Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-12188

DoAs does not work properly in non-kerberos secured HS2

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 1.3.0, 2.0.0
    • Security
    • None

    Description

      The case with following settings is valid but it seems still not work correctly in current HS2
      ==
      hive.server2.authentication=NONE (or LDAP)
      hive.server2.enable.doAs= true
      hive.metastore.sasl.enabled=true (with HMS Kerberos enabled)
      ==
      Currently HS2 is able to fetch the delegation token to a kerberos secured HMS only when itself is also kerberos secured.

      Attachments

        1. HIVE-12188.patch
          1 kB
          Chaoyu Tang

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. SPARK-43743 Port HIVE-12188: DoAs does not work properly in non-kerberos secured HS2

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. HIVE-6245 HS2 creates DBs/Tables with wrong ownership when HMS setugi is true

          • Major - Major loss of function.
          • Closed

          Activity

            People

              ctang Chaoyu Tang
              ctang Chaoyu Tang
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: