You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hive.apache.org by "Hive QA (JIRA)" <ji...@apache.org> on 2014/03/02 02:30:20 UTC

[jira] [Commented] (HIVE-6486) Support secure Subject.doAs() in HiveServer2 JDBC client.

    [ https://issues.apache.org/jira/browse/HIVE-6486?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13917253#comment-13917253 ] 

Hive QA commented on HIVE-6486:
-------------------------------



{color:red}Overall{color}: -1 at least one tests failed

Here are the results of testing the latest attachment:
https://issues.apache.org/jira/secure/attachment/12631880/HIVE-6486.1.patch

{color:red}ERROR:{color} -1 due to 1 failed/errored test(s), 5186 tests executed
*Failed tests:*
{noformat}
org.apache.hadoop.hive.cli.TestMinimrCliDriver.testCliDriver_parallel_orderby
{noformat}

Test results: http://bigtop01.cloudera.org:8080/job/PreCommit-HIVE-Build/1579/testReport
Console output: http://bigtop01.cloudera.org:8080/job/PreCommit-HIVE-Build/1579/console

Messages:
{noformat}
Executing org.apache.hive.ptest.execution.PrepPhase
Executing org.apache.hive.ptest.execution.ExecutionPhase
Executing org.apache.hive.ptest.execution.ReportingPhase
Tests exited with: TestsFailedException: 1 tests failed
{noformat}

This message is automatically generated.

ATTACHMENT ID: 12631880

> Support secure Subject.doAs() in HiveServer2 JDBC client.
> ---------------------------------------------------------
>
>                 Key: HIVE-6486
>                 URL: https://issues.apache.org/jira/browse/HIVE-6486
>             Project: Hive
>          Issue Type: Improvement
>          Components: JDBC
>    Affects Versions: 0.11.0, 0.12.0
>            Reporter: Shivaraju Gowda
>             Fix For: 0.13.0
>
>         Attachments: HIVE-6486.1.patch, Hive_011_Support-Subject_doAS.patch, TestHive_SujectDoAs.java
>
>
> HIVE-5155 addresses the problem of kerberos authentication in multi-user middleware server using proxy user.  In this mode the principal used by the middle ware server has privileges to impersonate selected users in Hive/Hadoop. 
> This enhancement is to support Subject.doAs() authentication in  Hive JDBC layer so that the end users Kerberos Subject is passed through in the middle ware server. With this improvement there won't be any additional setup in the server to grant proxy privileges to some users and there won't be need to specify a proxy user in the JDBC client. This version should also be more secure since it won't require principals with the privileges to impersonate other users in Hive/Hadoop setup.
>  



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)