You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by "Edward Capriolo (JIRA)" <ji...@apache.org> on 2008/11/22 00:46:44 UTC
[jira] Commented: (HIVE-78) Authentication infrastructure for Hive
[ https://issues.apache.org/jira/browse/HIVE-78?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12649855#action_12649855 ]
Edward Capriolo commented on HIVE-78:
-------------------------------------
LDAP seems like a good way to handle this. We have a few alternatives.
Any posixAccount can log into hive. LDAP search would be (&(objectClass=posixAccount (uid=<user>))
We could enforce that the user must be have some other attribute (&(objectClass)=posixAccount (uid=<user>)(businessCategory="hiveuser"))
We could enforce that the user must be valid and they must be inside of a specific groupOfUniqueNames
(&(objectClass=posixAccount (uid=<user>) and memberof (hiveGroup) apache mod_ldap can do this
We can create a supplemental schema attribute we can append to already exists ldap users.
> Authentication infrastructure for Hive
> --------------------------------------
>
> Key: HIVE-78
> URL: https://issues.apache.org/jira/browse/HIVE-78
> Project: Hadoop Hive
> Issue Type: New Feature
> Reporter: Ashish Thusoo
> Assignee: Ashish Thusoo
>
> Allow hive to integrate with existing user repositories for authentication and authorization infromation.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.