Hive
  1. Hive
  2. HIVE-4707

Support configurable domain name for HiveServer2 LDAP authentication using Active Directory

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 0.11.0
    • Fix Version/s: 0.12.0
    • Component/s: HiveServer2
    • Labels:
      None

      Description

      LDAP providers like Active Directory use a fully qualified user name in user@domain format. For HiveServer2 LDAP auth can be used with active directory by passing the userid in that format. This causes hive authentication module to retrun the username in that mangled format. This prohibits LDAP users to be impersonated over secure hadoop or reported correctly in audit etc.

      HiveServer2 should support a configurable LDAP domain that is appended to the user name.

      1. HIVE-4707-1.patch
        2 kB
        Prasad Mujumdar

        Activity

        Ashutosh Chauhan made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Ashutosh Chauhan made changes -
        Status Patch Available [ 10002 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Prasad Mujumdar made changes -
        Status Open [ 1 ] Patch Available [ 10002 ]
        Prasad Mujumdar made changes -
        Field Original Value New Value
        Attachment HIVE-4707-1.patch [ 12587192 ]
        Prasad Mujumdar created issue -

          People

          • Assignee:
            Prasad Mujumdar
            Reporter:
            Prasad Mujumdar
          • Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development