LOG.debug("Testing mode is " + isTestingMode);
if(!isTestingMode) {
String authMethod = Strings.nullToEmpty(hiveConf.getVar(ConfVars.HIVE_SERVER2_AUTHENTICATION)).trim();
if("none".equalsIgnoreCase(authMethod)) {
LOG.error("HiveServer2 authentication method cannot be set to none unless testing mode is enabled");
return new NoAuthorizationProvider();
}
boolean impersonation = hiveConf.getBoolVar(ConfVars.HIVE_SERVER2_KERBEROS_IMPERSONATION);
boolean allowImpersonation = Boolean.parseBoolean(Strings.nullToEmpty(
authzConf.get(AuthzConfVars.AUTHZ_ALLOW_HIVE_IMPERSONATION.getVar())).trim());
if(impersonation && !allowImpersonation) {
LOG.error("Role based authorization does not work with HiveServer2 impersonation");
return new NoAuthorizationProvider();
}
}
String defaultUmask = hiveConf.get(CommonConfigurationKeys.FS_PERMISSIONS_UMASK_KEY);
if("077".equalsIgnoreCase(defaultUmask)) {
LOG.error("HiveServer2 required a default umask of 077");
return new NoAuthorizationProvider();
}
// get the provider class and resources from the authz config
String authProviderName = authzConf.get(AuthzConfVars.AUTHZ_PROVIDER.getVar());
String resourceName =
authzConf.get(AuthzConfVars.AUTHZ_PROVIDER_RESOURCE.getVar());