如何与运行NONE身份验证的HiveServer2进行通信(How to communicate with HiveServer2 running NONE authentication)

我正在尝试通过ruby TCPSocket与HiveServer2进行通信。根据Thrift SASL规范，我发送START消息，然后发送纯auth信息。服务器返回COMPLETE状态，空载荷。它应该将challenge作为有效负载返回，但是返回空字符串。

START = 0x01 OK = 0x02 COMPLETE = 0x05 auth = 'PLAIN' header = [START, auth.length].pack('cl>') auth_string = ['anonymous'].pack('u') auth_message = "[LOGIN] \u0000 #{auth_string} \u0000 #{auth_string}" auth_header = [OK, auth_message.length].pack('cl>') socket = TCPSocket.new localhost, 10000 socket.write header + auth socket.write auth_header + auth_message socket.read(5).unpack('cl>') => [5,0]

HiveServer2返回5状态为COMPLETE。通过此套接字无法进一步通信，因为服务器不再返回任何内容。

我怀疑auth_message以错误的方式构建或其他错误。

任何人都可以建议HiveServer2理解我的请求的方式吗？

任何帮助将不胜感激。

UPD： Thrift SASL规范

UPD2：解决了！ STARTTLS块应如下所示：

START = 0x01 OK = 0x02 COMPLETE = 0x05 auth = 'PLAIN' header = [START, auth.length].pack('cl>') auth_message = "[ANONYMOUS]\u0000anonymous\u0000anonymous" auth_header = [OK, auth_message.length].pack('cl>') socket = TCPSocket.new localhost, 10000 socket.write header + auth socket.write auth_header + auth_message socket.read(5).unpack('cl>') => [5,0]

从服务器收到COMPLETE状态后，我可以使用TCLIService :: Client与HiveServer2进行通信。只有一点需要注意：

对底层传输的所有写入必须以有效载荷数据的4字节长度为前缀，然后是有效载荷。来自此传输的所有读取应读取4字节长度的字，然后读取此长度字指定的完整字节数。

I'm trying to communicate with HiveServer2 via ruby TCPSocket. As per Thrift SASL spec, I send START message and then plain auth information. Server returns COMPLETE status with an empty payload. It should return challenge as a payload but an empty string.

START = 0x01 OK = 0x02 COMPLETE = 0x05 auth = 'PLAIN' header = [START, auth.length].pack('cl>') auth_string = ['anonymous'].pack('u') auth_message = "[LOGIN] \u0000 #{auth_string} \u0000 #{auth_string}" auth_header = [OK, auth_message.length].pack('cl>') socket = TCPSocket.new localhost, 10000 socket.write header + auth socket.write auth_header + auth_message socket.read(5).unpack('cl>') => [5,0]

HiveServer2 returns 5 status that is COMPLETE. No further communication is possible via this socket as the server returns nothing anymore.

I suspect auth_message constructed in a wrong way or something else is wrong.

Can anyone suggest the way HiveServer2 will understand my requests?

Any help will be appreciated.

UPD: Thrift SASL spec

UPD2: Solved! STARTTLS block should look like following below:

START = 0x01 OK = 0x02 COMPLETE = 0x05 auth = 'PLAIN' header = [START, auth.length].pack('cl>') auth_message = "[ANONYMOUS]\u0000anonymous\u0000anonymous" auth_header = [OK, auth_message.length].pack('cl>') socket = TCPSocket.new localhost, 10000 socket.write header + auth socket.write auth_header + auth_message socket.read(5).unpack('cl>') => [5,0]

After COMPLETE status received from the server, I can use TCLIService::Client to communicate with the HiveServer2. Only one thing to notice:

All writes to the underlying transport must be prefixed by the 4-byte length of the payload data, followed by the payload. All reads from this transport should read the 4-byte length word, then read the full quantity of bytes specified by this length word.