hiveserver2 设置用户登录验证

编写验证程序

package com.aiso.hive.hiveserver2.auth;import java.io.BufferedReader;import java.io.File;import java.io.FileReader;import java.io.IOException;import javax.security.sasl.AuthenticationException;import org.apache.commons.codec.digest.DigestUtils;import org.apache.hadoop.conf.Configuration;import org.apache.hadoop.hive.conf.HiveConf;import org.apache.hive.service.auth.PasswdAuthenticationProvider;public class CustomHiveServer2Auth implements PasswdAuthenticationProvider {    @Override    public void Authenticate(String username, String password)            throws AuthenticationException {        boolean ok = false;        String passMd5 = DigestUtils.md5Hex(password);        HiveConf hiveConf = new HiveConf();        Configuration conf = new Configuration(hiveConf);        String filePath = conf.get("hive.server2.custom.authentication.file");        System.out.println("hive.server2.custom.authentication.file [" + filePath + "] ..");        File file = new File(filePath);        BufferedReader reader = null;        try {            reader = new BufferedReader(new FileReader(file));            String tempString = null;            while ((tempString = reader.readLine()) != null) {                String[] datas = tempString.split(",", -1);                if (datas.length != 2) continue;                //ok                if (datas[0].equals(username) && datas[1].equals(passMd5)) {                    ok = true;                    break;                }            }            reader.close();        } catch (Exception e) {            e.printStackTrace();            throw new AuthenticationException("read auth config file error, [" + filePath + "] ..", e);        } finally {            if (reader != null) {                try {                    reader.close();                } catch (IOException e1) {                }            }        }        if (ok) {            System.out.println("user [" + username + "] auth check ok .. ");        } else {            System.out.println("user [" + username + "] auth check fail .. ");            throw new AuthenticationException("user [" + username + "] auth check fail .. ");        }    }    public static void main(String[] args) {        System.out.println(DigestUtils.md5Hex("password".getBytes()));    }}

将验证程序打包

放在$HIVE_HOME/lib目录下

验证的配置文件

密码采用Md5加密，可添加多用户,放在$HIVE_HOME/conf目录下

hive.server2.users.conf：
xiaoyuzhou,29fe3d760e64b4e055ec3cda455833ab
user,5f4dcc3b5aa765d61d8327deb882cf99

测试

开启HiveServer2服务

[xiaoyuzhou@xyz01 hive-0.13.1-cdh5.3.6]$ bin/hiveserver2 & [2] 5929[1]   Exit 255                bin/hiveserver2[xiaoyuzhou@xyz01 hive-0.13.1-cdh5.3.6]$ Starting HiveServer2hive.server2.custom.authentication.file [conf/hive.server2.users.conf] ..user [user] auth check ok .. OK

使用beeline 连接

[xiaoyuzhou@xyz01 hive-0.13.1-cdh5.3.6]$ bin/beelineBeeline version 0.13.1-cdh5.3.6 by Apache Hivebeeline> !connect jdbc:hive2://xyz01.aiso.com:10000/default scan complete in 3msConnecting to jdbc:hive2://xyz01.aiso.com:10000/defaultEnter username for jdbc:hive2://xyz01.aiso.com:10000/default: userEnter password for jdbc:hive2://xyz01.aiso.com:10000/default: ********Connected to: Apache Hive (version 0.13.1-cdh5.3.6)Driver: Hive JDBC (version 0.13.1-cdh5.3.6)Transaction isolation: TRANSACTION_REPEATABLE_READ0: jdbc:hive2://xyz01.aiso.com:10000/default> show databases;+----------------+--+| database_name  |+----------------+--+| default        |+----------------+--+1 row selected (0.742 seconds)0: jdbc:hive2://xyz01.aiso.com:10000/default> 

输入密码 连接成功！