You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Premchandra Preetham Kukillaya (JIRA)" <ji...@apache.org> on 2015/06/26 16:14:04 UTC
[jira] [Updated] (SPARK-8659) SQL Standard Based Hive Authorisation
of Hive.13 does not work while pointing JDBC Application to Spark Thrift
Server.
[ https://issues.apache.org/jira/browse/SPARK-8659?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Premchandra Preetham Kukillaya updated SPARK-8659:
--------------------------------------------------
Description:
It seems like while pointing JDBC/ODBC Driver to Spark SQLThrift Service ,the Hive's security feature SQL based authorisation is not working whereas SQL based Authorisation works when i am pointing the JDBC Driver to ThriftCLIService provided by HiveServer2. But we need to use Spark SQL Thrift Service as we require to use Spark SQL with Tableau
The problem is user X can do select on table belonging to user Y, though permission for table is explicitly defined
I am using Hive .13.1 and Spark 1.3.1
./start-thriftserver.sh --hiveconf hive.server2.thrift.port=10001 --hiveconf xxxxhostname.compute.amazonaws.com --hiveconf hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator --hiveconf hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory --hiveconf hive.server2.enable.doAs=false --hiveconf hive.security.authorization.enabled=true --hiveconf mapred.reduce.tasks=-1 --hiveconf mapred.max.split.size=256000000 --hiveconf hive.downloaded.resources.dir=/mnt/var/lib/hive/downloaded_resources --hiveconf javax.jdo.option.ConnectionURL=jdbc:mysql://localhost:3306/hive?createDatabaseIfNotExist=true --hiveconf javax.jdo.option.ConnectionDriverName=com.mysql.jdbc.Driver --hiveconf javax.jdo.option.ConnectionUserName=hive --hiveconf javax.jdo.option.ConnectionPassword=hive --hiveconf hive.metastore.warehouse.dir=/user/hive/warehouse --hiveconf hive.metastore.connect.retries=5 --hiveconf datanucleus.fixedDatastore=true
was:
It seems like while pointing JDBC/ODBC Driver to Spark SQL Thrift Service Hive's feature SQL based authorization is not working whereas SQL based Authorization works when i am pointing the JDBC Driver to ThriftCLIService provided by HiveServer2.
The problem is user X can do select on table belonging to user Y.
I am using Hive .13.1 and Spark 1.3.1
./start-thriftserver.sh --hiveconf hive.server2.thrift.port=10001 --hiveconf xxxxhostname.compute.amazonaws.com --hiveconf hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator --hiveconf hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory --hiveconf hive.server2.enable.doAs=false --hiveconf hive.security.authorization.enabled=true --hiveconf mapred.reduce.tasks=-1 --hiveconf mapred.max.split.size=256000000 --hiveconf hive.downloaded.resources.dir=/mnt/var/lib/hive/downloaded_resources --hiveconf javax.jdo.option.ConnectionURL=jdbc:mysql://localhost:3306/hive?createDatabaseIfNotExist=true --hiveconf javax.jdo.option.ConnectionDriverName=com.mysql.jdbc.Driver --hiveconf javax.jdo.option.ConnectionUserName=hive --hiveconf javax.jdo.option.ConnectionPassword=hive --hiveconf hive.metastore.warehouse.dir=/user/hive/warehouse --hiveconf hive.metastore.connect.retries=5 --hiveconf datanucleus.fixedDatastore=true
> SQL Standard Based Hive Authorisation of Hive.13 does not work while pointing JDBC Application to Spark Thrift Server.
> -----------------------------------------------------------------------------------------------------------------------
>
> Key: SPARK-8659
> URL: https://issues.apache.org/jira/browse/SPARK-8659
> Project: Spark
> Issue Type: Bug
> Components: SQL
> Affects Versions: 1.3.1
> Environment: Linux
> Reporter: Premchandra Preetham Kukillaya
>
> It seems like while pointing JDBC/ODBC Driver to Spark SQLThrift Service ,the Hive's security feature SQL based authorisation is not working whereas SQL based Authorisation works when i am pointing the JDBC Driver to ThriftCLIService provided by HiveServer2. But we need to use Spark SQL Thrift Service as we require to use Spark SQL with Tableau
> The problem is user X can do select on table belonging to user Y, though permission for table is explicitly defined
> I am using Hive .13.1 and Spark 1.3.1
> ./start-thriftserver.sh --hiveconf hive.server2.thrift.port=10001 --hiveconf xxxxhostname.compute.amazonaws.com --hiveconf hive.security.authenticator.manager=org.apache.hadoop.hive.ql.security.SessionStateUserAuthenticator --hiveconf hive.security.authorization.manager=org.apache.hadoop.hive.ql.security.authorization.plugin.sqlstd.SQLStdHiveAuthorizerFactory --hiveconf hive.server2.enable.doAs=false --hiveconf hive.security.authorization.enabled=true --hiveconf mapred.reduce.tasks=-1 --hiveconf mapred.max.split.size=256000000 --hiveconf hive.downloaded.resources.dir=/mnt/var/lib/hive/downloaded_resources --hiveconf javax.jdo.option.ConnectionURL=jdbc:mysql://localhost:3306/hive?createDatabaseIfNotExist=true --hiveconf javax.jdo.option.ConnectionDriverName=com.mysql.jdbc.Driver --hiveconf javax.jdo.option.ConnectionUserName=hive --hiveconf javax.jdo.option.ConnectionPassword=hive --hiveconf hive.metastore.warehouse.dir=/user/hive/warehouse --hiveconf hive.metastore.connect.retries=5 --hiveconf datanucleus.fixedDatastore=true
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org