From 38ebcfb7069af70223ff1b3eac17f9ee6a8ab0b0 Mon Sep 17 00:00:00 2001 From: Piotr Findeisen Date: Wed, 8 May 2019 15:12:19 +0200 Subject: [PATCH] Simplify kerberized metastore communication --- .../KerberosHiveMetastoreAuthentication.java | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/presto-hive/src/main/java/io/prestosql/plugin/hive/authentication/KerberosHiveMetastoreAuthentication.java b/presto-hive/src/main/java/io/prestosql/plugin/hive/authentication/KerberosHiveMetastoreAuthentication.java index 86fc13928ff8..8cb1291cbeda 100644 --- a/presto-hive/src/main/java/io/prestosql/plugin/hive/authentication/KerberosHiveMetastoreAuthentication.java +++ b/presto-hive/src/main/java/io/prestosql/plugin/hive/authentication/KerberosHiveMetastoreAuthentication.java @@ -15,7 +15,6 @@ import com.google.common.collect.ImmutableMap; import io.prestosql.plugin.hive.ForHiveMetastore; -import io.prestosql.plugin.hive.HiveConfig; import org.apache.hadoop.hive.thrift.client.TUGIAssumingTransport; import org.apache.hadoop.security.SaslRpcServer; import org.apache.thrift.transport.TSaslClientTransport; @@ -38,22 +37,19 @@ public class KerberosHiveMetastoreAuthentication { private final String hiveMetastoreServicePrincipal; private final HadoopAuthentication authentication; - private final boolean hdfsWireEncryptionEnabled; @Inject public KerberosHiveMetastoreAuthentication( MetastoreKerberosConfig config, - @ForHiveMetastore HadoopAuthentication authentication, - HiveConfig hiveConfig) + @ForHiveMetastore HadoopAuthentication authentication) { - this(config.getHiveMetastoreServicePrincipal(), authentication, hiveConfig.isHdfsWireEncryptionEnabled()); + this(config.getHiveMetastoreServicePrincipal(), authentication); } - public KerberosHiveMetastoreAuthentication(String hiveMetastoreServicePrincipal, HadoopAuthentication authentication, boolean hdfsWireEncryptionEnabled) + public KerberosHiveMetastoreAuthentication(String hiveMetastoreServicePrincipal, HadoopAuthentication authentication) { this.hiveMetastoreServicePrincipal = requireNonNull(hiveMetastoreServicePrincipal, "hiveMetastoreServicePrincipal is null"); this.authentication = requireNonNull(authentication, "authentication is null"); - this.hdfsWireEncryptionEnabled = hdfsWireEncryptionEnabled; } @Override @@ -66,7 +62,7 @@ public TTransport authenticate(TTransport rawTransport, String hiveMetastoreHost "Kerberos principal name does NOT have the expected hostname part: %s", serverPrincipal); Map saslProps = ImmutableMap.of( - Sasl.QOP, hdfsWireEncryptionEnabled ? "auth-conf" : "auth", + Sasl.QOP, "auth-conf,auth", Sasl.SERVER_AUTH, "true"); TTransport saslTransport = new TSaslClientTransport(