You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hive.apache.org by "Naveen Gangam (JIRA)" <ji...@apache.org> on 2015/06/22 23:29:04 UTC

[jira] [Resolved] (HIVE-6026) Ldap Authenticator should be more generic with BindDN

     [ https://issues.apache.org/jira/browse/HIVE-6026?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Naveen Gangam resolved HIVE-6026.
---------------------------------
       Resolution: Fixed
    Fix Version/s: 2.0.0
                   1.3.0
     Release Note: Hive LDAP Authenticator now has filter support for LDAP users and groups.
     Hadoop Flags: Reviewed

This issue has been addressed as part of HIVE-7193 that adds a configuration parameters where pattern(s) for DNs can be specified both for users and groups. Hive also supports specifying a custom LDAP query that takes precedence over any user filters or group filters.
Closing this jira as fixed.

> Ldap Authenticator should be more generic with BindDN
> -----------------------------------------------------
>
>                 Key: HIVE-6026
>                 URL: https://issues.apache.org/jira/browse/HIVE-6026
>             Project: Hive
>          Issue Type: Bug
>          Components: Authentication
>    Affects Versions: 0.10.0
>         Environment: CDH4.4, Fedora Directory Service
>            Reporter: Johndee Burks
>            Assignee: Naveen Gangam
>            Priority: Minor
>             Fix For: 1.3.0, 2.0.0
>
>
> The bindDN implementation should be more generic for the LDAP authenticator. Currently it looks like this: 
>      49     // setup the security principal
>      50     String bindDN;
>      51     if (baseDN != null) {
>      52       bindDN = "uid=" + user + "," + baseDN;
>      53     } else {
>      54       bindDN = user;
>      55     }
> This causes problems for ldap implementations that expect "cn=" first. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)