You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hive.apache.org by "Prasad Mujumdar (JIRA)" <ji...@apache.org> on 2013/06/11 05:33:22 UTC
[jira] [Updated] (HIVE-4707) Support configurable domain name for
HiveServer2 LDAP authentication using Active Directory
[ https://issues.apache.org/jira/browse/HIVE-4707?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Prasad Mujumdar updated HIVE-4707:
----------------------------------
Attachment: HIVE-4707-1.patch
> Support configurable domain name for HiveServer2 LDAP authentication using Active Directory
> -------------------------------------------------------------------------------------------
>
> Key: HIVE-4707
> URL: https://issues.apache.org/jira/browse/HIVE-4707
> Project: Hive
> Issue Type: Bug
> Components: HiveServer2
> Affects Versions: 0.11.0
> Reporter: Prasad Mujumdar
> Assignee: Prasad Mujumdar
> Fix For: 0.12.0
>
> Attachments: HIVE-4707-1.patch
>
>
> LDAP providers like Active Directory use a fully qualified user name in user@domain format. For HiveServer2 LDAP auth can be used with active directory by passing the userid in that format. This causes hive authentication module to retrun the username in that mangled format. This prohibits LDAP users to be impersonated over secure hadoop or reported correctly in audit etc.
> HiveServer2 should support a configurable LDAP domain that is appended to the user name.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira