You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Thejas M Nair (JIRA)" <ji...@apache.org> on 2017/08/07 19:22:00 UTC
[jira] [Comment Edited] (HIVE-16529) Replace JPAM with libpam4j for
PAM authentication
[ https://issues.apache.org/jira/browse/HIVE-16529?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16117096#comment-16117096 ]
Thejas M Nair edited comment on HIVE-16529 at 8/7/17 7:21 PM:
--------------------------------------------------------------
Thanks for the heads up [~trichmond]!
bq. However, the version of JPAM on public repos will also cause corruption unless a single patch has been applied.
Did you mean to say "libpam4j" not JPAM in the above sentence ?
was (Author: thejas):
bq. However, the version of JPAM on public repos will also cause corruption unless a single patch has been applied.
Did you mean to say "libpam4j" not JPAM in the above sentence ?
> Replace JPAM with libpam4j for PAM authentication
> -------------------------------------------------
>
> Key: HIVE-16529
> URL: https://issues.apache.org/jira/browse/HIVE-16529
> Project: Hive
> Issue Type: Improvement
> Components: Authentication
> Affects Versions: 1.2.0
> Reporter: Richard Ding
> Assignee: Sailaja Navvluru
>
> PAM authentication is an important feature available since Hive 0.13. But Hive blog gives the following warnings:
> {quote}
> JPAM library that is used to provide the PAM authentication mode can cause HiveServer2 to go down if a user's password has expired. This happens because of segfault/core dumps from native code invoked by JPAM. Some users have also reported crashes during logins in other cases as well. Use of LDAP or KERBEROS is recommended.
> {quote}
> JPAM also requires user to install a native library. Furthermore, JPAM library seems not to have been updated since 2007.
> Other Apache projects (e.g. Ambari/Ranger/Knox) use a newer library libpam4j which doesn't require installation of native library.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)