You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Greg Senia (JIRA)" <ji...@apache.org> on 2015/06/02 22:11:49 UTC
[jira] [Commented] (SPARK-5159) Thrift server does not respect
hive.server2.enable.doAs=true
[ https://issues.apache.org/jira/browse/SPARK-5159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14569671#comment-14569671 ]
Greg Senia commented on SPARK-5159:
-----------------------------------
SparkSQLThriftServer does not adhere to hive.server2.enable.doAS even though it seems to implement HiveServer2's thrift service. Are there plans to implement this feature as without this feature SparkSQL ThriftServer seems to be a bit useless in a secure kerberos environment where the spark/hive user does not have access to the data directly due to audit reasons..
> Thrift server does not respect hive.server2.enable.doAs=true
> ------------------------------------------------------------
>
> Key: SPARK-5159
> URL: https://issues.apache.org/jira/browse/SPARK-5159
> Project: Spark
> Issue Type: Bug
> Components: SQL
> Affects Versions: 1.2.0
> Reporter: Andrew Ray
>
> I'm currently testing the spark sql thrift server on a kerberos secured cluster in YARN mode. Currently any user can access any table regardless of HDFS permissions as all data is read as the hive user. In HiveServer2 the property hive.server2.enable.doAs=true causes all access to be done as the submitting user. We should do the same.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org