hadoop-hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Todd Lipcon (JIRA)" <j...@apache.org>
Subject [jira] Commented: (HIVE-842) Authentication Infrastructure for Hive
Date Thu, 30 Sep 2010 21:34:45 GMT

    [ https://issues.apache.org/jira/browse/HIVE-842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12916687#action_12916687
] 

Todd Lipcon commented on HIVE-842:
----------------------------------

bq. > should there be an option whereby the metastore uses a keytab to authenticate to
HDFS, but doesn't require users to authenticate to it?
bq. Wouldn't this leave a hole as it currently exists?

Yea - I think the use case is that you may have some old Thrift clients that haven't yet been
updated to work with the SASL implementation (eg PHP). For those clients, perhaps you can
provide security based on firewall rules, etc. But you would still like to run Hive on top
of a secured HDFS.

> Authentication Infrastructure for Hive
> --------------------------------------
>
>                 Key: HIVE-842
>                 URL: https://issues.apache.org/jira/browse/HIVE-842
>             Project: Hadoop Hive
>          Issue Type: New Feature
>          Components: Server Infrastructure
>            Reporter: Edward Capriolo
>            Assignee: Todd Lipcon
>         Attachments: HiveSecurityThoughts.pdf
>
>
> This issue deals with the authentication (user name,password) infrastructure. Not the
authorization components that specify what a user should be able to do.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message