编写验证程序
package com.aiso.hive.hiveserver2.auth;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import javax.security.sasl.AuthenticationException;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.conf.HiveConf;
import org.apache.hive.service.auth.PasswdAuthenticationProvider;
public class CustomHiveServer2Auth implements PasswdAuthenticationProvider {
@Override
public void Authenticate(String username, String password)
throws AuthenticationException {
boolean ok = false;
String passMd5 = DigestUtils.md5Hex(password);
HiveConf hiveConf = new HiveConf();
Configuration conf = new Configuration(hiveConf);
String filePath = conf.get("hive.server2.custom.authentication.file");
System.out.println("hive.server2.custom.authentication.file [" + filePath + "] ..");
File file = new File(filePath);
BufferedReader reader = null;
try {
reader = new BufferedReader(new FileReader(file));
String tempString = null;
while ((tempString = reader.readLine()) != null) {
String[] datas = tempString.split(",", -1);
if (datas.length != 2) continue;
//ok
if (datas[0].equals(username) && datas[1].equals(passMd5)) {
ok = true;
break;
}
}
reader.close();
} catch (Exception e) {
e.printStackTrace();
throw new AuthenticationException("read auth config file error, [" + filePath + "] ..", e);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException e1) {
}
}
}
if (ok) {
System.out.println("user [" + username + "] auth check ok .. ");
} else {
System.out.println("user [" + username + "] auth check fail .. ");
throw new AuthenticationException("user [" + username + "] auth check fail .. ");
}
}
public static void main(String[] args) {
System.out.println(DigestUtils.md5Hex("password".getBytes()));
}
}
将验证程序打包
放在$HIVE_HOME/lib目录下
验证的配置文件
密码采用Md5加密,可添加多用户,放在$HIVE_HOME/conf目录下
hive.server2.users.conf:
xiaoyuzhou,29fe3d760e64b4e055ec3cda455833ab
user,5f4dcc3b5aa765d61d8327deb882cf99
测试
开启HiveServer2服务
[xiaoyuzhou@xyz01 hive-0.13.1-cdh5.3.6]$ bin/hiveserver2 &
[2] 5929
[1] Exit 255 bin/hiveserver2
[xiaoyuzhou@xyz01 hive-0.13.1-cdh5.3.6]$ Starting HiveServer2
hive.server2.custom.authentication.file [conf/hive.server2.users.conf] ..
user [user] auth check ok ..
OK
使用beeline 连接
[xiaoyuzhou@xyz01 hive-0.13.1-cdh5.3.6]$ bin/beeline
Beeline version 0.13.1-cdh5.3.6 by Apache Hive
beeline> !connect jdbc:hive2://xyz01.aiso.com:10000/default
scan complete in 3ms
Connecting to jdbc:hive2://xyz01.aiso.com:10000/default
Enter username for jdbc:hive2://xyz01.aiso.com:10000/default: user
Enter password for jdbc:hive2://xyz01.aiso.com:10000/default: ********
Connected to: Apache Hive (version 0.13.1-cdh5.3.6)
Driver: Hive JDBC (version 0.13.1-cdh5.3.6)
Transaction isolation: TRANSACTION_REPEATABLE_READ
0: jdbc:hive2://xyz01.aiso.com:10000/default> show databases;
+----------------+--+
| database_name |
+----------------+--+
| default |
+----------------+--+
1 row selected (0.742 seconds)
0: jdbc:hive2://xyz01.aiso.com:10000/default>
输入密码 连接成功!