Hive JDBC在Knox中基于令牌的身份验证(JWT)

时间:2018-08-16 21:22:38

标签: jdbc jwt knox-gateway apache-knox

我已在Apache Knox中设置了基于令牌的身份验证。 我可以使用以下命令生成令牌:

curl -ivku guest:guest-password https://localhost:8443/gateway/sandbox/knoxtoken/api/v1/token

使用令牌,我正在像这样的curl命令中进行身份验证:

curl -ivk -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJndWVzdCIsImF1ZCI6InRva2VuYmFzZWQiLCJpc3MiOiJLTk9YU1NPIiwiZXhwIjoxNDg5OTQyMTg4fQ.bcqSK7zMnABEM_HVsm3oWNDrQ_ei7PcMI4AtZEERY9LaPo9dzugOg3PA5JH2BRF-lXM3tuEYuZPaZVf8PenzjtBbuQsCg9VVImuu2r1YNVJlcTQ7OV-eW50L6OTI0uZfyrFwX6C7jVhf7d7YR1NNxs4eVbXpS1TZ5fDIRSfU3MU" https://localhost:8443/gateway/tokenbased/webhdfs/v1/tmp?op=LISTSTATUS

但是我想验证配置单元jdbc连接。如何在蜂巢jdbc url中添加此令牌。我的jdbc网址是:

jdbc:hive2://localhost:8443/;ssl=true;sslTrustStore={path to gateway.jks};trustStorePassword={master-secret key};transportMode=http;httpPath=gateway/{cluster-name}/hive

1 个答案:

答案 0 :(得分:0)

您应该能够通过JDBC将带有JWT令牌的http cookie传递给 jdbc:hive2://knox_host:knox_port;transportMode=http;httpPath=<http_endpoint>;http.cookie.<cookie_name>=<cookie_value>

默认Cookie名称为“ http.cookie.hadoop-jwt”