----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/56543/#review165205 -----------------------------------------------------------
Ship it! Ship It! - Greg Senia On Feb. 10, 2017, 2:26 p.m., Nixon Rodrigues wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/56543/ > ----------------------------------------------------------- > > (Updated Feb. 10, 2017, 2:26 p.m.) > > > Review request for atlas, keval bhatt, Madhan Neethiraj, Suma Shivaprasad, > and Vimal Sharma. > > > Bugs: ATLAS-1546 > https://issues.apache.org/jira/browse/ATLAS-1546 > > > Repository: atlas > > > Description > ------- > > In a kerberized environment, Atlas hook uses JAAS configuration section named > "KakfaClient" to authenticate with Kafka broker. In a typical Hive deployment > this configuration section is set to use the keytab and principal of > HiveServer2 process. The hook running in HiveCLI might fail to authenticate > with Kafka if the user can't read the configured keytab. > Given that HiveCLI users would have performed kinit, the hook in HiveCLI > should use the ticket-cache generated by kinit. When ticket cache is not > available (for example in HiveServer2), the hook should use the configuration > provided in KafkaClient JAAS section. > > > Atlas Jaas properties > > atlas.jaas.ticketBased-KafkaClient.loginModuleControlFlag=required > atlas.jaas.ticketBased-KafkaClient.loginModuleName=com.sun.security.auth.module.Krb5LoginModule > atlas.jaas.ticketBased-KafkaClient.option.useTicketCache=true > > > Diffs > ----- > > > common/src/main/java/org/apache/atlas/security/InMemoryJAASConfiguration.java > ff80eca > > common/src/test/java/org/apache/atlas/security/InMemoryJAASConfigurationTicketBasedKafkaClientTest.java > PRE-CREATION > common/src/test/resources/atlas-jaas.properties 90a5682 > notification/src/main/java/org/apache/atlas/hook/AtlasHook.java 0534910 > > Diff: https://reviews.apache.org/r/56543/diff/ > > > Testing > ------- > > Maven build completed without issue & executed mvn clean install and all the > testcases are passing except few. > Added a new unit testcase for TicketBasedKafkaClient. > > Deployed the new jars ( atlas-common & atlas-notification > in??/usr/hdp/current/atlas-client/hook/hive/atlas-hive-plugin-impl/ and > tested hive hook on secure and simple env for HiveCli,Beeline clients. > Entities on Atlas are created for tables created in Hive. > > > Thanks, > > Nixon Rodrigues > >
