Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.2.0
-
None
-
None
Description
Currently, on non-Kerberized clusters, Sentry logs an error message and proceeds to block access for everybody for every operation.
ERROR org.apache.sentry.binding.hive.authz.HiveAuthzBinding: HiveServer2 authentication method cannot be set to none unless testing mode is enabled
When operations fail, it's not clear if it's unhappy because the policy file is not parse-able, it's a policy file permission issue, or if it doesn't like non-Kerberos clusters.
The error message is followed by bunch of auth failure exceptions, so it's hard to see this error message. It should throw an exception instead.