[SENTRY-20] Sentry should throw an exception if testing.mode is not set on non-secure cluster - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.2.0
Fix Version/s: 1.3.0
Component/s: None
Labels:
None

Description

Currently, on non-Kerberized clusters, Sentry logs an error message and proceeds to block access for everybody for every operation.

ERROR org.apache.sentry.binding.hive.authz.HiveAuthzBinding: HiveServer2 authentication method cannot be set to none unless testing mode is enabled

When operations fail, it's not clear if it's unhappy because the policy file is not parse-able, it's a policy file permission issue, or if it doesn't like non-Kerberos clusters.

The error message is followed by bunch of auth failure exceptions, so it's hard to see this error message. It should throw an exception instead.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-20.patch
24/Sep/13 00:47
10 kB
Shreepadma Venugopalan

Activity

People

Assignee:: Shreepadma Venugopalan

Reporter:: Mohit Sabharwal

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 23/Sep/13 21:27

Updated:: 27/Sep/13 07:35

Resolved:: 27/Sep/13 07:31