE-24543
>                 URL: https://issues.apache.org/jira/browse/HIVE-24543
>             Project: Hive
>          Issue Type: New Feature
>            Reporter: Vihang Karajgaonkar
>            Assignee: Vihang Karajgaonkar
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> With cloud based deployments, having a SAML 2.0 based authentication support 
> in HS2 will be greatly useful in case of federated or external identity 
> providers like Okta, PingIdentity or Azure AD.
> This authentication mechanism can initially be only supported on http 
> transport mode in HiveServer2 since the SAML 2.0 protocol is primarily 
> designed for web clients.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to