Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-4707

Support configurable domain name for HiveServer2 LDAP authentication using Active Directory

Log workAgile BoardRank to TopRank to BottomBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.11.0
    • 0.12.0
    • HiveServer2
    • None

    Description

      LDAP providers like Active Directory use a fully qualified user name in user@domain format. For HiveServer2 LDAP auth can be used with active directory by passing the userid in that format. This causes hive authentication module to retrun the username in that mangled format. This prohibits LDAP users to be impersonated over secure hadoop or reported correctly in audit etc.

      HiveServer2 should support a configurable LDAP domain that is appended to the user name.

      Attachments

        1. HIVE-4707-1.patch
          2 kB
          Prasad Suresh Mujumdar

        Issue Links

        is related to

        Bug - A problem which impairs or prevents the functions of the product. HIVE-8916 Handle user@domain username under LDAP authentication

        • Major - Major loss of function.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            prasadm Prasad Suresh Mujumdar Assign to me
            prasadm Prasad Suresh Mujumdar
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment