Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-3705

Adding authorization capability to the metastore

    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 0.10.0
    • Component/s: Authorization, Metastore
    • Labels:
      None

      Description

      In an environment where multiple clients access a single metastore, and we want to evolve hive security to a point where it's no longer simply preventing users from shooting their own foot, we need to be able to authorize metastore calls as well, instead of simply performing every metastore api call that's made.

        Attachments

        1. HIVE-3705.D6681.1.patch
          75 kB
          Phabricator
        2. HIVE-3705.D6681.2.patch
          77 kB
          Phabricator
        3. HIVE-3705.D6681.3.patch
          94 kB
          Phabricator
        4. HIVE-3705.D6681.4.patch
          100 kB
          Phabricator
        5. HIVE-3705.D6681.5.patch
          101 kB
          Phabricator
        6. HIVE-3705.giant.svn.patch
          112 kB
          Sushanth Sowmyan
        7. HIVE-3705.giant.svn-0.10.patch
          113 kB
          Sushanth Sowmyan
        8. hive-backend-auth.2.git.patch
          105 kB
          Sushanth Sowmyan
        9. hive-backend-auth.git.patch
          88 kB
          Sushanth Sowmyan
        10. hive-backend-auth.post-review.git.patch
          31 kB
          Sushanth Sowmyan
        11. hive-backend-auth.post-review-part2.git.patch
          0.9 kB
          Sushanth Sowmyan
        12. hive-backend-auth.post-review-part3.git.patch
          12 kB
          Sushanth Sowmyan
        13. hivesec_investigation.pdf
          391 kB
          Sushanth Sowmyan

          Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-4363 Document metastore authorization and authentication

          • Major - Major loss of function.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-5402 StorageBasedAuthorizationProvider is not correctly able to determine that it is running from client-side

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HIVE-5048 StorageBasedAuthorization provider causes an NPE when asked to authorize from client side.

          • Major - Major loss of function.
          • Closed

            Activity

              People

              • Assignee:
                sushanth Sushanth Sowmyan
                Reporter:
                sushanth Sushanth Sowmyan
              • Votes:
                0 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: