I want to connect to HiveServer2 through knox as a specific user (userX) and don't want any authentication. For this, I am using "Identity assertion" with "Anonymous authentication provider".
Inside my sandbox.xml (present in topologies), I have used this code :
<provider>
<role>authentication</role>
<name>Anonymous</name>
<enabled>true</enabled>
</provider>
<provider>
<role>identity-assertion</role>
<name>Default</name>
<enabled>true</enabled>
<param>
<name>principal.mapping</name>
<value>anonymous=userX;</value>
</param>
</provider>
This works fine, but I want the userX to be a variable and I want to receive this variable through the jdbc url command.
The command I am using :
beeline -u "jdbc:hive2://GATEWAY-HOST:GATEWAY-PORT/;ssl=true;sslTrustStore={gateway.jks location};trustStorePassword={master-key};transportMode=http;httpPath=gateway/sandbox/hive"
Say I want to establish the connection as 'UserABC', how can I achieve that? How to pass this UserABC in the jdbc url and what changes are needed in sandbox.xml to pick that variable userId.
You can use the HeaderPreAuth federation provider for this, I would also echo the caution expressed in the documentation that you need a proper network security configured else this provider will leave gateway exposed to identity spoofing.