You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ranger.apache.org by "Velmurugan Periasamy (JIRA)" <ji...@apache.org> on 2015/07/20 21:12:05 UTC

[jira] [Created] (RANGER-577) Hive Plugin - Ranger should not change hive config if authorization is disabled

Velmurugan Periasamy created RANGER-577:
-------------------------------------------

             Summary: Hive Plugin - Ranger should not change hive config if authorization is disabled
                 Key: RANGER-577
                 URL: https://issues.apache.org/jira/browse/RANGER-577
             Project: Ranger
          Issue Type: Bug
          Components: plugins
    Affects Versions: 0.5.0
            Reporter: Velmurugan Periasamy
            Assignee: Madhan Neethiraj


Hive loads the authorizer and calls it's applyAuthorizationConfigPolicy function even if authorization is disabled. This was done for sql standard authorization, so that even from hive-cli (where authorization is disabled), new tables that get created have the correct permissions.

It would be good to have Ranger also behave same way as SQL Std auth, this can be done by not calling  SettableConfigUpdater.setHiveConfWhiteList and not adding other restrictions from its HiveAuthorizer.applyAuthorizationConfigPolicy implementation.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)