This is an automated email from the ASF dual-hosted git repository.
stoty pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/phoenix-queryserver.git
The following commit(s) were added to refs/heads/master by this push:
new 8ad2347 PHOENIX-5772 Streamline the kerberos logic in thin client
java code
8ad2347 is described below
commit 8ad23479e27e90aac48e3c68d203c0b914c1f5bf
Author: Istvan Toth <st...@apache.org>
AuthorDate: Thu Mar 12 15:16:58 2020 +0100
PHOENIX-5772 Streamline the kerberos logic in thin client java code
move hbase config parameter processing to python
remove hadoop dependency from queryserver-client
use shaded avatica client everywhere
update sqlline to 1.9
don't shade sqlline + deps into thin client
remove unnecessary interdependencies between modules
Closes #20
---
assembly/cluster.xml | 9 +++
assembly/pom.xml | 7 +-
bin/phoenix_utils.py | 17 +++--
bin/sqlline-thin.py | 51 ++++++++++---
pom.xml | 15 +---
queryserver-client/pom.xml | 73 +------------------
.../client/KerberosLoginFromTicketCache.java | 85 ++++++++++++++++++++++
.../phoenix/queryserver/client/SqllineWrapper.java | 83 +++++++--------------
queryserver-orchestrator/pom.xml | 4 -
queryserver/pom.xml | 13 ++--
.../phoenix/end2end/QueryServerBasicsIT.java | 2 +-
.../phoenix/end2end/QueryServerEnvironment.java | 2 +-
.../phoenix/end2end/QueryServerTestUtil.java | 2 +-
.../end2end/SecureQueryServerPhoenixDBIT.java | 2 +-
.../org/apache/phoenix/util}/ThinClientUtil.java | 11 +--
.../org/apache/phoenix/DriverCohabitationTest.java | 2 +-
16 files changed, 200 insertions(+), 178 deletions(-)
diff --git a/assembly/cluster.xml b/assembly/cluster.xml
index ad08c25..fe91478 100644
--- a/assembly/cluster.xml
+++ b/assembly/cluster.xml
@@ -51,4 +51,13 @@
</includes>
</fileSet>
</fileSets>
+ <dependencySets>
+ <dependencySet>
+ <unpack>false</unpack>
+
<outputDirectory>${project.parent.artifactId}-${project.parent.version}/lib</outputDirectory>
+ <includes>
+ <include>sqlline:sqlline:jar:jar-with-dependencies</include>
+ </includes>
+ </dependencySet>
+ </dependencySets>
</assembly>
diff --git a/assembly/pom.xml b/assembly/pom.xml
index da4f3f3..d381fde 100644
--- a/assembly/pom.xml
+++ b/assembly/pom.xml
@@ -44,10 +44,15 @@
<artifactId>queryserver-client</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>sqlline</groupId>
+ <artifactId>sqlline</artifactId>
+ <classifier>jar-with-dependencies</classifier>
+ </dependency>
</dependencies>
<build>
- <directory>${project.basedir}/../target</directory>
+ <directory>target</directory>
<plugins>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
diff --git a/bin/phoenix_utils.py b/bin/phoenix_utils.py
index d85a857..677761f 100755
--- a/bin/phoenix_utils.py
+++ b/bin/phoenix_utils.py
@@ -68,13 +68,14 @@ def findClasspath(command_name):
return subprocess.Popen(command, shell=True,
stdout=subprocess.PIPE).stdout.read()
def setPath():
- PHOENIX_CLIENT_JAR_PATTERN = "phoenix-*-client.jar"
+ PHOENIX_CLIENT_JAR_PATTERN = "phoenix-*[!n]-client.jar"
PHOENIX_THIN_CLIENT_JAR_PATTERN = "phoenix-*-thin-client.jar"
PHOENIX_QUERYSERVER_JAR_PATTERN = "phoenix-*-queryserver.jar"
PHOENIX_LOADBALANCER_JAR_PATTERN =
"phoenix-load-balancer-*[!t][!e][!s][!t][!s].jar"
PHOENIX_TRACESERVER_JAR_PATTERN = "phoenix-tracing-webapp-*-runnable.jar"
PHOENIX_TESTS_JAR_PATTERN = "phoenix-core-*-tests*.jar"
PHOENIX_PHERF_JAR_PATTERN = "phoenix-pherf-*-minimal*.jar"
+ SQLLINE_WITH_DEPS_PATTERN = "sqlline-*-jar-with-dependencies.jar"
# Backward support old env variable PHOENIX_LIB_DIR replaced by
PHOENIX_CLASS_PATH
global phoenix_class_path
@@ -111,7 +112,7 @@ def setPath():
phoenix_jar_path = os.path.join(current_dir, "..", "phoenix-client",
"target","*")
global phoenix_client_jar
- phoenix_client_jar = find("phoenix-*-client.jar", phoenix_jar_path)
+ phoenix_client_jar = find("phoenix-*[!n]-client.jar", phoenix_jar_path)
if phoenix_client_jar == "":
phoenix_client_jar =
findFileInPathWithoutRecursion(PHOENIX_CLIENT_JAR_PATTERN,
os.path.join(current_dir, ".."))
if phoenix_client_jar == "":
@@ -133,18 +134,18 @@ def setPath():
global hadoop_classpath
if (os.name != 'nt'):
- hadoop_classpath = findClasspath('hadoop')
+ hadoop_classpath = findClasspath('hadoop').rstrip()
else:
- hadoop_classpath = os.getenv('HADOOP_CLASSPATH', '')
+ hadoop_classpath = os.getenv('HADOOP_CLASSPATH', '').rstrip()
global hadoop_common_jar_path
- hadoop_common_jar_path = os.path.join(current_dir, "..", "phoenix-client",
"target","*")
+ hadoop_common_jar_path = os.path.join(current_dir, "..", "phoenix-client",
"target","*").rstrip()
global hadoop_common_jar
hadoop_common_jar = find("hadoop-common*.jar", hadoop_common_jar_path)
global hadoop_hdfs_jar_path
- hadoop_hdfs_jar_path = os.path.join(current_dir, "..", "phoenix-client",
"target","*")
+ hadoop_hdfs_jar_path = os.path.join(current_dir, "..", "phoenix-client",
"target","*").rstrip()
global hadoop_hdfs_jar
hadoop_hdfs_jar = find("hadoop-hdfs*.jar", hadoop_hdfs_jar_path)
@@ -189,6 +190,9 @@ def setPath():
if phoenix_thin_client_jar == "":
phoenix_thin_client_jar =
findFileInPathWithoutRecursion(PHOENIX_THIN_CLIENT_JAR_PATTERN,
os.path.join(current_dir, ".."))
+ global sqlline_with_deps_jar
+ sqlline_with_deps_jar =
findFileInPathWithoutRecursion(SQLLINE_WITH_DEPS_PATTERN,
os.path.join(current_dir, "..","lib"))
+
return ""
def shell_quote(args):
@@ -229,3 +233,4 @@ if __name__ == "__main__":
print "phoenix_loadbalancer_jar:", phoenix_loadbalancer_jar
print "phoenix_thin_client_jar:", phoenix_thin_client_jar
print "hadoop_classpath:", hadoop_classpath
+ print "sqlline_with_deps_jar", sqlline_with_deps_jar
diff --git a/bin/sqlline-thin.py b/bin/sqlline-thin.py
index ff5ad77..4d15b18 100755
--- a/bin/sqlline-thin.py
+++ b/bin/sqlline-thin.py
@@ -56,6 +56,9 @@ parser.add_argument('-s', '--serialization',
help='Serialization type for HTTP A
# Avatica authentication
parser.add_argument('-au', '--auth-user', help='Username for HTTP
authentication.')
parser.add_argument('-ap', '--auth-password', help='Password for HTTP
authentication.')
+# Avatica principal and keytab
+parser.add_argument('-p', '--principal', help='Kerberos principal for SPNEGO
authenction from keytab.')
+parser.add_argument('-kt', '--keytab', help='Kerberos keytab file for SPNEGO
authenction from keytab.')
# Avatica HTTPS truststore
parser.add_argument('-t', '--truststore', help='Truststore file that contains
the TLS certificate of the server.')
parser.add_argument('-tp', '--truststore-password', help='Password for the
server TLS certificate truststore')
@@ -68,7 +71,13 @@ phoenix_utils.setPath()
url = args.url
sqlfile = args.sqlfile
+
serialization_key = 'phoenix.queryserver.serialization'
+default_serialization='PROTOBUF'
+hbase_authentication_key = 'hbase.security.authentication'
+default_hbase_authentication = ''
+spnego_auth_disabled_key = 'phoenix.queryserver.spnego.auth.disabled'
+default_spnego_auth_disabled = 'false'
def cleanup_url(url):
parsed = urlparse.urlparse(url)
@@ -79,8 +88,7 @@ def cleanup_url(url):
url = url + ":8765"
return url
-def get_serialization():
- default_serialization='PROTOBUF'
+def get_hbase_param(key, default):
env=os.environ.copy()
if os.name == 'posix':
hbase_exec_name = 'hbase'
@@ -92,25 +100,34 @@ def get_serialization():
hbase_cmd = phoenix_utils.which(hbase_exec_name)
if hbase_cmd is None:
- print 'Failed to find hbase executable on PATH, defaulting
serialization to %s.' % default_serialization
- return default_serialization
+ print 'Failed to find hbase executable on PATH, defaulting %s to %s.'
% key, default
+ return default
env['HBASE_CONF_DIR'] = phoenix_utils.hbase_conf_dir
- proc = subprocess.Popen([hbase_cmd,
'org.apache.hadoop.hbase.util.HBaseConfTool', serialization_key],
+ proc = subprocess.Popen([hbase_cmd,
'org.apache.hadoop.hbase.util.HBaseConfTool', key],
env=env, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
(stdout, stderr) = proc.communicate()
if proc.returncode != 0:
- print 'Failed to extract serialization from hbase-site.xml, defaulting
to %s.' % default_serialization
- return default_serialization
+ print 'Failed to extract %s from hbase-site.xml, defaulting to %s.' %
key, default
+ return default
# Don't expect this to happen, but give a default value just in case
if stdout is None:
- return default_serialization
+ return default
stdout = stdout.strip()
if stdout == 'null':
- return default_serialization
+ return default
return stdout
+def get_serialization():
+ return get_hbase_param(serialization_key, default_serialization)
+
+def get_hbase_authentication():
+ return get_hbase_param(hbase_authentication_key,
default_hbase_authentication)
+
+def get_spnego_auth_disabled():
+ return get_hbase_param(spnego_auth_disabled_key,
default_spnego_auth_disabled)
+
url = cleanup_url(url)
if sqlfile != "":
@@ -164,15 +181,27 @@ if args.auth_user:
jdbc_url += ';avatica_user=' + args.auth_user
if args.auth_password:
jdbc_url += ';avatica_password=' + args.auth_password
+if args.principal:
+ jdbc_url += ';principal=' + args.principal
+if args.keytab:
+ jdbc_url += ';keytab=' + args.keytab
if args.truststore:
jdbc_url += ';truststore=' + args.truststore
if args.truststore_password:
jdbc_url += ';truststore_password=' + args.truststore_password
+
+# Add SPENGO auth if this cluster uses it, and there are no conflicting HBase
parameters
+if (get_hbase_authentication() == 'kerberos' and get_spnego_auth_disabled() ==
'false'
+ and 'authentication=' not in jdbc_url and 'avatica_user=' not in jdbc_url):
+ jdbc_url += ';authentication=SPNEGO'
+
java_cmd = java + ' $PHOENIX_OPTS ' + \
- ' -cp "' + phoenix_utils.hbase_conf_dir + os.pathsep +
phoenix_utils.phoenix_thin_client_jar + \
- os.pathsep + phoenix_utils.hadoop_conf + os.pathsep +
phoenix_utils.hadoop_classpath + '" -Dlog4j.configuration=file:' + \
+ ' -cp "' + phoenix_utils.sqlline_with_deps_jar \
+ + os.pathsep + phoenix_utils.phoenix_thin_client_jar + \
+ '" -Dlog4j.configuration=file:' + \
os.path.join(phoenix_utils.current_dir, "log4j.properties") + \
+ ' -Djavax.security.auth.useSubjectCredsOnly=false ' + \
" org.apache.phoenix.queryserver.client.SqllineWrapper -d
org.apache.phoenix.queryserver.client.Driver " + \
' -u "' + jdbc_url + '"' + " -n none -p none " + \
" --color=" + colorSetting + " --fastConnect=" + args.fastconnect + "
--verbose=" + args.verbose + \
diff --git a/pom.xml b/pom.xml
index 53b0181..6caf5ef 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,8 +74,7 @@
<phoenix.version>4.14.2-HBase-1.4</phoenix.version>
<!-- Dependency versions -->
- <sqlline.version>1.2.0</sqlline.version>
- <jline.version>2.11</jline.version>
+ <sqlline.version>1.9.0</sqlline.version>
<commons-logging.version>1.2</commons-logging.version>
<!-- Do not change jodatime.version until HBASE-15199 is fixed -->
<avatica.version>1.16.0</avatica.version>
@@ -403,23 +402,13 @@
</dependency>
<dependency>
<groupId>org.apache.calcite.avatica</groupId>
- <artifactId>avatica-core</artifactId>
- <version>${avatica.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.calcite.avatica</groupId>
<artifactId>avatica-server</artifactId>
<version>${avatica.version}</version>
</dependency>
-
- <dependency>
- <groupId>jline</groupId>
- <artifactId>jline</artifactId>
- <version>${jline.version}</version>
- </dependency>
<dependency>
<groupId>sqlline</groupId>
<artifactId>sqlline</artifactId>
+ <classifier>jar-with-dependencies</classifier>
<version>${sqlline.version}</version>
</dependency>
<dependency>
diff --git a/queryserver-client/pom.xml b/queryserver-client/pom.xml
index 30bcb82..f0ac6ea 100644
--- a/queryserver-client/pom.xml
+++ b/queryserver-client/pom.xml
@@ -107,70 +107,6 @@
</excludes>
</filter>
</filters>
-
- <relocations>
-
- <!-- COM relocation -->
-
- <relocation>
- <pattern>com.fasterxml</pattern>
-
<shadedPattern>${shaded.package}.com.fasterxml</shadedPattern>
- </relocation>
- <relocation>
- <pattern>com.google.collect</pattern>
-
<shadedPattern>${shaded.package}.com.google.collect</shadedPattern>
- </relocation>
- <relocation>
- <pattern>com.google.protobuf</pattern>
-
<shadedPattern>${shaded.package}.com.google.protobuf</shadedPattern>
- </relocation>
- <!-- ORG relocation -->
- <relocation>
- <pattern>org.apache.calcite.avatica</pattern>
-
<shadedPattern>${shaded.package}.org.apache.calcite.avatica</shadedPattern>
- <!-- The protobuf messages can't be relocated due to a
limitation
- in the Avatica protocol. -->
- <excludes>
- <exclude>org.apache.calcite.avatica.proto.*</exclude>
- </excludes>
- </relocation>
- <relocation>
- <pattern>org.apache.commons</pattern>
-
<shadedPattern>${shaded.package}.org.apache.commons</shadedPattern>
- <excludes>
- <exclude>org.apache.commons.logging.**</exclude>
- </excludes>
- </relocation>
- <relocation>
- <pattern>org.apache.http</pattern>
-
<shadedPattern>${shaded.package}.org.apache.http</shadedPattern>
- </relocation>
-
- <relocation>
- <pattern>org.fusesource</pattern>
-
<shadedPattern>${shaded.package}.org.fusesource</shadedPattern>
- </relocation>
- <relocation>
- <pattern>org.hamcrest</pattern>
- <shadedPattern>${shaded.package}.org.hamcrest</shadedPattern>
- </relocation>
- <relocation>
- <pattern>org.junit</pattern>
- <shadedPattern>${shaded.package}.org.junit</shadedPattern>
- </relocation>
-
- <!-- MISC relocations -->
-
- <relocation>
- <pattern>jline</pattern>
- <shadedPattern>${shaded.package}.jline</shadedPattern>
- </relocation>
- <relocation>
- <pattern>junit</pattern>
- <shadedPattern>${shaded.package}.junit</shadedPattern>
- </relocation>
-
- </relocations>
</configuration>
</execution>
</executions>
@@ -190,16 +126,13 @@
<dependencies>
<dependency>
<groupId>org.apache.calcite.avatica</groupId>
- <artifactId>avatica-core</artifactId>
+ <artifactId>avatica</artifactId>
</dependency>
<dependency>
- <!-- a dependency for the thin-client uberjar -->
<groupId>sqlline</groupId>
<artifactId>sqlline</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-common</artifactId>
+ <scope>provided</scope>
+ <classifier>jar-with-dependencies</classifier>
</dependency>
</dependencies>
</project>
diff --git
a/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/KerberosLoginFromTicketCache.java
b/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/KerberosLoginFromTicketCache.java
new file mode 100644
index 0000000..9c5fa15
--- /dev/null
+++
b/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/KerberosLoginFromTicketCache.java
@@ -0,0 +1,85 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.phoenix.queryserver.client;
+
+import java.io.IOException;
+import java.util.HashMap;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+public class KerberosLoginFromTicketCache {
+
+ public static Subject login() throws LoginException {
+
+ Configuration kerberosConfig = new KerberosConfiguration();
+ Subject subject = new Subject();
+
+ LoginContext lc = new LoginContext("PhoenixThinClient", subject, new
CallbackHandler() {
+ @Override
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+ throw new UnsupportedCallbackException(callbacks[0],
+ "Only ticket cache is supported");
+ }
+ }, kerberosConfig);
+
+ lc.login();
+ return subject;
+ }
+
+ private static class KerberosConfiguration extends Configuration {
+ private static final String IBM_KRB5_LOGIN_MODULE =
+ "com.ibm.security.auth.module.Krb5LoginModule";
+ private static final String SUN_KRB5_LOGIN_MODULE =
+ "com.sun.security.auth.module.Krb5LoginModule";
+
+ private static final String JAVA_VENDOR_NAME =
System.getProperty("java.vendor");
+ private static final boolean IS_IBM_JAVA =
JAVA_VENDOR_NAME.contains("IBM");
+
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
+ HashMap<String, Object> options = new HashMap<>();
+
+ if(IS_IBM_JAVA) {
+ //Also see
https://www.ibm.com/support/pages/how-enable-strong-encryption-128-bit
+
+ // This is inferior to the sun class, as it won't work if the
kerberos and unix
+ // users don't match, while that one take any principal from
the cache
+ options.put("principal", System.getProperty("user.name"));
+ options.put("useDefaultCcache", "true");
+ return new AppConfigurationEntry[] { new AppConfigurationEntry(
+ IBM_KRB5_LOGIN_MODULE,
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
+ options) };
+ } else {
+ options.put("useTicketCache", "true");
+ options.put("doNotPrompt", "true");
+ return new AppConfigurationEntry[] { new AppConfigurationEntry(
+ SUN_KRB5_LOGIN_MODULE,
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
+ options) };
+ }
+ }
+ }
+
+}
diff --git
a/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/SqllineWrapper.java
b/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/SqllineWrapper.java
index 90fe8e1..0bb35a9 100644
---
a/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/SqllineWrapper.java
+++
b/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/SqllineWrapper.java
@@ -18,8 +18,8 @@ package org.apache.phoenix.queryserver.client;
import java.security.PrivilegedExceptionAction;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.UserGroupInformation;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
import sqlline.SqlLine;
@@ -28,71 +28,40 @@ import sqlline.SqlLine;
* make a pre-populated ticket cache (via kinit before launching)
transparently work.
*/
public class SqllineWrapper {
- public static final String HBASE_AUTHENTICATION_ATTR =
"hbase.security.authentication";
- public static final String QUERY_SERVER_SPNEGO_AUTH_DISABLED_ATTRIB =
"phoenix.queryserver.spnego.auth.disabled";
- public static final boolean DEFAULT_QUERY_SERVER_SPNEGO_AUTH_DISABLED =
false;
- static UserGroupInformation tryLogin(Configuration conf) {
- // Try to avoid HBase dependency too. Sadly, we have to bring in all of
hadoop-common for this..
- if ("kerberos".equalsIgnoreCase(conf.get(HBASE_AUTHENTICATION_ATTR))) {
- // sun.security.krb5.principal is the property for setting the principal
name, if that
- // isn't set, fall back to user.name and hope for the best.
- String principal = System.getProperty("sun.security.krb5.principal",
System.getProperty("user.name"));
- try {
- // We got hadoop-auth via hadoop-common, so might as well use it.
- return UserGroupInformation.getUGIFromTicketCache(null, principal);
- } catch (Exception e) {
- //Fall through
- System.err.println("Kerberos login failed using ticket cache. Did you
kinit?");
+ public static String getUrl(String[] args) {
+ for (int i = 0; i < args.length; i++) {
+ String arg = args[i];
+ args[i] = arg;
+ if (arg.equals("-u") && args.length > i+1) {
+ return args[i+1];
}
}
return null;
}
- private static String[] updateArgsForKerberos(String[] origArgs) {
- String[] newArgs = new String[origArgs.length];
- for (int i = 0; i < origArgs.length; i++) {
- String arg = origArgs[i];
- newArgs[i] = arg;
-
- if (arg.equals("-u")) {
- // Get the JDBC url which is the next argument
- i++;
- arg = origArgs[i];
- if (!arg.contains("authentication=")) {
- arg = arg + ";authentication=SPNEGO";
- }
- newArgs[i] = arg;
- }
- }
- return newArgs;
- }
-
public static void main(String[] args) throws Exception {
- final Configuration conf = new Configuration(false);
- conf.addResource("hbase-site.xml");
+ String url = getUrl(args);
- // Check if the server config says SPNEGO auth is actually disabled.
- final boolean disableSpnego =
conf.getBoolean(QUERY_SERVER_SPNEGO_AUTH_DISABLED_ATTRIB,
- DEFAULT_QUERY_SERVER_SPNEGO_AUTH_DISABLED);
- if (disableSpnego) {
- SqlLine.main(args);
+ if(url.contains(";authentication=SPNEGO") && !url.contains(";principal="))
{
+ try {
+ Subject subject = KerberosLoginFromTicketCache.login();
+ System.out.println("Kerberos login from ticket cache successful");
+ Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
+ @Override
+ public Void run() throws Exception {
+ SqlLine.main(args);
+ return null;
+ }
+ });
+ return;
+ } catch (LoginException e) {
+ System.out.print("Kerberos login from ticket cache not successful");
+ e.printStackTrace();
+ }
}
- UserGroupInformation ugi = tryLogin(conf);
-
- if (null != ugi) {
- final String[] updatedArgs = updateArgsForKerberos(args);
- ugi.doAs(new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- SqlLine.main(updatedArgs);
- return null;
- }
- });
- } else {
- SqlLine.main(args);
- }
+ SqlLine.main(args);
}
}
diff --git a/queryserver-orchestrator/pom.xml b/queryserver-orchestrator/pom.xml
index 12e559f..ed6cb21 100644
--- a/queryserver-orchestrator/pom.xml
+++ b/queryserver-orchestrator/pom.xml
@@ -39,10 +39,6 @@
<artifactId>queryserver-client</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.calcite.avatica</groupId>
- <artifactId>avatica-core</artifactId>
- </dependency>
- <dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
diff --git a/queryserver/pom.xml b/queryserver/pom.xml
index d68d8e8..07b0261 100644
--- a/queryserver/pom.xml
+++ b/queryserver/pom.xml
@@ -148,8 +148,8 @@
<artifactId>hbase-common</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.phoenix</groupId>
- <artifactId>queryserver-client</artifactId>
+ <groupId>org.apache.calcite.avatica</groupId>
+ <artifactId>avatica-server</artifactId>
<exclusions>
<!-- Being pulled in via avatica to avoid pb2/pb3 issues.
When we use the "pre-shaded" avatica artifact, we don't
@@ -165,10 +165,6 @@
<artifactId>avatica</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.calcite.avatica</groupId>
- <artifactId>avatica-server</artifactId>
- </dependency>
- <dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</dependency>
@@ -179,6 +175,11 @@
<!-- for tests -->
<dependency>
<groupId>org.apache.phoenix</groupId>
+ <artifactId>queryserver-client</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.phoenix</groupId>
<artifactId>phoenix-core</artifactId>
<scope>test</scope>
</dependency>
diff --git
a/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerBasicsIT.java
b/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerBasicsIT.java
index a641c91..767badc 100644
---
a/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerBasicsIT.java
+++
b/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerBasicsIT.java
@@ -44,7 +44,7 @@ import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.phoenix.query.QueryServices;
import org.apache.phoenix.queryserver.QueryServerProperties;
-import org.apache.phoenix.queryserver.client.ThinClientUtil;
+import org.apache.phoenix.util.ThinClientUtil;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Rule;
diff --git
a/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerEnvironment.java
b/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerEnvironment.java
index 537d5a5..1d80d63 100644
---
a/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerEnvironment.java
+++
b/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerEnvironment.java
@@ -44,9 +44,9 @@ import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.phoenix.query.ConfigurationFactory;
import org.apache.phoenix.queryserver.QueryServerProperties;
-import org.apache.phoenix.queryserver.client.ThinClientUtil;
import org.apache.phoenix.queryserver.server.QueryServer;
import org.apache.phoenix.util.InstanceResolver;
+import org.apache.phoenix.util.ThinClientUtil;
import com.google.common.base.Preconditions;
import com.google.common.collect.Maps;
diff --git
a/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerTestUtil.java
b/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerTestUtil.java
index 01f73ae..e599c26 100644
---
a/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerTestUtil.java
+++
b/queryserver/src/it/java/org/apache/phoenix/end2end/QueryServerTestUtil.java
@@ -31,9 +31,9 @@ import org.apache.hadoop.hbase.LocalHBaseCluster;
import org.apache.hadoop.hbase.util.FSUtils;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.phoenix.query.ConfigurationFactory;
-import org.apache.phoenix.queryserver.client.ThinClientUtil;
import org.apache.phoenix.queryserver.server.QueryServer;
import org.apache.phoenix.util.InstanceResolver;
+import org.apache.phoenix.util.ThinClientUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
diff --git
a/queryserver/src/it/java/org/apache/phoenix/end2end/SecureQueryServerPhoenixDBIT.java
b/queryserver/src/it/java/org/apache/phoenix/end2end/SecureQueryServerPhoenixDBIT.java
index b99693a..32c5478 100644
---
a/queryserver/src/it/java/org/apache/phoenix/end2end/SecureQueryServerPhoenixDBIT.java
+++
b/queryserver/src/it/java/org/apache/phoenix/end2end/SecureQueryServerPhoenixDBIT.java
@@ -54,9 +54,9 @@ import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authentication.util.KerberosName;
import org.apache.phoenix.query.ConfigurationFactory;
import org.apache.phoenix.queryserver.QueryServerProperties;
-import org.apache.phoenix.queryserver.client.ThinClientUtil;
import org.apache.phoenix.queryserver.server.QueryServer;
import org.apache.phoenix.util.InstanceResolver;
+import org.apache.phoenix.util.ThinClientUtil;
import org.junit.AfterClass;
import org.junit.Assume;
import org.junit.BeforeClass;
diff --git
a/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/ThinClientUtil.java
b/queryserver/src/main/java/org/apache/phoenix/util/ThinClientUtil.java
similarity index 80%
rename from
queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/ThinClientUtil.java
rename to queryserver/src/main/java/org/apache/phoenix/util/ThinClientUtil.java
index 1ea64e7..f3144eb 100644
---
a/queryserver-client/src/main/java/org/apache/phoenix/queryserver/client/ThinClientUtil.java
+++ b/queryserver/src/main/java/org/apache/phoenix/util/ThinClientUtil.java
@@ -15,15 +15,16 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.phoenix.queryserver.client;
+package org.apache.phoenix.util;
/**
- * Utilities for thin clients.
+ * Utilities for thin client tests
*/
public final class ThinClientUtil {
- // The default serialization is also defined in QueryServerOptions.
phoenix-queryserver-client
- // currently doesn't depend on phoenix-core so we have to deal with the
duplication.
+ // Duplicating constants from phoenix-core and queryserver-client
+ // to avoid having to depend on them
private static final String DEFAULT_SERIALIZATION = "PROTOBUF";
+ public static final String CONNECT_STRING_PREFIX = "jdbc:phoenix:thin:";
private ThinClientUtil() {}
@@ -36,7 +37,7 @@ public final class ThinClientUtil {
}
public static String getConnectionUrl(String protocol, String hostname, int
port, String serialization) {
- String urlFmt = Driver.CONNECT_STRING_PREFIX +
"url=%s://%s:%s;serialization=%s";
+ String urlFmt = CONNECT_STRING_PREFIX + "url=%s://%s:%s;serialization=%s";
return String.format(urlFmt, protocol, hostname, port, serialization);
}
}
diff --git
a/queryserver/src/test/java/org/apache/phoenix/DriverCohabitationTest.java
b/queryserver/src/test/java/org/apache/phoenix/DriverCohabitationTest.java
index 1df6d2c..02286bd 100644
--- a/queryserver/src/test/java/org/apache/phoenix/DriverCohabitationTest.java
+++ b/queryserver/src/test/java/org/apache/phoenix/DriverCohabitationTest.java
@@ -17,8 +17,8 @@
*/
package org.apache.phoenix;
-import org.apache.phoenix.queryserver.client.ThinClientUtil;
import org.apache.phoenix.util.QueryUtil;
+import org.apache.phoenix.util.ThinClientUtil;
import org.junit.Test;
import java.sql.Driver;
