hive-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thejas M Nair (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HIVE-4911) Enable QOP configuration for Hive Server 2 thrift transport
Date Tue, 23 Jul 2013 21:56:49 GMT

    [ https://issues.apache.org/jira/browse/HIVE-4911?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13717669#comment-13717669
] 

Thejas M Nair commented on HIVE-4911:
-------------------------------------

[~amalakar] I added some review comments in review board link.

+1 for having a separate config flag that enables the QOP for hive server2. HS2 -> client
connection is usually more vulnerable compared to the network traffic within a hadoop cluster,
as the HS2 client is likely to be connecting over a corporate wide network.

[~brocknoland] The patch would not work for HMS, that would new some more change. (added a
comment about that in review). But I am not sure if that needs to be part of same jira.

I don't think it makes sense to use the same config param to set the SASL QOP level for metastore.
Should we just use hadoop.rpc.protection for that, as it is usually considered as 'inside
the cluster' (as opposed to HS2 which is like a 'gateway server')

                
> Enable QOP configuration for Hive Server 2 thrift transport
> -----------------------------------------------------------
>
>                 Key: HIVE-4911
>                 URL: https://issues.apache.org/jira/browse/HIVE-4911
>             Project: Hive
>          Issue Type: New Feature
>            Reporter: Arup Malakar
>            Assignee: Arup Malakar
>         Attachments: HIVE-4911-trunk-0.patch
>
>
> The QoP for hive server 2 should be configurable to enable encryption. A new configuration
should be exposed "hive.server2.thrift.rpc.protection". This would give greater control configuring
hive server 2 service.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message