[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14937745#comment-14937745 ] Sergio Peña commented on HIVE-10048: [~leftylev] I think the documentation for SSL support should be already in our wiki as this feature is already implemented. This fix is only to allow the use of SSL when kerberos authentication is used. [~mkazia] This is the documentation for HS2 and SSL that we have: https://cwiki.apache.org/confluence/display/Hive/HiveServer2+Clients#HiveServer2Clients-ConnectionURLWhenSSLIsEnabledinHiveServer2 Could you take a look and see if there is something it needs to be changed for this fix? > JDBC - Support SSL encryption regardless of Authentication mechanism > > > Key: HIVE-10048 > URL: https://issues.apache.org/jira/browse/HIVE-10048 > Project: Hive > Issue Type: Improvement > Components: JDBC >Affects Versions: 1.0.0 >Reporter: Mubashir Kazia >Assignee: Mubashir Kazia > Labels: newbie, patch > Fix For: 2.0.0 > > Attachments: HIVE-10048.1.patch, HIVE-10048.2.patch > > > JDBC driver currently only supports SSL Transport if the Authentication > mechanism is SASL Plain with username and password. SSL transport should be > decoupled from Authentication mechanism. If the customer chooses to do > Kerberos Authentication and SSL encryption over the wire it should be > supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14910105#comment-14910105 ] Lefty Leverenz commented on HIVE-10048: --- Does this need documentation? (If so, please add a TODOC2.0 label.) > JDBC - Support SSL encryption regardless of Authentication mechanism > > > Key: HIVE-10048 > URL: https://issues.apache.org/jira/browse/HIVE-10048 > Project: Hive > Issue Type: Improvement > Components: JDBC >Affects Versions: 1.0.0 >Reporter: Mubashir Kazia >Assignee: Mubashir Kazia > Labels: newbie, patch > Fix For: 2.0.0 > > Attachments: HIVE-10048.1.patch, HIVE-10048.2.patch > > > JDBC driver currently only supports SSL Transport if the Authentication > mechanism is SASL Plain with username and password. SSL transport should be > decoupled from Authentication mechanism. If the customer chooses to do > Kerberos Authentication and SSL encryption over the wire it should be > supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14909865#comment-14909865 ] Mubashir Kazia commented on HIVE-10048: --- The test failures are unrelated to this patch. The same tests have been failing on other patches. > JDBC - Support SSL encryption regardless of Authentication mechanism > > > Key: HIVE-10048 > URL: https://issues.apache.org/jira/browse/HIVE-10048 > Project: Hive > Issue Type: Improvement > Components: JDBC >Affects Versions: 1.0.0 >Reporter: Mubashir Kazia >Assignee: Mubashir Kazia > Labels: newbie, patch > Attachments: HIVE-10048.1.patch, HIVE-10048.2.patch > > > JDBC driver currently only supports SSL Transport if the Authentication > mechanism is SASL Plain with username and password. SSL transport should be > decoupled from Authentication mechanism. If the customer chooses to do > Kerberos Authentication and SSL encryption over the wire it should be > supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[
https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14909841#comment-14909841
]
Hive QA commented on HIVE-10048:
{color:red}Overall{color}: -1 at least one tests failed
Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12762397/HIVE-10048.2.patch
{color:red}ERROR:{color} -1 due to 3 failed/errored test(s), 9620 tests executed
*Failed tests:*
{noformat}
org.apache.hadoop.hive.cli.TestCliDriver.testCliDriver_vector_groupby_reduce
org.apache.hadoop.hive.cli.TestMiniTezCliDriver.testCliDriver_vector_groupby_reduce
org.apache.hive.hcatalog.api.TestHCatClient.testTableSchemaPropagation
{noformat}
Test results:
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/5439/testReport
Console output:
http://ec2-174-129-184-35.compute-1.amazonaws.com/jenkins/job/PreCommit-HIVE-TRUNK-Build/5439/console
Test logs:
http://ec2-174-129-184-35.compute-1.amazonaws.com/logs/PreCommit-HIVE-TRUNK-Build-5439/
Messages:
{noformat}
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
Tests exited with: TestsFailedException: 3 tests failed
{noformat}
This message is automatically generated.
ATTACHMENT ID: 12762397 - PreCommit-HIVE-TRUNK-Build
> JDBC - Support SSL encryption regardless of Authentication mechanism
>
>
> Key: HIVE-10048
> URL: https://issues.apache.org/jira/browse/HIVE-10048
> Project: Hive
> Issue Type: Improvement
> Components: JDBC
>Affects Versions: 1.0.0
>Reporter: Mubashir Kazia
>Assignee: Mubashir Kazia
> Labels: newbie, patch
> Attachments: HIVE-10048.1.patch, HIVE-10048.2.patch
>
>
> JDBC driver currently only supports SSL Transport if the Authentication
> mechanism is SASL Plain with username and password. SSL transport should be
> decoupled from Authentication mechanism. If the customer chooses to do
> Kerberos Authentication and SSL encryption over the wire it should be
> supported. The Server side already supports this but the driver does not.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14908278#comment-14908278 ] Sergio Peña commented on HIVE-10048: Thanks @Mubashir Kazia +1 > JDBC - Support SSL encryption regardless of Authentication mechanism > > > Key: HIVE-10048 > URL: https://issues.apache.org/jira/browse/HIVE-10048 > Project: Hive > Issue Type: Improvement > Components: JDBC >Affects Versions: 1.0.0 >Reporter: Mubashir Kazia >Assignee: Mubashir Kazia > Labels: newbie, patch > Attachments: HIVE-10048.1.patch, HIVE-10048.2.patch > > > JDBC driver currently only supports SSL Transport if the Authentication > mechanism is SASL Plain with username and password. SSL transport should be > decoupled from Authentication mechanism. If the customer chooses to do > Kerberos Authentication and SSL encryption over the wire it should be > supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[
https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14906499#comment-14906499
]
Sergio Peña commented on HIVE-10048:
[~mkazia] The patch looks good.
Just one minor thing now that we're working on that code. Can we move the code
that gets the SSL or simple transport to a new private method? I was thinking
in something like {{private TTransport createUnderlyingTransport()}}.
What do you think?
> JDBC - Support SSL encryption regardless of Authentication mechanism
>
>
> Key: HIVE-10048
> URL: https://issues.apache.org/jira/browse/HIVE-10048
> Project: Hive
> Issue Type: Improvement
> Components: JDBC
>Affects Versions: 1.0.0
>Reporter: Mubashir Kazia
>Assignee: Mubashir Kazia
> Labels: newbie, patch
> Attachments: HIVE-10048.1.patch
>
>
> JDBC driver currently only supports SSL Transport if the Authentication
> mechanism is SASL Plain with username and password. SSL transport should be
> decoupled from Authentication mechanism. If the customer chooses to do
> Kerberos Authentication and SSL encryption over the wire it should be
> supported. The Server side already supports this but the driver does not.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14906551#comment-14906551 ] Mubashir Kazia commented on HIVE-10048: --- [~spena], creating a private method sounds good to me, it'll make it cleaner. When I initially made the change, I didn't wanted to introduce too many changes and keep it close to the original code as much as possible. It'll take me sometime to get an environment up and create a new patch. > JDBC - Support SSL encryption regardless of Authentication mechanism > > > Key: HIVE-10048 > URL: https://issues.apache.org/jira/browse/HIVE-10048 > Project: Hive > Issue Type: Improvement > Components: JDBC >Affects Versions: 1.0.0 >Reporter: Mubashir Kazia >Assignee: Mubashir Kazia > Labels: newbie, patch > Attachments: HIVE-10048.1.patch > > > JDBC driver currently only supports SSL Transport if the Authentication > mechanism is SASL Plain with username and password. SSL transport should be > decoupled from Authentication mechanism. If the customer chooses to do > Kerberos Authentication and SSL encryption over the wire it should be > supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=14906622#comment-14906622 ] Sergio Peña commented on HIVE-10048: Thanks for the work. Btw, besides the new method, I tried to apply the current patch to the current master branch and it did not apply correctly. > JDBC - Support SSL encryption regardless of Authentication mechanism > > > Key: HIVE-10048 > URL: https://issues.apache.org/jira/browse/HIVE-10048 > Project: Hive > Issue Type: Improvement > Components: JDBC >Affects Versions: 1.0.0 >Reporter: Mubashir Kazia >Assignee: Mubashir Kazia > Labels: newbie, patch > Attachments: HIVE-10048.1.patch > > > JDBC driver currently only supports SSL Transport if the Authentication > mechanism is SASL Plain with username and password. SSL transport should be > decoupled from Authentication mechanism. If the customer chooses to do > Kerberos Authentication and SSL encryption over the wire it should be > supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14622935#comment-14622935 ] Mike Yoder commented on HIVE-10048: --- LGTM, +1 JDBC - Support SSL encryption regardless of Authentication mechanism Key: HIVE-10048 URL: https://issues.apache.org/jira/browse/HIVE-10048 Project: Hive Issue Type: Improvement Components: JDBC Affects Versions: 1.0.0 Reporter: Mubashir Kazia Assignee: Mubashir Kazia Labels: newbie, patch Attachments: HIVE-10048.1.patch JDBC driver currently only supports SSL Transport if the Authentication mechanism is SASL Plain with username and password. SSL transport should be decoupled from Authentication mechanism. If the customer chooses to do Kerberos Authentication and SSL encryption over the wire it should be supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14623030#comment-14623030 ] Lenni Kuff commented on HIVE-10048: --- [~prasadm] - Can you take a look? JDBC - Support SSL encryption regardless of Authentication mechanism Key: HIVE-10048 URL: https://issues.apache.org/jira/browse/HIVE-10048 Project: Hive Issue Type: Improvement Components: JDBC Affects Versions: 1.0.0 Reporter: Mubashir Kazia Assignee: Mubashir Kazia Labels: newbie, patch Attachments: HIVE-10048.1.patch JDBC driver currently only supports SSL Transport if the Authentication mechanism is SASL Plain with username and password. SSL transport should be decoupled from Authentication mechanism. If the customer chooses to do Kerberos Authentication and SSL encryption over the wire it should be supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (HIVE-10048) JDBC - Support SSL encryption regardless of Authentication mechanism
[ https://issues.apache.org/jira/browse/HIVE-10048?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14535777#comment-14535777 ] Sushanth Sowmyan commented on HIVE-10048: - Removing fix version of 1.2.0 in preparation of release, since this is not a blocker for 1.2.0. JDBC - Support SSL encryption regardless of Authentication mechanism Key: HIVE-10048 URL: https://issues.apache.org/jira/browse/HIVE-10048 Project: Hive Issue Type: Improvement Components: JDBC Affects Versions: 1.0.0 Reporter: Mubashir Kazia Assignee: Mubashir Kazia Labels: newbie, patch Attachments: HIVE-10048.1.patch JDBC driver currently only supports SSL Transport if the Authentication mechanism is SASL Plain with username and password. SSL transport should be decoupled from Authentication mechanism. If the customer chooses to do Kerberos Authentication and SSL encryption over the wire it should be supported. The Server side already supports this but the driver does not. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
