0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015
0016
0017
0018 package org.apache.hive.service.auth;
0019
0020 import javax.security.sasl.AuthenticationException;
0021
0022 import net.sf.jpam.Pam;
0023 import org.apache.hadoop.hive.conf.HiveConf;
0024
0025 public class PamAuthenticationProviderImpl implements PasswdAuthenticationProvider {
0026
0027 private final String pamServiceNames;
0028
0029 PamAuthenticationProviderImpl() {
0030 HiveConf conf = new HiveConf();
0031 pamServiceNames = conf.getVar(HiveConf.ConfVars.HIVE_SERVER2_PAM_SERVICES);
0032 }
0033
0034 @Override
0035 public void Authenticate(String user, String password) throws AuthenticationException {
0036
0037 if (pamServiceNames == null || pamServiceNames.trim().isEmpty()) {
0038 throw new AuthenticationException("No PAM services are set.");
0039 }
0040
0041 String[] pamServices = pamServiceNames.split(",");
0042 for (String pamService : pamServices) {
0043 Pam pam = new Pam(pamService);
0044 boolean isAuthenticated = pam.authenticateSuccessful(user, password);
0045 if (!isAuthenticated) {
0046 throw new AuthenticationException(
0047 "Error authenticating with the PAM service: " + pamService);
0048 }
0049 }
0050 }
0051 }