Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-3705

Adding authorization capability to the metastore

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 0.10.0
    • Authorization, Metastore
    • None

    Description

      In an environment where multiple clients access a single metastore, and we want to evolve hive security to a point where it's no longer simply preventing users from shooting their own foot, we need to be able to authorize metastore calls as well, instead of simply performing every metastore api call that's made.

      Attachments

        1. HIVE-3705.D6681.1.patch
          75 kB
          Phabricator
        2. HIVE-3705.D6681.2.patch
          77 kB
          Phabricator
        3. HIVE-3705.D6681.3.patch
          94 kB
          Phabricator
        4. HIVE-3705.D6681.4.patch
          100 kB
          Phabricator
        5. HIVE-3705.D6681.5.patch
          101 kB
          Phabricator
        6. HIVE-3705.giant.svn.patch
          112 kB
          Sushanth Sowmyan
        7. HIVE-3705.giant.svn-0.10.patch
          113 kB
          Sushanth Sowmyan
        8. hive-backend-auth.2.git.patch
          105 kB
          Sushanth Sowmyan
        9. hive-backend-auth.git.patch
          88 kB
          Sushanth Sowmyan
        10. hive-backend-auth.post-review.git.patch
          31 kB
          Sushanth Sowmyan
        11. hive-backend-auth.post-review-part2.git.patch
          0.9 kB
          Sushanth Sowmyan
        12. hive-backend-auth.post-review-part3.git.patch
          12 kB
          Sushanth Sowmyan
        13. hivesec_investigation.pdf
          391 kB
          Sushanth Sowmyan

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-4363 Document metastore authorization and authentication

          • Major - Major loss of function.
          • Resolved
          relates to

          Bug - A problem which impairs or prevents the functions of the product. HIVE-5402 StorageBasedAuthorizationProvider is not correctly able to determine that it is running from client-side

          • Blocker - Blocks development and/or testing work, production could not run
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. HIVE-5048 StorageBasedAuthorization provider causes an NPE when asked to authorize from client side.

          • Major - Major loss of function.
          • Closed

          Activity

            People

              sushanth Sushanth Sowmyan
              sushanth Sushanth Sowmyan
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: