Tao Li commented on HIVE-14966:

[~gopalv]] Thanks for the patch. 

Looks like the deprecated setting is referenced in 
org.apache.hive.minikdc.TestJdbcWithMiniKdcCookie.beforeTest(). Should we 
remove that as well?

> JDBC: Make cookie-auth work in HTTP mode
> ----------------------------------------
>                 Key: HIVE-14966
>                 URL: https://issues.apache.org/jira/browse/HIVE-14966
>             Project: Hive
>          Issue Type: Bug
>          Components: JDBC
>    Affects Versions: 1.3.0, 2.2.0
>            Reporter: Gopal V
>            Assignee: Gopal V
>         Attachments: HIVE-14966.1.patch
> HiveServer2 cookie-auth is non-functional and forces authentication to be 
> repeated for the status check loop, row fetch loop and the get logs loop.
> The repeated auth in the fetch-loop is a performance issue, but is also 
> causing occasional DoS responses from the remote auth-backend if this is not 
> using local /etc/passwd.
> The HTTP-Cookie auth once made functional will behave similarly to the binary 
> protocol, authenticating exactly once per JDBC session and not causing 
> further load on the authentication backend irrespective how many rows are 
> returned from the JDBC request.
> This due to the fact that the cookies are not sent out with matching flags 
> for SSL usage.

This message was sent by Atlassian JIRA

Reply via email to