You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@sentry.apache.org by "Mohit Sabharwal (JIRA)" <ji...@apache.org> on 2013/09/23 23:29:02 UTC

[jira] [Created] (SENTRY-20) Sentry should throw an exception if testing.mode is not set on non-secure cluster

Mohit Sabharwal created SENTRY-20:
-------------------------------------

             Summary: Sentry should throw an exception if testing.mode is not set on non-secure cluster
                 Key: SENTRY-20
                 URL: https://issues.apache.org/jira/browse/SENTRY-20
             Project: Sentry
          Issue Type: Improvement
            Reporter: Mohit Sabharwal


Currently, on non-Kerberized clusters, Sentry logs an error message and proceeds to block access for everybody for every operation.

ERROR org.apache.sentry.binding.hive.authz.HiveAuthzBinding: HiveServer2 authentication method cannot be set to none unless testing mode is enabled

When operations fail, it's not clear if it's unhappy because the policy file is not parse-able, it's a policy file permission issue, or if it doesn't like non-Kerberos clusters.

The error message is followed by bunch of auth failure exceptions, so it's hard to see this error message. It should throw an exception instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira