Git Product home page Git Product logo

thrift-sasl's Introduction

NAME

Thrift::SASL::Transport - Thrift Transport allowing Kerberos auth/encryption through GSSAPI

VERSION

version 0.003

SYNOPSIS

run kinit first for getting your credentials cache in order, then (example for communicating with a secure HiveServer2 instance):

use Authen::SASL qw(XS);
my $sasl = Authen::SASL->new( mechanism => 'GSSAPI');

use Thrift::Socket;
use Thrift::BufferedTransport;
use Thrift::SASL::Transport;
use Thrift::API::HiveClient2;

my $socket = Thrift::Socket->new( $srv_host, 10000 );
my $strans = Thrift::SASL::Transport->new(
    Thrift::BufferedTransport->new($socket),
    $sasl,
    $debuglevel
);

my $hive = Thrift::API::HiveClient2->new(
    _socket    => $socket,
    _transport => $strans,
);

DESCRIPTION

Add SASL support to Apache's Thrift, in order to support Kerberos auth, among others. Highly experimental and hack-ish. Ideally this should be part of the Thrift distribution, once proven to work reliably.

ACKNOWLEDGEMENTS

Based on the pyhs2 python module by Brad Ruderman https://github.com/BradRuderman/pyhs2

Initial version with simple SASL authentication (LDAP) developped by Vikentiy Fesunov at Booking.com

Thanks to my employer Booking.com to allow me to release this module for public use

AUTHOR

David Morel [email protected]

COPYRIGHT AND LICENSE

This software is copyright (c) 2014 by David Morel.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

thrift-sasl's People

Contributors

dmorel avatar burak avatar

Stargazers

Harsh J avatar

Watchers

avatar avatar James Cloos avatar

Forkers

dmorel akonale

thrift-sasl's Issues

Lack of $ENV{USER} leading to the weird authentication error

Compare this

$ perl -MThrift::API::HiveClient2 -wE ' Thrift::API::HiveClient2->new(qw/ host hiveserver2-host port 10000 timeout 7200 username hive /, sasl => { mechanism => "PLAIN", callback => {qw/ pass none canonuser hive /} } )->execute("select 1 + 1"); say 42 ' 42

with this

$ perl -MThrift::API::HiveClient2 -wE ' delete $ENV{USER}; Thrift::API::HiveClient2->new(qw/ host hiveserver2-host port 10000 timeout 7200 username hive /, sasl => { mechanism => "PLAIN", callback => {qw/ pass none canonuser hive /} } )->execute("select 1 + 1"); say 42 ' Authentication failed: 3 > Error validating the login at Thrift/SASL/Transport.pm line 114.

Not sure about the actual culprit yet.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.