Hive
  1. Hive
  2. HIVE-6957

SQL authorization does not work with HS2 binary mode and Kerberos auth

    Details

      Description

      In HiveServer2, when Kerberos auth and binary transport modes are used, the user name that gets passed on to authorization is the long kerberos username.
      The username that is used in grant/revoke statements tend to be the short usernames.
      This also fails in authorizing statements that involve URI, as the authorization mode checks the file system permissions for given user. It does not recognize that the given long username actually owns the file or belongs to the group that owns the file.

      1. HIVE-6957.1.patch
        11 kB
        Thejas M Nair
      2. HIVE-6957.2.patch
        21 kB
        Thejas M Nair
      3. HIVE-6957.3.patch
        27 kB
        Thejas M Nair
      4. HIVE-6957.4.patch
        27 kB
        Thejas M Nair
      5. HIVE-6957.04-branch.0.13.patch
        1 kB
        Thejas M Nair

        Issue Links

          Activity

          Thejas M Nair made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Sushanth Sowmyan made changes -
          Fix Version/s 0.13.1 [ 12326829 ]
          Thejas M Nair made changes -
          Status Patch Available [ 10002 ] Resolved [ 5 ]
          Fix Version/s 0.14.0 [ 12326450 ]
          Resolution Fixed [ 1 ]
          Thejas M Nair made changes -
          Attachment HIVE-6957.04-branch.0.13.patch [ 12641964 ]
          Thejas M Nair made changes -
          Attachment HIVE-6957.4.patch [ 12641843 ]
          Thejas M Nair made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Thejas M Nair made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Thejas M Nair made changes -
          Attachment HIVE-6957.3.patch [ 12641824 ]
          Thejas M Nair made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Thejas M Nair made changes -
          Status Patch Available [ 10002 ] Open [ 1 ]
          Thejas M Nair made changes -
          Attachment HIVE-6957.2.patch [ 12641810 ]
          Thejas M Nair made changes -
          Status Open [ 1 ] Patch Available [ 10002 ]
          Thejas M Nair made changes -
          Remote Link This issue links to "review board (Web Link)" [ 14905 ]
          Thejas M Nair made changes -
          Field Original Value New Value
          Attachment HIVE-6957.1.patch [ 12641337 ]
          Thejas M Nair created issue -

            People

            • Assignee:
              Thejas M Nair
              Reporter:
              Thejas M Nair
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development