Java tutorial
/******************************************************************************* * Copyright 2017 Capital One Services, LLC and Bitwise, Inc. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * http://www.apache.org/licenses/LICENSE-2.0 * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License *******************************************************************************/ package hydrograph.engine.utilities; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.Path; import org.apache.hadoop.hive.conf.HiveConf; import org.apache.hadoop.hive.metastore.HiveMetaStoreClient; import org.apache.hadoop.hive.metastore.api.MetaException; import org.apache.hadoop.hive.thrift.DelegationTokenIdentifier; import org.apache.hadoop.io.Text; import org.apache.hadoop.security.UserGroupInformation; import org.apache.hadoop.security.token.Token; import org.apache.thrift.TException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import java.io.IOException; public class HiveMetastoreTokenProvider { private static Logger LOG = LoggerFactory.getLogger(HiveMetastoreTokenProvider.class); private HiveMetastoreTokenProvider() { } public static void obtainTokenForHiveMetastore(Configuration conf) throws TException, IOException { conf.addResource(new Path(HiveConfigurationMapping.getHiveConf("path_to_hive_site_xml"))); HiveConf hiveConf = new HiveConf(); hiveConf.addResource(conf); try { UserGroupInformation ugi = UserGroupInformation.getCurrentUser(); HiveMetaStoreClient hiveMetaStoreClient = new HiveMetaStoreClient(hiveConf); if (UserGroupInformation.isSecurityEnabled()) { String metastore_uri = conf.get("hive.metastore.uris"); LOG.trace("Metastore URI:" + metastore_uri); // Check for local metastore if (metastore_uri != null && metastore_uri.length() > 0) { String principal = conf.get("hive.metastore.kerberos.principal"); String username = ugi.getUserName(); if (principal != null && username != null) { LOG.debug("username: " + username); LOG.debug("principal: " + principal); String tokenStr; try { // Get a delegation token from the Metastore. tokenStr = hiveMetaStoreClient.getDelegationToken(username, principal); // LOG.debug("Token String: " + tokenStr); } catch (TException e) { LOG.error(e.getMessage(), e); throw new RuntimeException(e); } // Create the token from the token string. Token<DelegationTokenIdentifier> hmsToken = new Token<DelegationTokenIdentifier>(); hmsToken.decodeFromUrlString(tokenStr); // LOG.debug("Hive Token: " + hmsToken); // Add the token to the credentials. ugi.addToken(new Text("hive.metastore.delegation.token"), hmsToken); LOG.trace("Added hive.metastore.delegation.token to conf."); } else { LOG.debug("Username or principal == NULL"); LOG.debug("username= " + username); LOG.debug("principal= " + principal); throw new IllegalArgumentException("username and/or principal is equal to null!"); } } else { LOG.info("HiveMetaStore configured in local mode"); } } } catch (IOException e) { LOG.error(e.getMessage(), e); throw new RuntimeException(e); } catch (MetaException e) { LOG.error(e.getMessage(), e); throw new RuntimeException(e); } } }