You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hive.apache.org by "Edward Capriolo (JIRA)" <ji...@apache.org> on 2008/11/22 00:46:44 UTC

[jira] Commented: (HIVE-78) Authentication infrastructure for Hive

    [ https://issues.apache.org/jira/browse/HIVE-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12649855#action_12649855 ] 

Edward Capriolo commented on HIVE-78:
-------------------------------------

LDAP seems like a good way to handle this. We have a few alternatives. 

Any posixAccount can log into hive. LDAP search would be (&(objectClass=posixAccount (uid=<user>))

We could enforce that the user must be have some other attribute (&(objectClass)=posixAccount (uid=<user>)(businessCategory="hiveuser"))

We could enforce that the user must be valid and they must be inside of a specific groupOfUniqueNames 
(&(objectClass=posixAccount (uid=<user>)     and memberof (hiveGroup)  apache mod_ldap can do this

We can create a supplemental schema attribute we can append to already exists ldap users.


> Authentication infrastructure for Hive
> --------------------------------------
>
>                 Key: HIVE-78
>                 URL: https://issues.apache.org/jira/browse/HIVE-78
>             Project: Hadoop Hive
>          Issue Type: New Feature
>            Reporter: Ashish Thusoo
>            Assignee: Ashish Thusoo
>
> Allow hive to integrate with existing user repositories for authentication and authorization infromation.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.