You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hive.apache.org by "Naveen Gangam (JIRA)" <ji...@apache.org> on 2015/06/22 23:29:04 UTC
[jira] [Resolved] (HIVE-6026) Ldap Authenticator should be more
generic with BindDN
[ https://issues.apache.org/jira/browse/HIVE-6026?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Naveen Gangam resolved HIVE-6026.
---------------------------------
Resolution: Fixed
Fix Version/s: 2.0.0
1.3.0
Release Note: Hive LDAP Authenticator now has filter support for LDAP users and groups.
Hadoop Flags: Reviewed
This issue has been addressed as part of HIVE-7193 that adds a configuration parameters where pattern(s) for DNs can be specified both for users and groups. Hive also supports specifying a custom LDAP query that takes precedence over any user filters or group filters.
Closing this jira as fixed.
> Ldap Authenticator should be more generic with BindDN
> -----------------------------------------------------
>
> Key: HIVE-6026
> URL: https://issues.apache.org/jira/browse/HIVE-6026
> Project: Hive
> Issue Type: Bug
> Components: Authentication
> Affects Versions: 0.10.0
> Environment: CDH4.4, Fedora Directory Service
> Reporter: Johndee Burks
> Assignee: Naveen Gangam
> Priority: Minor
> Fix For: 1.3.0, 2.0.0
>
>
> The bindDN implementation should be more generic for the LDAP authenticator. Currently it looks like this:
> 49 // setup the security principal
> 50 String bindDN;
> 51 if (baseDN != null) {
> 52 bindDN = "uid=" + user + "," + baseDN;
> 53 } else {
> 54 bindDN = user;
> 55 }
> This causes problems for ldap implementations that expect "cn=" first.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)