/** * Returns the thrift processor factory for HiveServer2 running in binary mode * @param service * @return * @throws LoginException */ public TProcessorFactory getAuthProcFactory(ThriftCLIService service) throws LoginException { if (isSASLWithKerberizedHadoop()) { return KerberosSaslHelper.getKerberosProcessorFactory(saslServer, service); } else { return PlainSaslHelper.getPlainProcessorFactory(service); } }
@Override public void renewDelegationToken(HiveAuthFactory authFactory, String tokenStr) throws HiveSQLException { authFactory.renewDelegationToken(tokenStr); }
@Override public TProcessor getProcessor(TTransport trans) { return new TSetIpAddressProcessor<Iface>(service); } }
public static PasswdAuthenticationProvider getAuthenticationProvider(AuthMethods authMethod, HiveConf conf) throws AuthenticationException { if (authMethod == AuthMethods.LDAP) { return new LdapAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.PAM) { return new PamAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.CUSTOM) { return new CustomAuthenticationProviderImpl(conf); } else if (authMethod == AuthMethods.NONE) { return new AnonymousAuthenticationProviderImpl(); } else { throw new AuthenticationException("Unsupported authentication method"); } } }
@Test public void authenticateGivenStringWithNullCharacterForPassword() throws Exception { auth = new LdapAuthenticationProviderImpl(conf, new LdapSearchFactory()); expectAuthenticationExceptionForInvalidPassword(); auth.Authenticate("user", "\0"); }
@Override public void cancelDelegationToken(HiveAuthFactory authFactory, String tokenStr) throws HiveSQLException { HiveAuthFactory.verifyProxyAccess(getUserName(), getUserFromToken(authFactory, tokenStr), getIpAddress(), getHiveConf()); authFactory.cancelDelegationToken(tokenStr); }
PlainSaslServer(CallbackHandler handler, String authMethodStr) throws SaslException { this.handler = handler; AuthMethods.getValidAuthMethod(authMethodStr); }
@Override public void Authenticate(String user, String password) throws AuthenticationException { customProvider.Authenticate(user, password); }
private String doTokenAuth(HttpServletRequest request, HttpServletResponse response) throws HttpAuthenticationException { String tokenStr = request.getHeader(HIVE_DELEGATION_TOKEN_HEADER); try { return hiveAuthFactory.verifyDelegationToken(tokenStr); } catch (HiveSQLException e) { throw new HttpAuthenticationException(e); } }
private LdapAuthenticationTestCase(Builder builder) { this.ldapProvider = new LdapAuthenticationProviderImpl(builder.conf); }
@Override public void cancelDelegationToken(HiveAuthFactory authFactory, String tokenStr) throws HiveSQLException { authFactory.cancelDelegationToken(tokenStr); }
public static TProcessorFactory getKerberosProcessorFactory(Server saslServer, ThriftCLIService service) { return new CLIServiceProcessorFactory(saslServer, service); }
public static TProcessorFactory getPlainProcessorFactory(ThriftCLIService service) { return new SQLPlainProcessorFactory(service); }
private String getUserFromToken(HiveAuthFactory authFactory, String tokenStr) throws HiveSQLException { return authFactory.getUserFromToken(tokenStr); }
@Override public String getDelegationToken(HiveAuthFactory authFactory, String owner, String renewer) throws HiveSQLException { return authFactory.getDelegationToken(owner, renewer, getIpAddress()); }
@Override public void Authenticate(String user, String password) throws AuthenticationException { DirSearch search = null; try { search = createDirSearch(user, password); applyFilter(search, user); } finally { ServiceUtils.cleanup(LOG, search); } }
@VisibleForTesting LdapAuthenticationProviderImpl(HiveConf conf, DirSearchFactory searchFactory) { this.conf = conf; this.searchFactory = searchFactory; filter = resolveFilter(conf); }
@Test public void authenticateGivenBlankPassword() throws Exception { auth = new LdapAuthenticationProviderImpl(conf, new LdapSearchFactory()); expectAuthenticationExceptionForInvalidPassword(); auth.Authenticate("user", ""); }
PlainServerCallbackHandler(String authMethodStr) throws AuthenticationException { authMethod = AuthMethods.getValidAuthMethod(authMethodStr); }
@Test public void authenticateGivenNullForPassword() throws Exception { auth = new LdapAuthenticationProviderImpl(conf, new LdapSearchFactory()); expectAuthenticationExceptionForInvalidPassword(); auth.Authenticate("user", null); }