HiveServer2的简单用户/密码身份验证(不使用Kerberos/LDAP) [英] Simple User/Password authentication for HiveServer2 (without Kerberos/LDAP)
问题描述
如何为HiveServer2提供简单的属性文件或数据库用户/密码身份验证?
How to provide a simple propertyfile or database user/password authentication for HiveServer2?
我已经找到关于此内容的此演示文稿,但是它不是英语:(.在 Cloudera参考手册,他们讨论了 hive.server2.authentication
属性.它支持接口 hive.server2.custom.authentication
的 CUSTOM
实现.
I already found this presentation about this, but it's not in English :(.
On the Cloudera reference manual they talk about the hive.server2.authentication
property. It supports CUSTOM
implementations of the interface hive.server2.custom.authentication
.
如何实现?
推荐答案
从本质上讲,您必须提供一个可执行身份验证的Java应用程序.也许您正在向mysql或postgres数据库或平面文件等进行身份验证.您需要提供一个可以实现org.apache.hive.service.auth.PasswdAuthenticationProvider接口的jar.
In essence, you have to provide a java application that can perform your authentication. Maybe you're authing to a mysql or postgres database, or a flat file, etc. You need to provide a jar that can implement the org.apache.hive.service.auth.PasswdAuthenticationProvider interface.
一个简单的例子:
package org.apache.hive.service.auth.PasswdAuthenticationProvider.SampleAuth;
import java.util.Hashtable;
import javax.security.sasl.AuthenticationException;
import org.apache.hive.service.auth.PasswdAuthenticationProvider;
/*
javac -cp $HIVE_HOME/lib/hive-service-0.12.0-cdh5.0.0-beta-2.jar SampleAuthenticator.java -d .
jar cf sampleauth.jar hive
cp sampleauth.jar $HIVE_HOME/lib/.
*/
public class SampleAuthenticator implements PasswdAuthenticationProvider {
Hashtable<String, String> store = null;
public SampleAuthenticator () {
store = new Hashtable<String, String>();
store.put("user1", "passwd1");
store.put("user2", "passwd2");
}
@Override
public void Authenticate(String user, String password)
throws AuthenticationException {
String storedPasswd = store.get(user);
if (storedPasswd != null && storedPasswd.equals(password))
return;
throw new AuthenticationException("SampleAuthenticator: Error validating user");
}
}
然后在hive-site.xml中,使用新创建的自定义身份验证jar:
And then in hive-site.xml, use your newly created custom authentication jar:
<property>
<name>hive.server2.authentication</name>
<value>CUSTOM</value>
</property>
<property>
<name>hive.server2.custom.authentication.class</name>
<value>org.apache.hive.service.auth.PasswdAuthenticationProvider.SampleAuth</value>
</property>
这篇关于HiveServer2的简单用户/密码身份验证(不使用Kerberos/LDAP)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!