[HIVE-4707] Support configurable domain name for HiveServer2 LDAP authentication using Active Directory - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.11.0
Fix Version/s: 0.12.0
Component/s: HiveServer2
Labels:
None

Description

LDAP providers like Active Directory use a fully qualified user name in user@domain format. For HiveServer2 LDAP auth can be used with active directory by passing the userid in that format. This causes hive authentication module to retrun the username in that mangled format. This prohibits LDAP users to be impersonated over secure hadoop or reported correctly in audit etc.

HiveServer2 should support a configurable LDAP domain that is appended to the user name.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HIVE-4707-1.patch
11/Jun/13 03:32
2 kB
Prasad Suresh Mujumdar

Issue Links

is related to

HIVE-8916 Handle user@domain username under LDAP authentication

Resolved

Activity

People

Assignee:: Prasad Suresh Mujumdar

Reporter:: Prasad Suresh Mujumdar

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 11/Jun/13 03:22

Updated:: 17/Jul/15 08:01

Resolved:: 17/Jun/13 17:58