[27845] Fixed the way Spark determines Hive’s security configuration (apache#119)

mgorbov · Mikhail Gorbov · commit 5aebef19f0b8 · 2018-01-02T17:20:09.000+02:00
(cherry picked from commit 52b06b9)
diff --git a/resource-managers/yarn/src/main/scala/org/apache/spark/deploy/yarn/security/HiveCredentialProvider.scala b/resource-managers/yarn/src/main/scala/org/apache/spark/deploy/yarn/security/HiveCredentialProvider.scala
@@ -55,10 +55,10 @@ private[security] class HiveCredentialProvider extends ServiceCredentialProvider
     }
   }
 
-  override def credentialsRequired(hadoopConf: Configuration): Boolean = {
+  override def credentialsRequired(hadoopConf: Configuration): Boolean =
     UserGroupInformation.isSecurityEnabled &&
-      hiveConf(hadoopConf).getTrimmed("hive.metastore.uris", "").nonEmpty
-  }
+      hiveConf(hadoopConf).getTrimmed("hive.metastore.uris", "").nonEmpty &&
+      hiveConf(hadoopConf).getBoolean("hive.metastore.sasl.enabled", false)
 
   override def obtainCredentials(
       hadoopConf: Configuration,

Original file line number	Diff line number	Diff line change
`@@ -55,10 +55,10 @@ private[security] class HiveCredentialProvider extends ServiceCredentialProvider`
`55`	`55`	`}`
`56`	`56`	`}`
`57`	`57`
`58`		`- override def credentialsRequired(hadoopConf: Configuration): Boolean = {`
	`58`	`+ override def credentialsRequired(hadoopConf: Configuration): Boolean =`
`59`	`59`	`UserGroupInformation.isSecurityEnabled &&`
`60`		`- hiveConf(hadoopConf).getTrimmed("hive.metastore.uris", "").nonEmpty`
`61`		`- }`
	`60`	`+ hiveConf(hadoopConf).getTrimmed("hive.metastore.uris", "").nonEmpty &&`
	`61`	`+ hiveConf(hadoopConf).getBoolean("hive.metastore.sasl.enabled", false)`
`62`	`62`
`63`	`63`	`override def obtainCredentials(`
`64`	`64`	`hadoopConf: Configuration,`