Revert "HIVE-21783: Avoid authentication for connection from the same…

… domain (Ashutosh Bapat reviewed by Olli Draese, Prasanth Jayachandran)"

This reverts commit 24313ab.

common/src/java/org/apache/hadoop/hive/conf/HiveConf.java

@@ -3478,14 +3478,6 @@ public static enum ConfVars {
         "          (Use with property hive.server2.custom.authentication.class)\n" +
         "  PAM: Pluggable authentication module\n" +
         "  NOSASL:  Raw transport"),
-    HIVE_SERVER2_TRUSTED_DOMAIN("hive.server2.trusted.domain", "",
-        "Specifies the host or a domain to trust connections from. Authentication is skipped " +
-        "for any connection coming from a host whose hostname ends with the value of this" +
-        " property. If authentication is expected to be skipped for connections from " +
-        "only a given host, fully qualified hostname of that host should be specified. By default" +
-        " it is empty, which means that all the connections to HiveServer2 are authenticated. " +
-        "When it is non-empty, the client has to provide a Hive user name. Any password, if " +
-        "provided, will not be used when authentication is skipped."),
     HIVE_SERVER2_ALLOW_USER_SUBSTITUTION("hive.server2.allow.user.substitution", true,
         "Allow alternate user to be specified as part of HiveServer2 open connection request."),
     HIVE_SERVER2_KERBEROS_KEYTAB("hive.server2.authentication.kerberos.keytab", "",

itests/hive-minikdc/src/test/java/org/apache/hive/minikdc/MiniHiveKdc.java

@@ -36,7 +36,6 @@
 import org.apache.hive.jdbc.miniHS2.MiniHS2;
 
 import com.google.common.io.Files;
-import org.apache.hive.service.server.HiveServer2;
 
 /**
  * Wrapper around Hadoop's MiniKdc for use in hive tests.
@@ -179,21 +178,15 @@ public static MiniHS2 getMiniHS2WithKerb(MiniHiveKdc miniHiveKdc, HiveConf hiveC
   * @return new MiniHS2 instance
   * @throws Exception
   */
-  public static MiniHS2 getMiniHS2WithKerb(MiniHiveKdc miniHiveKdc, HiveConf hiveConf,
+ public static MiniHS2 getMiniHS2WithKerb(MiniHiveKdc miniHiveKdc, HiveConf hiveConf,
      String authType) throws Exception {
-    String hivePrincipal =
-            miniHiveKdc.getFullyQualifiedServicePrincipal(MiniHiveKdc.HIVE_SERVICE_PRINCIPAL);
-    String hiveKeytab = miniHiveKdc.getKeyTabFile(
-            miniHiveKdc.getServicePrincipalForUser(MiniHiveKdc.HIVE_SERVICE_PRINCIPAL));
-
-    MiniHS2.Builder miniHS2Builder = new MiniHS2.Builder()
-                                              .withConf(hiveConf)
-                                              .withMiniKdc(hivePrincipal, hiveKeytab)
-                                              .withAuthenticationType(authType);
-    if (HiveServer2.isHTTPTransportMode(hiveConf)) {
-      miniHS2Builder.withHTTPTransport();
-    }
-    return miniHS2Builder.build();
+   String hivePrincipal =
+       miniHiveKdc.getFullyQualifiedServicePrincipal(MiniHiveKdc.HIVE_SERVICE_PRINCIPAL);
+   String hiveKeytab = miniHiveKdc.getKeyTabFile(
+       miniHiveKdc.getServicePrincipalForUser(MiniHiveKdc.HIVE_SERVICE_PRINCIPAL));
+
+   return new MiniHS2.Builder().withConf(hiveConf).withMiniKdc(hivePrincipal, hiveKeytab).
+       withAuthenticationType(authType).build();
  }
 
   /**

service/src/java/org/apache/hive/service/auth/HiveAuthFactory.java

@@ -161,11 +161,6 @@ public TTransportFactory getAuthTransFactory() throws LoginException {
     } else {
       throw new LoginException("Unsupported authentication type " + authTypeStr);
     }
-
-    String trustedDomain = HiveConf.getVar(conf, ConfVars.HIVE_SERVER2_TRUSTED_DOMAIN).trim();
-    if (!trustedDomain.isEmpty()) {
-      transportFactory = PlainSaslHelper.getDualPlainTransportFactory(transportFactory, trustedDomain);
-    }
     return transportFactory;
   }