You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Yu Gao (JIRA)" <ji...@apache.org> on 2015/09/17 02:30:46 UTC
[jira] [Updated] (HIVE-3719) Improve HiveServer to support
username/password authentication
[ https://issues.apache.org/jira/browse/HIVE-3719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Yu Gao updated HIVE-3719:
-------------------------
Attachment: HIVE-3719.patch
> Improve HiveServer to support username/password authentication
> --------------------------------------------------------------
>
> Key: HIVE-3719
> URL: https://issues.apache.org/jira/browse/HIVE-3719
> Project: Hive
> Issue Type: Improvement
> Components: Authentication, JDBC
> Affects Versions: 0.9.0
> Reporter: Yu Gao
> Assignee: Yu Gao
> Labels: security
> Attachments: HIVE-3719.patch
>
>
> The current HiveServer implementation (call it HiveServer version 1 to distinguish it from HIveServer2 that is under development currently) does not have any authentication mechanism against connecting clients, which means anyone can access it, e.g. through Hive JDBC driver, without any security control. The user and password property are simply ignored by Hive JDBC driver and never get to HiveServer1.
> It would be good to introduce authentication infrastructure to HiveServer 1, and improve JDBC driver implementation as well to support this, so that together with the existing authorization infrastructure, for applications that want to access HiveServer1 via JDBC driver, connections and operations are under security control.
> Although there's HiveServer2 that has been under implementation for a while, this improvement for HiveServer1 is very necessary to fill the big security hole, and would benefit applications a lot that are using HiveServer1.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)