[jira] [Work logged] (HIVE-26071) JWT authentication for Thrift over HTTP in HiveMetaStore

Thu, 05 May 2022 12:21:06 -0700 


     [ 
https://issues.apache.org/jira/browse/HIVE-26071?focusedWorklogId=766870&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-766870
 ]

ASF GitHub Bot logged work on HIVE-26071:
-----------------------------------------

                Author: ASF GitHub Bot
            Created on: 05/May/22 19:20
            Start Date: 05/May/22 19:20
    Worklog Time Spent: 10m 
      Work Description: sourabh912 commented on code in PR #3233:
URL: https://github.com/apache/hive/pull/3233#discussion_r866239180


##########
standalone-metastore/metastore-server/src/main/java/org/apache/hadoop/hive/metastore/HmsThriftHttpServlet.java:
##########
@@ -39,75 +48,119 @@ public class HmsThriftHttpServlet extends TServlet {
       .getLogger(HmsThriftHttpServlet.class);
 
   private static final String X_USER = MetaStoreUtils.USER_NAME_HTTP_HEADER;
-
   private final boolean isSecurityEnabled;
+  private final boolean jwtAuthEnabled;
+  public static final String AUTHORIZATION = "Authorization";
+  private JWTValidator jwtValidator;
+  private Configuration conf;
 
   public HmsThriftHttpServlet(TProcessor processor,
-      TProtocolFactory inProtocolFactory, TProtocolFactory outProtocolFactory) 
{
-    super(processor, inProtocolFactory, outProtocolFactory);
-    // This should ideally be reveiving an instance of the Configuration which 
is used for the check
+      TProtocolFactory protocolFactory, Configuration conf) {

Review Comment:
   @saihemanth-cloudera: HmsThriftHttpServlet is only used by 
HiveMetastoreServer if HTTP mode is enabled. Therefore HMSClients don't have 
anything to do with this class. 
   
   However I totally agree with the point that we could have added a new 
constructor. I deliberately choose not to do so because this class was added 
very recently in Thrift over HTTP patch and  since the apis are still evolving, 
changing the signature of existing constructor made more sense to me. 
   
   Let me know your thoughts. 





Issue Time Tracking
-------------------

    Worklog Id:     (was: 766870)
    Time Spent: 5h 50m  (was: 5h 40m)

> JWT authentication for Thrift over HTTP in HiveMetaStore
> --------------------------------------------------------
>
>                 Key: HIVE-26071
>                 URL: https://issues.apache.org/jira/browse/HIVE-26071
>             Project: Hive
>          Issue Type: New Feature
>          Components: Standalone Metastore
>            Reporter: Sourabh Goyal
>            Assignee: Sourabh Goyal
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 5h 50m
>  Remaining Estimate: 0h
>
> HIVE-25575 recently added a support for JWT authentication in HS2. This Jira 
> aims to add the same feature in HMS



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Reply via email to