Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-12885

LDAP Authenticator improvements

Log workAgile BoardRank to TopRank to BottomVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.1.0
    • Fix Version/s: 1.3.0, 2.1.0
    • Component/s: HiveServer2
    • Labels:
      None

      Description

      Currently Hive's LDAP Atn provider assumes certain defaults to keep its configuration simple.
      1) One of the assumptions is the presence of an attribute "distinguishedName". In certain non-standard LDAP implementations, this attribute may not be available. So instead of basing all ldap searches on this attribute, getNameInNamespace() returns the same value. So this API is to be used instead.
      2) It also assumes that the "user" value being passed in, will be able to bind to LDAP. However, certain LDAP implementations, by default, only allow the full DN to be used, just short user names are not permitted. We will need to be able to support short names too when hive configuration only has "BaseDN" specified (not userDNPatterns). So instead of hard-coding "uid" or "CN" as keys for the short usernames, it probably better to make this a configurable parameter.

        Attachments

        1. HIVE-12885.2.patch
          11 kB
          Naveen Gangam
        2. HIVE-12885.3.patch
          9 kB
          Naveen Gangam
        3. HIVE-12885.patch
          11 kB
          Naveen Gangam
        4. HIVE-12885-branch1.patch
          9 kB
          Naveen Gangam

        Issue Links

          Activity

          $i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users
          Cancel

            People

            • Assignee:
              ngangam Naveen Gangam Assign to me
              Reporter:
              ngangam Naveen Gangam

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment