> On July 23, 2013, 9:48 p.m., Thejas Nair wrote: > > jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java, line 142 > > <https://reviews.apache.org/r/12824/diff/1/?file=324969#file324969line142> > > > > the HIVE_AUTH_TYPE env variable is called "auth". > > Should we use something more descriptive like "sasl.qop" as the > > variable that sets the QOP level. > > > > Arup Malakar wrote: > I am totally agree that a different key name should be used for qop > settings. As the current HIVE_AUTH_TYPE configuration key is overloaded. > Original idea was to clean up the configuration keys which is being taken > care of in: https://issues.apache.org/jira/browse/HIVE-4232. Once the auth > params are taken care of, I had plans of introducing a new parameter called > qop which would be used to configure the QoP alone. But since HIVE-4232 is > not yet committed, I ended up using the HIVE_AUTH_TYPE. I can rebase if > HIVE-4232 goes in. > > Arup Malakar wrote: > I am totally agree that a different key name should be used for qop > settings. As the current HIVE_AUTH_TYPE configuration key is overloaded. > Original idea was to clean up the configuration keys which is being taken > care of in: https://issues.apache.org/jira/browse/HIVE-4232. Once the auth > params are taken care of, I had plans of introducing a new parameter called > qop which would be used to configure the QoP alone. But since HIVE-4232 is > not yet committed, I ended up using the HIVE_AUTH_TYPE. I can rebase if > HIVE-4232 goes in.
Once this becomes part of a release, we would need to worry about backward compatibility. ie, we would need to continue to support "auth=auth" , "auth=auth-int" etc . I think using sasl.qop as parameter name instead would makes sense with or without HIVE-4232 changes. - Thejas ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/12824/#review23711 ----------------------------------------------------------- On July 24, 2013, 4:43 p.m., Arup Malakar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/12824/ > ----------------------------------------------------------- > > (Updated July 24, 2013, 4:43 p.m.) > > > Review request for hive. > > > Bugs: HIVE-4911 > https://issues.apache.org/jira/browse/HIVE-4911 > > > Repository: hive-git > > > Description > ------- > > The QoP for hive server 2 should be configurable to enable encryption. A new > configuration should be exposed "hive.server2.thrift.rpc.protection". This > would give greater control configuring hive server 2 service. > > > Diffs > ----- > > common/src/java/org/apache/hadoop/hive/conf/HiveConf.java > 11c31216495d0c4e454f2627af5c93a9f270b1fe > conf/hive-default.xml.template 603b475802152a4bd5ab92a4c7146b56f6be020d > jdbc/src/java/org/apache/hive/jdbc/HiveConnection.java > 00f43511b478c687b7811fc8ad66af2b507a3626 > metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java > 72eac989394a3899998e52d3845b02bb38ebeaad > > metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java > cef50f40ccb047a8135f704b2997968a2cf477b8 > metastore/src/java/org/apache/hadoop/hive/metastore/MetaStoreUtils.java > 88151a1d48b12cf3a8346ae94b6d1a182a331992 > service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java > 1809e1b26ceee5de14a354a0e499aa8c0ab793bf > service/src/java/org/apache/hive/service/auth/KerberosSaslHelper.java > 379dafb8377aed55e74f0ae18407996bb9e1216f > service/src/java/org/apache/hive/service/auth/SaslQOP.java PRE-CREATION > > shims/src/common-secure/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge20S.java > 777226f8da0af2235d4294cd6a676fa8192c89e4 > > shims/src/common/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge.java > 9b0ec0a75563b41339e6fc747556440fdf83e31e > > Diff: https://reviews.apache.org/r/12824/diff/ > > > Testing > ------- > > > Thanks, > > Arup Malakar > >
