diff --git a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java index 76a80e0..2fc35ed 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/security/authorization/plugin/HiveAuthorizerImpl.java @@ -37,6 +37,9 @@ @LimitedPrivate(value = { "" }) @Evolving public class HiveAuthorizerImpl implements HiveAuthorizer { + + public static final String METASTORE_FILTER_HOOK_V2_DEFAULT = + "org.apache.hadoop.hive.ql.security.authorization.plugin.AuthorizationMetaStoreFilterHook"; HiveAccessController accessController; HiveAuthorizationValidator authValidator; diff --git a/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java b/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java index 37d856c..514bf6c 100644 --- a/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java +++ b/ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java @@ -756,8 +756,12 @@ private void setAuthorizerV2Config() throws HiveException { if (conf.get(CONFIG_AUTHZ_SETTINGS_APPLIED_MARKER, "").equals(Boolean.TRUE.toString())) { return; } - conf.setVar(ConfVars.METASTORE_FILTER_HOOK, - "org.apache.hadoop.hive.ql.security.authorization.plugin.AuthorizationMetaStoreFilterHook"); + if (ConfVars.METASTORE_FILTER_HOOK.getDefaultValue().equals( + conf.get(ConfVars.METASTORE_FILTER_HOOK.name(), + ConfVars.METASTORE_FILTER_HOOK.getDefaultValue()))) { + conf.setVar(ConfVars.METASTORE_FILTER_HOOK, + HiveAuthorizerImpl.METASTORE_FILTER_HOOK_V2_DEFAULT); + } authorizerV2.applyAuthorizationConfigPolicy(conf); // update config in Hive thread local as well and init the metastore client