search

colinmarc / impala-ruby

an impala client for ruby
MIT License
34 stars 22 forks source link

SASL Support with GSSAPI #1

Closed colinmarc closed 8 years ago

sadir commented 8 years ago

Hi Colin,

Are you still working on this? I'd like to use this gem to connect a rails app I have to an Impala Hadoop instance with Kerberos authentication. Currently using this gem: but it isn't actively developed anymore and doesn't support refresh statements. At the moment using this code:

#!/usr/bin/env ruby
require 'rubygems'
require 'impala'

Impala.connect(url, port, options: {kerberos: true, username: user, password: password}) do |conn|
     puts conn.open?
     puts conn.inspect
     conn.query('refresh table_name;')
end

I get:

true

/Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/thrift-0.9.3.0/lib/thrift/transport/socket.rb:122:in rescue in read': Connection reset by peer (Thrift::TransportException) from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/thrift-0.9.3.0/lib/thrift/transport/socket.rb:97:inread' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/thrift-0.9.3.0/lib/thrift/transport/buffered_transport.rb:82:in read_into_buffer' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/thrift-0.9.3.0/lib/thrift/protocol/binary_protocol.rb:194:inread_i32' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/thrift-0.9.3.0/lib/thrift/protocol/binary_protocol.rb:120:in read_message_begin' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/thrift-0.9.3.0/lib/thrift/client.rb:54:inreceive_message' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/impala-0.5.0/lib/impala/protocol/beeswax_service.rb:43:in recv_executeAndWait' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/impala-0.5.0/lib/impala/protocol/beeswax_service.rb:35:inexecuteAndWait' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/impala-0.5.0/lib/impala/connection.rb:107:in send_query' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/impala-0.5.0/lib/impala/connection.rb:82:inexecute' from ./lib/impala_gem_spike.rb:13:in block in <main>' from /Users/morgan/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.0/gems/impala-0.5.0/lib/impala.rb:49:inconnect' from ./lib/impala_gem_spike.rb:9:in `

'

sadir commented 8 years ago

OK so as soon as I wrote this I spotted your recent merge! However updating the code to read like this: 

#!/usr/bin/env ruby
require 'rubygems'
require 'impala'

Impala.connect(url, port, options: {kerberos: {host: host, provider: provider}, username: user, password: password}) do |conn|
     puts conn.open?
     puts conn.inspect
     conn.query('refresh table_name;')
end

Doesn't change the error message. Can you give me a quick example on how to use these new fields? Afraid I can't show the variable contents I'm using because my employer wouldn't be too happy if I did.

colinmarc commented 8 years ago

@MorganSadr I think the argument is principal rather than provider. I also wrote to take either:

{kerberos: {host: 'host', principal: 'principal'}}

or

{sasl: {username: 'username', password: 'password'}}

But not both. But I don't actually understand kerberos so that could be wrong.

sadir commented 8 years ago

@colinmarc Ahh right thanks. I'll give that a go tomorrow and report back. If/when I get something working I'll submit a PR for the README too.

sadir commented 8 years ago

@colinmarc so I got this working in the end:

Impala.connect(url, port, kerberos: { host: host, principal: "#{service}/#{host}@#{realm}" }) do |conn|
    results = conn.query(query)
    puts results
end

Where url and host are actually the same thing. Unfortunately I have run into this bug as I am running on MacOS so my script segfaults as it finishes. In any case that is the syntax that worked for me. :)

Thanks for your help!

colinmarc commented 8 years ago

Ok, going to close this, in that case; thanks for the report!