hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Phabricator (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HIVE-3705) Adding authorization capability to the metastore
Date Tue, 20 Nov 2012 21:24:59 GMT

     [ https://issues.apache.org/jira/browse/HIVE-3705?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Phabricator updated HIVE-3705:
------------------------------

    Attachment: HIVE-3705.D6681.3.patch

khorgath updated the revision "HIVE-3705 [jira] Adding authorization capability to the metastore".
Reviewers: JIRA

  Passing on HMSHandler to MetastoreAuthenticator as well, added in reference implementation
of a StorageBasedAuthorizationProvider
  as an example of implementable metastore-side AuthorizationProviders


REVISION DETAIL
  https://reviews.facebook.net/D6681

AFFECTED FILES
  common/src/java/org/apache/hadoop/hive/conf/HiveConf.java
  conf/hive-default.xml.template
  metastore/src/java/org/apache/hadoop/hive/metastore/HiveMetaStore.java
  ql/src/java/org/apache/hadoop/hive/ql/metadata/HiveUtils.java
  ql/src/java/org/apache/hadoop/hive/ql/security/HadoopDefaultAuthenticator.java
  ql/src/java/org/apache/hadoop/hive/ql/security/HadoopDefaultMetastoreAuthenticator.java
  ql/src/java/org/apache/hadoop/hive/ql/security/HiveMetastoreAuthenticationProvider.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/AuthorizationPreEventListener.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/BitSetCheckedAuthorizationProvider.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveAuthorizationProvider.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/DefaultHiveMetastoreAuthorizationProvider.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/HiveAuthorizationProviderBase.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/HiveMetastoreAuthorizationProvider.java
  ql/src/java/org/apache/hadoop/hive/ql/security/authorization/StorageBasedAuthorizationProvider.java
  ql/src/java/org/apache/hadoop/hive/ql/session/SessionState.java
  ql/src/test/org/apache/hadoop/hive/ql/security/DummyHiveMetastoreAuthorizationProvider.java
  ql/src/test/org/apache/hadoop/hive/ql/security/InjectableDummyAuthenticator.java
  ql/src/test/org/apache/hadoop/hive/ql/security/TestAuthorizationPreEventListener.java
  ql/src/test/org/apache/hadoop/hive/ql/security/TestDefaultHiveMetastoreAuthorizationProvider.java

To: JIRA, khorgath

                
> Adding authorization capability to the metastore
> ------------------------------------------------
>
>                 Key: HIVE-3705
>                 URL: https://issues.apache.org/jira/browse/HIVE-3705
>             Project: Hive
>          Issue Type: New Feature
>          Components: Authorization, Metastore
>            Reporter: Sushanth Sowmyan
>            Assignee: Sushanth Sowmyan
>         Attachments: HIVE-3705.D6681.1.patch, HIVE-3705.D6681.2.patch, HIVE-3705.D6681.3.patch,
hive-backend-auth.git.patch, hivesec_investigation.pdf
>
>
> In an environment where multiple clients access a single metastore, and we want to evolve
hive security to a point where it's no longer simply preventing users from shooting their
own foot, we need to be able to authorize metastore calls as well, instead of simply performing
every metastore api call that's made.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message