hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kai Zheng (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HIVE-3807) Hive authorization should use short username when Kerberos authentication
Date Sat, 15 Dec 2012 15:14:12 GMT
Kai Zheng created HIVE-3807:
-------------------------------

             Summary: Hive authorization should use short username when Kerberos authentication
                 Key: HIVE-3807
                 URL: https://issues.apache.org/jira/browse/HIVE-3807
             Project: Hive
          Issue Type: Improvement
          Components: Authorization
    Affects Versions: 0.9.0
            Reporter: Kai Zheng


Currently when authentication method is Kerberos,Hive authorization uses user full name as
privilege principal, for example, it uses john@EXAMPLE.COM instead of john.

It should use the short name instead. The benefits:
1. Be consistent. Hadoop, HBase and etc they all use short name in related ACLs or authorizations.
For Hive authorization works well with them, this should be.
2. Be convenient. It's very inconvenient to use the lengthy Kerberos principal name when grant
or revoke privileges via Hive CLI.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message