本文整理汇总了Java中org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException类的典型用法代码示例。如果您正苦于以下问题:Java HiveAuthzPluginException类的具体用法?Java HiveAuthzPluginException怎么用?Java HiveAuthzPluginException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
HiveAuthzPluginException类属于org.apache.hadoop.hive.ql.security.authorization.plugin包,在下文中一共展示了HiveAuthzPluginException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createHiveAuthorizer
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
@Override
public HiveAuthorizer createHiveAuthorizer(HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf, HiveAuthenticationProvider authenticator, HiveAuthzSessionContext ctx)
throws HiveAuthzPluginException {
HiveAuthzSessionContext sessionContext;
try {
this.authzConf = HiveAuthzBindingHook.loadAuthzConf(conf);
sessionContext = applyTestSettings(ctx, conf);
assertHiveCliAuthDisabled(conf, sessionContext);
} catch (Exception e) {
throw new HiveAuthzPluginException(e);
}
SentryHiveAccessController accessController =
getAccessController(conf, authzConf, authenticator, sessionContext);
SentryHiveAuthorizationValidator authzValidator =
getAuthzValidator(conf, authzConf, authenticator);
return new SentryHiveAuthorizer(accessController, authzValidator);
}
示例2: getAccessController
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
/**
* Get instance of SentryAccessController from configuration
* Default return DefaultSentryAccessController
*
* @param conf
* @param authzConf
* @param hiveAuthzBinding
* @param authenticator
* @throws HiveAuthzPluginException
*/
public static SentryHiveAccessController getAccessController(HiveConf conf,
HiveAuthzConf authzConf, HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) throws HiveAuthzPluginException {
Class<? extends SentryHiveAccessController> clazz =
conf.getClass(HIVE_SENTRY_ACCESS_CONTROLLER, DefaultSentryAccessController.class,
SentryHiveAccessController.class);
if (clazz == null) {
// should not happen as default value is set
throw new HiveAuthzPluginException("Configuration value " + HIVE_SENTRY_ACCESS_CONTROLLER
+ " is not set to valid SentryAccessController subclass");
}
try {
return new DefaultSentryAccessController(conf, authzConf, authenticator, ctx);
} catch (Exception e) {
throw new HiveAuthzPluginException(e);
}
}
示例3: getAuthzValidator
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
/**
* Get instance of SentryAuthorizationValidator from configuration
* Default return DefaultSentryAuthorizationValidator
*
* @param conf
* @param authzConf
* @param authenticator
* @throws HiveAuthzPluginException
*/
public static SentryHiveAuthorizationValidator getAuthzValidator(HiveConf conf,
HiveAuthzConf authzConf, HiveAuthenticationProvider authenticator)
throws HiveAuthzPluginException {
Class<? extends SentryHiveAuthorizationValidator> clazz =
conf.getClass(HIVE_SENTRY_AUTHORIZATION_CONTROLLER, DefaultSentryValidator.class,
SentryHiveAuthorizationValidator.class);
if (clazz == null) {
// should not happen as default value is set
throw new HiveAuthzPluginException("Configuration value "
+ HIVE_SENTRY_AUTHORIZATION_CONTROLLER
+ " is not set to valid SentryAuthorizationValidator subclass");
}
try {
return new DefaultSentryValidator(conf, authzConf, authenticator);
} catch (Exception e) {
throw new HiveAuthzPluginException(e);
}
}
示例4: getCurrentRoleNames
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
@Override
public List<String> getCurrentRoleNames() throws HiveAuthzPluginException {
List<String> roles = new ArrayList<String>();
try {
sentryClient = getSentryClient();
hiveAuthzBinding = new HiveAuthzBinding(hiveHook, conf, authzConf);
ActiveRoleSet roleSet = hiveAuthzBinding.getActiveRoleSet();
if (roleSet.isAll()) {
roles = convert2RoleList(sentryClient.listUserRoles(authenticator.getUserName()));
} else {
roles.addAll(roleSet.getRoles());
}
} catch (Exception e) {
String msg = "Error when sentryClient listUserRoles: " + e.getMessage();
executeOnErrorHooks(msg, e);
} finally {
if (sentryClient != null) {
sentryClient.close();
}
if (hiveAuthzBinding != null) {
hiveAuthzBinding.close();
}
}
return roles;
}
示例5: parseShowIndex
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
private void parseShowIndex(String cmd, String regex) throws HiveAuthzPluginException {
Pattern pattern = Pattern.compile(regex, Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(cmd);
if (matcher.find()) {
String dbName = matcher.group(matcher.groupCount());
String tbName = matcher.group(3);
if (dbName != null) {
currentDb = dbName;
currentTb = tbName;
} else {
extractDbAndTb(tbName);
}
} else {
throw new HiveAuthzPluginException("this command " + cmd + " is not match show index grammar");
}
}
示例6: RelaxedSQLStdHiveAccessController
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
public RelaxedSQLStdHiveAccessController(
HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) throws HiveAuthzPluginException {
super(metastoreClientFactory, conf, authenticator, ctx);
}
示例7: createHiveAuthorizer
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
@Override
public HiveAuthorizer createHiveAuthorizer(
HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx)
throws HiveAuthzPluginException {
RelaxedSQLStdHiveAccessControllerWrapper privilegeManager = new RelaxedSQLStdHiveAccessControllerWrapper(
metastoreClientFactory, conf, authenticator, ctx);
return new HiveAuthorizerImpl(privilegeManager,
new SQLStdHiveAuthorizationValidator(metastoreClientFactory, conf, authenticator, privilegeManager, ctx));
}
示例8: RelaxedSQLStdHiveAccessControllerWrapper
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
public RelaxedSQLStdHiveAccessControllerWrapper(
HiveMetastoreClientFactory metastoreClientFactory,
HiveConf conf,
HiveAuthenticationProvider authenticator,
HiveAuthzSessionContext ctx) throws HiveAuthzPluginException {
super(metastoreClientFactory, conf, authenticator, ctx);
overrideHiveAccessController(
new RelaxedSQLStdHiveAccessController(metastoreClientFactory, conf, authenticator, ctx));
}
示例9: HiveAuthorizationHelper
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
public HiveAuthorizationHelper(final IMetaStoreClient mClient, final HiveConf hiveConf, final String user) {
authzEnabled = hiveConf.getBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED);
if (!authzEnabled) {
authorizerV2 = null;
return;
}
try {
final HiveConf hiveConfCopy = new HiveConf(hiveConf);
hiveConfCopy.set("user.name", user);
final HiveAuthenticationProvider authenticator = HiveUtils.getAuthenticator(hiveConfCopy,
HiveConf.ConfVars.HIVE_AUTHENTICATOR_MANAGER);
SessionState ss = new SessionState(hiveConfCopy, user);
SessionState.start(ss);
authenticator.setSessionState(ss);
HiveAuthorizerFactory authorizerFactory =
HiveUtils.getAuthorizerFactory(hiveConfCopy, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
HiveAuthzSessionContext.Builder authzContextBuilder = new HiveAuthzSessionContext.Builder();
authzContextBuilder.setClientType(CLIENT_TYPE.HIVESERVER2); // Drill is emulating HS2 here
authorizerV2 = authorizerFactory.createHiveAuthorizer(
new HiveMetastoreClientFactory() {
@Override
public IMetaStoreClient getHiveMetastoreClient() throws HiveAuthzPluginException {
return mClient;
}
},
hiveConf, authenticator, authzContextBuilder.build());
authorizerV2.applyAuthorizationConfigPolicy(hiveConfCopy);
} catch (final HiveException e) {
throw new DrillRuntimeException("Failed to initialize Hive authorization components: " + e.getMessage(), e);
}
logger.trace("Hive authorization enabled");
}
示例10: HiveAuthorizationHelper
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
public HiveAuthorizationHelper(final IMetaStoreClient mClient, final HiveConf hiveConf, final String user) {
authzEnabled = hiveConf.getBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED);
if (!authzEnabled) {
authorizerV2 = null;
return;
}
try {
final HiveConf hiveConfCopy = new HiveConf(hiveConf);
hiveConfCopy.set("user.name", user);
final HiveAuthenticationProvider authenticator = HiveUtils.getAuthenticator(hiveConfCopy,
HiveConf.ConfVars.HIVE_AUTHENTICATOR_MANAGER);
SessionState ss = new SessionState(hiveConfCopy, user);
SessionState.start(ss);
authenticator.setSessionState(ss);
HiveAuthorizerFactory authorizerFactory =
HiveUtils.getAuthorizerFactory(hiveConfCopy, HiveConf.ConfVars.HIVE_AUTHORIZATION_MANAGER);
HiveAuthzSessionContext.Builder authzContextBuilder = new HiveAuthzSessionContext.Builder();
authzContextBuilder.setClientType(CLIENT_TYPE.HIVESERVER2); // Dremio is emulating HS2 here
authorizerV2 = authorizerFactory.createHiveAuthorizer(
new HiveMetastoreClientFactory() {
@Override
public IMetaStoreClient getHiveMetastoreClient() throws HiveAuthzPluginException {
return mClient;
}
},
hiveConf, authenticator, authzContextBuilder.build());
authorizerV2.applyAuthorizationConfigPolicy(hiveConfCopy);
} catch (final HiveException e) {
throw new RuntimeException("Failed to initialize Hive authorization components: " + e.getMessage(), e);
}
logger.trace("Hive authorization enabled");
}
示例11: assertHiveCliAuthDisabled
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
private void assertHiveCliAuthDisabled(HiveConf conf, HiveAuthzSessionContext ctx)
throws HiveAuthzPluginException {
if (ctx.getClientType() == CLIENT_TYPE.HIVECLI
&& conf.getBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED)) {
throw new HiveAuthzPluginException(
"SQL standards based authorization should not be enabled from hive cli"
+ "Instead the use of storage based authorization in hive metastore is reccomended. Set "
+ ConfVars.HIVE_AUTHORIZATION_ENABLED.varname + "=false to disable authz within cli");
}
}
示例12: grantPrivileges
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
@Override
public void grantPrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException,
HiveAccessControlException {
grantOrRevokePrivlegeOnRole(hivePrincipals, hivePrivileges, hivePrivObject, grantOption, true);
}
示例13: revokePrivileges
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
@Override
public void revokePrivileges(List<HivePrincipal> hivePrincipals,
List<HivePrivilege> hivePrivileges, HivePrivilegeObject hivePrivObject,
HivePrincipal grantorPrincipal, boolean grantOption) throws HiveAuthzPluginException,
HiveAccessControlException {
grantOrRevokePrivlegeOnRole(hivePrincipals, hivePrivileges, hivePrivObject, grantOption, false);
}
示例14: applyAuthorizationConfigPolicy
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
@Override
public void applyAuthorizationConfigPolicy(HiveConf hiveConf) throws HiveAuthzPluginException {
// Apply rest of the configuration only to HiveServer2
if (ctx.getClientType() != CLIENT_TYPE.HIVESERVER2
|| !hiveConf.getBoolVar(ConfVars.HIVE_AUTHORIZATION_ENABLED)) {
throw new HiveAuthzPluginException("Sentry just support for hiveserver2");
}
}
示例15: getSentryClient
import org.apache.hadoop.hive.ql.security.authorization.plugin.HiveAuthzPluginException; //导入依赖的package包/类
private SentryPolicyServiceClient getSentryClient() throws HiveAuthzPluginException {
try {
Preconditions.checkNotNull(authzConf, "HiveAuthConf cannot be null");
return SentryServiceClientFactory.create(authzConf);
} catch (Exception e) {
String msg = "Error occurred when creating Sentry client: " + e.getMessage();
throw new HiveAuthzPluginException(msg, e);
}
}