You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by "Shreepadma Venugopalan (JIRA)" <ji...@apache.org> on 2013/09/24 05:20:02 UTC
[jira] [Commented] (SENTRY-20) Sentry should throw an exception if
testing.mode is not set on non-secure cluster
[ https://issues.apache.org/jira/browse/SENTRY-20?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13775954#comment-13775954 ]
Shreepadma Venugopalan commented on SENTRY-20:
----------------------------------------------
RB request: https://reviews.apache.org/r/14303/
> Sentry should throw an exception if testing.mode is not set on non-secure cluster
> ---------------------------------------------------------------------------------
>
> Key: SENTRY-20
> URL: https://issues.apache.org/jira/browse/SENTRY-20
> Project: Sentry
> Issue Type: Improvement
> Reporter: Mohit Sabharwal
> Assignee: Shreepadma Venugopalan
> Attachments: SENTRY-20.patch
>
>
> Currently, on non-Kerberized clusters, Sentry logs an error message and proceeds to block access for everybody for every operation.
> ERROR org.apache.sentry.binding.hive.authz.HiveAuthzBinding: HiveServer2 authentication method cannot be set to none unless testing mode is enabled
> When operations fail, it's not clear if it's unhappy because the policy file is not parse-able, it's a policy file permission issue, or if it doesn't like non-Kerberos clusters.
> The error message is followed by bunch of auth failure exceptions, so it's hard to see this error message. It should throw an exception instead.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira