Kerberos 认证的Impala Java/Scala Api
配置文件
#Kerberos Impala JDBC 连接参数
kerberos.impala.user21 = impala/cdh21@HADOOP.COM
kerberos.impala.keytab21 = C:/Users/user/Desktop/keytable/impala.keytab
kerberos.impala.url = jdbc:impala://xxx:21050/;AuthMech=1;KrbRealm=HADOOP.COM;KrbHostFQDN=cdh21;KrbServiceName=impala
impala.driver = com.cloudera.impala.jdbc41.Driver
读取Kerberos认证的impala数据,这边无法直接加载keytab就可以,这边需要把用户信息带过来然后重写方法才可以,直接初始化Impala的JDBC连接即可
impala.driver
impala JDBC连接驱动drvier jar下载
Scala版本Api
import java.security.PrivilegedAction
import java.sql.{Connection, DriverManager, Statement}
import com.demo.getconf.GetConfigures
import org.apache.hadoop.conf.Configuration
import org.apache.hadoop.security.UserGroupInformation
/**
* 读取kerberos认证的imapla数据
* java 版本
*/
object ReadKerberosImpala {
var con: Connection = null
var st: Statement = null
def main(args: Array[String]): Unit = {
kerberosAuthenticationAndInitImpalaConnection()
val querysql = "select * from tmp.hivetest"
val rs = st.executeQuery(querysql)
while (rs.next()) {
val name = rs.getString(1)
val phone = rs.getString(2)
println(name + " " + phone)
}
}
/**
* 获得impala JDBC连接,这边由于集成了Kerberos所以需要,在UserGroupInformation 信息里面进行连接初始化才能够验证权限通过
* 不然会有该错出现: Unable to obtain Principal Name for authentication
*/
def getConnect(): Unit = {
Class.forName(GetConfigures.getValueWithKey("impala.driver"))
con = DriverManager.getConnection(GetConfigures.getValueWithKey("kerberos.impala.url"))
st = con.createStatement
}
/**
* 进行Kerberos认证,并且进行Impala JDBC连接权限初始化
*/
def kerberosAuthenticationAndInitImpalaConnection(): Unit = {
val conf = new Configuration
conf.set("hadoop.security.authentication", "Kerberos")
// 加载kerberos配置信息,这边也可以不加载,因为会默认在C:\Windows文件夹里面寻找 krb5.ini 配置文件
System.setProperty("java.security.krb5.conf", GetConfigures.getValueWithKey("kerberos.conf"))
UserGroupInformation.setConfiguration(conf)
UserGroupInformation.loginUserFromKeytab(GetConfigures.getValueWithKey("kerberos.impala.user21"), GetConfigures.getValueWithKey("kerberos.impala.keytab21"))
val loginUser: UserGroupInformation = UserGroupInformation.getLoginUser
loginUser.doAs(new PrivilegedAction[Void] {
override def run(): Void = {
// 初始化impala 连接信息
getConnect()
null
}
})
}
}
Java版本Api
import com.demo.getconf.GetConfigures;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.log4j.Logger;
import java.io.IOException;
import java.security.PrivilegedAction;
import java.sql.*;
/**
* @Auther: w
* @Date: 2018/12/17 10:33
* @Description: 读取Kerberos认证的impala数据,这边无法直接加载keytab就可以,这边需要把用户信息带过来然后重写方法才可以
*/
public class SelectKerberosImpala {
private static final Logger log = Logger.getLogger(SelectKerberosImpala.class);
private static Connection con ;
private static Statement st;
static {
try {
Class.forName(GetConfigures.getValueWithKey("impala.driver"));
} catch (ClassNotFoundException e) {
log.info("fail load driver");
System.exit(-1);
}
}
public static void main(String[] args) throws IOException, SQLException {
kerberosAuthenticationAndInitImpalaConnection();
String querysql = "select * from tmp.hivetest";
ResultSet rs = st.executeQuery(querysql);
System.out.println("\n== Begin Query Results ======================");
while (rs.next()) {
String name = rs.getString(1);
String phone = rs.getString(2);
System.out.println("name: "+ name + " phone: " + phone);
}
}
/**
* 获得impala JDBC连接,这边由于集成了Kerberos所以需要,在UserGroupInformation 信息里面进行连接初始化才能够验证权限通过
* 不然会有该错出现: Unable to obtain Principal Name for authentication
*/
public static void getConnect() throws SQLException {
con = DriverManager.getConnection(GetConfigures.getValueWithKey("kerberos.impala.url"));
st = con.createStatement();
}
/**
* 进行Kerberos认证,并且进行Impala JDBC连接权限初始化
*/
public static void kerberosAuthenticationAndInitImpalaConnection() throws IOException {
Configuration conf = new Configuration();
conf.set("hadoop.security.authentication", "Kerberos");
// 加载kerberos配置信息,这边也可以不加载,因为会默认在C:\Windows文件夹里面寻找 krb5.ini 配置文件
System.setProperty("java.security.krb5.conf", GetConfigures.getValueWithKey("kerberos.conf"));
UserGroupInformation.setConfiguration(conf);
UserGroupInformation.loginUserFromKeytab(GetConfigures.getValueWithKey("kerberos.impala.user21"), GetConfigures.getValueWithKey("kerberos.impala.keytab21"));
UserGroupInformation loginUser = UserGroupInformation.getLoginUser();
loginUser.doAs(new PrivilegedAction<Void>(){
@Override
public Void run() {
try {
getConnect();
} catch (SQLException e) {
log.info("fail init Connection");
e.printStackTrace();
}
return null;
}
});
}
}