Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-14592

In LDAP authentication 'group filter' match should be case insensitive

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.2.0
    • None
    • Authentication
    • None

    Description

      Configure openLDAP server with following configurations(enable ldap, ldap URI, baseDN, userDNPattern, groupDNPattern and groupFilter). If the specified groupFilter case is different than the actual one in directory than Hive cannot find a match and errors out.

      Provided groupFilter value <groupTest>
      Actual group name in directory server - grouptest.

      Similar search works by using ldapsearch (ldap searches are case insensitive).

      Error message snippet -
      avax.security.sasl.AuthenticationException: Authentication failed: User not a member of listed groups]
      at org.apache.hive.service.auth.PlainSaslServer.evaluateResponse(PlainSaslServer.java:109)

      Attachments

        Activity

          People

            kapilrastogi Kapil Rastogi
            kapilrastogi Kapil Rastogi
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: