You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by "Venkatachalam Visvanathan (JIRA)" <ji...@apache.org> on 2014/07/08 03:41:33 UTC
[jira] [Commented] (HIVE-7193) Hive should support additional LDAP
authentication parameters
[ https://issues.apache.org/jira/browse/HIVE-7193?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14054399#comment-14054399 ]
Venkatachalam Visvanathan commented on HIVE-7193:
-------------------------------------------------
Hi Developers and Watchers
I have the same problem. The way I see it that we are only authenticating if its an user, but with no support for group and filters there is no way to manage access.
I am using Hive on Amazon EMR and enabling LDAP only provides a little advantage.
Please consider this Issue for fix.
~Venkat V
> Hive should support additional LDAP authentication parameters
> -------------------------------------------------------------
>
> Key: HIVE-7193
> URL: https://issues.apache.org/jira/browse/HIVE-7193
> Project: Hive
> Issue Type: Bug
> Affects Versions: 0.10.0
> Reporter: Mala Chikka Kempanna
>
> Currently hive has only following authenticator parameters for LDAP
> authentication for hiveserver2.
> <property>
> <name>hive.server2.authentication</name>
> <value>LDAP</value>
> </property>
> <property>
> <name>hive.server2.authentication.ldap.url</name>
> <value>ldap://our_ldap_address</value>
> </property>
> We need to include other LDAP properties as part of hive-LDAP authentication like below
> a group search base -> dc=domain,dc=com
> a group search filter -> member={0}
> a user search base -> dc=domain,dc=com
> a user search filter -> sAMAAccountName={0}
> a list of valid user groups -> group1,group2,group3
--
This message was sent by Atlassian JIRA
(v6.2#6252)