[jira] [Commented] (HIVE-4232) JDBC2 HiveConnection has odd defaults

Wed, 25 Sep 2013 12:12:44 -0700 

    [ 
https://issues.apache.org/jira/browse/HIVE-4232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13777938#comment-13777938
 ] 

Vaibhav Gumashta commented on HIVE-4232:
----------------------------------------

Hi [~prasadm], possible to take a look at this again? I feel the way auth 
parameters are passed in JDBC uri is quite confusing and not very clean. 
NONE/NOSASL is also misleading and exposes a risk of misinterpretation while 
developing, which will compound as more stuff is built on this.

My proposal (similar to [~thejas]):
1. Have all comparison case insensitive.
2. While parsing the uri in Utils#parseURL, set the auth config parameter for 
each mode. When it is not specified, set it to the default of PLAINSASL. This 
cleans HiveConnection#openTransport.
3. hive.server2.authentication=NOSASL -> Raw transport -> 
jdbc:hive2://host:port/dbname;auth=nosasl
4. hive.server2.authentication=PLAINSASL -> Plain SASL transport -> 
jdbc:hive2://host:port/dbname;auth=plainsasl(or no-auth specified)
5. hive.server2.authentication=KERBEROS -> Kerberos SASL transport -> 
jdbc:hive2://host:port/dbname;auth=kerberos;principal=<principal>;qop=<auth|auth-int|auth-conf>


  
                
> JDBC2 HiveConnection has odd defaults
> -------------------------------------
>
>                 Key: HIVE-4232
>                 URL: https://issues.apache.org/jira/browse/HIVE-4232
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2, JDBC
>    Affects Versions: 0.11.0, 0.12.0
>            Reporter: Chris Drome
>            Assignee: Chris Drome
>         Attachments: HIVE-4232-1.patch, HIVE-4232-2.patch, 
> HIVE-4232-3-0.11.patch, HIVE-4232-3-trunk.patch, HIVE-4232-4-0.11.patch, 
> HIVE-4232-4-trunk.patch, HIVE-4232.patch
>
>
> HiveConnection defaults to using a plain SASL transport if auth is not set. 
> To get a raw transport auth must be set to noSasl; furthermore noSasl is case 
> sensitive. Code tries to infer Kerberos or plain authentication based on the 
> presence of principal. There is no provision for specifying QOP level.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to