Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-4707

Support configurable domain name for HiveServer2 LDAP authentication using Active Directory

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.11.0
    • Fix Version/s: 0.12.0
    • Component/s: HiveServer2
    • Labels:
      None

      Description

      LDAP providers like Active Directory use a fully qualified user name in user@domain format. For HiveServer2 LDAP auth can be used with active directory by passing the userid in that format. This causes hive authentication module to retrun the username in that mangled format. This prohibits LDAP users to be impersonated over secure hadoop or reported correctly in audit etc.

      HiveServer2 should support a configurable LDAP domain that is appended to the user name.

        Attachments

        1. HIVE-4707-1.patch
          2 kB
          Prasad Mujumdar

          Issue Links

            Activity

              People

              • Assignee:
                prasadm Prasad Mujumdar
                Reporter:
                prasadm Prasad Mujumdar
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: