10 years ago · 776a45d2a9
--- a/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
+++ b/ambari-server/src/main/resources/stacks/HDP/2.2/services/stack_advisor.py
@@ -363,12 +363,13 @@ class HDP22StackAdvisor(HDP21StackAdvisor):
 
				     # Security
			
 
				     putHiveEnvProperty("hive_security_authorization", "None")
			
 
				     # hive_security_authorization == 'none'
			
 
				+    # this property is unrelated to Kerberos
			
 
				     if str(configurations["hive-env"]["properties"]["hive_security_authorization"]).lower() == "none":
			
 
				-      putHiveSiteProperty("hive.security.authorization.enabled", "false")
			
 
				       putHiveSiteProperty("hive.security.authorization.manager", "org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory")
			
 
				       putHiveServerPropertyAttribute("hive.security.authorization.manager", "delete", "true")
			
 
				-      putHiveServerPropertyAttribute("hive.security.authorization.enabled", "delete", "true")
			
 
				       putHiveServerPropertyAttribute("hive.security.authenticator.manager", "delete", "true")
			
 
				+      if "KERBEROS" not in servicesList: # Kerberos security depends on this property
			
 
				+        putHiveSiteProperty("hive.security.authorization.enabled", "false")
			
 
				     else:
			
 
				       putHiveSiteProperty("hive.security.authorization.enabled", "true")
			
 
				 
			
@@ -423,7 +424,7 @@ class HDP22StackAdvisor(HDP21StackAdvisor):
 
				     if hive_server2_auth == "kerberos":
			
 
				       putHiveSiteProperty("hive.server2.authentication.kerberos.keytab", "")
			
 
				       putHiveSiteProperty("hive.server2.authentication.kerberos.principal", "")
			
 
				-    else:
			
 
				+    elif "KERBEROS" not in servicesList: # Since 'hive_server2_auth' cannot be relied on within the default, empty recommendations request
			
 
				       putHiveSitePropertyAttribute("hive.server2.authentication.kerberos.keytab", "delete", "true")
			
 
				       putHiveSitePropertyAttribute("hive.server2.authentication.kerberos.principal", "delete", "true")
			
 
				 
			
--- a/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
+++ b/ambari-server/src/test/python/stacks/2.2/common/test_stack_advisor.py
@@ -931,6 +931,11 @@ class TestHDP22StackAdvisor(TestCase):
 
				         "properties": {
			
 
				           "yarn.scheduler.capacity.root.queues": "queue1,queue2"
			
 
				         }
			
 
				+      },
			
 
				+      "hive-site": {
			
 
				+        "properties": {
			
 
				+          "hive.server2.authentication": "none"
			
 
				+        }
			
 
				       }
			
 
				     }
			
 
				     clusterData = {
			
@@ -1001,7 +1006,8 @@ class TestHDP22StackAdvisor(TestCase):
 
				           'hive.vectorized.execution.enabled': 'true',
			
 
				           'hive.vectorized.execution.reduce.enabled': 'false',
			
 
				           'hive.security.metastore.authorization.manager': 'org.apache.hadoop.hive.ql.security.authorization.StorageBasedAuthorizationProvider',
			
 
				-          'hive.security.authorization.manager': 'org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory'
			
 
				+          'hive.security.authorization.manager': 'org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdConfOnlyAuthorizerFactory',
			
 
				+          "hive.server2.authentication": "none"
			
 
				         },
			
 
				        'property_attributes': {
			
 
				          'hive.auto.convert.join.noconditionaltask.size': {'maximum': '805306368'},
			
@@ -1021,7 +1027,6 @@ class TestHDP22StackAdvisor(TestCase):
 
				         },
			
 
				         'property_attributes': {
			
 
				          'hive.security.authorization.manager': {'delete': 'true'},
			
 
				-         'hive.security.authorization.enabled': {'delete': 'true'},
			
 
				          'hive.security.authenticator.manager': {'delete': 'true'}
			
 
				         }
			
 
				       }
			
--- a/ambari-server/src/test/python/stacks/2.3/common/test_stack_advisor.py
+++ b/ambari-server/src/test/python/stacks/2.3/common/test_stack_advisor.py
@@ -340,7 +340,6 @@ class TestHDP23StackAdvisor(TestCase):
 
				         },
			
 
				         'property_attributes': {
			
 
				          'hive.security.authorization.manager': {'delete': 'true'},
			
 
				-         'hive.security.authorization.enabled': {'delete': 'true'},
			
 
				          'hive.security.authenticator.manager': {'delete': 'true'}
			
 
				         }
			
 
				       }