hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ashutosh Chauhan (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-4707) Support configurable domain name for HiveServer2 LDAP authentication using Active Directory
Date Mon, 17 Jun 2013 07:36:20 GMT

    [ https://issues.apache.org/jira/browse/HIVE-4707?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13685058#comment-13685058
] 

Ashutosh Chauhan commented on HIVE-4707:
----------------------------------------

+1
                
> Support configurable domain name for HiveServer2 LDAP authentication using Active Directory
> -------------------------------------------------------------------------------------------
>
>                 Key: HIVE-4707
>                 URL: https://issues.apache.org/jira/browse/HIVE-4707
>             Project: Hive
>          Issue Type: Bug
>          Components: HiveServer2
>    Affects Versions: 0.11.0
>            Reporter: Prasad Mujumdar
>            Assignee: Prasad Mujumdar
>             Fix For: 0.12.0
>
>         Attachments: HIVE-4707-1.patch
>
>
> LDAP providers like Active Directory use a fully qualified user name in user@domain format.
For HiveServer2 LDAP auth can be used with active directory by passing the userid in that
format. This causes hive authentication module to retrun the username in that mangled format.
This prohibits LDAP users to be impersonated over secure hadoop or reported correctly in audit
etc.
> HiveServer2 should support a configurable LDAP domain that is appended to the user name.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message