Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-3705

Adding authorization capability to the metastore

Log workAgile BoardRank to TopRank to BottomVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.10.0
    • Component/s: Authorization, Metastore
    • Labels:
      None

      Description

      In an environment where multiple clients access a single metastore, and we want to evolve hive security to a point where it's no longer simply preventing users from shooting their own foot, we need to be able to authorize metastore calls as well, instead of simply performing every metastore api call that's made.

        Attachments

        1. HIVE-3705.D6681.1.patch
          75 kB
          Phabricator
        2. HIVE-3705.D6681.2.patch
          77 kB
          Phabricator
        3. HIVE-3705.D6681.3.patch
          94 kB
          Phabricator
        4. HIVE-3705.D6681.4.patch
          100 kB
          Phabricator
        5. HIVE-3705.D6681.5.patch
          101 kB
          Phabricator
        6. HIVE-3705.giant.svn.patch
          112 kB
          Sushanth Sowmyan
        7. HIVE-3705.giant.svn-0.10.patch
          113 kB
          Sushanth Sowmyan
        8. hive-backend-auth.2.git.patch
          105 kB
          Sushanth Sowmyan
        9. hive-backend-auth.git.patch
          88 kB
          Sushanth Sowmyan
        10. hive-backend-auth.post-review.git.patch
          31 kB
          Sushanth Sowmyan
        11. hive-backend-auth.post-review-part2.git.patch
          0.9 kB
          Sushanth Sowmyan
        12. hive-backend-auth.post-review-part3.git.patch
          12 kB
          Sushanth Sowmyan
        13. hivesec_investigation.pdf
          391 kB
          Sushanth Sowmyan

        Issue Links

        is related to

        Bug - A problem which impairs or prevents the functions of the product. HIVE-4363 Document metastore authorization and authentication

        • Major - Major loss of function.
        • Resolved
        relates to

        Bug - A problem which impairs or prevents the functions of the product. HIVE-5402 StorageBasedAuthorizationProvider is not correctly able to determine that it is running from client-side

        • Blocker - Blocks development and/or testing work, production could not run
        • Closed

        Bug - A problem which impairs or prevents the functions of the product. HIVE-5048 StorageBasedAuthorization provider causes an NPE when asked to authorize from client side.

        • Major - Major loss of function.
        • Closed

          Activity
          $i18n.getText('security.level.explanation', $currentSelection) Viewable by All Users
          Cancel

            People

            • Assignee:
              sushanth Sushanth Sowmyan Assign to me
              Reporter:
              sushanth Sushanth Sowmyan

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment