Permalink
Browse files

HIVE-1696 Add delegation token support to metastore

(Devaraj Das via namit)



git-svn-id: https://svn.apache.org/repos/asf/hive/trunk@1060876 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information...
Namit Jain
Namit Jain committed Jan 19, 2011
1 parent fce1662 commit 06a90b3d9774e8c5778fe6013b0066392948ce51
Showing with 9,761 additions and 2,303 deletions.
  1. +3 −0 CHANGES.txt
  2. +7 −0 build-common.xml
  3. +13 −1 build.xml
  4. +19 −0 metastore/if/hive_metastore.thrift
  5. +1,821 −744 metastore/src/gen/thrift/gen-cpp/ThriftHiveMetastore.cpp
  6. +502 −0 metastore/src/gen/thrift/gen-cpp/ThriftHiveMetastore.h
  7. +20 −0 metastore/src/gen/thrift/gen-cpp/ThriftHiveMetastore_server.skeleton.cpp
  8. +4,390 −1,363 metastore/src/gen/thrift/gen-javabean/org/apache/hadoop/hive/metastore/api/ThriftHiveMetastore.java
  9. +882 −0 metastore/src/gen/thrift/gen-php/hive_metastore/ThriftHiveMetastore.php
  10. +28 −0 metastore/src/gen/thrift/gen-py/hive_metastore/ThriftHiveMetastore-remote
  11. +738 −0 metastore/src/gen/thrift/gen-py/hive_metastore/ThriftHiveMetastore.py
  12. +243 −0 metastore/src/gen/thrift/gen-rb/thrift_hive_metastore.rb
  13. +117 −11 metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
  14. +67 −4 metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStoreClient.java
  15. +35 −0 metastore/src/java/org/apache/hadoop/hive/metastore/IMetaStoreClient.java
  16. +43 −9 shims/build.xml
  17. +5 −0 shims/src/0.20/java/org/apache/hadoop/hive/shims/Hadoop20Shims.java
  18. +14 −1 shims/src/0.20S/java/org/apache/hadoop/hive/shims/Hadoop20SShims.java
  19. +52 −0 shims/src/0.20S/java/org/apache/hadoop/hive/thrift/DelegationTokenIdentifier.java
  20. +94 −0 shims/src/0.20S/java/org/apache/hadoop/hive/thrift/DelegationTokenSecretManager.java
  21. +33 −0 shims/src/0.20S/java/org/apache/hadoop/hive/thrift/DelegationTokenSelector.java
  22. +397 −163 shims/src/0.20S/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge20S.java
  23. +22 −4 shims/src/common/java/org/apache/hadoop/hive/shims/HadoopShims.java
  24. +21 −3 shims/src/common/java/org/apache/hadoop/hive/thrift/HadoopThriftAuthBridge.java
  25. +195 −0 shims/src/test/org/apache/hadoop/hive/thrift/TestHadoop20SAuthBridge.java
View
@@ -143,6 +143,9 @@ Trunk - Unreleased
HIVE-78 Authorization model for Hive
(Yongqiang He via namit)
+ HIVE-1696 Add delegation token support to metastore
+ (Devaraj Das via namit)
+
IMPROVEMENTS
HIVE-1692. FetchOperator.getInputFormatFromCache hides causal exception (Philip Zeyliger via cws)
View
@@ -453,6 +453,13 @@
</junit>
<fail if="tests.failed">Tests failed!</fail>
</target>
+ <target name="test-shims">
+ <subant target="test">
+ <property name="hadoop.version" value="${hadoop.security.version}"/>
+ <property name="hadoop.security.version" value="${hadoop.security.version}"/>
+ <fileset dir="${hive.root}/shims" includes="build.xml"/>
+ </subant>
+ </target>
<target name="clean-test">
<delete dir="${test.build.dir}"/>
View
@@ -126,6 +126,17 @@
</sequential>
</macrodef>
+ <macrodef name="iterate-test-dirs">
+ <attribute name="target"/>
+ <sequential>
+ <subant target="@{target}">
+ <property name="build.dir.hive" location="${build.dir.hive}"/>
+ <property name="is-offline" value="${is-offline}"/>
+ <filelist dir="." files="common/build.xml,serde/build.xml,metastore/build.xml,ql/build.xml,cli/build.xml,contrib/build.xml,service/build.xml,jdbc/build.xml,hwi/build.xml${hbase.iterate}"/>
+ </subant>
+ </sequential>
+ </macrodef>
+
<macrodef name="iterate">
<attribute name="target"/>
<sequential>
@@ -206,7 +217,8 @@
<target name="test"
depends="clean-test,jar"
description="Run tests">
- <iterate target="test"/>
+ <antcall target="test-shims"/>
+ <iterate-test-dirs target="test"/>
</target>
<!-- create an html report from junit output files -->
@@ -356,6 +356,25 @@ service ThriftHiveMetastore extends fb303.FacebookService
bool grant_privileges(1:PrivilegeBag privileges) throws(1:MetaException o1)
bool revoke_privileges(1:PrivilegeBag privileges) throws(1:MetaException o1)
+
+ //Authentication (delegation token) interfaces
+
+ // get metastore server delegation token for use from the map/reduce tasks to authenticate
+ // to metastore server
+ string get_delegation_token(1:string renewer_kerberos_principal_name) throws (1:MetaException o1)
+
+ // get metastore server delegation token for use from the map/reduce tasks to authenticate
+ // to metastore server - this method takes an extra token signature string which is just
+ // an identifier to associate with the token - this will be used by the token selector code
+ // to pick the right token given the associated identifier.
+ string get_delegation_token_with_signature(1:string renewer_kerberos_principal_name,
+ 2:string token_signature) throws (1:MetaException o1)
+
+ // method to renew delegation token obtained from metastore server
+ i64 renew_delegation_token(1:string token_str_form) throws (1:MetaException o1)
+
+ // method to cancel delegation token obtained from metastore server
+ void cancel_delegation_token(1:string token_str_form) throws (1:MetaException o1)
}
// * Note about the DDL_TIME: When creating or altering a table or a partition,
Oops, something went wrong.

0 comments on commit 06a90b3

Please sign in to comment.