[HIVE-13418] HiveServer2 HTTP mode should support X-Forwarded-Host header for authorization/audits - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.1.0
Component/s: Authorization, HiveServer2
Labels:
- pull-request-available

Description

Apache Knox acts as a proxy for requests coming from the end users. In these cases, the IP address that HiveServer2 passes to the authorization/audit plugins via the HiveAuthzContext object only the IP address of the proxy, and not the end user.

For auditing purposes, the IP address of the end user and any proxies in between are useful.
HiveServer2 should pass the information from 'X-Forwarded-Host' header to the HiveAuthorizer plugins.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-13418.1.patch
09/Apr/16 00:45
43 kB
Thejas Nair

Issue Links

is related to

RANGER-962 Ranger plugin should have an option to use X-Forwarded-For address

Resolved

links to

GitHub Pull Request #69

Activity

People

Assignee:: Thejas Nair

Reporter:: Thejas Nair

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 04/Apr/16 19:49

Updated:: 04/Jun/20 21:35

Resolved:: 01/Jun/16 21:34

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m