zhzhenqin
/
java-classic-code


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
							package com.primeton.dsp.datarelease.data.bdata;


import lombok.extern.slf4j.Slf4j;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.conf.HiveConf;

import java.sql.Connection;
import java.sql.SQLException;
import java.util.Properties;
import java.util.Set;

/**
 *
 * Hive Kerberos 认证方式获得连接
 *
 *
 * <pre>
 *
 * Created by zhaopx.
 * User: zhaopx
 * Date: 2020/4/22
 * Time: 18:02
 *
 * </pre>
 *
 * @author zhaopx
 */
@Slf4j
public class FIHiveConnectionServiceImpl implements HiveConnectionService {


    /**
     * Hive 数据源
     */
    final Properties hiveResource;


    /**
     * 认证文件所在的基础目录
     */
    final String authBasePath;


    private HiveHelper hiveHelper;

    public FIHiveConnectionServiceImpl(Properties params) {
        this.hiveResource = params;
        this.authBasePath = params.getProperty("authBasePath");
    }


    @Override
    public boolean doAuth() {
        AuthPrincipalCreator authPrincipalCreator = AuthPrincipalCreator.useExtractorConf(authBasePath);
        Set<String> principals = authPrincipalCreator.listPrincipals();
        log.info("find existed principals: {}", principals);
        AuthPrincipal kerberosPrincipal = authPrincipalCreator.getKerberosPrincipal(hiveResource.getProperty("hiveDbUser"));

        String userKeytabFile = kerberosPrincipal.getUserKeytabFile().getAbsolutePath();
        String krb5File = kerberosPrincipal.getKrb5File().getAbsolutePath();
        String krbUser = kerberosPrincipal.getPrincipal();
        String hiveclientPropFile = kerberosPrincipal.getHiveClientFile().getAbsolutePath();

        // 分别加载 core、hdfs、hive site 文件
        Configuration conf = new Configuration();

        try {
            if (kerberosPrincipal.getCoreSite() != null) {
                conf.addResource(kerberosPrincipal.getCoreSite().toURL());
                log.info("add config: {}", kerberosPrincipal.getCoreSite().getAbsolutePath());
            }

            if (kerberosPrincipal.getHdfsSite() != null) {
                conf.addResource(kerberosPrincipal.getHdfsSite().toURL());
                log.info("add config: {}", kerberosPrincipal.getHdfsSite().getAbsolutePath());
            }

            if (kerberosPrincipal.getHiveSite() != null) {
                conf.addResource(kerberosPrincipal.getHiveSite().toURL());
                log.info("add config: {}", kerberosPrincipal.getHiveSite().getAbsolutePath());
            }
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }

        try {
            this.hiveHelper = new HiveHelper(conf, hiveclientPropFile, krbUser, userKeytabFile, krb5File);
            log.info("hive fusioninsight 认证通过。");
            return true;
        } catch (Exception e) {
            throw new SecurityException("FI 认证失败。", e);
        }
    }

    @Override
    public Connection getConnection() throws SQLException {
        try {
            Class.forName("org.apache.hive.jdbc.HiveDriver");
        } catch (ClassNotFoundException e) {
            throw new SQLException("找不到Hive驱动：org.apache.hive.jdbc.HiveDriver.", e);
        }
        return hiveHelper.getPoolConnection();
    }
}