FAQ
Author: hashutosh
Date: Mon Jun 17 17:57:52 2013
New Revision: 1493860

URL: http://svn.apache.org/r1493860
Log:
HIVE-4707 : Support configurable domain name for HiveServer2 LDAP authentication using Active Directory (Prasad Mujumdar via Ashutosh Chauhan)

Modified:
     hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
     hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java

Modified: hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
URL: http://svn.apache.org/viewvc/hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java?rev=1493860&r1=1493859&r2=1493860&view=diff
==============================================================================
--- hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java (original)
+++ hive/trunk/common/src/java/org/apache/hadoop/hive/conf/HiveConf.java Mon Jun 17 17:57:52 2013
@@ -727,6 +727,7 @@ public class HiveConf extends Configurat
      HIVE_SERVER2_KERBEROS_PRINCIPAL("hive.server2.authentication.kerberos.principal", ""),
      HIVE_SERVER2_PLAIN_LDAP_URL("hive.server2.authentication.ldap.url", null),
      HIVE_SERVER2_PLAIN_LDAP_BASEDN("hive.server2.authentication.ldap.baseDN", null),
+ HIVE_SERVER2_PLAIN_LDAP_DOMAIN("hive.server2.authentication.ldap.Domain", null),
      HIVE_SERVER2_CUSTOM_AUTHENTICATION_CLASS("hive.server2.custom.authentication.class", null),
      HIVE_SERVER2_ENABLE_DOAS("hive.server2.enable.doAs", true),


Modified: hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java
URL: http://svn.apache.org/viewvc/hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java?rev=1493860&r1=1493859&r2=1493860&view=diff
==============================================================================
--- hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java (original)
+++ hive/trunk/service/src/java/org/apache/hive/service/auth/LdapAuthenticationProviderImpl.java Mon Jun 17 17:57:52 2013
@@ -29,13 +29,15 @@ import org.apache.hadoop.hive.conf.HiveC

  public class LdapAuthenticationProviderImpl implements PasswdAuthenticationProvider {

- String ldapURL;
- String baseDN;
+ private final String ldapURL;
+ private final String baseDN;
+ private final String ldapDomain;

    LdapAuthenticationProviderImpl () {
      HiveConf conf = new HiveConf();
      this.ldapURL = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_URL);
      this.baseDN = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_BASEDN);
+ this.ldapDomain = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PLAIN_LDAP_DOMAIN);
    }

    @Override
@@ -46,6 +48,12 @@ public class LdapAuthenticationProviderI
      env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
      env.put(Context.PROVIDER_URL, ldapURL);

+ // If the domain is supplied, then append it. LDAP providers like Active Directory
+ // use a fully qualified user name like foo@bar.com.
+ if (ldapDomain != null) {
+ user = user + "@" + ldapDomain;
+ }
+
      // setup the security principal
      String bindDN;
      if (baseDN != null) {

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupcommits @
categorieshive, hadoop
postedJun 17, '13 at 5:58p
activeJun 17, '13 at 5:58p
posts1
users1
websitehive.apache.org

1 user in discussion

Hashutosh: 1 post

People

Translate

site design / logo © 2021 Grokbase