HUE-2193 Patch

Review Request #4472 - Created June 26, 2014 and submitted

Chris Conner
old-hue
master
HUE-2193
hue
abec, enricoberti, romain
When you setup Hue to auth against HS2 with Ldap, it doesn't work.  If you set "ldap_password", Hue still never sends the password over.  So it fails.  I had to move the LDAP_PASSWORD.get() to the get_security() method in apps/beeswax/src/beeswax/server/hive_server2_lib.py and make some thrift changes to actually send the password.
Tested without Ldap enabled in HS2 to make sure PLAIN auth worked.  Tested with HS2 ldap.  Tested with HS2 Ldap and Sentry.  Tested with Kerberos to make sure I didn't break anything.
  • 0
  • 0
  • 2
  • 0
  • 2
Description From Last Updated
  1. This is a very good catch!
    
    We used to set it in the connection to HS2 but we need to do it at the Thrift level indeed.
    
    I spent some time looking, it seems safe for 5.1 even if a bit scary. Agreed too?
    1. I agree, it'd be great if we can get this and HUE-2192 into 5.1.  I'll work with Ben to get HUE-2192 up to snuff based on these changes today.
    2. Perfect! I will cherry-pick it today!
  2. apps/beeswax/src/beeswax/server/hive_server2_lib.py (Diff revision 1)
     
     
     
     
     
     
     
    No very clean way to do, but seems to be the best compromise!
  3. hum, I think we should no send the passord in clear in the logs ;)
    
    remove?
    
    I can do it
  4. 
      
Review request changed

Status: Closed (submitted)

Loading...